STIR/SHAKEN statistics for September 2021

We’ve collected SHAKEN statistics from our ClearIP customers for September 2021. The data confirm some trends we’ve seen in recent months and introduce new trends. Let’s have a look.

Signed robocalls by attestation level

We began showing this chart with our July SHAKEN stats, because we found an amazing and unexpected correlation between robocalls and SHAKEN attestation level.

Calls and Robocalls by SHAKEN Verification Status – September 2021

Figure 1. Calls and Robocalls by SHAKEN Verification Status – September 2021

The orange bars show the proportion of all calls by SHAKEN attestation level, plus signed calls that failed verification, plus unsigned calls.

The blue line shows the percentage of calls by these categories that were identified as robocalls using call analytics.

Notice how much higher the blue robocall line is in the middle for calls with Partial B and Gateway C attestation. These calls have a higher percentage of robocalls than unsigned calls!

We’ve observed this consistently over the past three months.

Calls and Robocalls by SHAKEN Verification Status – July–September 2021

Figure 2. Calls and Robocalls by SHAKEN Verification Status – July–September 2021

This chart illustrates these robocall trends. The bars represent robocall percentages across the same categories depicted in figure 1 and compares them over the past three months. The green line shows the percentage of robocalls for all calls over that period.

As you can see, calls with Partial B attestation are more likely to be robocalls than unsigned calls. The percentages dropped slightly in August and September, while the percentages of robocalls signed with Gateway C attestation increased.

Clearly, some robocallers have found a way to get their robocalls signed.

computer displaying charts

Originating service providers signing calls

The number of Originating Service Providers (OSPs) from whom ClearIP users received signed calls increased about 13% in September, from 193 to 218.

SHAKEN OSP Participation by Month

Figure 3. SHAKEN OSP Participation by Month

The number of service providers in the Robocall Mitigation Database that claimed either a complete or partial SHAKEN implementation exploded in September, reaching 2,853. The following chart compares this to the number of SHAKEN-authorized providers on the Policy Administrator list and the number of providers from whom our customers received calls.

SHAKEN OSP Counts Differ

Figure 4. SHAKEN OSP Counts Differ

Some of this disparity is because the STI-PA’s list is summarized by parent company, while RMD certification filings are often broken down by subsidiary provider. However, this doesn’t seem to explain the entire difference. Looking down the list of service providers that certified a complete SHAKEN implementation in the RMD, we can’t figure out how they might be related to any of the SHAKEN-authorized providers.

It appears that many providers have claimed a complete SHAKEN implementation because a downstream provider is signing their calls for them. In some cases, we know that the intermediate provider is signing calls using their own SHAKEN certificate, not a certificate of the OSP.

In these cases, the OSP doesn’t have a certificate. They aren’t authorized to do SHAKEN.

Verification status and errors

The following table and chart show proportion of calls received that were signed, unsigned, and signed with errors.

Verification statusAprilMayJuneJulyAugustSeptember
No PASSporT97.15%93.62%90.58%83.47%75.81%74.89%
Successful2.83%6.20%8.95%15.57%23.17%24.16%
Errors0.02%0.18%0.48%0.96%1.02%0.96%
SHAKEN Verification Status Over Time

Figure 5. SHAKEN Verification Status Over Time

This data is surprising. Through August, signed calls were steadily increasing, while unsigned calls decreasing. This trend leveled off in September.

Have we arrived at an equilibrium point for SHAKEN adoption, given the current regulations and implementation deadline extensions? Or will SHAKEN adoption continue next month?

Here are a few things that might get SHAKEN deployment moving forward again:

  • Adoption of SHAKEN for TDM methods, such as:
    • Putting attestation info in ISUP signaling
    • Using Out-of-Band SHAKEN
  • Shortening the small provider extension for select classes of small providers, a proposed rule under consideration by the FCC.
  • Requiring gateway providers to perform SHAKEN on calls they bring into the U.S., another proposed rule under consideration by the Commission.

Summary

Looking over this data, it seems like there is powder keg situation ready to explode:

  1. Some providers have avoided the SHAKEN/robocall mitigation mandate by having a downstream provider sign calls for them.
  2. A high percentage of calls signed with either partial or gateway attestation are robocalls.

What will be the spark that blows this up? Here are a few possibilities:

  • Traceback by the Registered Traceback Consortium, who might start looking into signed robocalls.
  • Investigations by state attorneys general. The National Association of Attorneys General held a Robocall Virtual Summit on September 8-9, 2021. The AGs seemed eager to go after robocallers and service providers who knew, or should have known, about robocalls crossing their network.

We’ll be watching this closely.

TransNexus solutions

We offer STIR/SHAKEN and robocall mitigation solutions in our ClearIP and NexOSS software platforms. We can make your STIR/SHAKEN deployment a smooth process.

We provide an STI-CPS, the TransNexus CPS, which is available to any SHAKEN-authorized service provider free of charge. It’s part of the national network of STI-CPSs. We can also provide a private STI-CPS, either hosted or on-premises, to service providers.

Contact us today to learn more.

Request information

* required

This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.