Resources For You

  1. 5 Essential Marketing Strategies for VoIP Businesses

    5 Essential Marketing Strategies for VoIP Businesses

  2. 5 Technologies Set to Revolutionise Webphones

    5 Technologies Set to Revolutionise Webphones

  3. 5 Unique Types of VoIP Gateways Explained!

    5 Unique Types of VoIP Gateways Explained!

  4. 5 Ways a Cloud PBX System Benefits Remote Work

    5 Ways a Cloud PBX System Benefits Remote Work

  5. 5 Ways SBCs Facilitate Unified Communications as a Service

    5 Ways SBCs Facilitate Unified Communications as a Service

  6. 5 Ways to Optimise ASR To Grow Profitability

    5 Ways to Optimise ASR To Grow Profitability

  7. 7 Additional Important Components of a VoIP Carrier Network Explained

    7 Additional Important Components of a VoIP Carrier Network Explained

  8. 7 Important Factors to Consider When Implementing LCR

    7 Important Factors to Consider When Implementing LCR

  9. 7 Ways to Optimize AHT

    7 Ways to Optimize AHT

  10. 9 Key Functions of an SBC Explained

    9 Key Functions of an SBC Explained

  11. 10 Factors to Consider While Choosing a Webphone

    10 Factors to Consider While Choosing a Webphone

  12. 10 Important Components of a VoIP Carrier Network Explained

    10 Important Components of a VoIP Carrier Network Explained

  13. 10-Point Security Checklist for VoIP Carriers

    10-Point Security Checklist for VoIP Carriers

  14. 10 Tips For Effective Implementation of LCR

    10 Tips For Effective Implementation of LCR

  15. 10 Webphone Features that Benefit Your Business

    10 Webphone Features that Benefit Your Business

  16. An Out of the Box Telecoms Network

    An Out of the Box Telecoms Network

  17. Are Call Centers Still Relevant in 2023?

    Are Call Centers Still Relevant in 2023?

  18. Automated Dialler vs Manual Dialler - Knowing the 7 Key Differences

    Automated Dialler vs Manual Dialler - Knowing the 7 Key Differences

  19. Call Center vs Contact Center - Understanding the Differences

    Call Center vs Contact Center - Understanding the Differences

  20. Choosing SIP over TCP,TLS and UDP in 2022

    Choosing SIP over TCP,TLS and UDP in 2022

  21. Class 4 Softswitch vs Class 5 Softswitch - Understanding the Difference

    Class 4 Softswitch vs Class 5 Softswitch - Understanding the Difference

  22. Combatting Covid-19 with Carrier-Grade Communications Solutions to Help Users Work Remotely

    Combatting Covid-19 with Carrier-Grade Communications Solutions to Help Users Work Remotely

  23. Comprehensive Cloud Softswitch Documentation

    Comprehensive Cloud Softswitch Documentation

  24. ConnexCS expands AnyEdge SIP Load Balancer to India

    ConnexCS expands AnyEdge SIP Load Balancer to India

  25. ConnexCS for Africa

    ConnexCS for Africa

  26. ConnexCS WebPhone SDK Connector

    ConnexCS WebPhone SDK Connector

  27. Discover the Different Types of NAT: An Essential Guide for Network Administrators

    Discover the Different Types of NAT: An Essential Guide for Network Administrators

  28. Discussing the Future and Top 9 Benefits of WebRTC

    Discussing the Future and Top 9 Benefits of WebRTC

  29. DNO And DNC Lists - Everything Carriers Should Know

    DNO And DNC Lists - Everything Carriers Should Know

  30. Email and SMS Alerts

    Email and SMS Alerts

  31. Employers' Guide to Winning at Remote Work

    Employers' Guide to Winning at Remote Work

  32. Exploring the Top 10 Types of Web Phones in 2023!

    Exploring the Top 10 Types of Web Phones in 2023!

  33. False Answer Supervision Detection - The Ultimate Tool for Preventing VoIP Fraud

    False Answer Supervision Detection - The Ultimate Tool for Preventing VoIP Fraud

  34. Far-End NAT Traversal - An In-Depth Guide

    Far-End NAT Traversal - An In-Depth Guide

  35. From Cost Savings to Mobility - 15 Benefits of Web Phones for Businesses

    From Cost Savings to Mobility - 15 Benefits of Web Phones for Businesses

  36. Get Your FCC Registration Number in 5 Easy Steps!

    Get Your FCC Registration Number in 5 Easy Steps!

