FCC issues STIR/SHAKEN mandate
On March 31, 2020, the FCC issued a mandate for telephone companies to implement STIR/SHAKEN call authentication to combat spoofed robocalls. Here are the highlights.
The mandate order
- Requires all originating and terminating voice service providers to implement STIR/SHAKEN in the Internet Protocol portions of their networks by June 30, 2021. Specifically:
- A voice service provider that originates a call that exclusively transits its own network must authenticate and verify the caller ID information consistent with the STIR/SHAKEN framework.
- A voice service provider originating a call that it will exchange with another voice service provider or intermediate provider must authenticate the caller ID information in accordance with the STIR/SHAKEN framework and, to the extent technically feasible, transmit that caller ID information with authentication to the next provider in the call path.
- A voice service provider terminating a call with authenticated caller ID information it receives from another provider must verify that caller ID information in accordance with the STIR/SHAKEN framework.
- These rules apply to originating and terminating voice service providers and exclude intermediate providers.
- These rules apply to only the IP portions of voice service providers’ networks—those portions that are able to initiate, maintain, and terminate SIP calls.
- These rules do not apply to providers that lack control of the network infrastructure necessary to implement STIR/SHAKEN.
- These rules were drafted to be consistent with the TRACED Act.
Further notice of proposed rulemaking
The second part of this document includes Commission request for comment on a wide variety of issues related to call authentication, including:
- Whether to extend the mandate to intermediate providers
- Assessment of the burdens or barriers to implementation
- Discussion of deadline extensions
- Caller ID authentication in non-IP networks
- Call labeling
- Discussion of the costs and benefits
- Discussion of whether rules for access to numbering resources should be modified
Call authentication in non-IP networks
The discussion of caller ID authentication in non-IP networks is a crucial one. The TRACED Act requires Many voice service providers are unable to send or receive calls over IP networks. They may have the necessary network equipment and software, but IP interconnections are unavailable at current meet points. The carriers who provide those interconnections are unwilling to upgrade those meet points to IP. Many voice service providers are being shut out of using STIR/SHAKEN through no fault of their own.
Commissioner Starks mentioned this, along with other unresolved issues, in his comments on the order:
“I am pleased that the Further Notice of Proposed Rulemaking seeks comment on further implementation of the TRACED Act, and now includes additional questions to address concerns raised by commenters, including with regard to the limits of the STIR/SHAKEN framework as an option for use with non-IP-based networks, and barriers to STIR/SHAKEN implementation for enterprise calls, and for small and rural voice service providers. We cannot let up on this effort, because illegal robocallers clearly are not going to let up on their own.”
TransNexus STIR/SHAKEN solutions
Our software products include other STIR/SHAKEN capabilities not found in most other products, such as out-of-band STIR/SHAKEN and Rich Call Data. These products also include other services to manage and protect your telecom network, including robocall prevention, TDoS prevention, telecom fraud prevention, routing, CNAM, and LRN lookups, all in one dip.
TransNexus is a SHAKEN Certificate Authority. We can provide SHAKEN certificates, whether you use our STIR/SHAKEN software or some other software.
Contact us today to learn how quickly and easily you can deploy STIR/SHAKEN and robocall prevention in your network.
This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.