Resources For You

  1. 5 Essential Marketing Strategies for VoIP Businesses

    5 Essential Marketing Strategies for VoIP Businesses

  2. 5 Technologies Set to Revolutionise Webphones

    5 Technologies Set to Revolutionise Webphones

  3. 5 Unique Types of VoIP Gateways Explained!

    5 Unique Types of VoIP Gateways Explained!

  4. 5 Ways a Cloud PBX System Benefits Remote Work

    5 Ways a Cloud PBX System Benefits Remote Work

  5. 5 Ways SBCs Facilitate Unified Communications as a Service

    5 Ways SBCs Facilitate Unified Communications as a Service

  6. 5 Ways to Optimise ASR To Grow Profitability

    5 Ways to Optimise ASR To Grow Profitability

  7. 7 Additional Important Components of a VoIP Carrier Network Explained

    7 Additional Important Components of a VoIP Carrier Network Explained

  8. 7 Important Factors to Consider When Implementing LCR

    7 Important Factors to Consider When Implementing LCR

  9. 7 Ways to Optimize AHT

    7 Ways to Optimize AHT

  10. 9 Key Functions of an SBC Explained

    9 Key Functions of an SBC Explained

  11. 10 Factors to Consider While Choosing a Webphone

    10 Factors to Consider While Choosing a Webphone

  12. 10 Important Components of a VoIP Carrier Network Explained

    10 Important Components of a VoIP Carrier Network Explained

  13. 10-Point Security Checklist for VoIP Carriers

    10-Point Security Checklist for VoIP Carriers

  14. 10 Tips For Effective Implementation of LCR

    10 Tips For Effective Implementation of LCR

  15. 10 Webphone Features that Benefit Your Business

    10 Webphone Features that Benefit Your Business

  16. An Out of the Box Telecoms Network

    An Out of the Box Telecoms Network

  17. Are Call Centers Still Relevant in 2023?

    Are Call Centers Still Relevant in 2023?

  18. Automated Dialler vs Manual Dialler - Knowing the 7 Key Differences

    Automated Dialler vs Manual Dialler - Knowing the 7 Key Differences

  19. Call Center vs Contact Center - Understanding the Differences

    Call Center vs Contact Center - Understanding the Differences

  20. Choosing SIP over TCP,TLS and UDP in 2022

    Choosing SIP over TCP,TLS and UDP in 2022

  21. Class 4 Softswitch vs Class 5 Softswitch - Understanding the Difference

    Class 4 Softswitch vs Class 5 Softswitch - Understanding the Difference

  22. Combatting Covid-19 with Carrier-Grade Communications Solutions to Help Users Work Remotely

    Combatting Covid-19 with Carrier-Grade Communications Solutions to Help Users Work Remotely

  23. Comprehensive Cloud Softswitch Documentation

    Comprehensive Cloud Softswitch Documentation

  24. ConnexCS expands AnyEdge SIP Load Balancer to India

    ConnexCS expands AnyEdge SIP Load Balancer to India

  25. ConnexCS for Africa

    ConnexCS for Africa

  26. ConnexCS WebPhone SDK Connector

    ConnexCS WebPhone SDK Connector

  27. Discover the Different Types of NAT: An Essential Guide for Network Administrators

    Discover the Different Types of NAT: An Essential Guide for Network Administrators

  28. Discussing the Future and Top 9 Benefits of WebRTC

    Discussing the Future and Top 9 Benefits of WebRTC

  29. DNO And DNC Lists - Everything Carriers Should Know

    DNO And DNC Lists - Everything Carriers Should Know

  30. Email and SMS Alerts

    Email and SMS Alerts

  31. Employers' Guide to Winning at Remote Work

    Employers' Guide to Winning at Remote Work

  32. Exploring the Top 10 Types of Web Phones in 2023!

    Exploring the Top 10 Types of Web Phones in 2023!

  33. False Answer Supervision Detection - The Ultimate Tool for Preventing VoIP Fraud

    False Answer Supervision Detection - The Ultimate Tool for Preventing VoIP Fraud

  34. Far-End NAT Traversal - An In-Depth Guide

    Far-End NAT Traversal - An In-Depth Guide

  35. Feature Releases for June 2024

    Feature Releases for June 2024

  36. From Cost Savings to Mobility - 15 Benefits of Web Phones for Businesses

    From Cost Savings to Mobility - 15 Benefits of Web Phones for Businesses

  37. Get Your FCC Registration Number in 5 Easy Steps!

    Get Your FCC Registration Number in 5 Easy Steps!

