Regulations & Standards

STIR/SHAKEN and What It Means for You

Voice carriers in the U.S. are required to implement STIR/SHAKEN. This framework helps detect and stop spoofed calls before they reach consumers, or display a warning notification on the caller ID.

Digital certificates are used to authenticate phone calls, similar to how Web transactions are validated. With STIR/SHAKEN in place, spoofed calls can be detected and stopped before they reach consumers, or a warning displayed on caller ID.

Graphic depicting how STIR/Shaken works

 

  • When a spoofer places a call, the originating carrier can’t verify that the entity is authorized to use that number, so no authentication token is attached.
  • Without a token, the call fails verification at the terminating carrier.
  • A warning is displayed on caller ID, or the call is blocked.

What You Need to Know Now

The FCC’s recent Second Report and Order, and their Final Rule, further promotes implementation of STIR/SHAKEN by acknowledging that intermediate and smaller carriers are critical to the cause and may require an extension to the June 2021 deadline. However, robocall mitigation programs must be implemented by providers that have received extensions. Here’s a recap:

By June 30, 2021

Communications Service Providers (CSPs) must either upgrade their non-IP networks to IP and implement STIR/SHAKEN or work to develop a non-IP Caller ID authentication solution. The FCC did grant extensions to CSPs in cases where implementing STIR/SHAKEN was an unreasonable hardship. For those CSPs subject to an extension, are required to implement a robocall mitigation program.

FCC Database

The FCC will also require all CSPs to file a certification in a publicly-accessible FCC database demonstrating how they are working to reduce the origination of illegal robocalls. Intermediate providers and terminating CSPs will be prohibited from accepting voice traffic directly from any CSP not in this database.

Recent Regulations

2019

Congress passes TRACED ACT mandating VSPs introduce call authentication or a robocall mitigation program – at no cost to consumers.

2020

FCC provides Safe Harbors for service providers, providing legal protection from liability when blocking suspected robocalls using reasonable analytics.

FCC mandates that service providers implement STIR/SHAKEN call authentication technology in the Internet protocol (IP) portions of their phone networks by June 30, 2021.

FCC Second Report and Order expanding STIR/SHAKEN, providing extensions for small and intermediate carriers.

FCC’s Wireline Competition Bureau calls upon North American Numbering Council (NANC) via its Call Authentication Trust Anchor (CATA) Working Group (WG) to recommend Best Practices for the Implementation of Call Authentication Frameworks.

FCC Fourth Report and Order expands safe harbor based upon reasonable analytics to cover network-based blocking; requires CSPs work with FCC and law enforcement on tracebacks, and more.

Branded Calling: the Next STIR/SHAKEN Frontier

Providing a personalized, branded experience with solutions like Neustar’s Branded Call Display (BCD), that lets you add logos, targeted messaging, and more to the mobile display – backed by an assurance that the call has been authenticated That gives customers, prospects, and partners a reason to answer the phone.

Learn More