The present document studies the means to identify calls with spoofed Calling Line Identification terminating in the CS
domain where the call could have originated from either inside or outside the CS domain. Calling Line Identification
(CLI or CLID), also called Caller Identification (CID), evaluates and transmits a caller's number while Calling Line
Identity Presentation (CLIP) enables displaying the caller's number during call setup or ringing. Usual applications for
But CLI can also be misused to display a misleading number in the display that is in no way related to the originator of
the call. This behaviour is called CLI spoofing or spoofed call. CLI spoofing ranges from harmless hoax to criminal
activities like for example Voice Phishing (vishing) by displaying the forged number of a bank in order to steal the
callee's credentials. And although CLI may be unreliable, people use it to decide whether to accept a call or not.
This study item studies the detection of a spoofed call as the first step, and prevention as a second step if detection is
achievable. In particular, the goals of this document are:
Outline valid threat scenarios for spoofed calls coming to 2G and 3G CS domains;
Analyze and evaluate if any tools in 3GPP can be used to counteract spoofed call detection and prevention;
Study and identify any other suitable techniques or mechanisms for spoofed call detection and prevention.