  37. How to Build Your API on ConnexCS

    How to Build Your API on ConnexCS

  38. How to Build Your Own Dialer (BYOD) – Part 1

    How to Build Your Own Dialer (BYOD) – Part 1

  39. How to Establish a VoIP Interconnect in 10 Easy Steps

    How to Establish a VoIP Interconnect in 10 Easy Steps

  40. How to Get Operating Company Number (OCN) in 4 Easy Steps

    How to Get Operating Company Number (OCN) in 4 Easy Steps

  41. How to Identify Robocall Scam Traffic - A Comprehensive Guide for Telecom and VoIP Operators

    How to Identify Robocall Scam Traffic - A Comprehensive Guide for Telecom and VoIP Operators

  42. How to Improve CX? Ensure your Call Center Agents are Happy!

    How to Improve CX? Ensure your Call Center Agents are Happy!

  43. How to Prepare for a VoIP Network Security Audit

    How to Prepare for a VoIP Network Security Audit

  44. How to Properly Prepare for Setting up a VoIP Interconnect

    How to Properly Prepare for Setting up a VoIP Interconnect

  45. How to Register for the Robocall Mitigation Database: A step-by-step guide!

    How to Register for the Robocall Mitigation Database: A step-by-step guide!

  46. How to Successfully Implement LCR is 5 Easy Steps

    How to Successfully Implement LCR is 5 Easy Steps

  47. How Using Web Phones Can Benefit These 10 Industries?

    How Using Web Phones Can Benefit These 10 Industries?

  48. Importance of Balancing Cost Minimization and Reliable Call Quality when implementing LCR

    Importance of Balancing Cost Minimization and Reliable Call Quality when implementing LCR

  49. Introducing ConnexCS WebPhone

    Introducing ConnexCS WebPhone

  50. Introducing ConneXML - The Best TwiML Alternative

    Introducing ConneXML - The Best TwiML Alternative

  51. Introducing Smart CLI Select - An Effective Way to Improve your ASR

    Introducing Smart CLI Select - An Effective Way to Improve your ASR

  52. LTE vs VoLTE: Diving Into The Differences

    LTE vs VoLTE: Diving Into The Differences

  53. Operating Company Numbers (OCN) - Understanding Function, Importance and Relevance

    Operating Company Numbers (OCN) - Understanding Function, Importance and Relevance

  54. Populating Our Support Area With Cloud Softswitch Video Guides

    Populating Our Support Area With Cloud Softswitch Video Guides

  55. Predictive Dialler vs Progressive Dialler - Understanding the Differences

    Predictive Dialler vs Progressive Dialler - Understanding the Differences

  56. Preview Dialler vs Power Dialler - Understanding Top 5 Differences

    Preview Dialler vs Power Dialler - Understanding Top 5 Differences

  57. Rate Card Profit Assurance

    Rate Card Profit Assurance

  58. Redundant Redundancies (Backups of backups)

    Redundant Redundancies (Backups of backups)