  38. How to Build Your API on ConnexCS

    How to Build Your API on ConnexCS

  39. How to Build Your Own Dialer (BYOD) – Part 1

    How to Build Your Own Dialer (BYOD) – Part 1

  40. How to Establish a VoIP Interconnect in 10 Easy Steps

    How to Establish a VoIP Interconnect in 10 Easy Steps

  41. How to Get Operating Company Number (OCN) in 4 Easy Steps

    How to Get Operating Company Number (OCN) in 4 Easy Steps

  42. How to Identify Robocall Scam Traffic - A Comprehensive Guide for Telecom and VoIP Operators

    How to Identify Robocall Scam Traffic - A Comprehensive Guide for Telecom and VoIP Operators

  43. How to Improve CX? Ensure your Call Center Agents are Happy!

    How to Improve CX? Ensure your Call Center Agents are Happy!

  44. How to Prepare for a VoIP Network Security Audit

    How to Prepare for a VoIP Network Security Audit

  45. How to Properly Prepare for Setting up a VoIP Interconnect

    How to Properly Prepare for Setting up a VoIP Interconnect

  46. How to Register for the Robocall Mitigation Database: A step-by-step guide!

    How to Register for the Robocall Mitigation Database: A step-by-step guide!

  47. How to Successfully Implement LCR is 5 Easy Steps

    How to Successfully Implement LCR is 5 Easy Steps

  48. How Using Web Phones Can Benefit These 10 Industries?

    How Using Web Phones Can Benefit These 10 Industries?

  49. Importance of Balancing Cost Minimization and Reliable Call Quality when implementing LCR

    Importance of Balancing Cost Minimization and Reliable Call Quality when implementing LCR

  50. Introducing ConnexCS WebPhone

    Introducing ConnexCS WebPhone

  51. Introducing ConneXML - The Best TwiML Alternative

    Introducing ConneXML - The Best TwiML Alternative

  52. Introducing Smart CLI Select - An Effective Way to Improve your ASR

    Introducing Smart CLI Select - An Effective Way to Improve your ASR

  53. LTE vs VoLTE: Diving Into The Differences

    LTE vs VoLTE: Diving Into The Differences

  54. Operating Company Numbers (OCN) - Understanding Function, Importance and Relevance

    Operating Company Numbers (OCN) - Understanding Function, Importance and Relevance

  55. Populating Our Support Area With Cloud Softswitch Video Guides

    Populating Our Support Area With Cloud Softswitch Video Guides

  56. Predictive Dialler vs Progressive Dialler - Understanding the Differences

    Predictive Dialler vs Progressive Dialler - Understanding the Differences

  57. Preview Dialler vs Power Dialler - Understanding Top 5 Differences

    Preview Dialler vs Power Dialler - Understanding Top 5 Differences

  58. Rate Card Profit Assurance

    Rate Card Profit Assurance

  59. Redundant Redundancies (Backups of backups)

    Redundant Redundancies (Backups of backups)

  60. Revolutionise Your Outbound Calls - 8 Types of VoIP Diallers Explained

    Revolutionise Your Outbound Calls - 8 Types of VoIP Diallers Explained

  61. Scalability – Grow at Speeds That Suit You

    Scalability – Grow at Speeds That Suit You

  62. ScriptForge – Javascript Routing

    ScriptForge – Javascript Routing

  63. Simplifiying our Softswitch Pricing

    Simplifiying our Softswitch Pricing

  64. SIP 101 - The Best Guide of 2022

    SIP 101 - The Best Guide of 2022

  65. The 3CX Supply Chain Attack - Understanding Everything That Happened

    The 3CX Supply Chain Attack - Understanding Everything That Happened

  66. The 5 Best Strategies for Mitigating Robocall Scams

    The 5 Best Strategies for Mitigating Robocall Scams

  67. The Anatomy of Robocall Scams

    The Anatomy of Robocall Scams

  68. The Art of Cost Optimization - Least Cost Routing and Its 7 Benefits

    The Art of Cost Optimization - Least Cost Routing and Its 7 Benefits

  69. The Best Multi-POP Cloudswitch

    The Best Multi-POP Cloudswitch

  70. The Essential Guide to Business Continuity Plans for VoIP Carriers

    The Essential Guide to Business Continuity Plans for VoIP Carriers

  71. The Essential Guide to Implementing STIR/SHAKEN

    The Essential Guide to Implementing STIR/SHAKEN

  72. The Ultimate Guide to STIR/SHAKEN

    The Ultimate Guide to STIR/SHAKEN

  73. Timeout Protections (SIP Ping, SST)

    Timeout Protections (SIP Ping, SST)

