Okay, so the PSTN has two things in it, ANI and Caller ID - and they're not related, the ANI will reflect the actual account that the call comes from (Often its passing the BTN (billing telephone number)), and the Caller ID is either a Telco set, or user set number string (ISDN NI-1 for example you can't send a CID string, NI-2 you can, SIP you also can).
Now, most calls, the BTN/ANI and CID are the same number string, but when you start looking at call center operations, calls from PBX's, anything with backup trunking arrangements - that gets less and less true. Another wrinkle in this whole mess, is that with LNP (local number portability) you can have a number that on paper is owned by carrier Y (by assignment) but has actually been ported to carrier X (there is a database however that carries this information).
The issue as it comes down, is there is no central database to show that Caller ID string X is valid for trunk/line Y, for the most part customers were trusted to not be malicious and follow the rules. Once we got into a world where a SIP trunk could be had for free, and usage was a minor incremental charge, that whole system broke down.
The good news in all of this is that the FCC has mandated a move to authenticated CID (https://www.fcc.gov/call-authentication), but much of the equipment in play here is decades old, and will take time to be upgraded - but it's happening and happening pretty quickly for an industry that normally moves at a near glacial pace.
Now, most calls, the BTN/ANI and CID are the same number string, but when you start looking at call center operations, calls from PBX's, anything with backup trunking arrangements - that gets less and less true. Another wrinkle in this whole mess, is that with LNP (local number portability) you can have a number that on paper is owned by carrier Y (by assignment) but has actually been ported to carrier X (there is a database however that carries this information).
The issue as it comes down, is there is no central database to show that Caller ID string X is valid for trunk/line Y, for the most part customers were trusted to not be malicious and follow the rules. Once we got into a world where a SIP trunk could be had for free, and usage was a minor incremental charge, that whole system broke down.
The good news in all of this is that the FCC has mandated a move to authenticated CID (https://www.fcc.gov/call-authentication), but much of the equipment in play here is decades old, and will take time to be upgraded - but it's happening and happening pretty quickly for an industry that normally moves at a near glacial pace.