Federal government creates verified call system to combat phone fraud.

Given the rise in phone scams in Brazil, the federal government The company announced the creation of a verified calling system that promises to strengthen communication security and reduce fraud. The initiative foresees the use of digital credentials and cryptographic validation to confirm the identity of the caller, preventing criminals from impersonating others. banks, operators or public bodiesWith development planned over three years and testing in partnership with operators, the proposal seeks to bring more confidence to the user and modernize the way calls are authenticated in the country.

How the system will work

The system developed by CPQD (Center for Research and Development in Telecommunications) and using resources from Funttel (Fund for the Technological Development of Telecommunications), linked to Ministry of CommunicationsThis is based on the creation of verifiable digital credentials, which function as a secure identity to validate phone calls. Instead of relying solely on the number displayed on the screen, which can be falsified, the call undergoes cryptographic verification that confirms whether the caller is indeed who they claim to be, such as a bank or government agency.

In practice, trusted institutions will be responsible for issuing these digital credentials to users. They are stored on the user's own cell phone, in a kind of digital wallet, and are used automatically whenever a call or interaction needs to be validated, without requiring any action from the user. When a call is made, the system cross-references the call information with this credential. If there is a valid match, that is, if the origin is legitimate and authenticated, the user receives an indication that the call is trustworthy. Otherwise, the system alerts that there is no verification, even if the displayed number appears to be genuine.

This process happens through cryptographic proofs, which use algorithms to guarantee the authenticity and integrity of the communication. Unlike current models, which can fail on international calls or on older networks, this validation depends not only on the telephony infrastructure, but also on the certified digital identity of the sender.

Another important point is that the system was designed to operate in a decentralized manner, reducing the need for large centralized databases, which are often targets of data leaks. This puts more control of information in the hands of the user, increasing privacy and making it more difficult for fraudsters who rely on access to sensitive data to commit scams.

Currently, the Anatel already provides the service Verified Origin, which offers a verification badge for businesses, similar to that of social media. However, coverage is still limited and participation will only be mandatory in 2028. The new solution proposed by the government seeks to overcome these limitations by allowing proof of the caller's identity on any channel, including indicating the purpose of the call.

The project foresees an investment of R$16,82 million by 2028 It will be implemented gradually, with tests conducted in partnership with telephone operators. Another important differentiator is the possibility of revoking credentials in case of problems, in addition to additional applications, such as blocking access in case of theft or loss of the cell phone, functioning in a complementary way to the program. Safe cell phone.

How to obtain a verifiable digital credential

To obtain a verifiable digital credentialThe first step will be to link yourself to a trusted issuing institution. This includes banks, telephone operators, and public bodies, which will be authorized to generate these credentials. The process should take place within the institutions' own applications, where the user already has a registration and an active relationship.

During the application process, the user's identity will be validated based on data already held by the institution. Depending on the case, additional confirmation methods may be used, such as biometrics, passwords, or codes sent to the mobile phone. The goal is to ensure that the credential is issued securely and correctly linked to the right person.

Once validated, the credential will be stored on the user's own smartphone, in a secure digital wallet. This local storage is one of the system's key differentiators, as it avoids concentrating data on central servers and reduces the risk of leaks. The user gains direct control over their credentials and can use them when needed.

From then on, usage becomes automatic. Whenever there is a call or interaction that requires verification, the credential will be activated to confirm the authenticity of the origin. If the user changes devices or loses their cell phone, it will be possible to revoke the old credential and issue a new one, maintaining the system's security.

What types of blows will be prevented?

With the arrival of this new system, several scams that exploit users' trust in phone calls are expected to be reduced. Below, see what they are. the main types of fraud that can be prevented with this technology.

spoofing

This is the type of scam that underlies many telephone frauds. spoofingIn this type of scam, the criminal falsifies the number displayed on the screen to make the call appear to come from a trusted source, such as a bank or even a saved contact. For example, the person sees the official bank number on the screen and answers believing it to be legitimate. The difference here is that spoofing is not a final scam in itself, but a technique used to lend credibility to other frauds.

Fake bank teller scam

In this case, The criminal poses as an employee of a financial institution. And it uses convincing language to deceive the victim. It might claim there was a suspicious purchase and ask for confirmation of details, or request that the person make a transfer to "protect" the money. Often, this scam uses spoofing to appear even more realistic. The main characteristic is the direct approach, with someone speaking as if they were a trained customer service representative.

The "account problem" scam

Here, the focus is on generating urgency and fear. The scammer claims that the user's account has been blocked, hacked, or has a serious error, and that it is necessary to act quickly.For example, it might ask the victim to click on a link, provide passwords, or follow instructions in the bank's app. The difference compared to the fake customer service representative scam is that this scam emphasizes a sense of urgency, pressuring the person to act without thinking.

Fake services and improper charges

In this type of fraud, The criminal offers or charges for services that do not exist or that were not requested.A common example is a call claiming there is an outstanding debt or a subscription about to be canceled, demanding immediate payment to avoid losses. Unlike bank scams, here the focus is not necessarily on accessing the victim's account, but on inducing them to pay for something fake.

Spam calls

Although they are not always direct blows, spam calls These are mass calls made by companies or scammers to offer products, services, or even to try to identify potential victims. For example, a person receives several calls throughout the day with suspicious offers or automated recordings. The difference is that spam can be merely annoying, but it can also serve as a gateway to more elaborate scams, as it tests who answers and is most vulnerable.

And you? What do you think of this new... verified call system What will be implemented by the federal government? Tell us in the comments below.

See also:

Source: Folha de São Paulo, gov e TNH1.

reviewed by Luis Antonio Costa in 14 / 04 / 26.