  74. TLS and 2FA Security on the ConnexCS Platform

    TLS and 2FA Security on the ConnexCS Platform

  75. Top 5 Alternative Marketing Strategies for VoIP Businesses

    Top 5 Alternative Marketing Strategies for VoIP Businesses

  76. Top 5 Call Center Challenges and How To Overcome Them

    Top 5 Call Center Challenges and How To Overcome Them

  77. Top 5 Important Types of VoIP Gateways Explained

    Top 5 Important Types of VoIP Gateways Explained

  78. Top 7 Strategies For Ensuring Call Quality While Minimizing Costs with LCR

    Top 7 Strategies For Ensuring Call Quality While Minimizing Costs with LCR

  79. Top 9 Indicators that Help You Identify a Bad Carrier

    Top 9 Indicators that Help You Identify a Bad Carrier

  80. Top 10 Points of Differences Between a Traditional and VoIP Carrier

    Top 10 Points of Differences Between a Traditional and VoIP Carrier

  81. Top 10 Types of Robocall Scams Explained!

    Top 10 Types of Robocall Scams Explained!

  82. Top 10 VoIP Vulnerabilities You Must Know About

    Top 10 VoIP Vulnerabilities You Must Know About

  83. Understanding Global RTP Servers (Lowest Latency Possible, High Availability)

    Understanding Global RTP Servers (Lowest Latency Possible, High Availability)

  84. Understanding Network Address Translation (NAT) - A Beginner's Guide

    Understanding Network Address Translation (NAT) - A Beginner's Guide

  85. Understanding the 9 Key Objectives of a VoIP Network Security Audit

    Understanding the 9 Key Objectives of a VoIP Network Security Audit

  86. Understanding the Complete Scope of a VoIP Network Security Audit

    Understanding the Complete Scope of a VoIP Network Security Audit

  87. Understanding the Crucial Role of Session Border Controllers in Carrier-Grade VoIP Networks

    Understanding the Crucial Role of Session Border Controllers in Carrier-Grade VoIP Networks

  88. Understanding VoIP Anycast Load Balancing

    Understanding VoIP Anycast Load Balancing

  89. Understanding What a PBX System is and How it Benefits Your Business

    Understanding What a PBX System is and How it Benefits Your Business

  90. VoIP Carrier Network Components - Understanding Session Border Controllers

    VoIP Carrier Network Components - Understanding Session Border Controllers

  91. VoIP Carrier Network Security - How to Conduct Security Audit?

    VoIP Carrier Network Security - How to Conduct Security Audit?

  92. VoIP Carrier's Ultimate Guide to Cleaning Up Their Traffic

    VoIP Carrier's Ultimate Guide to Cleaning Up Their Traffic

  93. VoIP Interconnects - Learning How VoIP Carrier Connect and Exchange Traffic

    VoIP Interconnects - Learning How VoIP Carrier Connect and Exchange Traffic

  94. VoLTE - An Evolution in Voice Communication

    VoLTE - An Evolution in Voice Communication

  95. WebPones Explained: Understanding Web-Based Telephonic Communication

    WebPones Explained: Understanding Web-Based Telephonic Communication

  96. WebRTC 101 - The Best Guide for Beginners

    WebRTC 101 - The Best Guide for Beginners

  97. What Are SIP Traces - A Beginners Guide

    What Are SIP Traces - A Beginners Guide

  98. What Are The Top 10 Essential Call Center KPIs?

    What Are The Top 10 Essential Call Center KPIs?

  99. What Are VoIP Gateways and How Do They Work? A Comprehensive Guide

    What Are VoIP Gateways and How Do They Work? A Comprehensive Guide

  100. What is a Contact Center and Why Does Your Business Need One?

    What is a Contact Center and Why Does Your Business Need One?

  101. What is Robocall Mitigation Database? A Guide for Carriers and VoIP Operators

    What is Robocall Mitigation Database? A Guide for Carriers and VoIP Operators

The Ultimate Guide to STIR/SHAKEN

As technology progresses, a lot of things that seemed impossible earlier are now possible. VoIP was one such drastic jump in terms of capabilities and opened up a world of possibilities for communications.

