I'm assuming there's a technical and/or willpower reason or some counterfactual like VOIP depends on it.
Even just flagging it would help. Or, rejecting numbers they can know lie inside their own routing architecture, or asserts within their own number plan where the CLID does not match.
Morally it's like BCP38 in the customer facing internet systems: reject customer input they don't pay you to assert.
The historic reason was, just like the Internet, the international phone network was built on gentlemen agreements by engineers who largely trusted each other.
A big national telco is unlikely to attack its peers, so there was little need for safety measures. As smaller telcos came in to the mix via deregulation, that understanding changed - but it was hard to retroactively fit controls.
The more modern reason is outsourced call centres. You want outbound calls from your Philippines based staff to show as if they were calling from a local number. When large and reputable entities were doing this it was fine. Just like showing a different reply-to address on an email.
If you were designing a modern network, it wouldn't be like this. But international telephony is over a hundred years old and has a huge amount of legacy technology and legal agreements.
The company that has offshored it's support to the Philippines might want that, but I doubt any consumers want that. That shouldn't have happened, but regulation comes (20+ years?) after harmful business profit decisions have been made and implemented.
But, thank you for the explanation. I have heard similar explanations before, and it has always sounded to me like a situation where the telcos are able to offer a service for a profit for the customers to hide the origin of their offshore call centres (that mostly nobody wants to speak to anyway).
I think I just ranted twice, sorry. Thank you!
Phone is set to only notify me for numbers for known contacts - does mean that I occasionally miss calls from other people, but I can live with that.
This is a valid use case, but I’m a bit surprised that the mechanism isn’t better controlled. Surely a better design would be for an actual local entity to forward the call, possibly with an optimization to allow the voice data to bypass the local entity once the call is connected.
I personally don't? Why would I want that.
The companies might want to hide that info but I don't think that's a legitimate use case.
For this particular case, do they really spoof the caller ID on an (expensive) international phone call, or do they actually just re-route via a local phone number?
Obviously the whole scam call centre has changed how it has to work but we actually had a working system that had quite a few useful features.
A bigger problem is Russia or Saudi Arabia using the SS7 signalling network to track their dissidents in the US because those legacy telco protocols have basically no authentication whatsoever, and won't blink if a Saudi Telco sends Verizon a MAP message saying "what is the cell location of Jamal Khashoggi's phone?"
Actually, there are several legitimate use cases:
• Call divert: Local number calls a number abroad and that one is diverted back a another local number. It's probably rare, but it's a totally legit use case.
• 2G/3G roaming: I'm not an expert on this one, but as far as I understood it, roaming calls placed on 2G/3G networks are initiated in the visiting country, and use the local number of the caller.
• Getting better rates using VoIP. Whether this is legit or not might be subject to discussion, however I was using a foreign VoIP provider (because they had better rates for local calls than any local providers, for my low call volume) sending out my own local number (had to be validated by them by callback, although that's their own security measure, not the network's one). Now in several EU countries and Switzerland this doesn't work any more, as calls bearing national IDs coming from abroad must be displayed as anonymous. And it's quite annoying that there isn't a way to "authentify" those numbers so the owner can use them as they wish.
They (the telcos) are paid for every message they deliver. So absent regulation forcing them to do otherwise, it is in their best interest (additional profit) to pass through every message with no filtering of any form.
And, if the regulators had any technical knowledge at all, they would recognize that the billing system is the key to stopping the robo texts. Every text can be traced back to its origin through the billing system (because that's how the telco's collect their fees, so of course they know who to collect from for which messages they forwarded). So the regulators just need to force open the billing systems and trace the money back to the illicit senders, and then they know who to cut off (or to fine out of existence).
Traditionally they have a bias towards "working"/delivering traffic. It's easier to issue a refund than answer a urgent support request.
I can also imagine the biggest customers have all sorts of multi-vendor failover plans that may be affected.
That's what's mandated by ARCEP (the French regulator) since the beginning of this year, and now all faked numbers are marked as “hidden caller”, and indeed it helps a lot.
The entity, the header, content template (which allows two or three variables/placeholders) need to be registered. A Distributed Ledger (DLT) is used to store these. Ad hoc messages without a registered template are expected to be rejected by the telco.
In Australia, I don’t remember ever really getting spam SMSes. Emails from the bank, yes, but that’s easier to filter if desired. When you get the same old spam messages time after time, you can filter them in email, but text message apps are often not up to that sort of thing.
The really stupid thing is that more than half of the spam is about blocking spam. At least once a month, AD-TRAIND-G sends:
> స్పామర్లపై చర్య కోసం స్పామ్ను రిపోర్ట్ చెయ్యండి. అయితే, ఫోన్ కాలింగ్ యాప్లో స్పామర్ను బ్లాక్ చేయడం వల్ల స్పామర్పై చర్య తీసుకోబడదు. స్పామ్ను TRAI DND యాప్ లేదా సర్వీస్ ప్రొవైడర్ యాప్ లేదా 1909 లో రిపోర్ట్ చెయ్యండి. TRAI DND యాప్లో రిపోర్ట్ చేయడం సులభం మరియు వేగవంతం, ఈరోజే ఇన్స్టాల్ చేసుకోండి.
And AD-AIRDOT-S just sends a random message from a pool of half a dozen or so, mostly English but one or two Telugu, sometimes every few days, sometimes every few weeks. Such as:
> Alert: On receiving unwanted SMS , please complain by calling 1909 or send SMS to 1909 in format 'SMS Content, Sender No, dd/mm/yy' or visit bit.ly/2qBK0vp to report through Airtel Thanks App.
(Huh, that link is now broken. Used to work. Makes it even more dumb.)
I should automate reporting all of this stuff, deliberately to waste their time, and maybe, just maybe, make someone think, “maybe we should stop sending this stuff”.
There was also RCS… I turned that off after a bit, because it was being used purely for spam and undesirable stuff, and you couldn’t complain in the same channels. RCS is dead like this.
Personally, I'd prefer them to be blocked. If it's important and legitimate, they'll register.
I haven't yet been able to find the full register (if it's even public) but I thought this is an interesting approach.
For a community of builders, like this, any barrier to entry will be problem, however we'll intend.
Personally I think the whole system of replacing the point of origin with a name needs to be overhauled. Allowing a name as well is fine, but the practice of delivering messages that can't be replied to is pretty poor.
Rather than have to futz around with a different number or website to go to, I should be able to just reply "STOP" if (for example) Dominos keep spamming me with Pizza offers I don't want.
