Frequently Asked Questions About Caller-ID
v1.1 Mar. 1994
1) What is Caller-ID ?
First ask "What is ANI"
2) OK, What is ANI ?
ANI or Automatic Number Identification is a mechanism by which
the different telephone companies determine what account is to be
charged for a call, This information is passed between Telcos and
was originally for billing purposes and predated both SS7
(Signaling System 7) and (C)LASS (Local Area Signaling Services
was the original AT&T designations, the "C" was added by Bellcore
after divesture) services which make CNID or Calling Number
IDentification as Caller-ID is more properly known, possible.
Since the Telcos had ANI, the decision was made to make it
available to authorized parties such as 911 service and law
enforcement agencies. ANI is also used to let a Telco operator
know who is calling.
More recently, ANI is used to report to 800 and 900 subscribers,
who made the calls they have received, in the first case so that
the 800 subscriber knows who the charge is for, and so that 900
number subscribers know who to charge.
Thus while ANI is similar to CALLER-ID and may provide the same
information, they are actually two different services and ANI
information is not necessarily the same as what will appear on a
3) Now (maybe) what is Caller-ID ?
Caller-ID is a Telco offering that is a byproduct of (C)LASS
services. In this case, only those numbers reported by
participating exchanges are returned, exactly which are and which
are not is currently (March 1994) at the Telco's discretion.
The Federal Government has stated that it is their intent that
nationwide CNID be available by mid-1995. The full text of this
decision may be found FCC Report No. DC-2571 issued on March 8,
The biggest effect of the ruling is to mandate transport of CPN
(customer provided number) information between interconnecting
networks eliminating the effective inter-LATA-only limitation
that exists today in most areas.
Currently there are two types of Caller-ID. The first (often
referred to as "basic" service) just returns the calling number
or an error message and the date/time of the call.
The second ("enhanced" Caller-ID) also may return the directory
information about the calling number. At a minimum, the name of
the subscriber is returned (the subscriber is not the same as the
caller, the phone company has no way to determine who is actually
on the line).
4) How is the Caller-ID information provided ?
As a 1200 baud, 7 data bits, 1 stop bit data stream usually
transmitted following the first and before the second ring signal
on the line. Note that this is not a standard Bell 212 or CCITT
v22 data format so a standard modem will probably not be able to
receive it. Further, the serial information exists as such only
from the recipient's switch to the callee's location. Between
carriers the signal exists as data packets.
The signal is provided before the circuit is complete: picking up
the receiver before the data stream is finished will stop/corrupt
Currently there are two types of information returned: a "short
form" which contains the date/time (telco and not local) of the
call and the calling number or error message. The "long form"
will also contain the name and possibly the address (directory
information) of the calling phone.
The "short form" stream consists of a set of null values,
followed by a two byte prefix, followed by the DATE (Month/Day),
TIME (24 hour format), and number including area code in ASCII,
followed by a 2s compliment checksum. Most modems/caller id
devices will format the data but the raw stream looks like this :
A formatted output would look like this:
Date - Feb 28
Time - 1:34 pm
Number - (407)555-7777
5) Can a Caller-ID signal be forged/altered ?
Since the signal is provided by the local Telco switch and the
calling party's line is not connected until after the phone is
answered, generally the signal cannot be altered from the distant
end. Manipulation would have to take place either at the switch
or on the called party's line.
However, the foregoing applies only to a properly designed CNID
unit. For instance the Motorola M145447 chip has a "power down"
option that wakes the Chip up when the phone rings for just long
enough to receive, process, and deliver the CNID signal after
which it shuts down until the next call.
Should this option be disabled, the chip will be in a "listen
always" state and it is theoretically possible to "flood" a line
making a vulnerable box record successive erroneous numbers.
I have received a report of a device called "Presto Chango" that
can transmit an extra ADSI modem tone after the call has been
picked up that will cause a susceptible box to display the later
information. It was also reported to me that CNID boxes marketed
by US-West as their brand and made by CIDCO have been used to
demonstrate the "Presto Chango" box.
6) What is "ID Blocking" ?
Most Telco's providing Caller-ID have been required to also
provide the ability for a calling party to suppress the Caller-ID
signal. Generally this is done by pressing star-six-seven before
making the call. In most cases this will block the next call only
however some Telcos have decided to implement this in a
bewildering array of methods. The best answer is to contact the
service provider and get an answer in writing.
Currently this is supplied as either by-call or by-line blocking.
By-Call is preferred since the caller must consciously block the
transmission on each call. By-Line blocking as currently
implemented has the disadvantage that the caller, without having
a second caller-id equipped line to use for checking, has no way
of knowing if the last star-six-seven toggled blocking on or off.
