STIR/SHAKEN statistics for December 2021
There was a sharp uptick in signed robocalls received in December 2021. Read all about it in this article on STIR/SHAKEN statistics from the last month in 2021.
These statistics come from service providers using ClearIP software to verify signed calls and perform robocall prevention on calls their subscribers receive.
We were encouraged by the 12% drop in robocalls reported in December.
Did the evolving SHAKEN ecosystem do this? Not exactly—the story is a bit more complicated, with a few surprising twists and turns.
Signed robocalls by attestation level
For several months, we’ve been reporting on the high percentage of robocalls signed with SHAKEN attestation levels B (partial) and C (gateway). This showed up again in the December numbers, with a vengeance.
In figure 2, the blue line shows the percentage of calls that were robocalls for each SHAKEN attestation level. The green horizontal line shows the overall robocall percentage for all calls.
Notice that the robocall percentage among calls signed with B (partial) or C (gateway) attestation were three times higher than the overall robocall percentage.
Calls signed with B|C attestation were 3x more likely to be robocalls.
We’ve noticed this problem since July 2021. It really took off in December.
Whoa! Notice the huge jump in December for robocalls with partial attestation (orange bar) and robocalls with gateway attestation (grey bar).
We have a green line in figure 3, which illustrates the overall percentage of robocalls across all calls per month. Calls with B (partial) and C (gateway) attestation were much more likely to be robocalls than unsigned calls. This pattern doubled in December!
Robocalls among partial and gateway calls doubled.
Attestation level usage by provider type
Obviously, not all calls with either B or C attestation are bad calls. There are many bona fide situations where signing calls with these attestation levels is the right thing to do.
However, robocallers, and providers that enable their traffic, are getting their robocalls signed with these attestation levels. So, we gotta ask…
Who’s signing these robocalls with B and C attestations?
The box-and-whisker chart in figure 4 shows the percentage range of attestation assignments for providers in each provider type category (e.g., CAP/CLEC, ILEC, etc.). The X in each box shows the average percentage of providers in that category who used a particular attestation level. The height of the box shows the percentage range of attestation usage by each provider type. Some boxes have a line extending from the top or bottom; these are used to show an outlier in that group.
Figure 3 shows that non-interconnected VoIP carriers signed 62% of their calls with B attestation. It’s a narrow range, too, among these providers.
Next comes interconnected VoIP carriers, who signed 38% of their calls with B attestation. However, this is just an average across a very wide range.
We’ve found that some of the biggest users of B attestation are downstream intermediate providers, interconnected VoIP, that sign calls for their upstream service provider customers. In December, one of these signed 84% of its calls with B attestation, while another signed 79% of its calls with B attestation.
These downstream intermediates sign these calls using their own SHAKEN certificate, not the certificate for the upstream provider. Yet, many of the upstream Originating Service Providers claimed a complete SHAKEN implementation in their robocall mitigation certification, though they have no SHAKEN certificate.
These same providers also send lots of robocalls.
That’s the problem. This is how robocallers, and the providers who enable them, have found a way to hide in plain sight within the SHAKEN ecosystem: get a downstream provider to sign robocalls with B or C attestation and claim a complete SHAKEN implementation.
Some downstream intermediate providers are signing calls, including robocalls, for their upstream originating service provider customers.
Originating service providers signing calls
SHAKEN participation continues to grow.
December 2021 saw a 5.5% increase in the number of providers observed signing calls.
Verification status and errors
We continue to see that about 24% of calls received were signed using SHAKEN. Clearly, call authentication has stalled, given the current participation requirements.
We’ll start with the good news: Robocalls were down 12% in December.
But we must face the bad news too: Robocallers, and service providers that carry their calls, have established a comfortable presence squarely within the SHAKEN ecosystem.
To be fair, SHAKEN call authentication wasn’t designed to prevent robocalls. It was intended to make call analytics and robocall prevention more effective—an essential piece in a larger solution framework.
The explosive growth of robocalls among signed calls demonstrates that the solution components are not yet assembled in an effective way.
What will it take to turn this around?
- Robocall Mitigation. USTelecom, Verizon, and others have urged the FCC to require both SHAKEN and robocall mitigation. It should be both, not either/or. Neither is sufficient to prevent robocalls without the other. They work great together.
- Accountability. Providers are signing robocalls, and they should be held accountable based upon their affirmative obligation to prevent their customers from originating illegal calls.
- Close the downstream provider loophole. There are thousands of providers that claim a SHAKEN implementation, but a much smaller number approved to do SHAKEN by the Policy Administrator. The Commission should require SHAKEN approval to claim a SHAKEN implementation.
- Phase out the non-IP SHAKEN extension. SHAKEN for TDM standards have been approved and are commercially available. These are the criteria the FCC established for phasing out the non-IP extension. These requirements have been met. This will bring a much higher percentage of calls into the SHAKEN ecosystem. Widespread call authentication, combined with effective robocall mitigation, will turn this around.
We provide an STI-CPS, the TransNexus CPS, which is available to any SHAKEN-authorized service provider free of charge. It’s part of the national network of STI-CPSs. We can also provide a private STI-CPS, either hosted or on-premises, to service providers.
Contact us today to learn more.
This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.
Our STIR/SHAKEN products:
- Work with your existing network
- Support SIP and TDM
- Affordable, easy to deploy