Skip to main content
STIR-SHAKEN attestation: 2 things you need to know
October 27, 2020 at 7:00 AM
man making a call on his smart phone and taking advantage of STIR/SHAKEN attestation

STIR-SHAKEN call authentication guidelines help telecom companies provide even more security for their customers. By requiring the verification and signing of phone calls, you can prevent illegally spoofed calls from ever reaching their intended targets.

But how does STIR-SHAKEN work? And what can it do for the people that use it?

Here are two things you should know about STIR-SHAKEN attestation.

1. What does STIR-SHAKEN do?

These standards prevent robocallers from deceiving consumers. Fraudsters will often change their calling number, a practice called spoofing, which thus changes their perceived identity to the person receiving the call.

It can be as simple as pretending to be an old friend or boss, or as complex as taking on the persona of an IRS or other government agent.

By changing the outgoing phone number to fit their identity, or by changing the phone number to one that may be familiar to the other party, these criminals increase their chances of the other side picking up the call. Of course, doing so leaves them wide open to deception and fraud.

These situations have led to many complaints to the Federal Communications Commission (FCC), with fraud and abuse related to robocalling the number one consumer complaint made to the organization.

In response, the TRACED Act created new FCC regulations, requiring telecom companies to use STIR-SHAKEN call authentication tokens to help prevent these spam calls. In addition to protecting callers from the abuse and fraud cases that result from illegal spoofing, these standards aim to reestablish lost trust in the country’s telecommunications as well.

2. How does STIR-SHAKEN attestation work?

STIR-SHAKEN technology works in a very similar way to the SSL certification technology that is used for websites, with trusted public key infrastructure at the heart of these changes.

A trusted third-party certificate authority, the national STIR-SHAKEN administrator, grants certificates to telephone service providers. These certificates are accepted by every major telephone carrier in the country, allowing calling parties to verify their phone number and identity and prove that their number hasn’t been spoofed.

By checking the source and validity of the phone call, telecom companies can determine whether the person behind the calling number has full attestation, partial attestation, or gateway attestation.

Keep in mind that this technology doesn’t block spoofed phone calls outright — it only indicates whether or not the calling phone number has been altered in any way.

Contact Prescott-Martini, LLC today

As a best-in-class telephone call security company, Prescott-Martini, LLC’s expertise lies in STIR-SHAKEN attestation. Our team uses patent-pending technology to help telecom companies block illegal robocalling and phone scams, as well as help them to comply with the federal TRACED Act.

Government regulations surrounding technology change constantly, and sometimes addressing these changes in-house can be costly. We make things easier for telecom companies by providing the services that they’re required to have, without spending more on infrastructure than they have to.

Learn how we can help your company do the same by contacting us through the form on our website.