Join the ASTPP One stop solution Webinar!Join the Webinar

Post Details

The Steps in Which STIR/SHAKEN Helps Combating Spoofed Calls

  • April 11, 2023

Scammers are currently working on Fraudulent Spoofed calling to trick their targets to reveal personal or sensitive information, used for stealing money or covering other fraud based activities. With the help of this method, scammers can change the caller ID to any possible number. This number often resembles someone that a recipient knows or someone representing a government official or organization. It has become necessary to protect customers from this type of spoofed calls. 

Scammers are disguising the number on the caller ID and changing it to one from a government agency or anything familiar to the receiver. One common example is Neighbour Spoofing. Here, the robocallers will display a number, which is similar to the caller ID of the receiver. The main goal is to increase the chances that the receiver takes the call and believes what the scammer has to share. 

STIR and SHAKEN are one of the most efficient solutions to protect networks from this type of attack. Therefore, the use of a STIR/SHAKEN certificate as the protocol is growing at a massive rate.  

More on STIR/SHAKEN mechanism: 

STIR/SHAKEN is implemented by VoIP service providers to ensure that customers receive more reliable services without getting spoofed calls. Thus, VoIP service providers need to generate a certificate with FreeSWITCH to implement STIR/SHAKEN. 

Before you proceed further to generate a STIR/SHAKEN certificate, it is important to learn about the STIR/SHAKEN framework. It is a VoIP industry based caller ID authentication technique, which uses a set of technical protocols and standards to allow authentication and verification of the caller ID information over IP networks. As the implementation keeps on growing, it will provide people with confidence while ensuring that the caller ID information is accurate or not. Furthermore, the same STIR/SHAKEN certificate will help the voice service providers to offer valuable information to consumers who are about to take that call and ensure the security of the customers. 

What do you mean by the STIR/SHAKEN framework? 

Learning About The STIRSHAKEN Framework

STIR/SHAKEN framework consists of interconnected standards. Before you generate a STIR/SHAKEN certificate, learning about the standards is important. STIR/SHAKEN is the acronym for “Secure Telephone Identity Revisited” and “Signature-based handling of Asserted Information using Tokens standards.” 

It primarily means that the call, which is traveling through the interconnected networks, can have their caller ID signed to be legitimate by originating carriers and often validated by others before the end result can reach the consumers. 

The digital version of STIR/SHAKEN validates the handoff of the phone calls, which will be passed through various complex network webs.  

It will allow the phone company of the consumer to receive the call and then verify if the number displayed on the caller ID is accurate or not. 

How to Generate a STIR/SHAKEN Certificate?

What are the major STIR/SHAKEN certificates?

Major Types of STIRSHAKEN Certificates 

STIR/SHAKEN certificates are mostly categorized based on multiple criteria. The two major options are: 

  • Private
  • Self-signed 

The self-signed version of the STIR/SHAKEN certificate is generated on your own and it is free of cost, once you have the major technical knowledge. Sometimes, you might take help from companies dealing with FreeSWITCH solutions for generating a self signed certificate for businesses. It proves to be cost effective in nature. 

Then you have the private certificates. These are provided by certificate or database providers. There is an extra protection layer as the certificate provider owns a database, which has details of different customers, callers, etc. That same database is later used for authentication purposes. As it is quite cheaper to implement a STIR/SHAKEN certificate, most VoIP providers will use the private way to generate and implement security means. 

Ways to generate a certificate: 

Once you have a detailed understanding of the STIR/SHAKEN certificate, it is time to learn some coding for self generating the certificate. The companies will share the needed code to help generate the certificate for businesses. You can use a similar way to generate certificates for your clients or other VoIP service providers. 

  • There are different toolkits used for generating STIR/SHAKEN certificates. Some of those are Debian or similar OS and OpenSSL toolkits. 
  • For generating the certificate, you have to generate a private key and root CA certificate.  
  • For generating a private key, use Elliptic-Curve cryptography. It is known for its security even when the key size remains small. 
  • Once you have successfully run the code, your initial job is finished. Then it is time to generate the public key. It is the corresponding key used with the initial key just generated. 
  • For the next step, you have to create the SP work directory. It helps in generating EC private keys. 
  • You need to ensure that the certificate does not get rejected by the chosen software. To avoid that, you need to include an X.509 certificate with a TNAuthList extension.  
  • After following all the codes with help from FreeSWITCH developers, you are able to generate the Certificate Signing Request or CSR. It gets submitted to the Certification Authority. Make sure that the CSR must have the required TnAuthorizationList. 
  • The last step is to accept the certificate signing request. After that, you get to generate and sign the STIR/SHAKEN certificate with the help of a public key.  


With the help of companies dealing with FreeSWITCH solutions, working on a STIR/SHAKEN certificate is not that difficult. It is one way to get rid of scammers and their fraudulent calls. Security and privacy are two major characteristics when you disseminate information over internet lines. So, procuring help from experienced FreeSWITCH developers for the STIR/SHAKEN certificate has been a necessity these days. It helps in securing customers from attending spoofed calls. Not only this, it also helps a VoIP business to not lose its reputation as a provider by restraining spoofed calls. 

ASTPP have been working with different VoIP solutions and technologies, including, but not limited to FreeSWITCH. We have built the most reliable fraud detection management software, SBC solution, etc. We also help with consultancy services to generate and integrate a STIR/SHAKEN certificate. Our team of ASTPP also help in generating this certificate for you. To know more about how we can help, contact us.