The mobile industry’s assertion that the risk associated with fake mobile caller IDs will diminish over time is misleading. After a prominent career in the telecom industry, Pieter Veenstra now lends his expertise as an independent consultant on routing and security issues. He also holds a role as an advisory member for CPaaSAA and collaborates with i3forum, and offered these insights on a recent CommRisk article.
The Pressing Need for Enhanced Security in Mobile Caller ID Trust
There is an urgent requirement for advancements in roaming security to shield users from the increasing complexity of CLI (Calling Line Identity) spoofing tactics used in robocalls and fraudulent activities. Despite claims by mobile operators of a more trustworthy mobile caller ID on voice calls made across international networks, the reality presents a different story.
Understanding the Impact of Roaming on CLI Spoofing
CLI spoofing, commonly linked to roaming users, actually affects all mobile subscribers. The primary aim for attackers is to mislead the recipient into believing the call is from a known contact, thereby increasing the likelihood of the call being answered. The inherent vulnerabilities in roaming services make it easier for malicious actors to manipulate the CLI stealthily.
In the 2G/3G environment, voice calls made by roaming users start in the visited foreign network and enter the home country displaying a CLI aligned with the home country’s numbering plan, an aspect often exploited by fraudsters. With the transition to 4G and 5G, voice calls are transformed into data sessions managed through the IP Multimedia Subsystem (IMS) of the home network, theoretically reducing risks associated with international call routing. However, this ideal scenario is compromised by imperfect preconditions, leaving substantial gaps for fraudulent misuse.
Transition Challenges and Security Gaps in VoLTE and 5G Roaming
The shutdown of 2G/3G networks in the US prompted a shift to more secure Diameter-based VoLTE roaming connections. Yet, developing countries face significant challenges preparing for this transition, lacking the necessary infrastructure and devices. Additionally, loosely defined interworking solutions between networks provide opportunities for fraudulent CLI manipulations. In 5G, although the protocol remains similar to 4G, the presence of legacy 2G and 3G networks allows for downgrade attacks, where devices switch to less secure networks, facilitating fraud. Despite advancements, several scenarios remain outside mobile network control, allowing for CLI spoofing:
– Inadequately specified interworking solutions between 2G-5G systems, identified by the GSMA as a security risk, are prone to exploitation.
– Fragmented national coverage and the coexistence with older network technologies facilitate security bypass through downgrade attacks.
– Over-the-top voice services, like Skype Out, and unified communications platforms provide avenues for CLI spoofing due to minimal authentication controls.
While mobile operators strive to reduce vulnerabilities with new technological advancements, Veenstra believes that they cannot fully guarantee the authenticity of mobile caller IDs due to the extensive and varied global roaming infrastructure. This ecosystem’s inherent weaknesses allow persistent and evolving threats from international fraudsters adept at exploiting these gaps.
So what to do? Veenstra says that the industry would likely benefit from developing opt-in registries where customers can indicate their roaming status to automatically block potentially fraudulent calls, mirroring security measures used by financial institutions. This proactive approach could significantly enhance the security of mobile communications against CLI spoofing.
