STIR/SHAKEN information hub

This information hub draws content about STIR/SHAKEN from across our website and a variety of industry sources.

TransNexus STIR/SHAKEN solutions

Our STIR/SHAKEN solutions include everything you need to deploy STIR/SHAKEN. They work with any network equipment and are available in our ClearIP and NexOSS software platforms.

We offer SHAKEN certificates to use with our software products or any other. Certificates are available with flexible duration and no contract or commitment.

You can easilly combine robocall mitigation techniques with STIR/SHAKEN call authentication to improve customer experience and satisfy compliance requirements.

STIR/SHAKEN information hub

Learn more about STIR/SHAKEN

STIR/SHAKEN whitepapers

STIR/SHAKEN overview — A brief introduction

Understanding STIR/SHAKEN — An introduction to some technical details

Certificate management for STIR/SHAKEN — Creating and managing keys and certificates

STIR/SHAKEN authentication service — Authentication technical details

STIR/SHAKEN verification service — Verification technical details

Out-of-Band SHAKEN — Extends the current SHAKEN framework to include service providers using TDM

Rich Call Data and STIR/SHAKEN — How to include additional caller info in the SHAKEN token to improve call completion

Delegate certificates improve STIR/SHAKEN for providers and enterprises — How a special certificate extends the trusted network

STIR/SHAKEN videos

STIR/SHAKEN deployment made easy

Get ready for STIR/SHAKEN

Out-of-Band SHAKEN—everything you need to know

Prepare for the FCC SHAKEN deadline

Preparing for SHAKEN in Canada


Robocall Mitigation Filing Essentials


Prepare for the FCC June 30th robocall deadline — Tutorial


TRACED act compliance — Everything you need to know


Complying with the TRACED act made simple


CFCA Know SHAKEN videos

TransNexus presented a series of webinars with the CFCA on STIR/SHAKEN topics, including:

  1. Introduction
  2. Public Key Infrastructure
  3. Authentication
  4. Verification
  5. Out-of-Band SHAKEN
  6. Rich Call Data
  7. Call Analytics

ATIS STIR/SHAKEN standards

ATIS-1000074.v003, Standard on Signature-based Handling of Asserted information using toKENs (SHAKEN)

ATIS-1000078, Standard on National Security / Emergency Preparedness Priority Service Session Initiation Protocol Resource-Priority Header (SIP RPH) Signing and Verification using PASSporTs

ATIS-1000080.v005, Standard on Signature-based Handling of Asserted information using toKENs (SHAKEN): Governance Model and Certificate Management

ATIS-1000081, Technical Report on a Framework for Display of Verified Caller

ATIS-1000082.v002, Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server

ATIS-1000084.v003, Technical Report on Operational and Management Considerations for SHAKEN STI Certification Authorities and Policy Administrators

ATIS-1000085.v002, Standard on Signature-based Handling of Asserted information using ToKENs (SHAKEN): SHAKEN Support of “div” PASSporT

ATIS-1000087, Technical Report on Mechanism for Initial Cross-Border Signature-based Handling of Asserted information using toKENs (SHAKEN)

ATIS-1000088, Technical Report on a Framework for SHAKEN Attestation and Origination Identifier

ATIS-1000089.v002, Technical Report on Study of Full Attestation Alternatives for Enterprises and Business Entities with Multi-Homing and Other Arrangements

ATIS-1000091, Technical Report on a Mechanism for International Signature-based handling of Asserted information using toKENs (SHAKEN)

ATIS-1000092, Standard on Signature-based Handling of Asserted information using toKENs (SHAKEN): Delegate Certificates

ATIS-1000093, Standard on Toll-Free Numbers in the SHAKEN Framework

ATIS-1000094, Standard on Signature-based Handling of Asserted information using toKENs (SHAKEN): Calling Name and Rich Call Data Handling Procedures

