What Is STIR SHAKEN?
STIR SHAKEN, often referred to as SHAKEN/STIR, is a series of protocols and procedures that help carriers validate the authenticity and legitimacy of a caller through an identity token that delivers trust-enabling information.
Acronyms stand for:
– Secure Telephony Identity Revisited (STIR)
– Signature-based Handling of Asserted information using toKENs (SHAKEN)
SHAKEN STIR Attestation Explained
The STIR system adds information to your SIP headers for identification purposes. This information contains:
- PASSporT header
- PASSporT payload
- PASSporT signature
- Encryption algorithm
- Location of certificate repository
The SHAKEN system passes STIR information through the network and to the user. Since STIR does not say what the information is or how it displays, the Alliance for Telecommunications Industry Solutions came up with SHAKEN.
Depending on the level of legitimacy, the system divides the numbers into three types:
- Full Attestation (Class A): when a SHAKEN STIR carrier knows the individual or the entity making a phone call, and they know the phone number or know the phone number belongs to the individual or entity, and that they are therefore authorized to use the number. The highest level of attestation that most people go to. Carriers label these calls as Class A.
- Partial Attestation (Class B): The carrier doesn’t necessarily have all the information. So, they might know the caller individual or entity and trust them, but don’t recognize the number and cannot attest that they are authorized to use that number for their calls. Carriers label these calls as Class B.
- Gateway Attestation (Class C): Basically, just a transiting call, an international number that did not originate on a known network. The carrier doesn’t know the customer. They can still say the call passed through the network. The service provider can see the location of the call they received, but they have no authorization for the source, nor can they verify if it is authorized to use the number. Carriers label these calls as Class C.
STIR SHAKEN Key Takeaways:
- STIR SHAKEN is a way to create a trackable train of trust designed to authenticate calls through identity tokens and then deliver trust elements, like a green checkbox, to the called party.
- STIR SHAKEN is not yet completely implemented and many of the specifics will have to be worked out between carriers. Interoperability between carriers is still work-in-progress across the industry.
- The TRACED Act requires that carriers in the US take steps to implement STIR/SHAKEN in 2020 and have it ready by mid-2021, to be verified by the FCC.
- In order for STIR/SHAKEN to function as intended, it must be active on both the originating service provider and the terminating service provider.
- SHAKEN STIR does not alter local caller ID or call labeling and blocking, despite being promoted as an “anti-spoofing” protocol. It just adds an extra layer of trust that affects illegitimate callers. Even if a business takes the necessary steps to have their numbers fully authenticated and ready for SHAKEN STIR implementation, their calls might still show up as “fraud” or “scam.” STIR/SHAKEN is completely separate from the call labeling and blocking ecosystem (which relies on consumers reporting fraudulent numbers as opposed to a token system that automatically gathers the necessary information in order to display a level of trust).
- STIR SHAKEN does not work with old landlines. Analog systems cannot leverage SHAKEN STIR because there is no infrastructure in place to enable that.
- Nobody promoting “full attestation” is actually telling the truth. There is no way to guarantee that the old numbers are able to be authenticated. Nor is there a way to guarantee that all terminating service providers are using the STIR/SHAKEN protocol so that the attestation is passed down. This is something that the working groups with STIR/SHAKEN are still trying to solve.
- Toly Digital will work with you to find a process that is best for your ILEC
- Toly does the work and applies our token/certificate on existingSIP trunks and completes the STIR/SHAKEN compliance.
- Toly will apply your personal certificate/token to VoIP trace sent over the existing SIP trunks and do the SHAKEN/Attestation part for your company.
- We have a special rate for ILECs to use TransNexus STIR/SHAKEN solutions to enable you to authenticate digitally sign calls youoriginate and verify signed calls you receive.