STIR/SHAKEN for Voice AI Agents: A practical guide

Voice AI Agents are making outbound calling faster, smarter, and more scalable for businesses across industries. But none of that matters if the call never rings. With U.S. consumers receiving 52.5 billion robocalls in 2025 alone, carriers and analytics engines are aggressively filtering suspicious traffic. A single "Scam Likely" label can tank answer rates and erode customer trust before your AI agent says a word.

That's where STIR/SHAKEN comes in. This caller ID authentication framework, mandated by the FCC under the TRACED Act, gives terminating carriers a way to verify whether a call is legitimate. For teams deploying Voice AI Agents at scale, understanding how attestation works isn't optional. It's the difference between calls that get answered and calls that get blocked.

What is STIR/SHAKEN?

STIR/SHAKEN stands for Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using toKENs (SHAKEN). Together, they form a caller ID authentication framework designed to reduce illegal robocalls and caller ID spoofing.

Here's how it works at a high level: when a call originates on an IP network, the originating service provider signs it with a digital certificate that includes information about the caller's identity and the provider's level of confidence in that identity. This signed token travels with the call through the network. When the call reaches the terminating provider, that provider verifies the signature against the originating provider's public key. Some handsets/carriers may display a “Verified” indicator, but visual treatment is device/carrier‑specific and not guaranteed.

The FCC requires all voice service providers operating in the U.S. to implement STIR/SHAKEN or file a robocall mitigation plan in the Robocall Mitigation Database (RMD). As of September 2025, providers with a STIR/SHAKEN obligation must also use their own SPC token and digital certificate to sign calls, even when working with third-party authentication services.

Attestation levels: A, B, and C

Every STIR/SHAKEN-signed call is assigned one of three attestation levels. These levels tell the terminating carrier how much the originating provider trusts the caller's identity and their right to use the displayed number.

According to TNS, which analyzes over 1.5 billion daily call events across more than 500 operators, approximately 86% of traffic between top U.S. carriers was signed in 2024, with 95% of that traffic receiving A-level attestation. However, the TNS 2026 Robocall Investigation Report found that signed traffic between smaller carriers dropped significantly, sitting at just 17.5% last year. That gap creates openings for bad actors and makes attestation even more important for legitimate AI-powered calling operations.

Why STIR/SHAKEN matters for Voice AI Agents

Voice AI adoption is accelerating fast. According to the Deepgram and Opus Research State of Voice AI 2025 report, 67% of businesses now view voice technology as foundational to their products and long-term strategies. Meanwhile, Andreessen Horowitz reports that AI voice agents are transitioning from infrastructure to application, with growing enterprise adoption across healthcare, finance, insurance, and customer service.

As more organizations deploy Voice AI Agents for outbound campaigns, the volume of AI-originated calls on the PSTN is increasing. Without proper STIR/SHAKEN compliance, these calls risk being lumped in with the billions of robocalls that carriers are actively trying to suppress. The FCC removed more than 1,200 voice service providers from the Robocall Mitigation Database in 2025 for deficient filings, effectively disconnecting them from the U.S. telephone network.

For Voice AI teams, the stakes are straightforward: calls without A-level attestation are more likely to be flagged, labeled, or blocked. That directly impacts answer rates, campaign performance, and customer experience.

How to earn A-level attestation for your AI agent calls

Earning full attestation requires alignment between your calling identity, your phone numbers, and your service provider. Here are the practical steps:

Use numbers provisioned through your carrier. A-level attestation requires the originating provider to confirm that the caller is authorized to use the displayed number. The simplest way to ensure this is to provision your outbound numbers directly through the same carrier handling your voice traffic.

Complete Know Your Customer (KYC) verification. Your carrier must be able to verify your business identity. Make sure your account information, business registration, and authorized contacts are up to date. Incomplete KYC is one of the most common reasons calls receive B or C attestation instead of A.

Register numbers with call analytics providers. Attestation is only one input that carriers use to evaluate call legitimacy. Third-party analytics engines from companies like Hiya, TNS, and First Orion also assess calling patterns, complaint rates, and number reputation. Registering your numbers proactively helps establish a positive reputation before you start dialing.

