1. Geneva, Switzerland, 2 June 2014 Study on Spoofed Call Detection and Prevention in 3GPP China Mobile ITU Workshop on “Caller ID Spoofing” (Geneva, Switzerland, 2 June 2014)

2. Contents Background 3GPP progress Conclusions and recommendations Geneva, Switzerland, 2 June 2014 2

3. 3GPP Progress Backgroud A variety of methods and technologies that can be used to make spoofed calls which can cause substantial loss to users and operators. The origin of problems is wider than just 3GPP networks(TS 23.081) and relates to ISUP(TS 29.163 ）, also used in fixed PSTN. Geneva, Switzerland, 2 June 2014 3

4. 3GPP Progress Security Study on Spoofed Call Detection and Prevention The project was set up in 3GPP since 2012. Spec number: TR 33.831 Rapporteur: LI, Xiangjun,China Mobile Contributor:NSN,Ericsson,HuaWei,NEC Latest TR: Draft S3-131201 http://www.3gpp.org/DynaReport/33831.ht m Geneva, Switzerland, 2 June 2014 4

5. 3GPP Progress Objective Outline valid threat scenarios for caller id spoofing coming to 2G and 3G CS domains. Analyze and evaluate if any tools in 3GPP can be used to counteract this problem. Study possible required technology mechanism to detect and prevent. Geneva, Switzerland, 2 June 2014 5

6. 3GPP Progress Spoofed call Scenarios Spoofed call using the VoIP Spoofed call using the PRI/PBX Spoofing id from an IP-PBX towards IMS Spoofing of caller ID Spoofing of caller location …… Geneva, Switzerland, 2 June 2014 6

7. 3GPP Progress Security Requirements the caller ID received should be authorized. The unauthorized caller ID should be alerted. The unauthorized caller ID should be logged. If the spoofed call is detected, the network should be able to tear down the call and/or save in blacklists. …… Geneva, Switzerland, 2 June 2014 7

8. 3GPP Progress Candidate solutions for detection IBCF checking incoming requests from untrusted networks Present only trusted Calling Line Identifiers Out of Band Methods closed to user group Geneva, Switzerland, 2 June 2014 8

9. 3GPP Progress IBCF checking incoming requests from untrusted networks Geneva, Switzerland, 2 June 2014 9 The solution ‘CS domain protected by an IMS network’ shows some restrictions ： the call is originated in an untrusted network while the caller ID of the incoming session belongs to a trusted network.

10. 3GPP Progress Present only trusted Calling Line Identifiers Geneva, Switzerland, 2 June 2014 10 This solution proposes to present Calling Line Identifiers to the terminating user only if they can be regarded as ‘trusted’. A federation (originating, transit and terminating network(s)) of trust is formed by bilateral or multilateral agreements.

11. 3GPP Progress Out of Band Methods closed to user group Verifying Through “Middle” 3rd Party Using Time-based One Time Password (TOTP) to Verify Caller Verifying Caller through Shared Confidential Data Geneva, Switzerland, 2 June 2014 11 This solution is appropriate for an individual service provider ， and not appropriate as a general purpose protection mechanisms for spoofed calls in general. This is mainly because they require a third party that is trusted by both caller A and caller B, which seems infeasible to set up for any given parties A and B.

12. Conclusions and recommendations 3GPP SA3: This technical report analyses solutions for the spoofed caller ID problem. It seems practically infeasible to provide a solution that requires modifications to the signaling system 7. SA3 has finalized the present TR. If a more effective solution requiring standardisation is found, a new WID can be created. Geneva, Switzerland, 2 June 2014 12

13. Conclusions and recommendations From CMCC perspective: The solutions in the present TR have not fully meet China Mobile’s requirements, and more requirements are needed to be implemented into specifications. We recommend ITU to joint with other SDOs such as 3GPP to continue cooperation on Caller ID spoofing, which can reach a further common understanding. Geneva, Switzerland, 2 June 2014 13

14. Thanks ！ Geneva, Switzerland, 2 June 2014