Compliance dates announced for updated SHAKEN rules

The compliance dates for updated STIR/SHAKEN call authentication rules have been announced. Deadlines are coming fast. Let’s have a look.

These requirements were adopted in Sixth Report and Order (adopted March 16, 2023) and the Seventh Report and Order (adopted May 18, 2023) on call authentication (WC 17-97). Some of the rules pertain to STIR/SHAKEN call authentication, but several rules invoke new robocall mitigation and certification requirements.

Compliance date: February 26, 2024

Non-gateway intermediate provider SHAKEN

A non-gateway intermediate provider receiving a call directly from an originating provider shall either upgrade its network to SIP or participate in industry efforts to develop a non-IP call authentication solution.

This requirement supports the requirement that non-gateway intermediate providers must authenticate unauthenticated calls it receives directly from an originating provider. The compliance date for that requirement was December 31, 2023.

Robocall mitigation by all providers

Non-gateway intermediate providers must implement an appropriate robocall mitigation program. With this requirement, now all providers must be doing robocall mitigation.

Robocall certification

The robocall certification requirements have been made more specific and detailed. They include the following:

• All calls originated on the filer’s network are subject to a robocall mitigation program (even calls authenticated with STIR/SHAKEN).
• The filer has not had a previous filing removed and has not been prohibited from filing by the Commission.
• If a filer is taking extensions, it must list and explain the extensions.
• Disclosure of whether the provider has been the subject of robocall investigation or action within the past two years.
• Every certification must include a robocall mitigation plan. The plan shall include:
  • Reasonable steps taken to prevent carrying illegal robocalls.
  • Description of know-your-customer and know-your-upstream-provider procedures.
  • Description of call analytics used to monitor traffic and the name of third-party analytics providers.

Compliance date: May 24, 2024

Refuse calls from unregistered providers

Intermediate providers and voice service providers shall accept calls directly from a non-gateway intermediate provider only if that non-gateway intermediate provider’s filing appears in the Robocall Mitigation Database in accordance with the robocall certification requirements listed above.

The non-gateway intermediate provider’s filing must show that the non-gateway intermediate provider affirmatively submitted the filing and that the filing has not been de-listed from an enforcement action.

More information

• Compliance date rules published in the Federal Register on January 25, 2024
• Sixth Caller ID Authentication Report and Order (FCC 23-18) adopted March 16, 2023
• Sixth Caller ID Authentication Report and Order rules published in the Federal Register on June 21, 2023.
• Seventh Caller ID Authentication Report and Order (FCC 23-37 adopted May 18, 2023)
• Seventh Caller ID Authentication Report and Order rules published in the Federal Register on July 10, 2023.
• Code of Federal Regulations Subpart HH—Caller ID Authentication (Note that these rules were not yet updated as of the press date of this article.)

TransNexus solutions

TransNexus is a leader in developing innovative software to manage and protect telecommunications networks. The company has over 25 years’ experience in providing telecom software solutions including branded calling, toll fraud prevention, robocall mitigation and prevention, TDoS prevention, analytics, routing, billing support, STIR/SHAKEN and SHAKEN certificate services.

Contact us today to learn more.