Robocalling is one of the capabilities that VoIP unlocked. While automated calls did exist earlier as well, those were limited in function.

However, as new technology appears, so do scams made possible by the misuse of the same technology. Robocalling is no exception.

T-Mobile’s reported almost half a billion scam robocalls are made each week. The result of these scams? A reported loss of $30 Billion for users just in America.

Robocalling when combined with ID spoofing turns into a very effective scam. The FCC is clearly not happy about this and has taken steps to prevent this.

First among these steps, the FCC has mandated telecom players to implement the STIR/SHAKEN framework to combat malicious robocalling and ID spoofing.

But what is the STIR/SHAKEN framework? Let's find out!

What is STIR/ SHAKEN?

STIR/SHAKEN or SHAKEN/STIR is a set of technological protocols set in place to combat ID spoofing over the public telephone network.

When implemented, the STIR/SHAKEN protocol works together to ensure the end users receiving calls are alerted if the call is malicious and with a spoofed identity.

In a study conducted by Transaction Network Services, it was concluded that informing the end user about the authenticity of the call had the highest positive impact on averting robocalling and identity spoofing scams.

Now you know what STIR/SHAKEN is and what it does. We can now dive in deeper and understand its two components.

What is STIR?

Secure Telephone Identity Revisited, commonly abbreviated as STIR, is a protocol of RFC standards documents issued by the working group of the Internet Engineering Task Force.

The protocol works by adding a certificate of identity issued to the caller along with the SIP information at the point of origination.

The certificate can be verified by the terminating caller using the same protocol to authenticate the identity of the caller and inform the end user of the same.

With that out of the way, let's understand what SHAKEN is!

What is SHAKEN?

Signature-based Handling of Asserted information using toKEN, commonly termed SHAKEN, is a set of guidelines for non-VoIP-based systems pertaining to how to deal with calls that have incorrect or missing STIR information.

The STIR protocol is useful only for the VoIP ecosystem. However, a large portion of the telephony network still operates in the non-VoIP ecosystem.

The SIP Forum and Alliance of Telecommunications Industry Solutions jointly developed the SHAKEN protocol. This was to allow for IETF’s STIR standard to be implemented within the legacy telephony networks as well.

STIR/SHAKEN Diagram

Thus, the SHAKEN protocol allows for authentication and handling of calls within the legacy telephony network.

Together, STIR/SHAKEN covers the entire telephony network, legacy and VoIP and makes sure spoofed identities are kept in check and the end users are informed about the same.

Considering the number of telecom carriers involved in putting a call through, it is not possible to be absolute about the caller identity. Thus, the STIR/SHAKEN protocol issues a level of attestation. Let us learn more about it.

Attestation Levels

Telecom networks are huge and complex. There are multiple carriers involved in handling a single call. This necessitates the use of attestation levels.

Attestation Meaning

The level of attestation represents the confidence of a carrier in attesting that the caller’s identity has not been spoofed.

Accordingly, we have three levels of attestation. They are as follows:

Full Attestation (A) -

Level A attestation by the carrier means:

  • The carrier has authenticated the origin of the call.
  • The carrier has authenticated the calling party.
  • The carrier has authenticated that the calling party is authorized to use the calling number.

An example of this would be a call originating from a regular subscriber of a voice service with a carrier.

Partial Attestation (B) -

Level B attestation by the carrier means:

  • The carrier has authenticated the origin of the call.
  • The carrier has authenticated the calling party.
  • The carrier has not authenticated whether the calling party is authorized to use the calling number or not.

An example of this would be a call originating from behind a PBX of an organization.

Gateway Attestation (C)

Level C attestation by the carrier means:

i) The carrier has authenticated the source from where it received the call. ii) The carrier has not authenticated the calling party. iii) The carrier has not authenticated whether the calling party is authorized to use the calling number or not.

With the basics of STIR/SHAKEN now explained, we can move on and understand how the system works.

How does STIR/SHAKEN work?

The STIR/SHAKEN framework adds a few additional steps to a regular calling process to eliminate the risks of caller ID spoofing.

How does STIR/SHAKEN work

There are 8 steps involved in the working of the STIR/SHAKEN framework. These are as follows:

1. Call Originates

When a caller dials in a number or places a call to a contact, a SIP invite is received by the originating telephone service provider.

2. Attestation

The originating telephone service provider is required to check and verify the identity, source and authorization for using the calling number by the calling party.

