Effective date set for FCC third-party SHAKEN rules

August 19, 2025

The FCC’s rules on third-party SHAKEN have been published in the Federal Register. The effective date has been set. Let’s have a look.

Background

These rules address a situation that emerged in the way that STIR/SHAKEN was adopted in the U.S. A considerable number of voice service providers claimed a STIR/SHAKEN implementation in their Robocall Mitigation Database (RMD) certification, but did not seem to be registered with the STI Policy Administrator.

Many of these providers had their calls authenticated by a downstream provider, i.e., a “third-party signer,” and they believed that this satisfied their STIR/SHAKEN implementation obligation.

The FCC issued new rules to clarify compliance requirements in its Eighth Report and Order, which they adopted on November 21, 2024. These rules have now been published in the Federal Register, which sets the effective date.

Third-party rules

The rules require the following:

A provider with a STIR/SHAKEN implementation obligation must make all attestation-level decisions consistent with the STIR/SHAKEN standards.
All calls must be signed using the certificate of the provider with the implementation obligation.

A provider with a STIR/SHAKEN implementation obligation must do the following:

Obtain an SPC Token and digital certificate;
Certify to complete or partial implementation in the Robocall Mitigation Database only if they have obtained an SPC token and digital certificate and sign calls with their certificate;
Memorialize and maintain records of any third-party authentication agreement(s) they have entered into.

Providers that do not obtain and use an SPC Token and certificate must update their Robocall Mitigation Database certifications to state that they have not fully or partially implemented STIR/SHAKEN to avoid being referred to the Enforcement Bureau for violation of the Commission’s rules.

These rules are effective September 18, 2025.

More information

Rules announcement in the Federal Register
Eighth Report and Order on Call Authentication, WC Docket No. 17-97

Chalkboard with know the rules written on it

TransNexus solutions

TransNexus is a leader in developing innovative software to manage and protect telecommunications networks worldwide. The company has over 25 years of experience in providing telecom software solutions including toll fraud prevention, robocall mitigation and prevention, CDR and call analytics, advanced call routing, billing support, STIR/SHAKEN, and branded calling.

This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.