Certificate Procurement Assistance
Hands-on onboarding with approved SPC token process.
STIR/SHAKEN: Call Authentication for VoIP Carriers and Providers
STIR/SHAKEN is a call authentication framework that verifies the originating caller's identity and signs calls with digital certificates.
Regulators now expect voice providers to implement this framework to combat robocalls and fraud; compliance is mandatory (or effectively mandatory) in many regulated markets.
Who this applies to: carriers, VoIP providers, and enterprises sending high volumes of outbound voice calls.
ConnexCS simplifies certificate procurement, attestation policy configuration, and ongoing compliance so your calls are trusted and deliverable.
The Trust Breakdown in Voice Networks
How spoofed traffic, federal law, and enforcement reshaped caller authentication
Caller ID was never designed for adversarial networks. As spoofing escalated, consumer trust eroded and legitimate providers suffered. STIR/SHAKEN emerged as a regulatory and technical response to restore verifiable identity in voice communications.
2015
Robocall Surge
2019
TRACED Act
2021
FCC Implementation Deadlines
2024
Enforcement Actions
Robocall Surge
By 2015, robocalls had grown into a national problem. Fraudsters exploited weak caller ID validation to impersonate banks, utilities, and government agencies. Networks lacked cryptographic verification, leaving terminating carriers unable to distinguish legitimate enterprise traffic from spoofed or malicious calls.
Non-compliant providers risk traffic blocking, reputational damage, and enforcement action.
What STIR/SHAKEN Actually Is
STIR - Secure Telephone Identity Revisited
STIR is the cryptographic signing mechanism applied at call origination. The originating provider generates a digital signature using a private key tied to an approved certificate. That signature is inserted into the SIP Identity header, binding the calling number to the provider's verified assertion.
STIR answers one question: Did this provider authenticate this caller?
How does STIR/SHAKEN work?
- 1Caller OriginatesA verified end customer initiates an outbound call.
- 2ConnexCS Signs (STIR)ConnexCS cryptographically signs the call with a digital certificate, creating the Identity header and attaching the token.
- 3Destination Carrier Verifies (SHAKEN)The destination carrier receives the SIP INVITE and verifies the signature against trusted Certificate Authorities.
- 4Recipient Sees AttestationThe recipient's device displays the call with an attestation badge (Full, Partial, or Gateway), signaling trust and authenticity.
Caller
Dials a number
→
You
→
ConnexCS
→
Destination Carrier
→
Recipient
Understanding Attestation Levels
Attestation levels are a core part of the STIR/SHAKEN framework. The set attestation level indicates the degree of trust you have in the caller’s identity.
These levels help recipients and downstream carriers assess the authenticity of incoming calls, reducing the risk of spoofed or fraudulent calls.
Learn What Each Attestation Level Means - For You and The Call Recipient
Select an Attestation Level
What You Know About the Call
As the originating provider, you have verified the caller's identity and confirmed their right to use the calling number. Full account details and customer information are available to support this attestation.
How the Recipient Sees It
Acme Corp
Incoming call
Verified
Recipient sees the verified caller identity with a checkmark. High trust — calls are more likely to be answered.
| Attestation | Verification Depth | Call Trust | Blocking Risk |
|---|---|---|---|
| A — Full | Caller identity fully verified; customer account confirmed | High | Low |
| B — Partial | Partial caller information; network-level verification | Medium | Medium |
| C — Gateway | Limited or no verification; gateway/intermediary routing | Low | High |
What Happens If You Implement STIR/SHAKEN Properly?
Higher Answer Rates
Verified caller identity improves call presentation and reduces consumer hesitation. Enterprises typically observe measurable increases in pickup ratios across outbound campaigns and customer outreach.
Lower Call Labeling
Proper attestation reduces the probability of "Spam Likely" tagging by analytics engines. Fewer mislabeled calls translate directly into improved call completion performance.
Reduced Complaint Volumes
Accurate caller authentication limits fraudulent traffic exposure. Lower complaint rates reduce regulatory attention, internal investigations, and operational time spent responding to traceback requests.
Cleaner Carrier Relationships
Consistent signing and documented KYC processes strengthen credibility with upstream and downstream carriers. Trusted traffic experiences fewer escalations, suspensions, and commercial disputes.
Stronger Downstream Routing
Authenticated traffic is treated with greater confidence by terminating networks. This results in more stable routing paths and fewer sudden filtering interventions.
Lower Regulatory Exposure
Compliant implementation demonstrates documented due diligence. Providers reduce the risk of enforcement actions, financial penalties, and reputational damage tied to improper attestation practices.
Regulatory Enforcement Is Real
The grace period is over. The FCC is no longer issuing warnings; it is issuing penalties.
Carriers that fail to implement reasonable anti-spoofing and call authentication measures risk regulatory action.
The FCC has used its enforcement authority to pursue carriers and intermediaries that allowed unlawful robocall traffic to transit their networks without adequate controls.
Recent Regulatory Actions by the FCC
Read the FCC releaseIn 2024 the Federal Communications Commission reached a settlement with Lingo Telecom, LLC over its role in transmitting spoofed robocalls that used an AI-generated voice imitation of a political figure to influence voter turnout.
Under the consent decree, Lingo agreed to pay a $1 million civil penalty and implement a compliance plan to strengthen Know-Your-Customer and caller ID authentication practices, underscoring the Commission’s focus on integrity in call authentication and provider accountability.
Why Providers Choose ConnexCS for STIR/SHAKEN
Native Signing Inside the Softswitch
No external middleware. No third party relay.
Attestation Policy Engine
Granular A, B, C assignment based on routing and customer KYC.
Ongoing Compliance Oversight
Monitoring, logging, and audit support.