Canadian SHAKEN mandate approaches
In recent remarks to the Canadian Telecom Summit, Ian Scott, CEO of the CRTC, led off with SHAKEN. “On November 30, STIR/SHAKEN technology will become a mandatory condition of service for telecommunications service providers.” In this article, we review recent developments in the Canadian SHAKEN ecosystem.
Here’s a recap of the key SHAKEN regulations in Canada:
- CRTC 2018-32 set the wheels in motion for SHAKEN in Canada.
- CRTC 2019-403 established the Canadian Secure Token Governance Authority (CST-GA).
- CRTC 2021-123 set the implementation deadline on 30 November 2021.
- CRTC 2021-267 agreed to a request from Mitel Networks that telecommunications service providers (TSPs) should be allowed to get STI certificates, even those without access to numbering resources.
- The CST-GA revised their Policy Guide to allow registered TSPs to obtain STI certificates by establishing with the CST-GA their:
- SHAKEN technical compliance.
With this policy change, newly eligible TSPs include:
- BITS License (Basic International Telecommunications Services) holders
- Non-Dominant carriers
According to the CRTC, “STI certificates would only be denied where it is reasonable to believe that the TSP cannot be trusted.”
Why the policy change?
Why did Mitel want to participate in SHAKEN directly? Under the previous rules, they could have a downstream service provider partner sign their outbound calls for them.
When signing a call, a SHAKEN originating service provider (OSP) provides an attestation level:
- Full (A) — the OSP has a direct authenticated relationship with the customer and the calling number
- Partial (B) — the OSP has a direct authenticated relationship with the customer but not the calling number
- Gateway (C) — the OSP does not have a direct authenticated relationship with either the customer or calling number. The OSP is just identifying itself for traceback purposes.
Subscribers, especially enterprises making outbound calls, want their calls signed with full attestation so people will be more likely to answer their calls.
A downstream provider can’t do that. The best they can do is a partial attestation. In many cases, however, they don’t know the customer, so they must sign such calls with gateway attestation.
Enterprises won’t like that. Their calls won’t be answered. They will have to take their business to a TSP who can sign their calls with full attestation.
TSPs that aren’t signing their own calls won’t like that. They will lose business because they provide a lesser quality of service. Since only untrustworthy TSPs are denied STI certificates, their reputation will suffer too.
This gives newly eligible TSPs plenty of motivation to join the SHAKEN ecosystem and sign calls themselves:
- Keep their customers
- Provide a competitive quality of service
- Demonstrate that they have a trustworthy reputation.
The CRTC summed it up this way: “The Commission considers that the ability to fully authenticate outgoing calls will become a competitive necessity.”
Contact us today to learn more.
This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.
Our STIR/SHAKEN products:
- Most affordable commercial solutions
- Work with your existing network
- Include support with deployment