ATIS-1000095.v002, Standard on Extending STIR/SHAKEN over TDM

ATIS-1000096, Standard on SHAKEN: Out-of-Band PASSporT Transmission Involving TDM Networks

ATIS-1000097.v002, Technical Report on Alternatives for Caller Authentication for Non-IP Traffic

ATIS-1000098, Standard on Session Initiation Protocol (SIP) Resource-Priority Header (RPH) and Priority Header Signing in Support of Emergency Calling

ATIS-1000099, Standard on Robocall Call Blocking Notification

ATIS-1000100, Standard on VoIP Interconnection over the Public Internet

IETF STIR/SHAKEN standards

IETF RFC 3261, SIP: Session Initiation Protocol

IETF RFC 7340, Secure Telephone Identity Problem Statement and Requirements

IETF RFC 7375, Secure Telephone Identity Threat Model

IETF RFC 8224, Authenticated Identity Management in the Session Initiation Protocol (SIP)

IETF RFC 8225, PASSporT: Personal Assertion Token

IETF RFC 8226, Secure Telephone Identity Credentials: Certificates

IETF RFC 8443, Personal Assertion Token (PASSporT) Extension for Resource Priority Authorization

IETF RFC 8588, Personal Assertion Token (PASSporT) Extension for Signature-based Handling of Asserted information using toKENs (SHAKEN)

IETF RFC 8688, A Session Initiation Protocol (SIP) Response Code for Rejected Calls

IETF RFC 8816, Secure Telephone Identity Revisited (STIR) Out-of-Band Architecture and Use Cases

IETF RFC 8946, Personal Assertion Token (PASSporT) Extension for Diverted Calls

IETF RFC 9027, Assertion Values for Resource Priority Header and SIP Priority Header Claims in Support of Emergency Services Networks

IETF RCD draft, PASSporT Extension for Rich Call Data

United States STIR/SHAKEN regulations

WC Docket No. 17-97, Call Authentication Trust Anchor

DocumentAdoptedSummary
Code of Federal Regulations—Caller ID AuthenticationOngoingCurrent federal laws for caller ID authentication, including the latest updates.
TRACED ActDec 30, 2019Law requires FCC to issue orders that require STIR/SHAKEN call authentication and related provisions.
Report and OrderMar 31, 2020Mandates STIR/SHAKEN.
Second Report and OrderSep 29, 2020Provides extensions for SHAKEN implementation, requires robocall mitigation program during extensions, requires certification in new Robocall Mitigation Database.
Third Report and OrderAug 6, 2021Establishes a process for voice service providers to appeal STI Governance Authority SPC Token revocation decisions to the Commission.
Caller ID Authentication Best PracticesDec 22, 2020Voluntary, optional best practices for SHAKEN authentication developed by the CATA Working Group.
Robocall Mitigation Database (RMD)Apr 20, 2021New portal used to submit, view, and download certifications in the RMD.
Fourth Report and OrderDec 10, 2021Accelerates SHAKEN implementation deadlines for small voice service providers that are non-facilities-based or are found to be a source of illegal robocalls.
Fifth Report and Order.May 19, 2022Mandates STIR/SHAKEN for gateway service providers (document includes several orders and proposed rules).
Caller ID Verification Best PracticesMay 24, 2022Voluntary, optional best practices for SHAKEN termination developed by the CATA Working Group.
Sixth Report and Order and Further Notice of Proposed RulemakingMarch 16, 2023Requires first intermediate provider to sign unsigned NANPA calls, robocall mitigation and certification filing by all providers, stronger enforcement. FNPRM will examine third-party caller ID authentication.
Seventh Report and OrderMay 18, 2023Requires one-day traceback support from all voice service providers and expands traffic blocking obligations for originating providers.

