Over the last couple of years, the number of spam phone calls has been on the rise- SHAKEN/ STIR aims to change that trend.
By Fiona McDonnell
Over the last couple of years, the number of fraudulent and spam phone calls being made to American phone numbers has been steadily on the rise. To help combat this problem the Federal Communications Commission (FCC) has developed a new framework SHAKEN/ STIR- which stands for Secure Handling of Asserted information using toKENs (SHAKEN) / Secure Telephony Identity Revisited (STIR).
SHAKEN/STIR is a new technology standard developed by industry experts to combat the rise in fraudulent robocalls and illegal phone number spoofing.
In the framework, originating service providers assign an attestation level to calls made on their network and assign a signed token that is included as a header in the SIP INVITE which is passed to the terminating service provider (TSP). The signature on the token is validated by a verification service and the call is sent to the recipient. The TSP can either pass along the verification results to the called party or take additional action, such as blocking the call.
SHAKEN/STIR has a three-level system to categorize the essential information about the caller into levels of “attestation” for the call. The different levels describe the level of trust or proof a provider has in the caller’s right to use that particular number, with attestation levels ranging from 'A' to 'C'.
Full Attestation (A): The provider knows the customer, knows they have a right to use the originating number, and knows that the call originated on their network. For numbers purchased in the Telnyx portal, you should expect to receive an 'A Attestation'.
Partial Attestation (B): The provider knows the customer but the customer may be using another provider's phone number. The call is legitimate but the provider can’t fully attest because of missing information.
Gateway Attestation (C): The provider can’t verify the customer or the phone number and has no way of knowing whether the call is legitimate. The originating provider will still attest to the call in order to mark that the call originated on their network.
For an in-depth review of the requirements for each level, check out our previous post which takes deep dive into attestation.
Telnyx customers who have purchased numbers from Telnyx can expect to receive an A attestation. If a Telnyx customer is using a number that is not on the Telnyx portal, the customer will be assigned a B attestation.
Telnyx customers with HVSD traffic can expect B attestation.
Customers who would like to receive an A attestation should consider porting their numbers over to the Telnyx portal. With Fastport, customers can port their numbers to Telnyx in just a few clicks while maintaining complete control and transparency throughout the porting process.
In the case where this is not possible, the customer must meet the below requirements to be considered for increased attestation:
Telnyx is fully compliant with SHAKEN/STIR and, as such, all calls originating on the Telnyx network will receive an attestation. There is no action required from the customer.*
The customer will not be notified of the attestation it receives from Telnyx but customers should be able to predict attestation level based on the requirements outlined in the above questions.
*Telnyx will sign and attest to any outbound call that is not signed by our customer. Customers, however, should be aware of any applicable regulatory requirements to directly participate in the SHAKEN/STIR ecosystem and to sign their own calls as mandated by the Federal Communications Commission. Telnyx will pass SHAKEN signatures along that we receive in any outbound calls.
Providers are not allowed to block calls based solely on attestation level, but the FCC has provided safe harbors to terminating providers who leverage authentication data to influence their filters. For more information on how to ensure your calls do not get caught by terminating spam filters, check out this support article.
If the self-service customer provides all the required information on sign-up, and they have bought/ ported numbers to Telnyx they will receive attestation A.
Yes, Telnyx provides just 1 Token for all customers, inclucding MSPs. As a participant of the Industry Traceback Group, Telnyx strongly encourages every customer leveraging termination services through Telnyx to register as an ITG participant so that we can work together to end illegal robocalls and protect consumers from fraudulent behavior.
The FCC has mandated that service providers cannot charge for SHAKEN/ STIR services and so it will be free to all Telnyx customers.
Customers will see inbound calls with identity headers come thorugh. Inbound calls with A attestation and a valid token will now have the 'verstat' parameter added to P-Asserted-Identity headers.
If you still have questions surrounding SHAKEN/ STIR and Traceback, please get in touch with our team of experts.
Related articles