Signaling System 7 (SS7) is an international telecommunications standard that defines how network elements in a public switched telephone network (PSTN) exchange information over a digital signaling network. Nodes in an SS7 network are called signaling points.
SS7 consists of a set of reserved or dedicated channels known as signaling links. There are three kinds of network points signaling points: Service Switching Points (SSPs), Signal Transfer Points (STPs), and Service Control Points (SCPs). SSPs originate or terminate a call and communicate on the SS7 network with SCPs to determine how to route a call or set up and manage some special feature. Traffic on the SS7 network is routed by packet switches called STPs. SCPs and STPs are usually mated so that service can continue if one network point fails.
SS7 uses out-of-band signaling, which means that signaling (control) information travels on a separate, dedicated 56 or 64 Kbps channel rather than within the same channel as the telephone call. Historically, the signaling for a telephone call has used the same voice circuit that the telephone call traveled on (this is known as in-band signaling). Using SS7, telephone calls can be set up more efficiently and special services such as call forwarding and wireless roaming service are easier to add and manage.
SS7 is used for these and other services:
- Setting up and managing the connection for a call
- Tearing down the connection when the call is complete
- Managing call forwarding, calling party name and number display, three-way calling, and other Intelligent Network (IN) services
- Toll-free (800 and 888) and toll (900) calls
- Wireless as well as wireline call service including mobile telephone subscriber authentication, personal communication service (PCS), and roaming
SS7 messages contain such information as:
How should I route a call to 914 331-4985?
The route to network point 587 is crowded. Use this route only for calls of priority 2 or higher.
Subscriber so-and-so is a valid wireless subscriber. Continue with setting up the call.
In 2014, security researchers in Germany demonstrated that attackers could exploit security holes in SS7 to track cell phone users' movements and communications and eavesdrop on conversations. The attack in question is essentially a man-in-the-middle attack on cell phone communications that, among other things, exploits the lack of authentication in the communication protocols that run on top of SS7.