STIR/SHAKEN information hub
This information hub draws content about STIR/SHAKEN from across our website and a variety of industry sources.
TransNexus STIR/SHAKEN solutions
Our STIR/SHAKEN solutions include everything you need to deploy STIR/SHAKEN. They work with any network equipment and are available in our ClearIP and NexOSS software platforms.
We offer SHAKEN certificates to use with our software products or any other. Certificates are available with flexible duration and no contract or commitment.
You can easilly combine robocall mitigation techniques with STIR/SHAKEN call authentication to improve customer experience and satisfy compliance requirements.
Our STIR/SHAKEN products:
- Work with your existing network
- Support SIP and TDM
- Affordable, easy to deploy
Learn more about STIR/SHAKEN
STIR/SHAKEN whitepapers
STIR/SHAKEN overview — A brief introduction
Understanding STIR/SHAKEN — An introduction to some technical details
Branded Calling ID — Enables originating and terminating service providers to provide branded calling for their customers.
Certificate management for STIR/SHAKEN — Creating and managing keys and certificates
STIR/SHAKEN authentication service — Authentication technical details
STIR/SHAKEN verification service — Verification technical details
Out-of-Band SHAKEN — Extends the current SHAKEN framework to include service providers using TDM
Rich Call Data and STIR/SHAKEN — How to include additional caller info in the SHAKEN token to improve call completion
Delegate certificates improve STIR/SHAKEN for providers and enterprises — How a special certificate extends the trusted network
STIR/SHAKEN videos
STIR/SHAKEN deployment made easy
Get ready for STIR/SHAKEN
Out-of-Band SHAKEN—everything you need to know
Prepare for the FCC SHAKEN deadline
Preparing for SHAKEN in Canada
Robocall Mitigation Filing Essentials
Prepare for the FCC June 30th robocall deadline — Tutorial
TRACED act compliance — Everything you need to know
Complying with the TRACED act made simple
CFCA Know SHAKEN videos
TransNexus presented a series of webinars with the CFCA on STIR/SHAKEN topics, including:
ATIS STIR/SHAKEN standards
ATIS-1000074.v003, Standard on Signature-based Handling of Asserted information using toKENs (SHAKEN)
ATIS-1000080.v005, Standard on Signature-based Handling of Asserted information using toKENs (SHAKEN): Governance Model and Certificate Management
ATIS-1000081, Technical Report on a Framework for Display of Verified Caller
ATIS-1000082.v002, Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server
ATIS-1000084.v003, Technical Report on Operational and Management Considerations for SHAKEN STI Certification Authorities and Policy Administrators
ATIS-1000085.v002, Standard on Signature-based Handling of Asserted information using ToKENs (SHAKEN): SHAKEN Support of “div” PASSporT
ATIS-1000087.v002, Technical Report on Mechanism for Initial Cross-Border Signature-based Handling of Asserted information using toKENs (SHAKEN)
ATIS-1000088, Technical Report on a Framework for SHAKEN Attestation and Origination Identifier
ATIS-1000089.v002, Technical Report on Study of Full Attestation Alternatives for Enterprises and Business Entities with Multi-Homing and Other Arrangements
ATIS-1000091, Technical Report on a Mechanism for International Signature-based handling of Asserted information using toKENs (SHAKEN)
ATIS-1000092, Standard on Signature-based Handling of Asserted information using toKENs (SHAKEN): Delegate Certificates
ATIS-1000093, Standard on Toll-Free Numbers in the SHAKEN Framework
ATIS-1000094.v002, Standard on Signature-based Handling of Asserted information using toKENs (SHAKEN): Calling Name and Rich Call Data Handling Procedures
ATIS-1000095.v002, Standard on Extending STIR/SHAKEN over TDM
ATIS-1000096, Standard on SHAKEN: Out-of-Band PASSporT Transmission Involving TDM Networks
ATIS-1000097.v003, Standard on Alternatives for Caller Authentication for Non-IP Traffic
ATIS-1000099, Standard on Robocall Call Blocking Notification
ATIS-1000100, Standard on VoIP Interconnection over the Public Internet
ATIS-1000101, Technical Report on SMS Unwanted Message Mitigation Landscape
ATIS-1000105, Standard on SHAKEN: Out-of-Band PASSporT Transmission Between Service Providers that Interconnect using TDM
ATIS-1000106, Standard on Viability of Non-IP Call Authentication Standards
IETF STIR/SHAKEN standards
IETF RFC 3261, SIP: Session Initiation Protocol
IETF RFC 7340, Secure Telephone Identity Problem Statement and Requirements
IETF RFC 7375, Secure Telephone Identity Threat Model
IETF RFC 8224, Authenticated Identity Management in the Session Initiation Protocol (SIP)
IETF RFC 8225, PASSporT: Personal Assertion Token
IETF RFC 8226, Secure Telephone Identity Credentials: Certificates
IETF RFC 8443, Personal Assertion Token (PASSporT) Extension for Resource Priority Authorization
