Who's Behind the Call? Why Digital Communications Need Verifiable Organizational Identity
As AI makes voice and text impersonation near impossible to detect, the telecommunications industry requires a new strategy – underpinned by verifiable organizational identity – to realize a future where every call and message can be trusted.
Author: Alexandre Kech
Date: 2026-04-17
Views:
The hundreds of millions of fraudulent and spam calls and messages received every day are a significant and growing societal problem.
In response, enterprises and network operators have invested heavily in fraud detection systems, AI-based filtering, and pattern recognition to identify illegitimate calls and messages. These tools have delivered meaningful results but share a fundamental limitation: they are reactive. They identify fraud after a communication has already entered the network, rather than preventing it from appearing to originate from a trusted source in the first place.
The billions of communications now flowing through global networks every day make any purely detection-based approach increasingly difficult to sustain. And as AI-generated voice becomes capable of replicating a person or an organization with high fidelity, the question of whether a communication is real or fabricated is becoming impossible to answer through analysis alone.
What is needed is not better detection. It is a way to verify the identity of the organization behind a communication before it reaches its destination.
The question that national systems cannot answer alone
Telecommunications has always been governed at the national level. Regulatory authorities control how numbers are allocated, which carriers can operate, and what standards apply within their jurisdiction. That model served the industry well for decades, but times have changed irrevocably. Digital communications constantly cross borders, and when they do, the jurisdictional certainty that underpins national systems disappears. A call originating in one country and terminating in another carries no shared, standardized proof of its sender, meaning the recipient has no reliable mechanism to verify the identity of the originating organization.
This stems from the layered way authority flows through a telecommunication. A national regulatory authority assigns number blocks to licensed carriers; a carrier allocates numbers to enterprises; and an enterprise may delegate the use of those numbers to a cloud contact center or a web conferencing platform operating in another jurisdiction. By the time a call reaches the recipient, it has passed through multiple parties, each with different responsibilities and different authority.
Today, that chain of delegation cannot be verified. A recipient has no way of knowing whether the number on their screen is being used legitimately at each stage or was taken without authorization.
This is the gap that the Global LEI System, maintained by GLEIF as an internationally recognized organizational identity management infrastructure and a global Digital Public Infrastructure (DPI), can fill. It provides the only globally governed, ISO-standardized identifier for legal entities: the Legal Entity Identifier (LEI). Its digital counterpart, the verifiable LEI (vLEI), extends that standard into the digital domain. It allows counterparties to computationally verify not just which organization a communication claims to come from, but who within that organization is authorized to act on its behalf, and on what basis.
That distinction carries real weight for telecommunications. Knowing that a call is associated with a particular company is one thing. Knowing that the number in use has been legitimately delegated to that company by the carrier that allocated it, under a regulatory framework that authorized the allocation, is another. The vLEI makes this second kind of verification possible across borders.
Identity that travels with the communication
The vLEI is built on a cryptographic system that allows authority to be chained from one party to the next in a tamper-resistant, globally readable way. The delegation from 'regulator' to 'carrier' to 'enterprise' to 'contact center' can be represented as a verifiable data structure, traceable back to a recognized root. It becomes possible to ask not just who a number was originally assigned to, but whether every party in that chain had the authority to use it, and to receive a cryptographically provable answer.
The cryptographic system making this possible is built on KERI (Key Event Receipt Infrastructure), an open standard for creating and managing cryptographic identifiers that do not depend on a central registry or intermediary. Rather than asking a trusted third party to validate a credential, KERI roots trust directly in cryptographic key pairs controlled by the identity holder. For telecommunications, this is significant. It means the delegation chain from 'regulator' to 'carrier' to 'enterprise' can be verified by any party in any jurisdiction without querying a central authority.
This enables decentralized, cross-border verification at the scale the industry requires and changes what trust in communications can mean. For instance, instead of filtering out fraudulent calls after they enter the network, an enterprise can demonstrate, before a call is placed, that the number, organization, and authorized person behind it are all verifiable. Rather than relying on a caller ID that anyone can spoof, businesses could project a brand identity, confirmed by a verifiable credential. Rather than asking users to judge whether a call looks legitimate, they would be able to know.
A principle that extends beyond the phone call
The logic at work here is not limited to voice calls or text messages. Any digital communication, document, or data exchange raises the same question: which organization stands behind this, and can that be verified? The same credential that establishes organizational identity in a telecommunications context can be used to sign a regulatory filing, authenticate a trade document, or verify a supplier certification. The infrastructure does not need to be rebuilt for each use case. The root of trust is shared.
This matters because alternative identity systems built independently for different domains and use cases create fragmentation, which is itself a security risk. The more that separate identity frameworks proliferate, the harder it becomes to establish consistent standards, and the easier it becomes to exploit the gaps between them.
In contrast, the Global LEI System – as a globally recognized, publicly accessible, and independently governed organizational identity infrastructure – makes consistent verification possible across sectors and borders.
Because it is open to any carrier, regulator, or enterprise, it functions as shared infrastructure rather than another proprietary silo. That neutrality makes it viable as a root of trust across competing networks and borders.
Revolutionizing trust in telecommunications
The limits of detection-based approaches to communications fraud, and the case for verifiable organizational identity as a more durable foundation, were central themes in my recent Trust Talks conversation with Randy Warshaw, Co-Founder and CEO of Provenant.
We explored why the reactive model of fraud prevention is running into the limits of what AI now makes possible, how the vLEI can serve as a shared root of trust for business communications across jurisdictions, and why proving the chain of delegation behind a phone number may be the key to rebuilding trust in digital communications at scale.
Listen to the full Trust Talks episode to explore how verifiable organizational identity is being applied to telecommunications, and what it would mean for every call and message to carry cryptographic proof of the organization behind it.
If you would like to comment on a blog post, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion board you agree to abide by the terms of the GLEIF Blogging Policy, so please read them carefully.
Alexandre Kech is the CEO of the Global Legal Entity Identifier Foundation (GLEIF).
Prior to joining GLEIF, Alexandre Kech was Head of Digital Securities at the SIX Digital Exchange. As a member of the Executive Board, Alex had full executive responsibility for the Digital Securities business vertical, including sales and relationship management, product development, business design, and ecosystem expansion.
Over the past 25 years, Alex has constructed a unique career combining finance at BNY Mellon, payments/securities infrastructure and standards at SWIFT, and blockchain and digital assets at Onchain Custodian (ONC) and, most recently, Citi Ventures. As co-founder and CEO of ONC, Alex led the Singapore and Shanghai-based team that built custody and prime brokerage services for crypto and other digital assets from scratch. As Blockchain & Digital Asset director at Citi Ventures, he built a team to engage the European ecosystem on emerging use cases for blockchain technologies and digital assets.
Alex is also involved in industry and standardization initiatives. As the convenor of the ISO TC 68 / SC8 / WG3, which produced the ISO 24165 Digital Token Identifier (DTI), he is a member of the DTI Foundation Product Advisory Committee. He also recently served as co-chair of the Global Digital Finance (gdf.io) custody working group.
Alex earned a bachelor’s degree in translation and an Executive MBA from the Quantic School of Business and Technology while building Onchain Custodian, putting theory into practice in real-time.
