
Verified by Twilio - HugoHobling
https://www.twilio.com/blog/introducing-verified-twilio
======
HugoHobling
I know it's overkill, but this is my current setup for my phone numbers. I
treat phone numbers the same way I do my email address: I use different
numbers for different purposes.

1\. I have a "clean" phone number I only share with friends/family. Certain
prefixes and phone number actually receive next to zero spam calls. This
number has received 2 calls in the years I've had it.

2\. I have a phone number I share with companies / loyalty programs / etc.

3\. I have a legacy phone number I've had for 10 years that receives multiple
spam calls daily. For this number I've set up an incoming handler that uses
Google Cloud to ask the caller a simple question (What is five plus two?),
parses with the Speech Recognition API, and forwards calls with the correct
answer. The rest go to voicemail. It's better to use the speech recognition
API than it is to ask the caller to press a DTMF tone, in case they are in a
car or are calling from a device without a telephone keypad. If I every need
to, I'll add this protection to use numbers 1) and 2).

4\. I have a number that rings straight to voicemail.

All numbers use the Whitepages and Nomorobo APIs from Twilio. These score the
"spamminess" of calls. Calls with sufficiently high values are forwarded to
voicemail.

For incoming calls, I set the caller ID for the calls to my SIP clients to
indicate which number is being called, and include the spam score.

~~~
ozmbie
Is this a uniquely American problem?

My Australian mobile phone receives maybe one spam call per year. It’s my
single phone and I give out the number to various businesses and people.

~~~
Erwin
In Denmark, phone sales to consumers are generally illegal though strangely
insurance and newspapers are excluded.

There's a national "do not call" list you can sign up to as well. This is
amusing called the "Robinson List", presumably after Robinson Crusoe. The same
concept is used in a dozen other countries.

I guess the penalties are severe enough that it generally only very shady
people call, such as those pretending to be from Microsoft and calling to fix
your computer.

~~~
StavrosK
Rather off-topic, I was surprised by how readable this was to someone who
doesn't speak a lick of Danish (me):

> Robinsonlisten er opkaldt efter Robinson Crusoe, som er en fiktiv person,
> der optræder i romanen Robinson Crusoe af Daniel Defoe. Han strander på en
> øde ø og lever isoleret.

~~~
mnbvkhgvmj
True but if a Danish person was to read this to you you would not even
recognize the individual words...

[https://www.youtube.com/watch?v=s-mOy8VUEBk](https://www.youtube.com/watch?v=s-mOy8VUEBk)

EDIT: Just FYI this is a clip from a Norwegian comedy program. Danish and
Norwegian have very similar written languages but sound very different when
spoken. In reality with some practice Danes, Swedes and Norwegians can speak
together and understand one another.

------
kerkeslager
Just what we need, another startup injecting themselves into our lives. And
then for the right price, "acceptable robocalls" can be Verified by Twilio™!

SHAKEN/STIR[1] is a much more network-agnostic solution to the same problem,
using essentially the same, well-established technology used by internet
certificate authorities. As such, it has all the same basic problems that CAs
do, but it's a hell of a lot better than tightly coupling yourself to Twilio.

[1]
[https://en.m.wikipedia.org/wiki/Adblock_Plus#Controversies](https://en.m.wikipedia.org/wiki/Adblock_Plus#Controversies)

[2] [https://www.consumerreports.org/robocalls/spoofed-
robocalls-...](https://www.consumerreports.org/robocalls/spoofed-robocalls-
relief-is-on-the-way/)

~~~
Jolter
Looks cool but wouldn't it be cheaper and easier to just outlaw robocalling
like the rest of the world has?