United States Robocall mitigation regulations

CG Docket No. 17-59, Advanced Methods to Target and Eliminate Unlawful Robocalls

DocumentAdoptedSummary
Code of Federal Regulations—Restrictions on Telemarketing, Telephone Solicitation, and Facsimile AdvertisingOngoingCurrent federal laws on telemarketing, call blocking and notification, reassigned number reporting, including the latest updates.
Report and OrderNov 16, 2017Allows providers to block calls from phone numbers that are invalid, unallocated, unused, or that appear on Do-Not-Originate (DNO) lists.
Second Report and OrderDec 12, 2018Establishes Reassigned Numbers Database.
Declaratory RulingJun 6, 2019Clarifies that service providers may offer opt-out call-blocking programs based on any reasonable analytics.
Third Report and OrderJul 16, 2020Establishes safe harbors for call blocking.
Fourth Report and OrderDec 29, 2020Requires service providers to police their networks and cooperate with traceback, adds network blocking to safe harbor, requires immediate notification of blocking by Jan 1, 2022.
Order on Reconsideration, Sixth Further Notice of Proposed Rulemaking, and Waiver OrderDec 10, 2021Changes and clarifies rules on immediate notification of call blocking.
Sixth Report and OrderMay 19, 2022Mandates robocall mitigation for gateway service providers (document includes several orders and proposed rules).
Seventh Report and Order, Eighth Further Notice of Proposed RulemakingMay 18, 2023Requires one-day traceback support from all voice service providers and expands traffic blocking obligations for originating providers. FNPRM seeks comment on other anti-robocall tools and strategies.

Canada STIR/SHAKEN regulations

DocumentAdoptedSummary
CRTC 2018-3225 Jan 2018Measures to reduce caller identification spoofing and to determine the origins of nuisance calls
CRTC 2019-4029 Dec 2019CISC Network Working Group – Status of implementation by telecommunications service providers of authentication/verification measures for caller identification
CRTC 2019-4039 Dec 2019Establishment of the Canadian Secure Token Governance Authority
CRTC 2019-402-215 Sep 2020Rogers Communications Canada Inc. – Request for a nine-month postponement of STIR/SHAKEN implementation
CRTC 2021-1236 Apr 2021STIR/SHAKEN implementation for Internet Protocol-based voice calls
CRTC 2021-2675 Aug 2021Instructs the Canadian Secure Token Governance Authority to allow all telecommunications service providers to receive a STIR/SHAKEN certificate

Pending regulatory deadlines

RegulationApplies ToDatesInformation
Refuse to carry traffic from any provider not listed in the RMDIntermediate providers and voice service providersMay 28, 2024Blog post
Robotext blocking rulesMobile wireless providersSeptember 3, 2024Federal Register

Past regulatory deadlines

RegulationApplies ToDatesInformation
Police network, cooperate with traceback, mandatory blocking when notifiedAll providersMay 6, 2021Blog post
Implement STIR/SHAKENVoice service provider calls without claimed exemptionsJune 30, 2021Blog post
Perform robocall mitigation and file planVoice service providers using SHAKEN exemption(s)June 30, 2021Blog post
File a certification in the Robocall Mitigation Database (RMD)All providersJune 30, 2021Blog post
Implement STIR/SHAKENSmall non-facilities-based voice service providersJune 30, 2022Blog post
Perform robocall mitigation and file planGateway providersDecember 19, 2022Blog post
Implement STIR/SHAKENSmall facilities-based voice service providersJune 30, 2023Blog post
Implement STIR/SHAKEN, sign unsigned calls with NANP calling numbersGateway providersJune 30, 2023Federal Register
Implement STIR/SHAKEN, sign unsigned calls with NANP calling numbersFirst non-gateway intermediate provider in the call pathDecember 31, 2023Blog post
Perform robocall mitigationAll providersFebruary 26, 2024Blog post
Update Robocall Mitigation Database (RMD) certification and file a Robocall Mitigation Plan in the RMDAll providersFebruary 26, 2024Blog post

Request information

* required

This information will only be used to respond to your inquiry. TransNexus will not share your data with any third parties. We will retain your information for as long as needed to retain a record of your inquiry. For more information about how we use personal data, please see our privacy statement.