This is an unfortunate by-product off the easy phone numbers work. It’s necessary that when I call from one of my N lines, your caller ID says my main number. Adding in SIP, cellular and other forms of phone mobility makes it hard to authenticate phones without a central system that was never provided.
We don't have spam calls over here in Germany. I _never_ received one. There were 3 calls I remember that were doing research stuff, but that's all. And telling them to not call again would have solved it, btw.
It seems to be related to other stuff the US is behind on, but I've given up on finding out how it could be fixed in the general (last 20 years) political climate.
The “caller pays” system in Europe helps a lot to make spamming less cost effective. In the US we don’t have that system. A cell call incurs charges to the recipient for the cellular service. The caller may not have to pay at all beyond basic line service.
We had an effective program for a few years eliminating telemarketing calls on landlines.
I think it might be mostly that you're not in an English speaking country. Based on accent, a lot of spam calls appear to originate from developing countries.
That would explain maybe a 100x difference on it's own. But that's already way over, if I aggregate data from close family about how many spam calls they got.
It is not hard, carriers are lazy. These are massive companies with deep pockets and no motivation to tackle a problem that doesn't directly impact their bottom lines.
Just keep a registry of every organization that you've given permission to to fake phone numbers, and which phone numbers they're allowed to fake. Make them route those calls through a special system and give them a secret token that that system will verify. Centralize your client/token/virtual phone number registry across all carriers (it's no different from certificate-authorities). If one of the accounts starts sending spam calls, revoke their token. Done.
>Make them route those calls through a special system and give them a secret token that that system will verify
STIR/SHAKEN is handling this at the provider level. There are an awful lot of PBX installations out there, with hundreds of makes and models and service lives in decades. You are absolutely not getting every business with a trunk line (e.g. essentially every business with more than one telephone) to participate in a protocol change.
Have their system type out the secret token in dial tones before each call that has a fake number. Any phone could do that. They have to already be doing something special to tell it which fake phone number to use. This can't be a more strenuous ask than that is.
It’s not the complexity of the change, it’s the number and diversity and distributed ownership of machines that would have to be updated and configured (if still supported; many are past vendor EOL and would need outright replacement).