  59. Revolutionise Your Outbound Calls - 8 Types of VoIP Diallers Explained

    Revolutionise Your Outbound Calls - 8 Types of VoIP Diallers Explained

  60. Scalability – Grow at Speeds That Suit You

    Scalability – Grow at Speeds That Suit You

  61. ScriptForge – Javascript Routing

    ScriptForge – Javascript Routing

  62. Simplifiying our Softswitch Pricing

    Simplifiying our Softswitch Pricing

  63. SIP 101 - The Best Guide of 2022

    SIP 101 - The Best Guide of 2022

  64. The 3CX Supply Chain Attack - Understanding Everything That Happened

    The 3CX Supply Chain Attack - Understanding Everything That Happened

  65. The 5 Best Strategies for Mitigating Robocall Scams

    The 5 Best Strategies for Mitigating Robocall Scams

  66. The Anatomy of Robocall Scams

    The Anatomy of Robocall Scams

  67. The Art of Cost Optimization - Least Cost Routing and Its 7 Benefits

    The Art of Cost Optimization - Least Cost Routing and Its 7 Benefits

  68. The Best Multi-POP Cloudswitch

    The Best Multi-POP Cloudswitch

  69. The Essential Guide to Business Continuity Plans for VoIP Carriers

    The Essential Guide to Business Continuity Plans for VoIP Carriers

  70. The Essential Guide to Implementing STIR/SHAKEN

    The Essential Guide to Implementing STIR/SHAKEN

  71. The Ultimate Guide to STIR/SHAKEN

    The Ultimate Guide to STIR/SHAKEN

  72. Timeout Protections (SIP Ping, SST)

    Timeout Protections (SIP Ping, SST)

  73. TLS and 2FA Security on the ConnexCS Platform

    TLS and 2FA Security on the ConnexCS Platform

  74. Top 5 Alternative Marketing Strategies for VoIP Businesses

    Top 5 Alternative Marketing Strategies for VoIP Businesses

  75. Top 5 Call Center Challenges and How To Overcome Them

    Top 5 Call Center Challenges and How To Overcome Them

  76. Top 5 Important Types of VoIP Gateways Explained

    Top 5 Important Types of VoIP Gateways Explained

  77. Top 7 Strategies For Ensuring Call Quality While Minimizing Costs with LCR

    Top 7 Strategies For Ensuring Call Quality While Minimizing Costs with LCR

  78. Top 9 Indicators that Help You Identify a Bad Carrier

    Top 9 Indicators that Help You Identify a Bad Carrier

  79. Top 10 Points of Differences Between a Traditional and VoIP Carrier

    Top 10 Points of Differences Between a Traditional and VoIP Carrier

  80. Top 10 Types of Robocall Scams Explained!

    Top 10 Types of Robocall Scams Explained!

  81. Top 10 VoIP Vulnerabilities You Must Know About

    Top 10 VoIP Vulnerabilities You Must Know About

  82. Understanding Global RTP Servers (Lowest Latency Possible, High Availability)

    Understanding Global RTP Servers (Lowest Latency Possible, High Availability)

  83. Understanding Network Address Translation (NAT) - A Beginner's Guide

    Understanding Network Address Translation (NAT) - A Beginner's Guide

  84. Understanding the 9 Key Objectives of a VoIP Network Security Audit

    Understanding the 9 Key Objectives of a VoIP Network Security Audit

  85. Understanding the Complete Scope of a VoIP Network Security Audit

    Understanding the Complete Scope of a VoIP Network Security Audit

  86. Understanding the Crucial Role of Session Border Controllers in Carrier-Grade VoIP Networks

    Understanding the Crucial Role of Session Border Controllers in Carrier-Grade VoIP Networks

  87. Understanding VoIP Anycast Load Balancing

    Understanding VoIP Anycast Load Balancing

  88. Understanding What a PBX System is and How it Benefits Your Business

    Understanding What a PBX System is and How it Benefits Your Business

  89. VoIP Carrier Network Components - Understanding Session Border Controllers

    VoIP Carrier Network Components - Understanding Session Border Controllers

  90. VoIP Carrier Network Security - How to Conduct Security Audit?

    VoIP Carrier Network Security - How to Conduct Security Audit?

  91. VoIP Carrier's Ultimate Guide to Cleaning Up Their Traffic

    VoIP Carrier's Ultimate Guide to Cleaning Up Their Traffic

  92. VoIP Interconnects - Learning How VoIP Carrier Connect and Exchange Traffic

    VoIP Interconnects - Learning How VoIP Carrier Connect and Exchange Traffic

  93. VoLTE - An Evolution in Voice Communication

    VoLTE - An Evolution in Voice Communication

  94. WebPones Explained: Understanding Web-Based Telephonic Communication

    WebPones Explained: Understanding Web-Based Telephonic Communication

  95. WebRTC 101 - The Best Guide for Beginners

    WebRTC 101 - The Best Guide for Beginners

  96. What Are SIP Traces - A Beginners Guide

    What Are SIP Traces - A Beginners Guide

  97. What Are The Top 10 Essential Call Center KPIs?

    What Are The Top 10 Essential Call Center KPIs?