~~~
elahd
The telephone network is international. The US is limited in its ability to
enforce anti-spam laws against operations running out of other countries.
(They also seem unwilling or unable to enforce these laws domestically, but
that's a completely separate issue.)

~~~
kerkeslager
In this case I think it's a case of being _unable_ to enforce the laws,
because the technology for verifying callers is broken, making it easy to
spoof phone numbers--even the US government doesn't know who is calling you
illegally. SHAKEN/STIR is intended to close the security hole and make caller
ID accurate again.

------
hn_throwaway_99
I'm skeptical for the following reasons:

1\. Companies like Twilio largely created the explosion in spam calls by
providing extremely cheap, programmable calls, so I'm always a little
skeptical when the company selling the poison is also selling the antidote.
2\. I really don't like the idea of a single company being responsible for a
global verification system for something like phone calls. How are decisions
made over what is verified (e.g. the example shows "call purpose" snippets on
the screen - if I put something there saying "I have an important flight
update", but then my call is "You're only getting free peanuts on your flight,
but if you enroll in this MileagePlus card you'll get snack mix too!" who
judges that?)

Overall I'd just say with all the consolidation of power with US tech giants I
am extremely wary of giving them anything else that could consolidate that
power further. I would much prefer an open, federated model.

~~~
tkifnn
Twilio is not responsible for much spam at all. Their prices are way too high
to begin with. And you have no way to spoof your outgoing number.

~~~
edoceo
One would just use a turn-and-burn via twilio. Get 10000s of cheap robot calls
out, use their AVMD and have a ball

------
cookie_monsta
> 70% of consumers don’t answer a call if the caller’s number is anonymous.
> While that might cut down the number of unwanted robocalls, it also
> potentially prevents consumers from receiving vital communications—calls
> from the doctor, banks that are flagging issues, schools calling about
> parents’ children.

A message to my doctor, bank, kids' school, etc: if you call me on a
private/unknown number and don't leave a voicemail (because I can assure you
that I am in that 70%) I will assume that you are spam. You don't need Twilio
for this, just some basic phone etiquette.

~~~
jt2190
Patients would call my wife’s office after hours and leave their number with
the answering service for a call back. After hours calls were triaged into
three groups: Emergency, tell patient to call an ambulance; Urgent, get
patient a prescription or tell them to get to an after hours clinics; Non-
urgent, patient can wait until the office is open and make an appointment.

Of course, when she made calls back with her desk or cell phone, Caller ID
would display a number that was different from the main number of the clinic,
and most patients would’t answer, even though they were expecting a call
they’d requested. I finally built her an app that would dial the phone and
spoof the Caller ID with the clinic’s main number. (This was also helpful
because my wife was not the only on-call doctor, so a direct line to her was
only occasionally the correct number to dial after-hours. The best move for
patients was to always dial the main office number.)

------
gregmac
I was just reviewing my call detail records on my "home" number yesterday, and
realizing that the vast majority are spam - we pretty much don't answer that
phone. This got me thinking about alternatives to even ringing for any
unrecognised numbers, such as an IVR menu that said something like "Hi, we're
screening spam, press 4 2 if you're a real person". I'm not sure how that'd be
accepted by, for example, the dentist office though. Has anyone set something
like that up?

I really hope Twilio is successful with this - it would definitely help, so
long as there's a way to avoid abuse.

Just in case someone asks why I still have a "landline": it's VoIP, and I
maintain it for basically two reasons:

* We use our VoIP number anytime we have to give a number out as part of signing up for something, rather than cell numbers

* It typically costs me under $25/year, which is actually mostly the 911 fee (oh, and it's an extra way to call 911, if we need to)

~~~
bobbiechen
>Has anyone set something like that up?

Yes! I did "Captcha for phone calls" for a school project earlier this year.
It would play a quick message along the lines of "Hey, to ring my phone just
enter these numbers: XYZ", and redirect the call to my phone if the captcha
was correct.

The challenge was redirecting calls to the challenge even if they were
originally directed to my phone number - the solution was to write a custom
call handler (Android) that rejected calls if they weren't in my phone book,
and then set up call-forwarding on rejected calls to go to a Twilio number
with the challenge. There was a nice edge case where if I actually missed the
call, it would just redirect you to the challenge again... but it was good
enough for the class.

While testing, I accidentally actually got someone to use it! A guy repairing
my watch called me, got directed to the challenge, and actually followed
directions! Which was surprising to me. I also caught some obvious spam
callers (same first 6 digits), and unsure if there were any other real people
who did call and got confused or just hung up.

I've been meaning to clean up the code and publish it, but haven't gotten
around to it - there's lots of hardcoded numbers in there.

(Disclosure: currently employed by Twilio)

~~~
whitehouse3
Off topic: what kind of watch?

~~~
bobbiechen
Tisell Bauhaus, a very plain and simple design (though not immune to being
dropped, which is why I needed the repair).

------
ufmace
Well that's cool I guess. But:

1\. How are they partnering with all of the device companies to get this on at
least most phones? That'd be interesting to know.

2\. I guess somebody has to type that intro text. As long as they're doing
that, why bother with a normal call? How about just sending the text instead.
Or send a text and let me call back for more details when it suits me, either
right away or in 10 minutes. It sounds like whoever is sending these probably
has a call center or somebody who's job is to sit around and answer the phone
when it rings.

