To overcome the influx of unwanted calls in the service providers network, the industry has created two new standards: STIR (Secure Telephone Identity Revisited) and SHAKEN (Signature-based Handling of Asserted information using toKENs) standards. Together, these two standards, create the framework to ensure every SIP-signaled call has a certificate of authenticity attached to it — a digital signature — that allows service providers verify caller ID to mitigate unwanted robocalls and prevents bad actors from using Caller ID spoofing. With STIR/SHAKEN, service providers can restore their end customer’s trust in validity of caller ID.
Ribbon Support for STIR/SHAKEN
Service providers can choose between two Ribbon STIR/SHAKEN solutions:
- Service provider owned and deployed within the service provider’s network
- Ribbon hosted STIR/SHAKEN as a Service (S/SaaS)
Ribbon STIR/SHAKEN Solution Deployed By Service Provider
Ribbon SBCs, PSX, and GSX have been validated on their compliance with the caller authentication standards (“Secure Telephone Identity (STI) Test Plan” (TLT-2018-00010), and Authentication and Verification Services) developed by the Internet Engineering Task Force (IETF) and ATIS.
In an originating service provider's network Ribbon’s Call Controllers can attest to the originator’s identity and provide a tag the call accordingly before it sends a SIP invite to the SBC or GSX. The SBC or GSX will generate and pass an authorization request to the PSX. In turn, the PSX routes the authentication request to the STI function, whether that is provided by Ribbon or any certified 3rd party. Following STI authentication and signing, the PSX will receive signature information and pass that back to the SBC or GSX to be forward to the next network hop.
In the terminating service provider's network the SBC or GSX will generate a verification request and send it to the PSX to be forwarded to the STI function. Following STI signature verification, the PSX will receive the verification information and pass it back to the SBC or GSX. If the call terminates with a Ribbon Call Controller, it can do verification status reporting.
Both the SBC and the GSX have flexible handling of error conditions, e.g. “reject the call”, “continue with the call”, “continue with the call and remove Identity header” if signature verification fails.
Ribbon Identity Hub
Ribbon STIR/SHAKEN as a Service
Select Ribbon’s S/SaaS solution to take advantage of an “all operations expense” model. With this solution, Ribbon takes care of all the Authentication and Verification functions as a managed service. The service provider’s only obligation is to have a Session Border Controller (SBC) for interworking. S/SaaS is purchased as a monthly subscription.