Note that blocking is provided by a "privacy" bit that is
transmitted along with the CNID information and so is still
available to the Telco switch, just not to the subscriber as a
CNID signal. Consequently related services such as call trace,
call return, & call block may still work.
7) What happens if a call is forwarded ?
Generally, the number reported is that of the last phone to
forward the call. Again there are some Telco differences so use
the same precaution as in (6). If the forwarding is done by
customer owned equipment there is no way of telling but will
probably be the last calling number.
Note that as specified, CNID is *supposed* to return the number
of the originating caller but this is at the mercy of all
forwarding devices, some of which may not be compliant.
8) What happens if I have two phone lines and a black box to do
the forwarding ?
If you have two phone lines or use a PBX with outdialing
features, the reported number will be that of the last line to
dial. Currently there is no way to tell a black box from a human
holding two handsets together.
9) I called somebody from a company phone (555-1234) but their
Caller-ID device reported 555-1000.
Often a company with multiple trunks from the Telco and their own
switch will report a generic number for all of the trunks.
There is a defined protocol for PBXs to pass true CNID
information on outgoing lines but it will be a long time before
all existing COT (Customer Owned Telephone) equipment is upgraded
to meet this standard unless they have a reason to do so.
10) I run a BBS. How can I use Caller-ID to authenticate/log
There are two ways. The first utilizes a separate Caller-ID box
with a serial cable or an internal card. This sends the
information back to a PC which can then decide whether to answer
the phone and what device should respond. Some of these are
available which can handle multiple phone lines per card and
multiple cards per PC.
The second (and most common) is for the capability to be built in
a modem or FAX/modem. While limited to a single line per modem,
the information can be transmitted through the normal COM port to
a program that again can decide whether or not to answer the
phone and how. There is a FreeWare Caller-ID ASP script for
Procomm Plus v2.x available for FTP from the Telecom archive.
Most such software packages will also log each call as it is
received and the action taken.
Of course for true wizards, there are chips available (one of the
first was the Motorola MC145447) that can recognize the CNID
signal and transform it into a proper RS-232 (serial) signal.
11) How is security enhanced by using Caller-ID over a Call-Back
service or one-time-passwords for dial-up access ?
Caller-ID has one great advantage over any other mechanism for
telephone lines. It allows the customer to decide *before*
picking up the receiver, whether to answer the call.
Consider hackers, crackers, and phreaks. Their goal in life is to
forcibly penetrate electronic systems without permission (sounds
like rape doesn't it ?). They employ demon dialers and "finger
hacking" to discover responsive numbers, often checking every
number in a 10,000 number exchange.
If they get a response such as a modem tone, they have a target
and will often spend days or weeks trying every possible
combination of codes to get in. With Caller-ID answer selection,
the miscreant will never get to the modem tone in the first
place, yet for an authorized number, the tone will appear on the
second ring. Previously the best solution for dial-ups was to set
the modem to answer on the sixth ring (ats0=6). Few hackers will
wait that long but it can also irritate customers.
12) What error messages will Caller-ID return ?
a) "Out of Area" - (Telco) the call came from outside the Telco's
service area and the Telco either has no available information or
has chosen not to return what information it has.
b) "Blocked" or "Private" - (Telco) the caller either has
permanent call blocking enabled or has dialed star-six-seven for
this call. You do not have to answer either.
c) "Buffer Full" - (device manufacturer) there are many Caller-ID
devices on the market and exactly how they have chosen to
implement storage is up to the manufacturer. This probably mans
that the divide has a limited buffer space and the device is
either losing the earliest call records or has stopped recording
d) "Data Error" or "Data Error #x" - (device manufacturer)
signal was received that was substandard in some way or for which
the checksum did not match the contents.
e) "No Data Sent" - (device manufacturer) Signal was received
consisting entirely of nulls or with missing information but a
13) Why are so many people against Caller-ID ?
FUD - Fear, Uncertainty, & Doubt or 10,000,000 lemmings can't be
wrong. There were some justifiable concerns that some people
(battered wives, undercover policemen) might be endangered or
subject to harassment (doctors, lawyers, celebrities) by
Caller-ID. As mentioned above there are several legitimate ways
to either block Caller-ID or to have it return a different
number. It is up to the caller. The advantage is that with
Caller-ID, for the first time, the called party has the same
"right of refusal".
Expect yet another Telco service (at a slight additional charge)
to be offered to return an office number for calls made from
home. Crisis centers could return the number of the local police
Compiled by Padgett Peterson. Constructive comments to:
email@example.com Brickbats >nul.
Thanks for additional material to:
David J. Kovan
David G. Lewis
but the mistakes are all mine - Padgett (Ignorance is curable)
The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to firstname.lastname@example.org.