Support CenterLog InSupport CenterLog In
Home

SHAKEN/STIR, all you need to know.

We break down the framework to understand how SHAKEN/STIR aims to combat illegal robocalling and protect customers.
Talk to an expert
Questions on setup? Talk to an expert
__*SHAKEN/STIR*, all you need to know.__
Talk to an expert
Questions on setup? Talk to an expert

What is SHAKEN/STIR?

SHAKEN/STIR is a new technology standard developed by industry experts to combat the rise in fraudulent robocalls and illegal phone number spoofing.

It's an acronym for Secure Handling of Asserted Information using toKENs (SHAKEN)/ Secure Telephony Identity Revisited (STIR).

Check out our SHAKEN/STIR content

We've rounded up industry insight and news to keep you informed

How does SHAKEN/STIR work?

1
2
3
4
assets shakenstir 1 calling-party
Originating service providers assign an attestation level to calls made on their network and assign a signed token.
assets shakenstir 2 originating-provider
The token is included as a header in the SIP INVITE and passed along to the terminating service provider (TSP).
assets shakenstir 3 terminating provider
The signature on the token is validated by a verification service.
assets shakenstir 4 called-party
The call is sent to the recipient. The TSP can either pass along the verification results to the called party or take additional action, such as blocking the call.

What do I need to do to prepare for implementation?

Telnyx will sign and attest to any outbound call that is not signed by our customer. Customers, however, should be aware of any applicable regulatory requirements to directly participate in the SHAKEN/STIR ecosystem and to sign their own calls as mandated by the Federal Communications Commission. Telnyx will pass SHAKEN signatures along that we receive in any outbound calls.

More recently, the FCC has moved up the deadline for small Service Providers to sign their own calls. Starting June 30, 2022, small service providers will be expected to sign their outbound calls with their own SHAKEN tokens. Telnyx will continue to sign calls we receive that are unsigned, but Telnyx is not responsible for your compliance with FCC regulations.

There are 3 attestation levels an originating provider can label a number:

  • Full Attestation (A)

    The provider knows the customer, they know the customer has a right to use the originating number, and they know that the call originated on their network.

  • Partial Attestation (B)

    The provider knows the customer but the customer may be using another provider's phone number. The call is legitimate but the provider can’t fully attest because of missing information.

  • Gateway Attestation (C)

    The provider can’t verify the customer or phone number and has no way of knowing whether the call is legitimate, however they attest to the call to mark that it originated on their network.

    • Learn more about attestation

Telnyx is committed to combating illegal robocalls

  • Along with a planned implementation of SHAKEN/STIR in 2021, Telnyx have also joined the industry traceback group (ITG).
  • ITG aims to be a neutral coordination platform for multiple service providers to trace and identify the source of illegal robocalls.
  • We encourage all customers leveraging Telnyx for origination services to consider joining the ITG.

SHAKEN/ STIR FAQs

The TRACED Act was signed into law on December 30, 2019 which directed voice service providers to have SHAKEN/STIR implemented on their networks by June 30th, 2021.

The Secure Telephone Identity Governance Authority (STI-GA) manages the SHAKEN/STIR infrastructure and vetting of the Secure Telephone Identity Policy Administrator. The Secure Telephone Identity Policy Administrator (STI-PA) vets voice service providers and approves participants in the SHAKEN/STIR framework. The Secure Telephone Identity Certificate Authorities (STI-CA) provide the certificate requesting and managing infrastructure to STI-PA approved participants.

Recently, the Secure Telephone Identity Governance Authority (STI-GA) has agreed to remove the requirement of obtaining numbering resources from their SPC Token Access Policy. In order to be an approved player within the SHAKEN/STIR infrastructure, you need to meet the following requirements:

  • Have a current form 499A on file with the FCC
  • Have been assigned an Operating Company Number (OCN)
  • Have certified with the FCC their intention to implement SHAKEN/STIR and/or have a robocall mitigation program.

Telnyx worked diligently to meet the June 30, 2021 deadline set forth by the FCC, and we are fully compliant with SHAKEN/STIR. Today, Telnyx authenticates every outbound call with a valid U.S. Caller ID that originates on the Telnyx platform and is abiding by the attestation levels listed above. Telnyx also passes inbound SHAKEN/STIR headers along the PSTN to customers.

Various industry developments around unique enterprise use cases continue to be addressed by industry bodies, and Telnyx will continue to update customers on what to expect in terms of SHAKEN/STIR capabilities.

Telnyx customers who have purchased numbers from Telnyx can expect to receive an A attestation. If a Telnyx customer is using a number that is not on the Telnyx portal, the customer will be assigned a B attestation.

Telnyx customers with HVSD traffic can expect B attestation.