Facebook tracking pixel

Telo Makes STIR/SHAKEN Implementation Simple

STIR/SHAKEN is the industry-developed framework of protocols and operational procedures that assist in the prevention of illegally spoofed calls. STIR/SHAKEN specifications provide a foundation for the real-time authentication of a telephone number. This prevents illegal spoofing and robocalling by flagging any number that cannot be sufficiently verified.

STIR/SHAKEN is an acronym from two sets of technical specifications: the Secure Telephony Identity Revisited (STIR) protocols and the Signature-based Handling of Asserted information using toKENs (SHAKEN) specifications. Together, they enable communications service providers to attest to the legitimacy of a calling party’s number in real-time, similar to token-based authentication used by websites.

Whenever a voice call is originated over an IP network, these high-level steps occur:

  1. An end-user places a call through their service provider (the “originating service provider”).

  2. The originating service provider uses its private key to sign call metadata through an authentication service.

  3. The call is routed to the terminating service provider who uses a verification service to authenticate the call, using the originating provider’s public key.

  4. The terminating service provider can then act accordingly depending on whether the verification succeeded (and is therefore legitimate) or failed (and is therefore spoofed).

STIR/SHAKEN also provides options for carriers originating or terminating over SS7, however, the handling is slightly different.

The certificate technology which is used to sign the call enables the terminating provider to verify that the calling number and the calling party which indicates the caller ID is accurate and has not been spoofed. The verification status can be displayed along with the caller ID to the called party so they can decide whether or not to answer the call. In addition, providers can use this information to make adjustments to the routing of unwanted calls.

The STIR/SHAKEN framework supports multiple levels of call authentication, which is commonly referred to as attestation. Any calls that only have partial attestation will include an indication as such. For example, the attestation level will indicate if the call wasn’t authenticated prior to passing through a gateway or if the service provider could only verify the validity of the originator but not the specific subscriber’s telephone number (such as when a PBX is used to originate a call).

This call authentication framework has an added benefit of improving the reliability of call-blocking services. When nuisance callers were able to easily spoof valid telephone numbers, subscribers were forced to block these spoofed numbers to stop receiving the harassing calls. However, this also blocked legitimate calls from the same number. With the STIR/SHAKEN authentication in place, spoofing becomes much more difficult for scammers, due to the levels of attestation required to successfully complete a call.

Last of all, STIR/SHAKEN will greatly reduce the time required to trace back calls. The tokens used to digitally sign a call can help voice service providers quickly scan their phone networks to identify and investigate nuisance numbers. This will enable service providers to block problem numbers in near real-time, instead of weeks or months.

Telo is supporting these developments by providing services for several of the FCC mandated requirements. In the next blog post, we’ll discuss how you can use Telo as a part of your STIR/SHAKEN implementation!

The Caller ID product is advanced. Everything else is simple.