European Communcations Office

ECC Work Programme Database

   
Work Programme Info
Work Item details
Reference NaN2_03
Short Name Definition of missing, invalid, or fraudulent CLI
ETSI Workitem
ETSI Deliverable
Subject ECC Report on the definition of missing, invalid, or fraudulent CLI 
Related WI NaN2_02
NPS_06
NPS_04
Scope
CLI spoofing has been increasing during the last years with a very negative impact not only for end-users but also for operators. ECC Report 338 on CLI spoofing adopted 7th June 2022 contains in the conclusion, under the form of 6 points, possible actions for CEPT administrations to take to help mitigate or stop CLI spoofing. The proposed report implements the conclusions contained in the first and last bullet points of number 2 of the ECC Report 338.

There are several places where terms like missing, invalid or fraudulent CLI are used, but these terms are not clearly defined. When the CLI is considered as missing, invalid or fraudulent, operators may decide to block the calls, to remove the CLI from any further routing or to change the CLI, applying higher wholesale interconnection rates. This could have implications on multiple aspects.

Therefore, without a common understanding of these terms, disputes may arise between operators on the handling of calls with a CLI that is considered by one of the operators involved in the conveyance of the call as falling within these categories. It is therefore important to establish a common understanding of what qualifies as a missing, invalid or a fraudulent CLI, in order to encourage a common approach.

Some use cases where this would be beneficial follow. For instance, a common practice is to change the CLI in order to mask the origin of the call, in particular changing the CLI for traffic originating from a number from the national numbering plan of a country that does not apply the delegated regulation (EU) 2021/654 setting the Eurorates to a CLI from the national numbering plan of a country that is part of the Eurorates zone, with the objective being to make the terminating operator believe that the traffic originates from a number pertaining to the national numbering plan of a Eurorates country, in order to take advantage of the cheaper termination fees that apply in the Eurorates zone. In this way, fraudulent arbitrage income can be generated.

Also, negative impacts may also be pointed out for end-users, since when the CLI is missing, spoofed to show an invalid number (e.g. from an unassigned range) or it fraudulently shows a CLI belonging to another end-user (e.g. a trusted bank), it would pose dangers for the end-user. Call-back would not be possible on invalid numbers or when the CLI is missing, or fraudulent use of third parties’ CLI would not identify the real caller and possibly expose the receiving party to fraud.

For those reasons, there is a need to define clear verifiable guidelines in a report of what is and what is not to be considered as missing, invalid or fraudulent CLI, in order to mitigate CLI spoofing and encourage a more harmonised approach in handling of such calls.
Deliverable ECC Report
Responsible group WG NaN - NaN2
Start date 22-11-2022
Target date 21-05-2024
Public Consultation 21-11-2023
Permanent Work Item False
Comments Work item approved at WG NaN#25 (22-24 November 2022).
Keywords CLI, spoofing
Worked by
Contact Vassil Krastev ([email protected])
Status In Progress
Triggered By Belgium, Bulgaria, Portugal, Sweden, Switzerland, United Kingdom
Progress Report Work item approved at WG NaN#25 (22-24 November 2022).

NaN2#35 (1-2 March 2023) discussed a contribution from BEL on the draft report.

NaN2#36 (31 May - 01 June 2023) scheduled a web meeting for 11 September 2023 to progress the draft report.

Progress on the draft report was made at the web meeting held on 11 September 2023. The next web meeting was scheduled for 11 December 2023.

Progress made at the web meeting held on 11 December 2023. Work will continue at a web meeting scheduled for 12 February 2024.