European Communcations Office

ECC Work Programme Database

   
Work Programme Info
Responsible Groupv
Sort By: Records pr. page:  
Reference Deliverable Subject Related Item Scope Start / Target dates Comments Status
NaN1_01
Last update: 19-01-2024
 ECC Report ECC Report on Numbering issues for cloud-based communication services

 		FNI_03

We see more and more new applications emerging where phonenumbers are decoupled from SIM cards and/or fixed lines. They are dynamicallyassigned for short periods of time and or used for applications where there isno longer a strict relationship with a fixed/mobile phone line. Differentterminologies such as virtual numbers or cloud numbers, are used to describethis phenomenon.

These innovations have been made possible by using the cloudto provide electronic communications services.

There are many regulatory requirements in place in relationto the use of different types of number resources, in particular those designedto protect the interests of end-users, to facilitate competition and to ensurethe effective and efficient use of numbering resources. Are all of theseregulatory requirements reasonable and proportionate for those newapplications? In some circumstances they can even be contra-productive andhamper innovation.

The report will first of all describe these evolutions ofthe network and the new services based on those networks, will bring forward adefinition, make an assessment of the different regulatory requirements (e.g.number portability, CLI issues, emergency calls, relation of the identificationof calls with misuse or fraud) and other aspects (e.g. sub- assignment,security of communication) and their relevance to this new numbering usage andfinally make recommendations for the CEPT countries on numbering policy.

Special attention will be given to the question of whoexactly are the end-user and provider of the telephone numbers and theirtypical extraterritorial use.
S: 24-11-2021
T: 23-11-2023
Work item approved at WG NaN #23 (online) - 23-25 November 2021.

NaN1 (working jointly with NaN2 and NaN3)
In Progress
NaN2_04
Last update: 19-12-2024
 ECC Recommendation ECC Recommendation on SMS Sender ID

The ECC Recommendation will contain policy rules on how to handle the SMS SenderID in order to maintain trust in the SenderID

The WG NaN has already developed detailed policies on how to handle the CLI in voice communications in order to maintain trust in the CLI.

SMS SenderID is the equivalent identifier as CLI for voice calls but for SMS. SMS is used for person-to-person (P2P) communications, but also more and more for application-to-person (A2P) communications. In this last category, we can distinguish between premium rate SMS, where the receiver of the SMS pays for the premium rate service and business messaging as one-time passwords, alerts for appointments which are not charged for the receiver. While the premium rate SMS- service is in decline, business messaging including the use of SMS as an extra security layer are getting more and more popular (2-factor authorisation as defined in Payment Services Directive - PSD2).

The work item will be limited to A2P-  communications.

While for voice communication the CLI is always a telephone number, for SMS it is possible to use alphanumeric characters in SenderIDs. It is not common that CEPT Administrations regulate their use. This creates additional risks as people are more likely to be mis leaded in case of spoofing by an alphanumeric identifier (e.g. well-known brands) than a numeric one. From a technical point of view it is easy to modify the SenderID in a number or alphanumeric characters. SenderID spoofing for SMS is seen by many administrations more and more as a problem with a very negative impact for end-users, since often it is used for frauds. Moreover, in case of provisioning of business messaging via SMS typically a long chain of subjects is involved and this increases the complexity in identifying the real sender of the messaging.

Although the scope of the ECC Report 338 on CLI spoofing adopted 7th June 2022 and the following ECC Recommendation in preparation is limited to voice communications, some principles (e.g. with A/B handshaking and the respect of international Recommendation E.157 for international communications) described can be used in this new Recommendation.

This ECC Recommendation aims to increase the trust in SenderID proposing rules and good polices on how to handle SMS SenderID. Special attention will be given  to maximise the commercial benefit for the stakeholders of SMS while minimising the risk of fraud and or abuse where SenderID plays a role. It will draw on the good practices currently applied in several countries.