~~~
spbaar
1\. I'm really not sure yet. They haven't given any details publicly or
privately. I'm most curious to see how this will be supported on iOS.

2\. The demo on the keynote gave a great use case where a school nurse called
the speaker about their child, and she was very lucky to pick up and not let
it go to voicemail.

There are still a lot of use cases for calls to hammer out important details,
even if they are becoming rarer, like health or car maintenance, or places
where sms is associated more with spam. This is a great way to get the best of
both worlds, even if it's technically during the decline of calls.

~~~
cookie_monsta
> a great use case where a school nurse called the speaker about their child,
> and she was very lucky to pick up and not let it go to voicemail.

a) if you're a sloppy enough parent that you don't even have your kids' school
phone number saved as a contact, I suspect you're accustomed to relying on
luck.

b) "Use our service or your children might die" is fairly over the top
marketing, even for marketers.

~~~
ceejayoz
My kids' school doesn't have _one_ number. It varies, and they also use
emergency alert systems (presumably via something like Twilio) that don't
always come from a predictable number either.

~~~
cookie_monsta
I don't know why I care about this - it's a service offered to business and if
business wants to take it up that's their call. But if I were your kids school
I would be looking at the far simpler solution of having one outgoing caller
id regardless of the extension. I've had kids in school for 12 years now and
have never received emergency communication from them. For the great balance
of history, we've trusted schools to be able to make on the spot decisions on
our behalf because we didn't have a phone in our pocket. And rightly so - the
school has multiples of experience dealing with 8 year olds than I will ever
have. What could they possibly need to consult me about in real time?

~~~
ceejayoz
> What could they possibly need to consult me about in real time?

Your kid had an accident and needs new clothes. Your kid fell and is headed to
the hospital by ambulance. Your kid has a headache, can we give them
ibuprofen? etc.

~~~
cookie_monsta
1\. Not an emergency, but I'll see what I can do (although the 3 schools my
kids have been in have had spare clothes on hand for these situations)

2\. Good. I'll be there when I can being that you're not asking for my consent
and are more than qualified to make that decision

3\. You already have a list of my child's allergies. Follow your policy which
I have already agreed to, but thank you for the non-urgent notification

etc

------
asdfasgasdgasdg
I will install whatever app I need to get this service if it works as
advertised. Well done and congrats to the team(s) that worked on this project.
It's a travesty that we need a private company to solve this problem, or even
that the problem exists in the first place when we as a society could have
legislated it away a while ago. However, a fix is a fix.

------
dvfjsdhgfv
> it also potentially prevents consumers from receiving vital
> communications—calls from the doctor, banks that are flagging issues,
> schools calling about parents’ children.

That's bullshit. I have these important number in my address book. In the
unlikely case the doctor wants to call me from a phone booth or from their
friend's phone (why?), they'll leave a message and I'll call them back. As for
the bank, they know my e-mail and I asked them not to use the phone for
communication anyway.

Really, for many people there is no reason to answer unknown calls at all,
especially if their experience is that most of these is someone wanting to
sell something to them. Not to mention in our times asynchronous communication
is very important for mental health.

~~~
RHSeeger
Your response is the same bullshit you call on the message you're replying to.

\- I don't have the 10+ numbers that dial out from my doctor's office in my
phone

\- I don't have the 5+ numbers that dial out from my child's school in my
phone

\- I don't have the 10+ numbers that dial out from my child's doctor's office
in my phone

\- Banks (god knows how many numbers each from multiple banks) \- etc

It's literally impossible to have all the numbers I want to allow to reach me
in my phone.

