Introducing VoipSwitch STIR/SHAKEN compliance
VoipSwitch continues to take aggressive steps to prevent malicious forms of traffic – robocalls. The world over hates robocalls that is why we are taking action to combat them. The FCC has a multi-faceted approach to combat robocalls, as making sure the caller is who they claim they are – now we can say that we fulfill this requirement.
What is STIR/SHAKEN?
STIR (Secure Telephony Identity Revisited) and SHAKEN (Secure Handling of Asserted Information Using Tokens) are new technology standards created by FCC (Federal Communications Commission) to ensure that calling numbers are not spoofed, reducing fraudulent activity
What’s the difference between STIR and SHAKEN?
-
STIR is a working group within the IETF, an internet standards body, which has developed a set of protocols used to create a digital signature for a call. The signed call includes information about the calling party and allows for verification of the signature by the terminating provider.
-
SHAKEN are the standards for how STIR is to be deployed by service providers within their networks.
Why is STIR/SHAKEN so important?
-
Between 3 and 5 billion robocalls are made each month, and research suggests that more than 40% of those calls are thought to be fraud-related.
-
STIR/SHAKEN is an industry-wide initiative to restore trust in our voice communications. Its goal is to prevent fraudsters from scamming consumers and businesses through robocalls and illegal phone number spoofing, while making sure that legitimate calls reach the recipient.
Stir/Shaken is a powerful framework designed to verify the authenticity of phone calls, particularly those made over Internet Protocol (IP) networks. This technology has been developed to combat the increasing problem of robocalls and spoofed calls, which can be incredibly frustrating and dangerous for end-users.
Stir/Shaken stands for Secure Telephone Identity Revisited and Signature-based Handling of Asserted information using toKENs. It is a combination of two industry standards: the Secure Telephone Identity Revisited (STIR) and the Signature-based Handling of Asserted information using toKENs (SHAKEN).
The Stir/Shaken framework uses digital certificates issued to phone service providers by trusted certificate authorities to verify the caller’s identity. When a call is made, the caller’s phone service provider digitally signs the caller’s identity using their certificate. The signature is then sent along with the call to the receiver’s service provider, which checks the signature to ensure that the caller’s identity is legitimate.
Stir/Shaken is based on the use of Session Initiation Protocol (SIP), a signaling protocol used for controlling multimedia communication sessions over IP networks. When a call is made, the caller’s SIP identity header is signed using the certificate of the caller’s service provider. This signature is then verified by the receiver’s service provider by comparing it to the public key contained in the certificate.
As a VoipSwitch user, you can benefit from the powerful Stir/Shaken technology to combat robocalls and other phone scams. The Federal Communications Commission (FCC) in the United States has mandated the use of Stir/Shaken for all IP-based calls in the country. By adopting Stir/Shaken, you can ensure that your calls are verified and legitimate, providing a better experience for your customers and protecting them from scams.