IETF RFC 8588, Personal Assertion Token (PASSporT) Extension for Signature-based Handling of Asserted information using toKENs (SHAKEN)
IETF RFC 8688, A Session Initiation Protocol (SIP) Response Code for Rejected Calls
IETF RFC 8816, Secure Telephone Identity Revisited (STIR) Out-of-Band Architecture and Use Cases
IETF RFC 8946, Personal Assertion Token (PASSporT) Extension for Diverted Calls
IETF RFC 9027, Assertion Values for Resource Priority Header and SIP Priority Header Claims in Support of Emergency Services Networks
IETF RCD draft, PASSporT Extension for Rich Call Data
IETF OOB draft, Out-of-Band STIR for Service Providers
United States STIR/SHAKEN regulations
WC Docket No. 17-97, Call Authentication Trust Anchor
| Document | Adopted | Summary |
|---|---|---|
| Code of Federal Regulations—Caller ID Authentication | Ongoing | Current federal laws for caller ID authentication, including the latest updates. |
| TRACED Act | Dec 30, 2019 | Law requires FCC to issue orders that require STIR/SHAKEN call authentication and related provisions. |
| Report and Order | Mar 31, 2020 | Mandates STIR/SHAKEN. |
| Second Report and Order | Sep 29, 2020 | Provides extensions for SHAKEN implementation, requires robocall mitigation program during extensions, requires certification in new Robocall Mitigation Database. |
| Third Report and Order | Aug 6, 2021 | Establishes a process for voice service providers to appeal STI Governance Authority SPC Token revocation decisions to the Commission. |
| Caller ID Authentication Best Practices | Dec 22, 2020 | Voluntary, optional best practices for SHAKEN authentication developed by the CATA Working Group. |
| Robocall Mitigation Database (RMD) | Apr 20, 2021 | New portal used to submit, view, and download certifications in the RMD. |
| Fourth Report and Order | Dec 10, 2021 | Accelerates SHAKEN implementation deadlines for small voice service providers that are non-facilities-based or are found to be a source of illegal robocalls. |
| Fifth Report and Order. | May 19, 2022 | Mandates STIR/SHAKEN for gateway service providers (document includes several orders and proposed rules). |
| Caller ID Verification Best Practices | May 24, 2022 | Voluntary, optional best practices for SHAKEN termination developed by the CATA Working Group. |
| Sixth Report and Order and Further Notice of Proposed Rulemaking | March 16, 2023 | Requires first intermediate provider to sign unsigned NANPA calls, robocall mitigation and certification filing by all providers, stronger enforcement. FNPRM will examine third-party caller ID authentication. |
| Seventh Report and Order | May 18, 2023 | Requires one-day traceback support from all voice service providers and expands traffic blocking obligations for originating providers. |
| Eighth Report and Order | November 21, 2024 | Requires providers using third-party signing to make all attestation level decisions and ensure that their calls are signed with their own certificate, not the certificate of the third party. Any provider claiming a STIR/SHAKEN implementation in the Robocall Mitigation Database must be registered with the STI Policy Administrator, obtain its own token, use that token to obtain its own SHAKEN certificate, and authenticate its calls with that certificate. |
| Notice of Proposed Rulemaking | April 28, 2025 | Proposes that effective non-IP caller ID authentication frameworks are developed and reasonably available, and therefore proposes to mandate that providers that have not upgraded their networks to IP implement one or more of these frameworks by a date certain. Requests comments and reply comments. |
United States Robocall mitigation regulations
CG Docket No. 17-59, Advanced Methods to Target and Eliminate Unlawful Robocalls
| Document | Adopted | Summary |
|---|---|---|
| Code of Federal Regulations—Restrictions on Telemarketing, Telephone Solicitation, and Facsimile Advertising | Ongoing | Current federal laws on telemarketing, call blocking and notification, reassigned number reporting, including the latest updates. |
| Report and Order | Nov 16, 2017 | Allows providers to block calls from phone numbers that are invalid, unallocated, unused, or that appear on Do-Not-Originate (DNO) lists. |
| Second Report and Order | Dec 12, 2018 | Establishes Reassigned Numbers Database. |
| Declaratory Ruling | Jun 6, 2019 | Clarifies that service providers may offer opt-out call-blocking programs based on any reasonable analytics. |
| Third Report and Order | Jul 16, 2020 | Establishes safe harbors for call blocking. |
| Fourth Report and Order | Dec 29, 2020 | Requires service providers to police their networks and cooperate with traceback, adds network blocking to safe harbor, requires immediate notification of blocking by Jan 1, 2022. |
