Delegate certificate roles and benefits
Who would use delegate certificates, and what other roles are involved in making this happen? What are the benefits? Let’s have a look.
STIR/SHAKEN attestation
First, let’s review the requirements for full attestation on a signed call as described in ATIS-1000074. A signing provider can provide full attestation when they:
- Originated the call
- Have a direct authenticated relationship with the caller
- Have verified the association between the caller and the calling number.
When the caller is the voice service provider’s customer and is using a calling number issued by the provider, full attestation is easier. They know the customer, they know the telephone number, and they’re originating the call. They have all the information they need to provide full attestation.
However, in complex enterprise calling scenarios, these roles can be distributed among different entities:
- Caller
- Voice service provider
- Call originator
- Telephone number provider
Distributed caller and provider roles
Here are just a few typical examples of distributed provider and caller roles:
- The voice service provider might not have access to numbers. Instead, they issue calling numbers that they obtain from a DID telephone number provider. They provide voice service and call origination but not the calling telephone number.
- An enterprise might use an 8YY toll free calling number that they obtain from a Resp Org, which is often neither the voice service provider nor the call originator.
- An enterprise might arrange for a third-party call center to make outbound calls on their behalf using calling numbers assigned to the enterprise. The caller isn’t the direct customer of the provider. In this scenario, all four roles listed above could be distributed to different entities.
These situations can get complicated. They could well represent lawful calls that provide value to enterprise and called party. However, the full attestation requirements would not be met because of the separate distribution of roles. No single provider has all the information necessary for full attestation.

Connect the dots with delegate certificates
Delegate certificates provide a way for a caller to have their telephone number provider, including Resp Orgs, indicate that there is a verified association between the caller and the calling number. This is often the missing piece in more complex calling scenarios.
Voice service providers and call originators must implement know your customer processes to support the claim that they have a direct authenticated relationship with the customer.
Telephone number providers issue delegate certificates to a verified relationship between the caller and the calling number.
Delegate certificates provide a secure, verifiable way for enterprises to obtain full attestation on their outbound calls while they distribute voice service roles to optimize scalability, efficiency and cost.
Benefits

Will She Answer the Phone? With Full Attestation, That’s Much More Likely.
Subscribers receive so many unwanted robocalls. They’re reluctant to answer their phone. Because of this, many have missed calls they wanted.
Delegate certificates help connect the necessary information to provide full attestation. Terminating service providers can present this to the called party. As more people experience what this means, they will be more willing to answer their calls.
Check out our free whitepaper for more information on delegate certificates.
TransNexus solutions
TransNexus is a leader in developing innovative software to manage and protect telecommunications networks. The company has over 20 years’ experience in providing telecom software solutions including toll fraud prevention, robocall mitigation and prevention, TDoS prevention, analytics, routing, billing support, STIR/SHAKEN and SHAKEN certificate services.
Contact us today to learn more.
Our STIR/SHAKEN products:
- Work with your existing network
- Support SIP and TDM
- Affordable, easy to deploy