The fact that _you_ happen to have a very limited set of numbers you need to
be able to be called from does not invalidate the fact that many people have a
vast amount of such numbers. Don't assume your anecdotal data speaks for
everyone.

------
jimnotgym
> Even more concern, 70% of consumers don’t answer a call if the caller’s
> number is anonymous. While that might cut down the number of unwanted
> robocalls, it also potentially prevents consumers from receiving vital
> communications—calls from the doctor, banks that are flagging issues,
> schools calling about parents’ children.

I don't understand how this helps with anonymous callers?

~~~
bksenior
Seriously?

Most corporations call from a featureless pile of numbers. Now you wont miss
the important calls from numbers you'd otherwise consider anon spam.

~~~
richardwhiuk
Surely if you are verified by twilio, you aren't anonymous?

------
gandutraveler
My phone is always on silent and I don't pick up any calls except if its from
my started contacts or if it's a pre-scheduled meeting. I do check my phone
every hour to see if there are any important missed calls. This has helped me
so much from distractions and overall well being. It took me a while to
realize that there is nothing that requires me to respond immediately and in
case of emergency I shouldn't be the one responding. There's 911 for that.

------
pjohri
With the new iOS beta allowing non recognized callers (not in address book) go
straight to voice mail, I see little use for this service now than before.

~~~
Jolter
It seems this service would allow calls from anonymous numbers to be
identified by the receiver. Just routing unknown numbers to voice mail will
lose you those calls. For example, my doctor's office always calls from
"unknown number".

------
erichurkman
> Even more concern, 70% of consumers don’t answer a call if the caller’s
> number is anonymous.

The concerning part is 30% still answer the calls.

~~~
jkaplowitz
Unfortunately sometimes important callers use anonymous numbers. I recently
had to deal with this in the public healthcare system where I live (not in the
US).

A certain person who needed to give me an appointment kept calling at
unpredictable afternoon and evening times from an anonymous number, ignoring
the voicemails I left with my availability info, and not proposing specific
times in her voicemails to me.

I did get the appointment in the end, but only by happening to notice one of
her calls in real time - still from an anonymous number - and answering.

I'm told similar important uses of anonymous numbers aren't too rare in this
public healthcare system.

------
propter_hoc
Interesting. Wonder if this is going to be a valuable public service in the
long run. For sure the monetary incentive is for Twilio to operate this like
an "acceptable ads" type shakedown [1], where companies pay Twilio to mark
their calls as "valuable information" rather than spam.

Arguably this should be administered by some trusted third party, like EFF.

[1]
[https://en.m.wikipedia.org/wiki/Adblock_Plus#Controversies](https://en.m.wikipedia.org/wiki/Adblock_Plus#Controversies)

------
juskrey
Huh? "We’re partnering with leading call identification apps"

Are that those shady apps which require your address book access just to
start, aren't they?

~~~
RandomBacon
How do you think those companies identify numbers? I'm guessing they see if
any of their other users have the number saved.

Of course they could still be doing shady things with people's contact lists
beyond that...

~~~
juskrey
They could do that silently or at least in some optional privacy-oriented way,
e.g. like Telegram or Signal.

Instead they are actively implementing features to disclose everything to
everyone.

------
aithrow
Received this unsollicited pearl from Twilio subsidiary Sendgrid today:

Hi aithrow,

One of my special interests is Whitebox machine learning, and has been for
many years

With the dominance of Blackbox techniques causing lots of ethical questions to
be raised on the uses of AI, I think it's time to revisit Whitebox techniques.

I’ve written a couple of non-technical articles on the subject on Medium:

Why, if you're planning to use AI you need a Whitebox system

Why are tech firms ignoring half of AI?

If you want to read about our Whitebox solutions please look at darl.ai

Whitebox machine learning is available (free) through our GraphQL API at
darl.dev

Thanks for reading,

Andy Edmonds Doctor Andy’s IP sales@darl.ai

P.S. A glitch in our mail handling software meant that a small number of
unsubscribes were missed on our last mailshot. If you were one of these my
apologies. Just unsubscribe again, we won’t miss you this time!

Sent by Dr Andy’s Back Office AI system

If you'd like to unsubscribe and stop receiving these emails click here .