The ambition of the ECC Recommendation is to move as far as possible towards a common approach in the CEPT countries.
S: 21-06-2023
T: 10-06-2025
Work item approved at WG NaN#26, Budapest, 20-22 June 2023
In Progress
NaN2_05
Last update: 19-12-2024
 ECC Report ECC Report on international voice traceback
The WG NaN has already done a lot of work in combatting fraudulent electronic communications.  With this work item another recommendation from Report 275 will be executed.

The objective of voice traceback is to find the source of illegal voice calls. It is important to identify the operators which are the source of illegal voice calls. These operators can then be held accountable for originating or being too passive allowing fraudulent traffic. Collaboration between operators/carriers is needed across international borders in the CEPT-area.
The aim of the report is 
  • to develop an operational framework which enables international voice traceback;
  • identify regulatory and legal obstacles for such a international voice traceback as e.g. privacy concerns (GDPR and e- privacy laws impose strict regulations on the collection, processing, and storage of personal data, including voice communications) and contractual issues in interconnect agreements such as non-disclosure agreements;
  • Explore ideas to deploy voice traceback with other regions in the world.
If needed recommendations can be made for provisions enabling voice traceback in future European and national legislation.

In order to develop the report the approach in the US to trace the origin of the fraudulent traffic including the work of the Industry Traceback Group (ITG) will be studied.
S: 26-11-2024
T: 26-11-2026
Work item approved at WG NaN#29, Bonn, 26-28 November 2024.
In Progress
NaN3_02
Last update: 19-01-2024
 ECC Report ECC Report on Roaming SMS to 112 – challenges, current practices and future (harmonising) measures 
For roaming end-users, routing of SMS to the emergency numbers of the visited country does not reach the visited country’s PSAP. As a consequence, also the AML-SMS caller location information will not be transmitted to the PSAP. Taking into account the different mobile network technologies, potential costs and the current capabilities of the main operating systems (e.g. Android, iOS), this report will:
  • Describe the problems related to roaming SMS to emergency services on 112 () and other national emergency numbers,
  • Investigate current practices which resolve identified issues,
  • Investigate potential for harmonisation measures.

NaN3 can also explore other sides of the topic, if found useful in the NaN3 discussions or during the questionnaire. When further progress is made, and NaN3 finds it beneficial, NaN3 can choose to split the work into two work streams, e.g. one for AML-SMS and one for SMS generally.
S: 24-11-2022
T: 21-05-2024
Work item approved at WG NaN#25 (22-24 November 2022).
In Progress
NPS_07
Last update: 25-05-2021
 ECC Report CEPT cooperation process for withholding payments and/or blocking access to numbers or services in cases of cross-border fraud or misuse
One of the most effective long-term approaches to tackling fraud and misuse is greater cooperation and information sharing between regulators. This can help us to better understand the changing nature of fraud mechanisms and to develop ex-ante and ex-post measures to protect the interests of citizens and consumers. With this aim, it is proposed to define a process for cooperation in the investigation of cross-border cases of fraud and misuse. The process would assist any regulatory intervention in the withholding of payments and/or blocking of access to numbers or services where fraud or misuse has occurred.

As a starting point, we plan to review the BEREC cooperation process, as set out in report BoR (13)37. The BEREC cooperation process was developed to assist regulatory authorities in the effective application of powers provided by Article 28(2) of the Universal Service Directive (USD) to require the withholding of payments and/or blocking of access to numbers or services in cases of fraud or misuse. It is a cooperation and information sharing tool used to complement national processes in combating fraud and misuse. We would consider the strengths and weaknesses of the BEREC cooperation process in developing the CEPT process.

References:
ECC Report 275 (2018) The role of E.164 numbers in international fraud and misuse of electronic communications services
BEREC Report BoR (13)37 Article 28(2) USD Universal Service Directive: A harmonised BEREC cooperation process, March 2013
S: 31-05-2018
T:
On Hold
* Target dates are seen as the intended date for the final approval of the related deliverable by the responsible entity. Internal deadlines for project teams and dates for the start of Public Consultations can be reflected in the remarks column. In general this implies that the draft deliverable should be completed by the project team one WG meeting earlier for publication.
0 items selected         Remove         See Gantt Chart