What is SHAKEN/ STIR?
SHAKEN/ STIR is a new technology standard developed by industry experts to combat the rise in fraudulent robocalls and illegal phone number spoofing.
It's an acronym for Secure Handling of Asserted Information using toKENs (SHAKEN)/ Secure Telephony Identity Revisited (STIR).
- Originating service providers assign an attestation level to calls made on their network and assign a signed token.
- The token is included as a header in the SIP INVITE and passed along to the terminating service provider (TSP).
- The signature on the token is validated by a verification service.
- The call is sent to the recipient. The TSP can either pass along the verification results to the called party or take additional action, such as blocking the call.
Full Attestation (A)
The provider knows the customer, they know know the customer has a right to use the originating number, and they know that the call originated on their network.
Partial Attestation (B)
The provider knows the customer but the customer may be using another provider's phone number. The call is legitimate but the provider can’t fully attest because of missing information.
Gateway Attestation (C)
The provider can’t verify the customer or phone number and has no way of knowing whether the call is legitimate, however they attest to the call to mark that it originated on their network.
Telnyx is committed to combating illegal robocalls
- Along with a planned implementation of SHAKEN/STIR in 2021, Telnyx have also joined the industry traceback group (ITG).
- ITG aims to be a neutral coordination platform for multiple service providers to trace and identify the source of illegal robocalls.
- We encourage all customers leveraging Telnyx for origination services to consider joining the ITG.
SHAKEN/ STIR FAQs
- The TRACED Act was signed into law on December 30, 2019 which directs voice service providers to implement SHAKEN/STIR by June 30th, 2021.
The Secure Telephone Identity Governance Authority (STI-GA) manages the SHAKEN/STIR infrastructure and vetting of the Secure Telephone Identity Policy Administrator. The Secure Telephone Identity Policy Administrator (STI-PA) vets voice service providers and approves participants in the SHAKEN/STIR framework. The Secure Telephone Identity Certificate Authorities (STI-CA) provide the certificate requesting and managing infrastructure to STI-PA approved participants.
Recently, the Secure Telephone Identity Governance Authority (STI-GA) has agreed to remove the requirement of obtaining numbering resources from their SPC Token Access Policy. In order to be an approved player within the SHAKEN/STIR infrastructure, you need to meet the following requirements: 1. Have a current form 499A on file with the FCC 2. Have been assigned an Operating Company Number (OCN) 3. Have certified with the FCC their intention to implement SHAKEN/STIR and/or have a robocall mitigation program.
Telnyx has been working diligently to meet the June 30, 2021 deadline set forth by the FCC. We have been approved by the Secure Telephone Identity Policy Authority (STI-PA) and have completed initial rounds of testing with various industry participants. Telnyx is now exchanging authenticated traffic with a handful of providers to begin the fight against robocalling. Today, Telnyx is authenticating every outbound call with a valid U.S. Caller ID that originates on the Telnyx platform and is abiding by the attestation levels listed above. You can expect Telnyx to begin passing SHAKEN/STIR headers to customers for inbound calls in the upcoming months.
Various industry developments around unique enterprise use cases continue to be addressed by industry bodies, and Telnyx will continue to update customers on what to expect in terms of SHAKEN/STIR capabilities.