General security

What is the difference between DNIS and ANI?

Howard Poston
March 21, 2019 by
Howard Poston

Dialed Number Information Service (DNIS) and Automatic Number Identification (ANI) are features of the telecommunications network designed to allow telephone users to learn about their connection. Both systems are designed to provide information about a phone number involved in the connection but differ in whether they provide the source phone number, or the original destination number dialed to the recipient.

Dialed Number Information Service (DNIS)

Dialed Number Information Service (DNIS) is designed to allow the recipient of a telephone call the know the phone number originally dialed for an incoming phone call.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

The telecommunications system allows multiple phone numbers to be matched to a single telephone number. The most obvious example of this is 800 numbers within the United States. No organization is actually assigned an 800 number as their phone number; these are numbers that organizations can sign up for via a “Responsible Organization” (or RespOrg) to have forwarded to their traditional number.

The primary use of 800 numbers is for customer service, and many organizations register multiple different forwarding numbers in order to easily sort phone calls. For example, multinational or multilingual organizations may have multiple different phone numbers that map to the same organizational phone number.

When a user calls the organization using one of their phone numbers, the organization can use DNIS to direct the call to the correct recipient. If a user calls the organization’s “Spanish language” number, then the organization can route the call to one of their Spanish-speaking customer service agents.

DNIS can also be used to help improve security against social engineering attacks. An organization can advertise one number internally and another externally and route them to the same phone. Based on the number that is originally dialed, the organization can warn the recipient if this is likely to be a “trusted” or “untrusted” call without implementing a whitelist/blacklist for internal, mobile and personal numbers of employees.

Automatic Number Identification (ANI)

Automatic Number Identification (ANI) was originally developed to simplify the billing process for telephone operators. Rather than manually request the origin phone number for a telephone call, ANI transmits this information as data, simplifying the process.

ANI is still used for managing billing for toll-free phone lines (1-800, 1-888 and so on). These lines do not follow the traditional billing scheme for phone lines where the origin caller pays, and the owners of toll-free numbers receive itemized bills, so knowing the source numbers of phone calls is important.

ANI is also used within the phone company for testing purposes. Field technicians can call certain unpublished test numbers from a given line and use ANI to identify the phone number associated with the given cable.

ANI is not the same system used by modern caller ID technology. In fact, caller ID blocking does not block the transmission of ANI information. This has both advantages and disadvantages from a privacy and security perspective, as it allows a user or organization to identify a caller (even if caller ID is blocked) but blocks people’s ability to hide their own information. Access to ANI capture technology is available to both commercial and residential users (typically for a fee).

Comparing DNIS and ANI

The primary difference between DNIS and ANI is the end of the connection that the value is designed to identify. Both systems are designed to provide the actual phone number at one end of the connection, but DNIS is designed to provide the recipient with the original destination number and ANI is designed to provide the true origin number to the recipient. As mentioned previously, different things can be used to conceal one number from the other end of the connection (caller ID blocking or the use of call forwarding) but using DNIS and ANI bypasses these protections.

Implications of DNIS and ANI

The existence of DNIS and ANI and the wide availability of access to the technology (both to individuals and organizations) has multiple privacy and security implications. Some of these impacts are positive, while others negatively affect the privacy of the user.

Implications of DNIS

By using DNIS in conjunction with call forwarding, an organization or individual can use the target phone number of a call as input for decisions about call routing and similar operations. DNIS can also be used as part of an organization’s security strategy. By providing different numbers internally and externally for a given phone number, the organization can determine if a phone call originated internally or externally and apply appropriate protections without maintaining whitelists or blacklists.

 

Implications of ANI

The fact that ANI is not blocked by caller ID can be beneficial or harmful for an organization. From a positive standpoint, it’s useful for an individual or organization attempting to determine the source of a phone call. When receiving a call from a telemarketer or other social engineer, knowing the source phone number is valuable when determining whether or not to answer the call and the necessary level of caution.

On the negative side, organizations and individuals no longer have the ability to preserve their anonymity when making a call. Under circumstances where anonymity is important, an individual may legitimately use caller ID blocking to protect themselves without knowing that the recipient is taking advantage of DNIS and knows their actual phone number.

DNIS versus ANI

DNIS and ANI are designed to provide the recipient of a phone call with more information about the incoming connection. DNIS tells the number that was originally dialed (which may differ from the end phone number due to call forwarding), while ANI tells the number of the phone setting up the connection. These systems were originally designed to help the telephone companies but are also available to end consumers and can be used for a variety of purposes, including improving privacy and security.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

 

Sources

  1. Understanding Inbound and Outbound Dial Peers Matching on IOS Platforms, Cisco
  2. What Is a Toll-Free Number and How Does it Work?, fcc.gov
  3. Caller ID Blocking: Your right to control who gets your phone number, Verizon
Howard Poston
Howard Poston

Howard Poston is a copywriter, author, and course developer with experience in cybersecurity and blockchain security, cryptography, and malware analysis. He has an MS in Cyber Operations, a decade of experience in cybersecurity, and over five years of experience as a freelance consultant providing training and content creation for cyber and blockchain security. He is also the creator of over a dozen cybersecurity courses, has authored two books, and has spoken at numerous cybersecurity conferences. He can be reached by email at howard@howardposton.com or via his website at https://www.howardposton.com.