Recent STIR/SHAKEN statistics

We’ve looked at call statistics from our ClearIP customers for the last 45 days to see whether they’re getting many calls that were signed using STIR/SHAKEN. Here’s what we found.

Verification statuses

What proportion of terminated calls were signed? Of the signed calls, were there any verification errors?

Verification statusProportion of all calls received by ClearIP customers
No PASSporT97.149131%
Certificate chain error0.013079%
Calling number mismatch0.003335%
Invalid info parameter in Identity header0.003049%
Called number mismatch0.001151%
Certificate repository error0.000280%
Invalid iat in PASSporT0.000052%
Invalid orig in PASSporT0.000033%

Of the calls received by ClearIP customers, fewer than 3% had a PASSporT.

Most of the PASSporTs with a verification status of Certificate chain error were signed with a self-signed certificate.

Most of the PASSporTs with a verification status of Calling number mismatch had a valid number in the orig claim of the PASSporT but had anonymous in the From and/or P-Asserted-Identity header.

Most of the PASSporTs with a verification status of Invalid info parameter in Identity header had an info paramater that contained an HTTP URL instead of an HTTPS URL.

bar chart

Attestation levels

What attestation levels are originating service providers using?

Attestation levelAttestation proportions

Of the successfully verified calls received by ClearIP customers, more than 98% had an attestation level of A.

SHAKEN call proportions by originating service provider

Which originating service providers are sending signed calls? Of all successfully verified calls received by ClearIP customers, which OSPs originated the most signed calls?

Originating Service Provider CodeLERG company nameCertificate repository domainProportion of all successfully verified calls
6529T-MOBILE USA, INC.cert.stir.t-mobile.com89.066747%
551GBRIGHTLINK COMMUNICATIONS, LLCcertificates.transnexus.com0.800476%
1642ALLIANCE COMMUNICATIONS COOPERATIVE, INC. (BALTIC)certificates.clearip.com0.275487%
1640ARMOUR INDEPENDENT TEL CO DBA GOLDEN WEST TELCOMMcertificates.clearip.com0.245363%
583jBROADBAND DYNAMICS, LLCcr.sansay.com0.161429%
502JPIRATEL LLCcertificates.piratel.com0.157290%
073HTELNYX LLCcertificates.transnexus.com0.069677%
1669TRIOTEL COMMUNICATIONS, INC.certificates.clearip.com0.060708%
324EYMAX COMMUNICATIONS CORP. - NVsns.magicjack.com0.037023%
1680VENTURE COMMUNICATIONS COOPERATIVEcertificates.clearip.com0.028055%
548JQUALITY VOICE & DATA INCcertificates.clearip.com0.020006%
5113CONSOLIDATED COMM OF NO. NEW ENGLAND-NHcr.sansay.com0.017017%
672BCLEAR RATE COMMUNICATIONS - ULEC - MIcertificates.clearip.com0.010578%
469AT3 COMMUNICATIONS, INC. - FLcertificates.clearip.com0.005059%
599JTECHNOLOGY INNOVATION LAB LLCcertificates.clearip.com0.002070%
8091SASKATCHEWAN TELEPHONE COMPANYcertificates.clearip.com0.002070%
7459HANCOCK COMMUNICATIONS, INC. - INcertificates.clearip.com0.001840%
363AIDT AMERICA CORPORATIONcr.sansay.com0.001380%
610JMULTITEL LLCcertificates.clearip.com0.000460%
0127WINN TELEPHONE COMPANY DBA WINN TELECOM - MIcertificates.clearip.com0.000460%
0546SANDHILL TELEPHONE COOPERATIVE, INC.certificates.clearip.com0.000230%

Note that the above data reflect both call volume and SHAKEN activity. The data show the proportion of successfully verified calls received by ClearIP customers for each originating service provider as a percentage of all successfully verified calls. If a small number of calls were received from an originating service provider, then percentage of successfully verified calls received by ClearIP customers would be low, even if the originating service provider signed a high percentage of their outbound calls.

The above data include only originating service providers that had at least one successfuly verified call received by a ClearIP customer.

Certificate repositories

What are typical certificate latencies, i.e., time-to-fetch, and why?

Certificate repository domainCache hit percentageAverage latency including cache hits (milliseconds)Average latency excluding cache hits (milliseconds)Cache-Control header time (seconds)

Retrieving a certificate from a certificate repository takes time, or latency, which increases Post-Dial Delay (PDD). If a certificate is cached by the STI-VS, then it does not need to be retrieved.

A certificate repository can be configured to provide a Cache-Control HTTP header, which tells the STI-VS how long to cache the certificate after retrieving it. If a certificate repository does not provide the Cache-Control header, the STI-VS does not cache the certificate or caches the certificate for only a short time.

Note that the ClearIP STI-VS caches certificates for 60 minutes if the Cache-Control header is not set by the certificate repository or if the Cache-Control header contains a value of less than 60 minutes.


  • Fewer than 3% of calls were signed.
  • Fewer than 0.75% of signed calls had verification errors.
  • More than 98% of successfully verified calls had an attestation level of A.
  • Successfully verified calls were received from 26 originating service providers.
  • 60% of certificate repositories did not include the Cache-Control header.

TransNexus solutions

We offer STIR/SHAKEN and robocall mitigation solutions in our ClearIP and NexOSS software platforms. We can make your STIR/SHAKEN deployment a smooth process.

In addition, we help service providers with all aspects of STIR/SHAKEN deployment, including registering with the Policy Administrator and filing their certification with the FCC.

Contact us today to learn more.

Request information

* required

This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.