Skip to main content
An Introduction to STIR-SHAKEN
October 7, 2020 at 6:00 AM
what is STIR/SHAKEN?

Robocalls, spam calls, spoof calls—whatever you’d like to call them—have become increasingly common and problematic in the past few years. Whether you receive a call from a criminal or one of the countless robocallers out there, the intent is the same: they call in an attempt to deceive the recipient. There are a few ways this happens, but one of the most common ways is the criminal changing the number from which they’re calling to appear as though it is a recognized number.

Because these types of calls have become so prevalent, the FCC has mandated that STIR-SHAKEN protocols be adopted by all major U.S. phone companies by June 30, 2021, and smaller carriers by June 30, 2020. But what, exactly, is STIR-SHAKEN, and how does it work? Here’s what telecom providers need to know.

What is STIR-SHAKEN?

STIR-SHAKEN is a suite of telecommunications protocols designed to fight caller ID spoofing across major and smaller public telephone networks. To prevent these types of calls, STIR-SHAKEN utilizes digital certificates to ensure the incoming call is secure, rather than from an illegitimate source with the intention of deceiving the recipient.

It does this through various cryptography techniques. This approach essentially means that the service provider’s digital certificate is obtained from the certificate authority to ensure legitimate calls.

How does STIR-SHAKEN work?

STIR (Secure Telephone Identity Revisited) adds a digital certificate to the SIP (Session Initiation Protocol) Information which is used during the call’s initiation and routing within VoIP (voice-over-IP) systems. Once the call is connected to the system, the provider reviews the caller’s ID to determine its authenticity: does it match an ID that they provided the customer? The service provider will then include an encrypted certificate to the SIP header with their ID and trust value. Finally, the VoIP software investigates the caller’s authenticity by decrypting STIR through the service provider’s public key.

Non-VoIP systems, which include mobile phones and landlines, rely on SS7 (Signalling System Number 7), which is where SHAKEN (Signature-based Handling of Asserted Information using toKENs) comes in. SHAKEN covers public switched telephone networks and addresses calls with incorrect or missing STIR information.

Who needs STIR-SHAKEN and by when?

Bluntly, anyone who uses a phone benefits from STIR-SHAKEN protocols being adopted by all U.S. phone service providers. But specifically, all major telecom providers must implement its protocols and procedures by June 30, 2021, while smaller and rural providers have an additional year to update their services. In December 2019, the TRACED Act (Telephone Robocall Abuse Criminal Enforcement and Deterrence Act) became law. The Act states that the FCC must compel all U.S. service providers to follows STIR-SHAKEN protocol.

How Prescott-Martini can help service providers become and remain compliant

With more than 150 years of combined telecommunications technical experience, Prescott-Martini is proud to offer patent-pending technical solutions to ensure telecommunications companies are compliant with all federal anti-robocalling regulations.

How our service works

Our service offering ensures compliance—and an end to predatory robocalls.

  • We receive the caller’s MySQL data
  • We add a “verified caller-ID” from our ANI inventory
  • We produce a STIR-SHAKEN administrator-generated signature certificate
  • We return the MySQL data to you to insert into your call SIP header
  • The destination call recipient sees a message that confirms the caller’s authenticity (B- or C-level recipients may see a slightly different message)

Ensure you are compliant with STIR-SHAKEN protocol

Ready to become and remain compliant with all FCC STIR-SHAKEN protocol? Reach out to us today to get started.