The rise of VoIP (Voice over Internet Protocol) has transformed business communication, but it has also opened the door to new security threats, especially caller ID spoofing. Scammers use spoofed calls to mislead users, eroding trust in phone communications. The STIR/SHAKEN solution is a robust framework designed to restore that trust by authenticating caller identities and blocking fraudulent calls.

What is STIR/SHAKEN?

STIR/SHAKEN stands for Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted information using toKENs (SHAKEN). This set of protocols uses digital certificates and public key cryptography to verify the authenticity of caller IDs in VoIP calls. By deploying STIR/SHAKEN software, service providers can ensure that calls are genuinely from who they claim to be. 

Why the VoIP Industry Needs a STIR/SHAKEN Solution?

Caller ID spoofing allows bad actors to impersonate trusted numbers, leading to fraud, phishing, and robocalls. This not only puts customers at risk but also damages the reputation of VoIP providers. Implementing a STIR/SHAKEN solution is now essential for: 

  • Reducing fraudulent calls and robocalls 
  • Complying with regulatory requirements (such as the FCC in the U.S.) 
  • Restoring trust in business communications

How the STIR/SHAKEN Solution Works?

Attestation Levels Explained 

STIR/SHAKEN software uses three levels of attestation to indicate how well the caller’s identity has been verified: 

  • Full Attestation (A): The provider fully verifies the caller and their right to use the number. 
  • Partial Attestation (B): The provider knows the caller but cannot fully verify the number’s source. 
  • Gateway Attestation (C): The provider can only verify the point of entry, not the original source (common with international calls). 

The Call Authentication Process 

  • Call Initiation: The originating service provider receives a SIP INVITE when a call is made. 
  • Identity Header Creation: The provider’s STIR/SHAKEN software creates a SIP identity header containing the calling number, recipient number, attestation level, origination identifier, and timestamp. 
  • Digital Signature: This header is signed using a digital certificate from a trusted authority. 
  • Call Verification: The terminating provider receives the call and verifies the signature using the public key. If the call passes verification, it is marked as trusted; otherwise, it may be flagged or blocked.

Implementing STIR/SHAKEN Software

Prerequisites and Certification 

Obtain a digital certificate from an approved STI Certification Authority (STI-CA). 

Register with regulatory bodies and acquire necessary credentials (e.g., Operating Company Number in the U.S.). 

Deployment Steps 

Integrate STIR/SHAKEN software with your network’s SIP infrastructure. 

Configure the authentication and verification services. 

Test the implementation to ensure compliance and operational effectiveness.

Benefits of Using a STIR/SHAKEN Solution

Implementing a STIR-SHAKEN Solution

  • Reduces fraud and robocalls: Only authenticated calls are delivered. 
  • Improves customer trust: Verified calls increase answer rates and brand reputation. 
  • Regulatory compliance: Meets legal requirements and avoids penalties. 
  • Flexible deployment: Available as on-premises STIR/SHAKEN software or hosted solution 

Challenges and Considerations

Requires an all-IP network for full functionality. 

Global deployments may face differing regulatory and technical standards. 

Ongoing education for customers about call verification and its benefits is essential. 

Conclusion

The STIR/SHAKEN solution is now a must-have for any VoIP provider aiming to protect customers, meet regulatory demands, and maintain a trustworthy reputation. By implementing robust STIR/SHAKEN software, businesses can effectively combat caller ID spoofing, reduce fraud, and ensure secure, reliable communications in an evolving digital landscape.   

Implementing a STIR/SHAKEN solution is not just a technical upgrade-it’s a strategic investment in the future of secure and trusted VoIP communications. 

Contact Us
Free Demo