  98. What Are VoIP Gateways and How Do They Work? A Comprehensive Guide

    What Are VoIP Gateways and How Do They Work? A Comprehensive Guide

  99. What is a Contact Center and Why Does Your Business Need One?

    What is a Contact Center and Why Does Your Business Need One?

  100. What is Robocall Mitigation Database? A Guide for Carriers and VoIP Operators

    What is Robocall Mitigation Database? A Guide for Carriers and VoIP Operators

The Essential Guide to Implementing STIR/SHAKEN

Updated on January 18, 2024

At the time of writing this guide, we’re already a year past the point when the FCC made it mandatory to implement STIR/SHAKEN for all carriers operating in the US.

Most of the big carriers have already implemented STIR/SHAKEN. However, there remains a sizable proportion of carriers who’re yet to come on board.

This article is meant for these carriers and anyone looking to become a service provider in the coming future.

This article will guide you through all the steps necessary for implementing STIR/SHAKEN so your calls are not blocked or labeled as scam calls.

So let’s get started, shall we?

Prerequisites for Implementing STIR/SHAKEN

Prerequisites for Implementing STIR/SHAKEN

Before you can implement the STIR/SHAKEN protocol, you need to complete a few steps in the process and acquire certain tokens and certifications.

Let’s get to know about all the prerequisites!

You must be a Trading Entity registered in the US

STIR/SHAKEN protocol is an initiative brought up by US’s FCC to curb ID spoofing and malicious robocalls. The primary prerequisite for implementing the STIR/SHAKEN protocol is that you need to be a trading entity registered in the US.

File the 499A form with the FCC

All service providers have to fill out the FCC form 499A and register with the Universal Services Administrative Company.

Filers are required to report the company’s actual revenue billed during the previous calendar year.

Get FCC Registration Number (FRN)

After filing the FCC form 499A, you will be issued a FCC Registration Number (FRN). An FRN is essential as it links your TIN (Taxpayer Identification Number) to FCC registration.

All companies and individuals are required to provide their TIN to do business with any federal agency.

To get an FRN, you will have to register yourself with the FCC Commission Registration System (CORES). Once you are registered, you will be provided with an FRN and a password that is linked to your TIN.

Here is the information you will need to provide for the registration.

  • Taxpayer Identification Number (TIN). For individuals, this is a Social Security Number and for businesses, this is an Employer Identification Number
  • The name of the individual or business
  • Type of business
  • Contact information
  • Password
  • Personal Security Question (PSQ) and answer: Your PSQ and answer are not case sensitive.

Operating Company Number (OCN)

Operating Company Number, also known as Company Codes are unique identifiers assigned to every telecommunications service provider by the National Exchange Carrier Association (NECA).

OCNs are also used in mechanized and legacy systems to enable the transmission of information throughout the network.

Here are the steps you need to follow to get an OCN.

  1. Fill in and submit the Incumbent Company Code Request form.
  2. Fill in and submit the Company Code Request form. The instructions can be found here.

For Non-ILEC codes (CLEC, ULEC, CAP, IC, IPES, ETHX, LRSL, WIRE, WRSL, PCS, and PCSR) – The following information is required to obtain a Company Code.

  1. Company Code request form
  2. Legal documentation (e.g. Articles of Incorporation with state seal or stamp, State Registration, etc.) as proof of existence and to reflect the service provider’s legal name;

And for:

*CLEC, ULEC, CAP, LRSL codes – a copy of the certification by the state public utilities commission;

IC codes - Documents may vary from state-to-state. A copy of the state public utilities commission approval is required when the state commission regulates the interexchange carrier/reseller service. If the service is not regulated by the state commission, the required documentation may vary. Therefore, please contact the 09-2023 Company Code Administrator at ccfees@neca.org or 973-884-8105.

IPES codes - proof of service and proof of customers, e.g., interconnection agreements (or evidence of an interconnection order pursuant to an approved tariff) and contractual agreements or an invoice with end-user customers showing proof of customer, or regulatory administration approval, if applicable. Additionally, a detailed description of the type of service being provided including the areas where the service will be provided. We reserve the right to request additional documentation.

ETHX codes - proof of service and customers, e.g., contractual agreements with customers and a detailed description of the service including the areas where the service will be provided. NECA reserves the right to request additional documentation.

