STIR/SHAKEN: The ABCs of attestation and analytics
In less than a year, voice service providers will be required by the FCC to implement STIR/SHAKEN. Based on the increasing number of questions we receive from customers, both service providers and enterprises, it’s apparent that many industry members are struggling to understand the complex mix of terminology, standards, and solutions. To help clear up what is a common area of confusion, I want to dig deeper into call attestation and how it can be influenced by analytics.
In a STIR/SHAKEN environment, there are three ways a call can be attested to or signed by a service provider: full, partial, or gateway. Approved service providers, like Bandwidth, must be vetted by the STI Policy Administrator (STI-PA) and issued a digital STIR/SHAKEN certificate by a STI Certificate Authority (STI-CA). Let’s break down the three different types of attestation and how Bandwidth applies them to calls over our network.
|Attestation Level||Industry (ATIS) Standard||Bandwidth Will Apply to:|
|Full or “A”||The service provider knows the customer and their right to use the phone number.||Bandwidth customer using Bandwidth phone number.|
|Partial or “B”||The service provider knows the customer, but not the source of the phone number.||Bandwidth customer:|
• Using another provider’s phone number
• 3rd-party contact center using enterprise’s phone number
• Calling-on-behalf-of (COBO) home device using mobile number
• Legitimate number spoofing (caller ID appears from one phone number but call is originated from another number)
|Gateway or “C”||The service provider has originated the call onto the network but can’t authenticate the call source e.g., international gateway.||Bandwidth does not currently attest any calls as “C”.|
For “B” level attestation, Bandwidth is actively working within the industry groups (ATIS, IPNNI, etc.) to identify and advocate for the standards that will elevate and protect our customers’ valid use cases.
Analytics engines and call blocking
Attestation is not the same as call blocking or spam identification. Those are features within the terminating service provider’s network. As STIR/SHAKEN is deployed by carriers and providers they are leveraging call analytics, either using their own proprietary tools or software available via third-party providers such as First Orion, Hiya, Nomorobo, TNS Call Guardian, and YouMail.
Different analytics solutions have different decision making parameters and may or may not treat STIR/SHAKEN information the same from one to the next. For this reason, calls that are signed with an “A” aren’t necessarily guaranteed to be delivered. At the same time, calls that are signed with a “B” should not automatically be blocked.
Let’s examine this issue using the diagram below. A call that is signed with an “A” is likely to be terminated without any issues. However, there are certain types of legitimate calls that may be marked as suspected spam or blocked by terminating carriers nevertheless. For example, a high number of calls from a single number in a short timeframe (such as a school district sending mass notification to parents), could result in analytics decisioning to block a call.
The good news is that calls signed with a “B” attestation that don’t fall into the problematic use cases will probably be fine. However, calls that are partially signed AND are flagged by the analytics providers are very likely to fail verification and be blocked by the terminating service provider.
As of this writing, we’re not aware of any providers that are blocking calls based upon Attestation levels at this time, and the industry groups such as ATIS are actively working to address the legitimate use cases that may potentially be misidentified by the various call blocking software being deployed by terminating carriers.
Bandwidth’s implementation of STIR/SHAKEN
As an industry leader with tens of millions of phone numbers on our network, Bandwidth is well ahead of schedule with our STIR/SHAKEN implementation. We deployed STIR/SHAKEN protocols within our network in December of 2019, and thanks to our interoperability agreements with major carriers like Verizon Wireless, T-Mobile, and Comcast, Bandwidth is already signing more than 4 billion calls each month.