STIR/SHAKEN

Illegal robocalls are currently the number one source of consumer complaints at the FCC. What was once an annoyance has become a plague to U.S consumers receiving billion of robocalls every month. Both the FCC, through rule-making, and Congress, through legislative initiatives, have been active to address this problem.

In 2019, the FCC issued a Declaratory Ruling clarifying that voice service providers may:

  • As the default, block calls based on call analytics that target unwanted calls, as long as their customers are informed and have the opportunity to opt out of the blocking.
  • Offer customers the option to block calls from any number that does not appear on a customer’s “white list” or contacts list, on an opt-in basis.

In conjunction with the Declaratory Ruling, the FCC issued a Third Further Notice that:

  • Proposes to create a safe harbor for voice service providers that block calls for which Caller ID authentication fails and seek comment on extending the safe harbor to the blocking of calls that are unsigned.
  • Proposes to require voice service providers that block calls to ensure that emergency calls reach consumers.
  • Seeks comment on protections and remedies for callers whose calls are erroneously blocked.

On December 31, 2019, the TRACED Act which was signed into law to specifically address the robocall problem. The law:

  • Gives the Federal Communications Commission (FCC) more authority to go after the scammers responsible for unwanted robocalls. It allows the FCC to go after scammers the first time they break the law and extends the statute of limitations by up to four years in some cases. It also ups the financial penalties against robocallers.

  • Encourages stronger Justice Department criminal prosecution of unlawful robocalls by requiring the FCC to provide the DOJ with evidence of criminal robocall violations.

  • Requires all carriers to eventually implement new technologies to authenticate caller-ID information, preventing call spoofing -- at no additional line-item cost to consumer.

As the industry moves forward to implement STIR/SHAKEN, it is with the goal of ensuring callers can be properly authenticated and verified, in order to return trust to phone calls we all receive. 

Ribbon STIR/SHAKEN

STIR/SHAKEN Standards

To overcome the influx of unwanted calls in the service providers network, the industry has created two new standards: STIR (Secure Telephone Identity Revisited) and SHAKEN (Signature-based Handling of Asserted information using toKENs) standards.  Together, these two standards, create the framework to ensure every SIP-signaled call has a certificate of authenticity attached to it — a digital signature — that allows service providers verify caller ID to mitigate unwanted robocalls and prevents bad actors from using Caller ID spoofing.  With STIR/SHAKEN, service providers can restore their end customer’s trust in validity of caller ID.

Ribbon STIR/SHAKEN Solutions

Service providers can choose between two Ribbon STIR/SHAKEN solutions:

 
  • Service provider owned and deployed within the service provider’s network
  • STIR/SHAKEN as a Service (S/SaaS)
 

Ribbon STIR/SHAKEN Solution Deployed By Service Provider

Ribbon’s STIR/SHAKEN solution, deployed within the service provider network, includes our award winning SBC and PSX , both of which have been validated on their effectiveness of the caller authentication standards (“Secure Telephone Identity (STI) Test Plan” (TLT-2018-00010), and Authentication and Verification Services)developed by the Internet Engineering Task Force (IETF) and ATIS.

Ribbon has partnered with Neustar, a global information services provider, who provides the certificate repository, authentication and verification services, and associated management functions for STIR/SHAKEN.

Watch our STIR/SHAKEN Webinar

In our jointly tested STIR/SHAKEN solution, the Ribbon SBC will generate and pass an identity header/signature to the authentication server via the Ribbon PSX.  Neustar will perform the authentication and verification services and send back verification of the signature to the PSX, which in turn will pass that back to the SBC. The SBC has flexible handling of error conditions, e.g.  “reject the call”, “continue with the call”, “continue with the call and remove Identity header” if signature verification fails.  

Together, Ribbon and Neustar are leading the way with advanced solutions to protect consumers from unwanted calls and give them a greater degree of control over which calls to receive.

 

STIR-SHAKEN-Neustar

Ribbon STIR/SHAKEN as a Service

Select Ribbon’s S/SaaS solution to take advantage of an “all operations expense” model. With this solution, Ribbon takes care of all the Authentication and Verification functions as a managed service.  The service provider’s only obligation is to have a Session Border Controller (SBC) for interworking.  S/SaaS is purchased as a monthly subscription.

STIR/SHAKEN as a Service Solution Brief

 

Ribbon-hosted-STIR-SHAKEN-Service