SHAKEN implementations among non-U.S. service providers

There are over 200 STIR/SHAKEN implementation claims from 78 countries other than the U.S. and Canada. Where are these providers located? How are they doing SHAKEN from abroad? Let’s have a look at the numbers and trends.

Not just the U.S. and Canada

Figure 1 shows the top 10 countries with entities that have claimed a SHAKEN implementation in the Robocall Mitigation Database (RMD).

Top 10 countries SHAKEN claims outside of U.S.

Figure 1. Top Ten Countries SHAKEN Claims Outside U.S.

It’s no surprise that Canada tops the list. Canada has mandated SHAKEN and established a SHAKEN governance framework. Some providers have a presence in both the U.S. and Canada.

But what about the other countries? What does it mean when a service provider in the U.K., India or Pakistan says they’ve implemented SHAKEN? How does that work?

global network

SHAKEN governance

It’s difficult to understand how SHAKEN would work for foreign service providers at this time. There are a few sticking points:

  1. Only the U.S. and Canada have a STI Governance Authority and Policy Administrator.
  2. An entity that isn’t a registered provider won’t be authorized for SHAKEN.
  3. Unauthorized providers can’t get SHAKEN certificates.
  4. If these providers are sending calls with SHAKEN information to the U.S. or Canada, then those calls will fail SHAKEN verification by terminating service providers.

Are they really doing SHAKEN?

How it should work

Once the STIR/SHAKEN call authentication framework is rolled out around the world, it will look like this:

  1. Each country will have a governance framework, including a Governance Authority and Policy Administrator.
  2. Service providers will register with their Policy Administrator. Once approved, they will be authorized to obtain SHAKEN certificates.
  3. Policy administrators in different countries will share information with each other to enable international SHAKEN.
    • Policy administrators in each country can decide which countries to trust.
  4. This shared information will enable a call originated and signed in one country to be terminated and verified in another.

It’s a well-designed framework. But we aren’t quite there yet.


How did we get over 200 RMD filings with SHAKEN claims from non-U.S. providers?

Non-U.S. Provider RMD Filings by Month

Figure 2. Non-U.S. Provider RMD Filings by Month

Figure 2 shows that most non-U.S. registrations were filed in June 2021 and September 2021. Foreign providers did not want their calls to the U.S. to be blocked. So, they registered in the RMD. Some of them said they’re doing SHAKEN.

Is this a growing trend?

Non-U.S. Provider SHAKEN Filings by Month

Figure 3. Non-U.S. Provider SHAKEN Filings by Month

Figure 3 shows the number of non-U.S. RMD registrations that were for SHAKEN, either partial or complete, as a percentage of all non-U.S. registrations. It ranges from 25% in June 2021 to 45% in February 2022. There’s an upward trend in SHAKEN filings as a percentage of all non-U.S. filings each month.

It seems strange that over 200 filers from 78 other countries said they’re doing SHAKEN on calls in the U.S. That doesn’t really work in the current environment.

TransNexus solutions

We offer STIR/SHAKEN and robocall mitigation solutions in our ClearIP and NexOSS software platforms. We can make your STIR/SHAKEN deployment a smooth process.

Contact us today to learn more.

Request information

* required

This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.