Your software probably isn't a multinational network of literally billions of pieces of hardware ranging in manufacturer and age by half a century, which isn't even owned and operated by a unified group of companies in a unified group of nations, which is used by all sorts of people in situations where its failure could cause people to literally die, so that changes have to be unequivocally backward compatible.

So there's that minor difference. If you decide to do a security upgrade and your software breaks, it probably doesn't mean that an 85-year-old woman dies because her only form of communication, a rotary phone, suddenly stops working and she can't get out of the house.

STIR/SHAKEN[1] is the solution to this problem, but the rollout is scheduled to be completed by June 2021 in the US, and September 2020 in Canada. It's slow, but this is something that you don't want to be rushed. Yes, I get it that Robocalls are terrible: I got 3 calls which I didn't pick up but I assume were robocalls today. But this upgrade is a difficult problem and the stakes are high.

[1] https://en.wikipedia.org/wiki/STIR/SHAKEN

This prompted me to do some digging, and I learned something fascinating:

Caller ID and Email are just about the same age.

Using that logic, who else should be on the hook for fraud, identity theft, etc. - that they could have prevented:

- governments

- credit card companies

- social media sites

- email providers

- search engines

- long, long list, since basically, any system currently that allows fraud could be prevented if counter measures were invasive enough and were legally required. Problem is no one would agree to such a system and would rather just pay for the fraud either directly or indirectly.