STIR/SHAKEN:
The Call Authentication Framework
Jump To
the juNE 30, 2021 stir/shaken implementation deadline has passed
Now that it's July 1, will by calls be blocked?

Short answer: no.
Deployment of a call authentication framework (STIR/SHAKEN) was a mandate of the TRACED Act. Within the TRACED Act, however, there is no specific language included that states unattested calls (calls not successfully entering and exiting the STIR/SHAKEN framework) will be simply blocked. Scroll below to learn more about the technology, the considerations and expectations of deployment, and more.

Once implemented, STIR/SHAKEN should provide verification of the identity of originating party into the network, operationally across all carriers, especially to assist the Industry Traceback Group in the prosecution of bad actors. To find out more about the implications of this deadline, and call delivery post-June 30, check out our Tuesday Talks series or check out this blog post recapping the lead-up and expectations for life post June 30.

SO WHAT HAPPENS JULY 1 AND BEYOND?
Enterprise STIR/SHAKEN Gif

STIR

Secure Telephone Identity Revisited

SHAKEN
Signature-based Handling of Asserted information using toKENs

STIR/SHAKEN is a framework designed to assign a certificate of authenticity to each phone call for use across the telecom network.

These certificates will act as a digital signature of trust passed from carrier to carrier to improve traceable call delivery.
Origination
Attestation
Through a STIR/SHAKEN call, the originating service provider attests (or signs) the relationship with the caller, as well as their right to use that number. The use of an attestation indicator represents the originating signer’s ability to vouch for the accuracy of the source of origin of the call.

The levels of Attestation do not necessarily correlate to their trustworthiness. Analytics will remain in place for call validation treatment to ensure that unwanted, scam, or illegal phone calls will still be labeled accordingly.

Based on the current language provided by the TRACED Act, providers are not currently blocking calls based on its according Attestation Level.

[A] Full Attestation

source of call + Right to use caller id information
Attestation A

[B] Partial Attestation

source of call + Does not have the Right to use caller id information
Attestation B

[C] Gateway Attestation

Does Not know source of call + Does not have Right to use caller id information
Attestation C
Termination
The Checkmark
iOS Call log screenshot
The terminating result of a fully attested call is expected to render as a valid number indicator to a called party, for example a green checkmark. Through a few terminating providers, the checkmark may be presented at the time of call on Android devices or as a grey checkmark in the call log on iOS devices. The final display is still drastically limited by the device's capability to display complex data.

Numeracle's platform can support the STIR/SHAKEN delegated certificate model when it is fully adopted by the standards body. In the meantime, terminating service providers such as AT&T, T-Mobile, and Verizon are developing and enhancing local policies for rendering A-Level Attestation to a verified number indicator.


which service providers have done what?
The Robocall Mitigation Database
The FCC created the Robocall Mitigation Database to enforce TRACED Act requirements mandating the implementation of a caller ID authentication framework at the network-level. All voice service providers are required to file a record providing detailed information regarding their implementation of the STIR/SHAKEN caller ID authentication framework and/or a robocall mitigation program.

The reputation of the voice service provider may be impacted by how rigorous of a policy is defined and implemented.

Some voice service providers were also able to request an extension to the deadline if they provided a comprehensive plan to implement a robocall mitigation solution in accordance with TRACED Act requirements.
enterprise call authentication solutions

How to achieve STIR/SHAKEN verified calls

STIR/SHAKEN graphic - caller identity

As a calling enterprise, deploying STIR/SHAKEN on your behalf was the responsibility of your outbound voice service provider (VSP).

For service providers, ensuring your calls will be delivered as verified is a function of putting in place a "Know Your Customer" KYC-based methodology to identify every entity originating calls on the network. This can sometimes go many layers beyond understanding the service providers’ direct clients — the ones they maintain an actual contractual relationship with. This spans the depths of VSPs also needing to understand their clients’ clients (and those clients’ clients, and so forth) as well as any intermediary who the service provider is directly or indirectly delivering or facilitating calls on or on behalf of, from the calls’ origination to the calls’ termination.

verified caller identity for stir/shaken solution
numeracle leadership

STIR/SHAKEN & Numeracle's Verified Identity™


Industry
Leadership


Advocacy &
Awareness

Technology
Expertise
To ensure the voice of the enterprise is represented and considered as an integral part of STIR/SHAKEN development, we serve on the IP-NNI Task Force (group co-authoring SHAKEN) and Chair the PACE Communication Protection Coalition.
Numeracle represents the interest of legal calling entities via its leadership as Chair of the Enterprise Communications Advocacy Coalition, to represent the combined STIR/SHAKEN interests and concerns of enterprises, contact centers, and more.
In support of our call center, industry, and association partners, we want to help you educate not only yourselves, but also the clients you serve. Please don't hesitate to reach out if we can help bring more awareness around STIR/SHAKEN to your team.

You & Your Carrier

Who Calls the Shots?

Enterprise Identity
More often than not, there are many 'layers' between an enterprise caller and the originating service provider responsible for generating call traffic on your behalf (i.e. dialing and CX platforms, multiple BPOs, outsourced call center partners, telephony vendors, etc.).
Call authentication through STIR/SHAKEN is all about validating the identity of a caller by connecting the dots between an enterprise, its call center vendors, and its originating carriers. You can start this process now by becoming a Numeracle Verified Identity™.
With so many 'layers,' it can be hard to prove who actually has authorization to originate traffic on your behalf when it matters most. We believe you (the enterprise) is in the best position to know who has the authorization to use any specific telephone numbers when making calls.
more about us

STIR/SHAKEN Joint Solution Partnerships

Logos
POC Comcast

Industry Collaboration Proof of Concept

Comcast, Everbridge, NetNumber, Numeracle, and Twilio completed the first-ever telephone call with authenticated caller ID and rich call data, powered by the STIR/SHAKEN framework and protocols. This marks a milestone in protecting consumers from fraudulent robocalls and building greater trust and transparency for phone users.

Enhancing authenticated caller ID as an extension of STIR/SHAKEN Rich Call Data is an evolutionary leap forward for trust in the phone ecosystem.
Read the Press release
a crash course

STIR/SHAKEN FAQs

ongoing industry discussion

Our STIR/SHAKEN Resources

Tuesday Talks
Our biweekly live Q&A series explores relevant topics related to call delivery, STIR/SHAKEN, caller ID technology, TRACED Act, brand identity, Rich Call Data, and so much more.

Check out our full podcast library here.
Listen on SoundCloud and YouTube for listening on-the-go.
Register for our next session

Live Panel Discussion

If you missed our live panel on STIR/SHAKEN "Verified" status and how it relates to the Enterprise & Contact Center, check out the intro to the event here, or watch the on-demand playback here!
It starts with an insight
Ready to take control of how your calls and messages are presented to consumers?