Accordingly, the originating telephone service provider determines an attestation level to the originating call.

3. Signing

Usually, a third-party authentication service is used by the originating telephone service provider to add all the necessary information and attestation level to the SIP header associated with the call The SIP header contains the following information:

  1. Calling number
  2. Called number(s)
  3. Current timestamp
  4. Attestation level
  5. Origination identifier

4. Transfer to Terminating Telephone Service Provider

The SIP invite along with the SIP header containing all the necessary information is then transferred to the destination telephone service provider, more commonly known as the terminating telephone service provider.

5. Transfer to Verification Service Provider

The terminating telephone service provider then forwards the SIP header to a third-party verification service.

6. Verification

The verification service obtains the SIP header and examines it. Based on the information provided, it procures the digital certificate of the originating telephone service provider from the public certificate repository.

Once everything needed to verify a call has been procured, a multi-step verification process commences.

  • The SIP Identity header is base64 URL decoded and the details are compared to the SIP INVITE message.
  • The public key of the certificate is used to verify the SIP Identity header signature.
  • The certificate chain of trust is verified.

If the call passes all the verification steps, it is established that the call has not been spoofed. After verification is complete, the results are forwarded to the terminating telephone service provider.

7. Verification reported to Terminating Telephone Service Provider

The verification service reports in detail the verification result to the terminating telephone service provider.

8. Final Assessment

Once the results of the verification are known by the terminating telephone service provider, it can resort to one of the following options depending upon the verification results:

i) If the verification has been successful, it completes the call. ii) If the verification is partially successful, it completes the call but issues caution to the end user. iii) If the verification fails, it may opt to reject the call request.

Now you know how STIR/SHAKEN works in practice. However, there are some impacts of implementing STIR/SHAKEN, let's learn about those.

Impacts of Implementing STIR/SHAKEN

You may have already noticed how complicated the entire process is. In practice, implementing the STIR/SHAKEN framework results in noticeable downsides. These are:

1. Added Complexity

If you consider a normal SIP process, it involves 4 steps. With STIR/SHAKEN implemented, the number of steps required doubles.

Not only do the steps double but these steps are complex to perform. This added complexity further results in other downsides.

2. Increased Latency

Double the number of steps needed and add more complexities to any function and it will result in more time being required to execute that process.

STIR/SHAKEN is necessary to eliminate the risks of malicious robocalls and spoofed identities. However, it slows down the entire telephony network.

3. Added Costs

If you consider the process, you need a certificate issuer, third-party authenticator and verification services. These add to the primary costs.

Additionally, as the entire process slows down the network, you incur the opportunity costs due to lowered throughput.

4. Additional Failure Points

Not only does the STIR/SHAKEN framework introduce additional failure points in the process but most of them are external.

If either of the authentication, verification or public certificate repository go down, you won’t be able to get calls through.

However, implementing STRI/SHAKEN is no longer optional. The FCC requires all telecom operators and carriers to use the system by default from late 2021.

I know what you’re wondering. Shouldn't there be a way to minimize the impact of these downsides? Yes, there is one solution that ConnexCS has come up with. Let's check it!

Comparing ConnexCS STIR/SHAKEN with STIR/SHAKEN 3rd Party Signing.

ConnexCS has been offering the STIR/SHAKEN functionality for some time now. While implementing it, we realized the impacts our customers may face along with it.

Thus, to lessen the impact of implementing STIR/SHAKEN on our customer’s businesses, ConnexCS came up with a solution.

So what is the solution you ask? All of our products come integrated with signing and verification functionality. Both functions runs in line with the calling function.

ConnexCS's Implementation of STIR/SHAKEN

You don’t have to rely on a third-party authenticator for complying with the STIR/SHAKEN protocol.

Let's talk numbers! Integrating the authentication function in our products lessens the latency and complexity of operations by up to 44%.

Moreover, you eliminate a big failure point by having the authentication service integrated into your carrier services.

While you will still be dependent on third-party verification and public certificate repository, you’re making significant gains through ConnexCS’s services.

Concluding

It's not just the American telecom market that is plagued with malicious robocalls and identity spoof scams. These scams run rampant all over the world.

The FCC may be the first national agency to make STIR/SHAKEN mandatory. However, we’re positive that the EU and other nations will follow suit.

Thus, implementing STIR/SHAKEN at the earliest is the need of the hour. If you choose to do so with ConnexCS, you’ll be benefiting from additional savings too.

Want to know how to get started, look at our other article here.