Years into the robocalling frenzy, your phone probably still rings off the hook with "important information about your account," updates from the "Chinese embassy," and every bogus sweepstakes offer imaginable. That's despite promises from the telecom industry and the US government that solutions would be coming. Much like the firehose of spam that made email almost unusable in the late 1990s, robocalls have made people in the US wary of picking up their cell phones and landlines. In fact, email spam offers a useful analogy: a scourge that probably can't be eliminated, but can be effectively managed.

Finding the right tools for that job remains a challenge. The Federal Trade Commission has had a strong track record in its 140 robocall-related suits, including a recent victory at the end of March that targeted four massive operations. Bipartisan anti-robocalling legislation is gaining traction in Congress. Apps that flag or block unwanted calls have matured and are solidly effective. And wireless carriers—in part facing pressure from the Federal Communications Commission—have increasingly offered their own anti-robocalling apps and tools for free.

Yet the number of robocalls continues to hit new highs. The anti-robocalling company YouMail estimates that March 2019 saw 5.23 billion robocalls, the highest volume ever. And other firms recorded similar highs. But those numbers don't take into account calls that were successfully blocked. A more useful measure might be the number of complaints filed per month to the FCC and FTC, which remained mostly static in 2018 and the beginning of 2019.

"Even though we’re at an all-time high, there’s some good news," says YouMail CEO Alex Quilici. "The numbers may be creeping up a little bit, but the situation seems to be mostly stable at this point. We have not turned the corner, but maybe the corner is in sight."

In fact, some consensus has emerged about where that corner is. Industry groups led by the Alliance for Telecommunications Industry Solutions have been working since 2016 on a pair of standards, dubbed "STIR" and "SHAKEN," that will be used across landline, mobile, and VoIP carriers to cryptographically authenticate the source of calls. Basically, this means that the "spoofed" phone numbers robocallers rely on to ramp up their call volume—also the reason so many robocalls appear to come from your area code—will be easily flagged as untrustworthy.

"If you don’t answer the phone the robocaller has to work harder, so they generate more calls. It's a death spiral." Alex Quilici, YouMail

A spoofed call is really just one that displays inaccurate caller ID information, using one of the numerous web portals and apps that enable obfuscation. VoIP software also allows robocallers to bounce their calls around the telephony network a few times before connecting, making it more difficult for law enforcement and service providers to trace robocalls back to their origins. In addition to authenticating that calls are really coming from the numbers they claim, STIR and SHAKEN will also append an "Origin ID" to every call, making it much easier to track robocalls to the source.

ATIS and the newly formed governing bodies of STIR and SHAKEN are still figuring out what exactly consumers will see on their phones when a number pops up—maybe a green check mark or red alert, depending on the source. They're also coordinating how to share their findings with third-party robocall-blocking apps. ATIS hopes that STIR and SHAKEN will begin to reach consumers by the end of 2019 or beginning of 2020, but the process of setting up the platform's cryptographic checks and deploying the protocols across every telephony provider in the US is, as you might guess, complicated.

Still, it's doable. Comcast and AT&T demonstrated the first cross-carrier call with the authentication check in March, and other carriers like Verizon have announced that they'll implement the protocols. An FCC official told WIRED, though, that it will take time for the process to trickle down to every small and medium-sized provider. The agency has recently pressured large carriers to make the initial investment. FCC Chairman Ajit Pai specifically threatened "regulatory intervention" in February if carriers don't adopt STIR and SHAKEN.