------
RcouF1uZ4gsC
I wonder how many of the spam calls are actually powered by Twilio? Is this an
instance of a company trying to make money by getting paid by businesses on
one hand to do spam calls, and getting paid by consumers on the other hand to
block spam calls?

~~~
dqv
>I wonder how many of the spam calls are actually powered by Twilio?

Probably not very many. Think about it: the spammer has to pay for each minute
of call time on Twilio. Let's say a spammer spams for 12 hours a day at $0.013
a minute. On average that's $9.36 a day. So if they want to do this with 24
"lines", that's $224.46 a day.

Now consider the the cost of (on-premise) phone lines provided by a company
like Time Warner Cable: $25-$45 per line per month (the last time I checked).
That's more like $36 a day. So with Twilio the spammer would be paying 6x the
cost.

------
pier25
Android already does this, somewhat.

Whenever you receive a call you know beforehand if it's spam or not. Maybe a
handful of times in the last year I've received a spam call that wasn't marked
as spam. You can block callers and report as spam much like in Gmail.

When the call is not spam Android looks up on Google where the number is from
and it shows the name of the business in the call screen.

This is working great for me. A year ago I received 2-3 spam calls per day
which of course I've been blocking. Now I receive 1-2 spam calls per week at
the most. Some weeks I don't receive any.

~~~
sp332
I've never seen a call marked as "spam" on Android. What kind of phone do you
have, and which carrier?

Edit: My phone is from Samsung (who like to add a bunch of their own software
to base Android) and my carrier is AT&T.

~~~
blacksmith_tb
All the Pixels use Assistant to screen calls from numbers that aren't in your
contacts. You watch a live transcript of the caller / bot and you can answer
if it's legitimate or have it deliver a canned "stopping calling me and take
me off your list" which also reports the caller[1]

1: [https://www.theverge.com/2018/10/9/17955274/google-
pixel-3-s...](https://www.theverge.com/2018/10/9/17955274/google-pixel-3-spam-
calls-assistant-screen-filter) (I have Pixel 2, so the feature isn't just > 3
at this point)

------
abhchand
Hate this is a problem that needs to be solved.

Love that Twilio is trying to solve it with a cool, seemingly useful approach.

Hate that Twilio will probably use something proprietary for this that locks
people into their ecosystem even more.

------
paul7986
Been running iOS 13 with Silence all unknown calls..send them to voicemail
option.

Spam calls are no longer a bother Nor are really seen and important messages
from those not in my contacts leave voicemails.

------
cryptozeus
I can see few cases when I have not picked up calls but with this kind of
verification I would pick up if they ID correctly. Calls coming from 1:
hospital 2: library 3: my cable or phone company 4: my car or insurance
company etc.

I don’t have their corp numbers saved and if we can see who is calling then it
could be helpful.

------
commoner
Does anyone have a recommendation for a call filtering app that does not leak
your contact list to the app developer or a third party?

Open source is preferred, but any app with a solid privacy policy would do. It
would be nice to see suggestions for both Android and iOS.

~~~
jmiserez
iOS call blockers using the built-in API don't have this issue, it's like the
content blocking for Safari but for calls. You enable them under
Settings->Phone->Call blocking. See
[https://news.ycombinator.com/item?id=15025709](https://news.ycombinator.com/item?id=15025709)

------
johnbatch
If this works as advertised, this is great. Because of all the spam calls
people just don’t bother answering the phone at all.

We just started testing texting people before we call them and getting consent
on an opt in form to receive a text message.

Im still not sure on the “how”

------
taxidump
I have several pbx systems running, and granted this is a newer concept. Maybe
this will help residential calls, business calls on the other hand will most
likely allow the consumer to still take the path of least resistance.

------
alberth
How does this compare to the MNOs joining together to create Project Verify.

[https://mobileauthtaskforce.com/](https://mobileauthtaskforce.com/)

------
kylek
Is anything preventing debt collectors from being Verified by Twilio?

~~~
jpearson
I would expect that legitimate debt collectors will be verified by Twilio.

> Verified By Twilio displays company branding and a reason for the call right
> in front of the consumer

This should make the purpose of debt collection calls obvious, though I don't
see how they plan to enforce accurate call descriptions.

~~~
ceejayoz
> I don't see how they plan to enforce accurate call descriptions.

