Skip to main content
Understanding STIR-SHAKEN user token authentication
November 2, 2021 at 4:00 AM
A call center crew during work.

Most of us have had to deal with robocallers, scammers, and other unwanted callers before. Some people might receive these kinds of calls fairly frequently, potentially as often as every day. Others may no longer realize how often they receive these calls, as they simply won’t answer the phone anymore for numbers they don’t recognize.

This is a bad enough problem for ordinary consumers, where the wrong missed or ignored call might’ve been an urgent one, or repeated calls may be incurring additional, unnecessary expenses. For businesses, it’s even worse. A missed call could mean losing a valued client, missing a crucial deadline, or worse depending on the specific nature of the business.

On the other hand, for someone who answers the phone and doesn’t recognize a robocall or scammer, repeated calls present a very real risk to personal information and can, at the very least, potentially open up additional avenues for these fraudulent callers to reach you.

These problems affect the trust customers may have in voice services from internet service providers, VoIP providers, and other voice service businesses. Customers need to be able to trust that their network is secure and be able to go about their business risk-free and uninterrupted.

At Prescott-Martini, LLC, we’re dedicated to helping keep voice services secure, whether you’re a company using an in-house network or a provider offering these services.

Read on to learn more about how user token authentication through the STIR-SHAKEN framework helps combat this.

The STIR-SHAKEN framework and user token authentication

Fraudulent callers reach you through a process called “spoofing,” through which they falsify caller ID information to trick you into thinking they’re a trustworthy caller.

This practice has become increasingly widespread over time, to enough of a degree that government action became necessary. That’s why in 2021, implementation of STIR-SHAKEN in the IP portions of voice service provider networks became a legal requirement.

If you’ve received calls in the past with a label like “Scam Likely,” your carrier for that line has probably implemented STIR-SHAKEN on their network. Not all illegal calls are blocked, but those that are believed to be potentially illegitimate come with a warning when the end user receives them.

A call is blocked, labeled with a warning, or delivered without issue based on user token authentication. A caller is given one of three “attestations” to indicate their presumed identity and legitimacy. You can read more about that in this article from JD Supra.


Restore trust to your calls with Prescott-Martini

Implementing this system is a major step toward opening up trustworthy, smooth communication for your users. They’ll have a much easier time knowing when to pick up the phone and when to block a caller, and they won’t have to worry about making that choice nearly as often. Important calls won’t go ignored, and users will be able to trust in the reliability and security of their voice services.

You can implement STIR-SHAKEN through Prescott-Martini in a few different ways, based on your particular needs:

  • You can send your calls to us. We’ll add a token to each one and forward it to a Tier 1 carrier or your current carrier for termination.
  • Send an authentication request to us through MYSQL and we’ll send you back the token to insert into your SIP header.
  • Flat rate stand-by service, for when you don’t need to implement STIR-SHAKEN just yet.
  • You can embed our service into your platform and allow us to remotely manage it.

However you plan to implement STIR-SHAKEN, working with Prescott-Martini gives you options to use it as needed at a rate that works for you. Get in touch with us now for more information or to get started.