Understanding STIR/SHAKEN

Navigating STIR/SHAKEN compliance? Learn how to combat fraudulent robocalling and illegal phone number spoofing with our regulatory guide.

STIR/SHAKEN: What is it and why does it matter?

France’s STIR/SHAKEN: The MAN Program

What do you need to know
This newly-created program aims to reduce fraudulent robocalls in France by providing an efficient and dependable framework for authenticating phone calls. Similar to the U.S. STIR/SHAKEN framework, a call is authenticated based on the originating number, and any calls made from that number will be signed with an A, B, or C based on the carrier’s relationship with the calling party. While based on the same fundamentals, STIR/SHAKEN and France’s MAN program have some important operational differences.

Deadline: The deadline for operators to implement the MAN program is July 25th, 2023.

What is Bandwidth doing for STIR/SHAKEN?

Bandwidth implemented STIR/SHAKEN in our network in December 2019 and we’re currently signing over 4 billion calls each month. We’ve established interoperability with major carriers and other enhancements that will support our customers’ compliance with STIR/SHAKEN.

How can Bandwidth help me meet the deadline for STIR/SHAKEN?

Consolidating your outbound calling and phone numbers with Bandwidth can simplify your compliance with STIR/SHAKEN. As a Bandwidth voice customer using our phone numbers, your calls are automatically signed with full or “A” attestation. This lowers the chance that your calls will be blocked by a terminating carrier.

Outbound Voice

Discover a customizable solution to meet your complex needs, with unparalleled quality and expansive reach all using Bandwidth’s outbound voice solution with full support for STIR/SHAKEN.

Phone Numbers

Access millions of phone numbers using our industry-leading number management tools and APIs for a truly automated experience. And, since outbound calls using Bandwidth receive A-level (full) attestation, you can spend less time worrying about calls getting blocked, and more time focusing on what makes your business great.

Industry leadership

Bandwidth continues to take aggressive steps to prevent malicious forms of traffic from entering our network, while ensuring that valid traffic is protected. We are an active petitioner with the FCC as well as a key influencer within industry groups to help advocate for and shape telecommunications policy on behalf of our customers.

Bandwidth’s STIR/SHAKEN implementation

How does STIR/SHAKEN work?

In a STIR/SHAKEN call, the originating service provider signs (or attests) to their relationship with the caller and their right to use the calling number.

There are 3 levels of attestation that can be applied to a call:

Full or “A” Attestation:

The service provider knows the customer and their right to use the phone number.

Partial or “B” Attestation:

The service provider knows the customer but not the source of the phone number.

Gateway or “C” Attestation:

The service provider has originated the call onto the network but can’t authenticate the call source e.g., international gateway.

Today, calls from Bandwidth customers using our phone numbers are signed with full or “A” attestation, and all other calls are signed with a partial or “B” attestation. We continue to advocate and push for solutions that will elevate attestation for partially-signed but valid traffic.

A STIR/SHAKEN call flow

When a call is made, a SIP INVITE is initiated by the calling party. The originating service provider receives it and checks the source of the call and calling number to determine the attestation level.

The originating service provider uses an authentication service to create an encrypted SIP identity header that includes the:

Then, the SIP Invite, along with the SIP identity header, is sent to the terminating provider, who passes the SIP invite to a verification service.

If the call passes verification, the terminating provider determines whether to complete or block the call based on the attestation level and, potentially, other factors such as their own call analytics.

Learn more about STIR/SHAKEN

Terms related to STIR/SHAKEN