Skip to main content

Understanding STIR/SHAKEN

The ultimate technology and regulatory guide to combat fraudulent robocalling and illegal phone number spoofing

Talk to an Expert Download the guide

STIR/SHAKEN: What is it and why does it matter?


STIR/SHAKEN is a technology framework designed to reduce fraudulent robocalls and illegal phone number spoofing. STIR stands for Secure Telephony Identity Revisited. SHAKEN stands for Secure Handling of Asserted information using toKENs.

The FCC has adopted rules requiring service providers to deploy a STIR/SHAKEN solution by June 30, 2021.

What’s the difference between STIR and SHAKEN?

STIR is a working group within the IETF, an internet standards body, which has developed a set of protocols used to create a digital signature for a call. The signed call includes information about the calling party and allows for verification of the signature by the terminating provider.

SHAKEN are the standards for how STIR is to be deployed by service providers within their networks.

Why is STIR/SHAKEN so important?

Between 3 and 5 billion robocalls are made each month, and research suggests that more than 40% of those calls are thought to be fraud-related.

STIR/SHAKEN is an industry-wide initiative to restore trust in our voice communications. Its goal is to prevent fraudsters from scamming consumers and businesses through robocalls and illegal phone number spoofing, while making sure that legitimate calls reach the recipient.

What is Bandwidth doing for STIR/SHAKEN?

Bandwidth implemented STIR/SHAKEN in our network in December 2019 and we're currently signing over 4 billion calls each month. We’ve established interoperability with major carriers and other enhancements that will support our customers’ compliance with STIR/SHAKEN.

How can Bandwidth help me meet the deadline for STIR/SHAKEN?

Consolidating your outbound calling and phone numbers with Bandwidth can simplify your compliance with STIR/SHAKEN. As a Bandwidth voice customer using our phone numbers, your calls are automatically signed with full or “A” attestation. This lowers the chance that your calls will be blocked by a terminating carrier.


Discover a customizable solution to meet your complex needs, with unparalleled quality and expansive reach all using Bandwidth's outbound voice solution with full support for STIR/SHAKEN.


Access millions of phone numbers using our industry-leading number management tools and APIs for a truly automated experience. And, since outbound calls using Bandwidth receive A-level (full) attestation, you can spend less time worrying about calls getting blocked, and more time focusing on what makes your business great.

Industry Leadership

Bandwidth continues to take aggressive steps to prevent malicious forms of traffic from entering our network, while ensuring that valid traffic is protected. We are an active petitioner with the FCC as well as a key influencer within industry groups to help advocate for and shape telecommunications policy on behalf of our customers.

Bandwidth’s STIR/SHAKEN implementation


How does STIR/SHAKEN work

Understanding attestation

In a STIR/SHAKEN call, the originating service provider signs (or attests) to their relationship with the caller and their right to use the calling number.

There are 3 levels of attestation that can be applied to a call:

Full or “A” Attestation:
The service provider knows the customer and their right to use the phone number.

Partial or “B” Attestation:
The service provider knows the customer but not the source of the phone number.

Gateway or “C” Attestation:
The service provider has originated the call onto the network but can’t authenticate the call source e.g., international gateway.

Today, calls from Bandwidth customers using our phone numbers are signed with full or “A” attestation, and all other calls are signed with a partial or “B” attestation. We continue to advocate and push for solutions that will elevate attestation for partially-signed but valid traffic.


STIR/SHAKEN: The ABCs of attestation and analytics

A STIR/SHAKEN call flow

STIR/SHAKEN call flowSTIR/SHAKEN call flow

When a call is made, a SIP INVITE is initiated by the calling party. The originating service provider receives it and checks the source of the call and calling number to determine the attestation level.

The originating service provider uses an authentication service to create an encrypted SIP identity header that includes the:

  • Calling number
  • Number being called
  • Current date and timestamp
  • Attestation level
  • A unique origination Identifier for traceback

Then, the SIP Invite, along with the SIP identity header, is sent to the terminating provider, who passes the SIP invite to a verification service.

If the call passes verification, the terminating provider determines whether to complete or block the call based on the attestation level and, potentially, other factors such as their own call analytics.

Want to learn more about STIR/SHAKEN and how Bandwidth is working to reestablish trust in calling?

If you're already a Bandwidth customer, reach out to your Account Manager, otherwise contact one of our experts to get your STIR/SHAKEN questions answered.

talk to an expert