A reporting/flagging system, perhaps? "This call wasn't as described". After
enough reports, they lose the verified status.

------
reportgunner
_> Imagine a world where you receive a phone call and know exactly who it’s
coming from and what they’re calling about before you press the answer button.
Crazy, right?_

Now realize that it's not you who knows it, but rather a company that is
tracking all your phonecalls and decides _for you_ whether you should answer
or not.

 _> Through the programmability of the Twilio platform, businesses will also
be able to assign a purpose for each call to give further context._

So a malicious actor can assign a legitimate purpose to his phone call ? No
thanks

------
rsync
Unrelated, but since this is a twilio thread ...

Could you please, for the love of God, give us an email verb in twiml ? Please
?

------
hacknat
Isn’t robo calling about to be illegal?

~~~
mprev
It is illegal in many countries but it happens nonetheless.

~~~
Jolter
Not in some countries, because they have actual enforcement of the law.

~~~
jimbobimbo
The spam operations are usually overseas, not US based. This makes enforcement
harder and takes longer time. It still happens, because I see news about busts
in the press from time to time.

~~~
whamlastxmas
I wish I could tell T-Mobile to never accept calls not based in the US

------
kenneth
Are there any good apps on iOS that help block unwanted calls, and identify
callers?

------
wetpaws
My final and unfortunate solution for this was to stop accepting phone calls
altogether. Friends/relatives know to use Skype and IM, all important stuff
goes to voicemail, everything else is on permanent mute and ignore. I wonder
if it is the case for more and more people.

------
lonelappde
Why won't spammers just spoof the verified by twilio data?

------
wiradikusuma
Nothing to do with Twilio: If the recipient is a mobile number, can't just the
caller text the recipient when they don't pick up? E.g. IM YOUR DOCTOR, CALL
THIS NUMBER

------
gsich
Sounds like CNIP from ISDN.

------
blackbrokkoli
FFS USA, not every problem is a problem to solve by "the free market". You can
see the America-Is-Great Mindset in a lot of these comments: _Even_ the US has
a problem with robocalls, so that _must_ mean it's an unsolved problem
obviously. So we have to solve it with our superior technology!!

Just no. Almost nobody else in the western world has this problem. How?
Regulation. In Germany, if you get reported for unsolicited calling, the
Bundesnetzagentur will come to you and give you a very hefty fine, per
violation. Problem solved. I remember exactly four unsolicited calls in my
life, two of them on a number which was published in a phone book for 15
years.

Spam calling is not something were there is net value created for society so
we need an elaborated discussion of what is ok and what is not (like e.g. paid
universities). It just sucks. Make it illegal, and then actually enforce that.
The idea of creating a million dollar industry to create a telemarket arms
race is...not good.

~~~
nemesisj
I have lived in the U.K. for more than 8 years. I receive spam calls daily
from a combination of London and blocked numbers. Everyone I know here also
receives them frequently. I’m on the U.K. do not call list. It’s endless PPI,
“your recent accident”, and just normal phishing attempts. When I’m in the
Middle East it’s endless spam texts. I guess Germany has it figured out but by
no means is this an American only problem, or a solved problem in the Western
world.

~~~
stedaniels
I'm in the UK and have had the same number for a decade or so, I probably get
one a year? They are mainly from foreign companies. If said countries also had
our regulations, and a sharing agreement in place, it wouldn't be an issue.

~~~
dazc
I am in the same situation yet I know people who are plagued by such calls.
There must be something that triggers this off?

Having said that, these people will also give their phone number and email
address to anyone who asks whereas I do not. If I have to enter a phone number
on a form and it's isn't immediately obvious why I should do that then I'll
make-up a number.

~~~
crtasm
If you're not doing so already, please pick numbers that will never end up in
use by someone else. E.g. for UK: [https://www.ofcom.org.uk/phones-telecoms-
and-internet/inform...](https://www.ofcom.org.uk/phones-telecoms-and-
internet/information-for-industry/numbering/numbers-for-drama) (expand the
Notes section)

~~~
dazc
That's a useful list I never knew existed. Thanks.

------
jonny_eh
This may be the most valuable innovation out of Silicon Valley in 10 years.
Talk about solving a pain point!

