Skip to main content
What are STIR-SHAKEN attestation levels?
March 23, 2022 at 4:00 AM
A person typing on a smartphone.

If your organization is an active part of the telecommunications industry, you may have heard the term "STIR-SHAKEN." But what does that actually mean?

In a nutshell, STIR-SHAKEN is a framework for authenticating calls and messages. It helps to ensure that the person you're speaking to is actually who they say they are and that your conversation is secure. All voice service providers are required to use this system to verify callers by the FCC as a means of reducing the number of scammers and robocallers that may present a potential threat to consumers.

STIR-SHAKEN verifies callers by assigning user verification tokens that indicate a caller's level of attestation, which affects the way the caller's number will appear to the person receiving the call. Depending on the caller's attestation level, the call may be marked as a potential scam or even blocked entirely.

A call can receive full, partial, or gateway attestation depending on factors like how verifiable a caller’s identity is and the network they’re calling from. In this blog post, we'll take a closer look at each of these STIR-SHAKEN attestation levels to help you better understand how the system can help better identify scam calls and bring a greater level of trust to your voice network.

Full attestation

Full attestation means that the service provider has verified the caller's identity and has signed the call using their digital certificate. This is the highest level of attestation, and it provides the greatest level of assurance to both parties. It primarily covers calls between two known and trusted parties, like those within the same organization, where it's easier to verify both parties on a call.

Partial attestation

Partial attestation means that the service provider has verified the caller's identity, but has not signed the call. This provides a moderate level of assurance to both parties.

Although this level of attestation does mean that the service provider has verified the caller's identity, full attestation can't be assigned because they were unable to sign the call using their digital certificate. This may be due to a number of factors, such as technical difficulties or an outdated certificate.

Gateway attestation

Gateway attestation means that the service provider has not verified the caller's identity and that the source of the call cannot be identified by the service provider.

Gateway attestation is the lowest level of attestation and it simply means that the call has been routed through a gateway that is STIR-SHAKEN compliant. This does not provide any verification of the caller's identity and indicates that it's unclear where exactly the call is coming from. Calls with this level of attestation may be marked as potential scams or blocked entirely.

Verify your calls with Prescott-Martini

Remember: if your organization acts as a voice service provider that your users depend on to make and receive calls, using the STIR-SHAKEN isn't just recommended, it's a legal requirement. It's an essential tool for any calls where sensitive information may be exchanged or where there is a potential for fraud or scams.

Prescott-Martini can help your organization implement STIR-SHAKEN in a minimally disruptive manner that ensures your users can rest assured that scammers and robocallers will have a much harder time reaching them and that their own calls to friends, loved ones, colleagues, and business associates will be marked as verified and legitimate.

The deadline for implementing STIR-SHAKEN has already passed for major voice service providers, but smaller organizations still have until June 30th, 2022. To learn more or to get started, get in touch with us now!