What is SS7?

SS7, or Signaling System No. 7, is a set of telephony signaling protocols developed in 1975, which is used to set up and tear down most of the world's public switched telephone network (PSTN) telephone calls.

Understanding SS7

SS7 is a communication protocol that facilitates call setup, routing, exchange, and billing functions across telecommunications networks. It transmits messages between different service providers, supporting both fixed and mobile networks. This system is necessary for connecting networks and allowing seamless communication by managing calls and text message processing and routing. SS7 also provides session information such as Caller ID and billing details for the circuit-switched infrastructure.

SS7 in the context of text messaging formats

An FCC public notice briefly discussed the role of SS7 as a necessary protocol enabling the delivery of SMS messages across different networks. Unlike newer methods such as internet-based messaging apps that rely on data connections, SS7 operates within the traditional telecommunications infrastructure. 

It was created to standardize how calls and messages are routed and managed across diverse telecommunication networks, ensuring seamless communication regardless of the service provider. SS7's application in text messaging involves routing messages, managing inter-network connectivity, and ensuring messages reach their intended recipients accurately and efficiently. SS7 has since given way to alternative solutions in recent years.

See also: The guide to HIPAA compliant text messaging

Common use cases of SS7

1. Facilitating call setup, routing, and disconnection.
2. Enabling local number portability.
3. Supporting toll-free (free phone) and freephone services.
4. Managing mobile services such as SMS, roaming, and voice mail.
5. Providing caller ID and call waiting information.
6. Enabling prepaid billing mechanisms.
7. Supporting conference call services.
8. Allowing for the interception of calls and messages for lawful surveillance.
9. Enabling location-based services for mobile users.
10. Facilitating emergency services location information.

See also: How HIPAA compliant email can improve telehealth services

Why SS7 has become obsolete

SS7, once the backbone of global telecommunications, has gradually become obsolete due to its aging infrastructure and inherent security vulnerabilities. Initially designed for fixed-line telephony, SS7 wasn't built with modern digital threats in mind, leading to gaps that can be exploited for eavesdropping, fraud, and unauthorized tracking. As the world shifted towards the internet and mobile communication, the demand for more secure, versatile, and data-capable technologies grew. 

Enter protocols like Diameter for 4G/LTE networks and the newer systems used in 5G, offering enhanced security features and support for the vast data transmission needs of today's digital services. These advancements provide robust encryption, authentication, and improved efficiency, addressing many of SS7's shortcomings. Consequently, as telecommunications infrastructure evolves towards these next-generation networks, the reliance on SS7 diminishes, rendering it a legacy system progressively phased out in favor of these modern, secure, and flexible communication protocols.

See also: The elements of a good disaster recovery plan

FAQs

Why is SS7 important?

SS7 assists in the functioning of modern telecommunication networks, enabling a wide range of services that consumers and businesses rely on every day.

How are telecommunications networks addressing SS7 security issues?

Telecommunications networks are implementing various security best practices, such as monitoring and filtering SS7 traffic, sharing threat information, and adopting newer, more secure protocols as they transition to advanced mobile network technologies.

Can SS7 be used for legitimate tracking and surveillance?

Yes, SS7 can be used for legitimate tracking and surveillance purposes, primarily by law enforcement and intelligence agencies. With appropriate legal authorization, these entities can use SS7 to intercept communications, track the location of mobile devices, and gather intelligence for criminal investigations or national security purposes.