STIR / SHAKEN

Protection against fraudulent robocalls and call spoofing

How STIR/SHAKEN Came To Be

Robocallers and scammers have increasingly been spoofing, or altering, their outbound caller ID to mask their identity or appear as though their call is coming from a legitimate source to deceive unsuspecting subscribers.

These spoofed calls are usually malicious attempts to sell products or services without subscriber consent, or to take money from the receiver – referred to as fraudulent robocalling.

In 2019, users in the United States experienced close to 60 billion fraudulent robocalls, causing subscribers to stop answering their phone unless the caller ID was from a reputable party. This has been destroying the trust in voice communications, as well as the reputation of legitimate businesses trying to reach their customers.

The Federal Communications Commission (FCC) created an industry-wide initiative to require all telecommunications service providers to incorporate a new technology standard named STIR (Secure Telephony Identity Revisited) and SHAKEN (Secure Handling of Asserted Information Using Tokens). This implementation aims to ensure that calling numbers are not spoofed, reducing fraudulent robocalls.

All service providers have until June 30, 2021 to implement the STIR standard within their networks, in accordance with the TRACED ACT.

What is the difference between STIR and SHAKEN?

STIR is a set of protocols enabling service providers to certify the legitimacy of the caller ID of an outbound phone with a trusted authentication service, which can then be verified by the terminating service provider.

What is SHAKEN?

SHAKEN is a set of protocols defining how STIR is to be deployed by service providers within their network.
Learn More

STIR/SHAKEN Call Flow

When a VoIP phone call is made, a SIP INVITE message (or call request) is created and sent to the service provider for that party, called the originating service provider (OSP). The OSP will check the source and caller ID of that call and validate it with an authentication service, which creates a digital signature, or ‘signs’ the legitimacy of the caller ID in one of 3 attestation levels (or confidence levels). The authentication service will then create an encrypted SIP IDENTITY message and sends it along with the call to the next service provider in line, until reaching its destination, and includes the following details:
The call then reaches the final service provider belonging to the called party, or the terminating service provider (TSP) and verifies the SIP INVITE with a verification service. The digital signature of the OSP is obtained from the public certification repository, which is a trusted entity for STIR/SHAKEN, and verification of the caller ID is performed. The TSP decides to either complete the call or block it, based on the attestation level.
STIR-SHAKEN-Graphic.png

Discover How Sangoma Can Help Your Business With STIR/SHAKEN

Sangoma (formerly VoIP Innovations) is working on becoming compliant with STIR/SHAKEN regulations and will be interoperable with all the major carriers, which means your phone calls will never be blocked due to improper caller ID validation and fraudulent robocalls will be minimized.

By consolidating your VoIP termination and phone number needs on Sangoma’s voice network, you can assure STIR/SHAKEN compliance for your business in the near future. All of your organization’s outbound calls over our network will be signed with full attestation, reducing the likelihood of your calls being blocked by a terminating carrier.

Reliable and Flexible Outbound Voice

Sangoma’s VoIP termination services deliver industry-leading local, long distance, and international calling with customizability to help you manage costs along with full STIR/SHAKEN compliance.

Phone Numbers

Get access to millions of phone numbers with intuitive porting and automated provisioning tools. Choose phone numbers from our large inventory of domestic, global, and toll-free numbers with the specific features you need like origination/termination, CNAM, T.38, SMS, and more.

Want to stick with your current provider? No problem!

We offer robocall mitigation services, available through our caller ID name API. Our CNAM service includes robocall mitigation, which has been mandated by the FCC, to be implemented within all service providers’ VoIP networks. By leveraging behavioral analytics, caller authentication, and verification, our service detects if an inbound call to you, the service provider, is fraudulent and allows you to protect your subscribers.