STIR/SHAKEN Next Steps: 4 Things You Need to Know Moving Forward
Created to help combat illegal caller ID spoofing and stop robocall companies from masking the true numbers and generating unwanted and potentially illegal calls, implementation of robocall mitigation – including the STIR/SHAKEN standards – into a voice service provider’s network is now effectively mandated. STIR, or Secure Telephone Identity Revisited, is an IETF working group while SHAKEN, or Signature-based Handling of Asserted information using toKENs, is the framework used to verify that a caller's ID is appropriate for an originating call.
With the passing of the June 30, 2021 deadline for all voice service providers to file certifications in the Federal Communications Commission (FCC) Robocall Mitigation Database (RMD) and begin the rollout of STIR/SHAKEN, you may be wondering, What comes next? As we all navigate the new requirements of STIR/SHAKEN below are 4 Things You Need to Know:
1. How does STIR/SHAKEN impact me?
Per the FCC’s March 2020 mandate, effective June 30, 2021, voice service providers are required to implement the STIR/SHAKEN framework in the Internet Protocol (IP) portions of their voice networks. Specifically, voice service providers must update portions of their network infrastructure to enable it to authenticate and verify caller ID information consistent with the STIR/SHAKEN protocol. Additionally, Resp Orgs, who are Voice Service Providers, are required to have submitted their certifications, identification information and contact information via the FCC’s RMD. If you are not sure if you need to register or to check the RMD, more information can be found at: https://fccprod.servicenowservices.com/rmd?id=rmd_welcome
2. How do I obtain toKENs and use them to help acquire delegate certificates?
Currently, the Secure Telephone Identity – Governance Authority (STI-GA) and Secure Telephone Identity – Policy Administrator (STI-PA) are in the process of finalizing the policy change request and the method for obtaining toKENs and delegate certificates. Stay tuned for further details – Somos’ Policy and Regulatory Team is closely monitoring activity around toKEN and delegated certificate acquisition and will provide updates as they become available.
3. Is there any immediate action required from Resp Orgs?
Until the process for obtaining toKENs and delegate certificates has been finalized and presented by the STI-GA/PA, there is no immediate required action for Resp Orgs. That stated, however, it is highly recommended that Resp Orgs, especially small to mid-size businesses, maintain awareness and are proactive in obtaining toKENs if their customers originate calls with their 8YY numbers in the Caller ID. As a key component of providing call authentication, Toll-Free Numbers that appear in the Caller ID of originated calls, cannot be authenticated and risk achieving lower call attestation and reduced call answer rates.
4. How is Somos supporting this effort?
In addition to providing status updates, Somos will be offering a complimentary webinar late this summer (details are forthcoming, click here to sign up for alerts). During the webinar, SMEs from Somos’ Industry Relations and Public Policy team will provide an in-depth look at the STIR/SHAKEN governance model, the certification process and more.