Wireless or PCS codes - a copy of the company’s FCC radio/PCS license;

Wireless and PCS Resellers - a copy of the interconnection agreement with the wireless carrier.

OCN Registration Fee Structure

OCN Registration Fee Structure

You will have to register with NECA and get your OCN prior to moving ahead with the implementation of STIR/SHAKEN. For detailed instructions, please refer to this document. Or if you want a detailed explanation on how to acquire your OCN, please refer to our blog here.

Proof of Access to US Telephone Numbers

You are also required to prove that you have access to US telephone numbers.

You can do this via producing a Certificate of Public Convenience and Necessity (CPCN), Competitive Local Exchange Carrier (CLEC) certificate or proof of direct access to US numbers.

Once you have all of the above-mentioned information, you can proceed with getting the STIR/SHAKEN token and then the certificate.

4 Easy Steps to Procure STIR/SHAKEN token and certificate

Steps to procure STIR/SHAKEN certificate

Register with the Policy Administrator

A policy administrator evaluates and authorizes certain trusted third parties to act as Certification Authorities and issue STIR/SHAKEN certificates to service providers.

Iconectiv is the policy administrator in the US and is responsible for coordinating, registering and verifying certification authorities based on the tight guidelines issued by the Secure Telephone Identity Governance Authority (STI-GA).

Once the service provider is registered with the Policy Administrator, they can proceed to the next step in the process.

Procure a token from Policy Administrator

A carrier or service provider is expected to request a service provider code or token from the Policy Administrator.

The Policy Administrator will ask for all the necessary information it requires from the carrier or service provider in order to validate them.

Once validated, the Public Administrator will provide the carrier or service provider with a token that contains the carrier’s unique identifier (SPID) and OCN.

Once the process completes and the token is procured, the carrier and service providers can proceed to the next step.

Selecting a Certification Authority

Secure Telephone Identity Certification Authorities (STI-CAs) are a vital component of the STIR/SHAKEN framework.

These Certification Authorities are responsible for assigning digital certificates to carriers and service providers which are used to authenticate their Caller ID.

Only the certification authorities approved by the STI-PA are allowed to issue STIR/SHAKEN certificates to carriers and service providers.

The call authentication process involves the terminating carrier service checking the originating service provider’s certificate is issued by a proper STI-PA approved Certification Authority.

ConnexCS recommends its users use Sansay as their STI-PA-approved certification authority, however we will be compatible with certificates issued by all CA’s.

Requesting a Certificate

In order to be issued with a STIR/SHAKEN certificate, a carrier or service provider is required to submit a Certificate Signing Request (CSR).

They are supposed to send in their CSR along with their token to the certification authority. Once the application is approved, the Certification Authority issues a STIR/SHAKEN certificate to the carrier or service provider.

A Certification Authority checks for the following before approving the CSR:

  • Validating Service Provider Code (SPC) token issued by the STI-PA.
  • Accepting Certificate Signing Requests (CSRs) for SHAKEN certificates.
  • Issuing standards-compliant SHAKEN signing certificates, including the Telephone Number Authorization List (TNAuthList) extension.
  • Publishing certificates to a hosted STI-Certificate Repository (STI-CR) for relying parties.
  • Revoking certificates if needed and notifying the STI-PA.
  • Accepting Certificate Signing Requests to renew them before they expire.
  • Sharing the Neustar root STI-CA public certificate to support SHAKEN call verification and chain validation.

With that, you have all that is needed to start implementing the STIR/SHAKEN protocol.

How to Implement STIR/SHAKEN with ConnexCS?

Implement STIR/SHAKEN with ConnexCS

A STIR/SHAKEN certificate is a necessity for origination service providers to authenticate all outgoing calls. With the implementation of the STIR/SHAKEN protocol, the FCC plans to minimize the evils of ID spoofing and scam calls.

In order to implement the STIR/SHAKEN protocol with ConnexCS, all you have to do is add your certificate to your account.

How to add STIR/SHAKEN Certificate to ConnexCS

Once you have added the certificate, ConnexCS will begin signing all outbound calls with your certificate.

  1. Prerequisites for Implementing STIR/SHAKEN

  2. 4 Easy Steps to Procure STIR/SHAKEN token and certificate

  3. How to Implement STIR/SHAKEN with ConnexCS?