Monitor your call traffic. Track answer rates, completion rates, and any spam or block reports associated with your numbers. If you see sudden drops in answer rates, it could indicate that your calls are being flagged. Platforms with end-to-end observability let you trace calls from initiation to completion and pinpoint where issues arise.

Use SIP trunking on an IP network. STIR/SHAKEN operates on SIP-based IP networks. If any part of your call path routes through legacy TDM infrastructure, the STIR/SHAKEN token may be stripped or downgraded. A full-stack platform with native SIP trunking ensures your calls stay signed from origin to termination.

What to avoid (even with A attestation)

• Frequent caller ID rotation or mismatched branding/CNAM.
• Sudden volume spikes or high short‑duration/quick‑hangup ratios.
• Calling outside stated consent windows or targeting DNC‑sensitive segments. These patterns drive negative analytics outcomes that can override A‑level benefits.

Common failure modes and how to avoid them

Even teams that understand STIR/SHAKEN can run into problems. A few of the most frequent issues include:

Using numbers from one provider while originating calls through another is a common source of attestation downgrades. If the originating carrier didn't assign the number, it can only provide B or C attestation at best. Keep your numbers and voice traffic on the same provider to avoid this mismatch.

High call volume from new or unregistered numbers will also trigger analytics flags. Carriers look for patterns that resemble robocall behavior, such as short call durations, high volume from a single number, and lack of established calling history. Gradually ramp up call volume on new numbers and diversify your caller ID rotation.

Ignoring post-launch monitoring is another common mistake. STIR/SHAKEN compliance isn't a one-time setup. Number reputation can degrade over time based on consumer complaints, call patterns, and changes in carrier analytics algorithms. Build ongoing reputation monitoring into your operations workflow.

Building compliant Voice AI on a full-stack platform

The complexity of STIR/SHAKEN compliance grows quickly when you're stitching together numbers from one vendor, SIP trunking from another, and AI inference from a third. Each handoff introduces a potential point of failure for attestation and call signing.

Telnyx solves this by unifying the entire stack: global number provisioning, carrier-grade SIP trunking, call control, STT/TTS, and AI inference all run on a single platform backed by Telnyx's own IP network. Because Telnyx is a licensed telecom provider in 30+ markets with direct PSTN connectivity, calls originate on the same network where numbers are provisioned. That means A-level STIR/SHAKEN attestation is built into the call path, not bolted on after the fact.

For teams scaling outbound Voice AI, this architecture eliminates the guesswork. You don't need to coordinate across vendors to troubleshoot why calls are getting flagged. You get a single dashboard, end-to-end tracing, and 24/7 engineering support to validate your calling identity and production flows.

What's next for STIR/SHAKEN and voice AI

The regulatory landscape is still evolving. In late 2025, the FCC proposed requiring terminating providers to transmit verified caller name and identity information alongside A-level attestation, using Rich Call Data (RCD). If adopted, this would make branded calling information, such as business name and logo, a standard part of verified calls. For Voice AI operations, that means the incentive to maintain A-level attestation will only grow.

At the same time, bad actors are adapting. TNS reports that fraudsters are finding providers with weak KYC practices and spreading low-volume calls across large pools of numbers with A-level attestation, trying to evade spam filters. This means carriers will likely tighten analytics criteria, making legitimate calling reputation management even more important.

The bottom line: STIR/SHAKEN compliance is table stakes for any business running Voice AI Agents on the PSTN. Earning and maintaining A-level attestation protects your answer rates, your brand reputation, and your ability to scale. The teams that treat calling identity as a first-class operational concern, not an afterthought, will be the ones whose AI agents actually get to have the conversation.

Get started with Telnyx Voice AI Agents

Ready to launch Voice AI Agents that actually get answered? Telnyx gives you A-level STIR/SHAKEN attestation, carrier-grade voice, and AI inference on a single platform, so your calls connect with confidence. Talk to our team to see how Telnyx can power your next voice AI deployment, or sign up for a free account to start building today.