| Order on Reconsideration, Sixth Further Notice of Proposed Rulemaking, and Waiver Order | Dec 10, 2021 | Changes and clarifies rules on immediate notification of call blocking. |
| Sixth Report and Order | May 19, 2022 | Mandates robocall mitigation for gateway service providers (document includes several orders and proposed rules). |
| Seventh Report and Order, Eighth Further Notice of Proposed Rulemaking | May 18, 2023 | Requires one-day traceback support from all voice service providers and expands traffic blocking obligations for originating providers. FNPRM seeks comment on other anti-robocall tools and strategies. |
| Eighth Report and Order | February 27, 2025 | Requires all providers in the call path to block calls using a reasonable DNO (Do-Not-Originate) list. Establishes SIP 603+ as the exclusive code on IP networks to notify callers when their calls are blocked based on reasonable analytics. All providers in the call path must relay blocking notifications that they receive from a downstream provider back to the origination point of the call. If the call path includes non-IP segments, then providers at that interconnection must ensure that SIP 603+ maps to ISUP code 21. |
Canada STIR/SHAKEN regulations
| Document | Adopted | Summary |
|---|---|---|
| CRTC 2018-32 | 25 Jan 2018 | Measures to reduce caller identification spoofing and to determine the origins of nuisance calls |
| CRTC 2019-402 | 9 Dec 2019 | CISC Network Working Group – Status of implementation by telecommunications service providers of authentication/verification measures for caller identification |
| CRTC 2019-403 | 9 Dec 2019 | Establishment of the Canadian Secure Token Governance Authority |
| CRTC 2019-402-2 | 15 Sep 2020 | Rogers Communications Canada Inc. – Request for a nine-month postponement of STIR/SHAKEN implementation |
| CRTC 2021-123 | 6 Apr 2021 | STIR/SHAKEN implementation for Internet Protocol-based voice calls |
| CRTC 2021-267 | 5 Aug 2021 | Instructs the Canadian Secure Token Governance Authority to allow all telecommunications service providers to receive a STIR/SHAKEN certificate |
Pending regulatory deadlines
| Regulation | Applies To | Dates | Information |
|---|---|---|---|
| Use SIP 603+ for immediate blocking notification | All providers | March 25, 2026 | Blog post |
Past regulatory deadlines
| Regulation | Applies To | Dates | Information |
|---|---|---|---|
| Robotext blocking rules | Mobile wireless providers | September 3, 2024 | Federal Register |
| Refuse to carry traffic from any provider not listed in the RMD | Intermediate providers and voice service providers | May 24, 2024 | Blog post |
| Perform robocall mitigation | All providers | February 26, 2024 | Blog post |
| Update Robocall Mitigation Database (RMD) certification and file a Robocall Mitigation Plan in the RMD | All providers | February 26, 2024 | Blog post |
| Implement STIR/SHAKEN, sign unsigned calls with NANP calling numbers | First non-gateway intermediate provider in the call path | December 31, 2023 | Blog post |
| Implement STIR/SHAKEN | Small facilities-based voice service providers | June 30, 2023 | Blog post |
| Implement STIR/SHAKEN, sign unsigned calls with NANP calling numbers | Gateway providers | June 30, 2023 | Federal Register |
| Perform robocall mitigation and file plan | Gateway providers | December 19, 2022 | Blog post |
| Implement STIR/SHAKEN | Small non-facilities-based voice service providers | June 30, 2022 | Blog post |
| Implement STIR/SHAKEN | Voice service provider calls without claimed exemptions | June 30, 2021 | Blog post |
| Perform robocall mitigation and file plan | Voice service providers using SHAKEN exemption(s) | June 30, 2021 | Blog post |
| File a certification in the Robocall Mitigation Database (RMD) | All providers | June 30, 2021 | Blog post |
| Police network, cooperate with traceback, mandatory blocking when notified | All providers | May 6, 2021 | Blog post |
STIR/SHAKEN blog posts and news
July 7, 2025
STIR/SHAKEN statistics from June 2025
June 16, 2025
Comment dates set for FCC non-IP SHAKEN rules
June 4, 2025
STIR/SHAKEN statistics from May 2025
May 2, 2025
STIR/SHAKEN statistics from April 2025
May 2, 2025
FCC adopts Notice of Proposed Rulemaking on non-IP SHAKEN
April 7, 2025
FCC to vote on a non-IP call authentication mandate
April 2, 2025
STIR/SHAKEN statistics from March 2025
March 4, 2025
STIR/SHAKEN statistics from February 2025
February 25, 2025
New Out-of-Band SHAKEN standard published
February 10, 2025
STIR/SHAKEN statistics from January 2025
November 22, 2024
FCC adopts new rules for third-party SHAKEN
November 22, 2024
Webinar recording — Branded Calling for Service Providers
November 4, 2024
FCC proposes new STIR/SHAKEN rules on third-party signing
August 28, 2024
Lingo FCC compliance plan and lessons for other providers
May 29, 2024
Originating provider fined for improper attestation
April 17, 2024