STIR/SHAKEN is a caller authentication framework designed to combat caller ID spoofing and reduce fraudulent robocalls. It enables telephone service providers to verify that a call originates from the phone number displayed on the recipient’s device.
The framework works by attaching a digital certificate to outbound calls. This certificate confirms whether the originating provider can attest that the caller is authorized to use the displayed number. When the call reaches the terminating carrier, the certificate is validated to determine the call’s trust level.
STIR stands for Secure Telephone Identity Revisited, while SHAKEN stands for Signature-based Handling of Asserted Information Using toKENs. Together, they create a standardized system that helps carriers assess call authenticity across IP-based networks.
STIR/SHAKEN does not prevent unwanted calls on its own. Instead, it provides authentication signals that carriers use to determine whether a call should be delivered normally, labeled as spam risk, or blocked.
In modern VoIP and cloud telephony environments, STIR/SHAKEN has become a foundational requirement for maintaining call deliverability, protecting brand reputation, and reducing the impact of spoofed or fraudulent calls.
How STIR/SHAKEN Works Technically
STIR/SHAKEN operates through a digital certificate framework embedded in IP-based call signaling.
When a call is placed, the originating service provider evaluates whether the caller is authorized to use the phone number being displayed. If verified, the provider attaches a digital signature to the call using Secure Telephone Identity (STIR) standards.
This signature contains:
-
The calling number
-
A timestamp
-
An attestation level
-
A cryptographic certificate
As the call travels through the network, the terminating carrier validates the certificate using SHAKEN protocols. If the signature is valid, the carrier confirms that the number has not been spoofed.
The verification result is then used by the terminating carrier to determine how the call should be handled, including:
-
Normal delivery
-
Displaying a verification indicator
-
Applying spam risk labeling
-
Blocking the call entirely
STIR/SHAKEN functions only across IP-based networks. It does not fully apply to legacy TDM infrastructure, which is why industry migration to IP telephony has been critical for implementation.
STIR/SHAKEN Attestation Levels Explained
Not all calls receive the same level of authentication. STIR/SHAKEN uses three attestation levels to indicate the degree of trust the originating provider can assign to a call.
Full Attestation (A-Level)
The provider confirms that:
-
It has a direct relationship with the caller
-
The caller is authorized to use the phone number
This is the highest trust level and provides the strongest signal to terminating carriers.
Partial Attestation (B-Level)
The provider confirms it knows the customer placing the call but cannot fully verify the caller’s right to use the displayed number.
Gateway Attestation (C-Level)
The provider is simply acting as a gateway for the call and cannot verify the caller’s identity or number ownership.
Higher attestation levels generally reduce the likelihood of spam labeling, though they do not guarantee deliverability.
STIR/SHAKEN vs CNAM
CNAM and STIR/SHAKEN address different aspects of call identity.
STIR/SHAKEN verifies that the phone number has not been spoofed. CNAM displays the business name associated with that number.
| Feature | STIR/SHAKEN | CNAM |
|---|---|---|
| Prevents spoofing | Yes | No |
| Displays caller name | No | Yes |
| Uses digital certificates | Yes | No |
| Uses database lookup | No | Yes |
| Impacts spam labeling | Yes | Indirectly |
For optimal call trust, organizations should align both systems. Authentication establishes legitimacy, while CNAM reinforces brand recognition.
Why STIR/SHAKEN Matters for Revenue Teams
Outbound sales organizations are directly affected by carrier trust frameworks. Without proper authentication, even legitimate calls may be labeled as spam risk or blocked.
STIR/SHAKEN helps revenue teams:
-
Protect caller ID integrity
-
Reduce spoofing exposure
-
Improve call deliverability
-
Strengthen brand trust
-
Maintain compliance with federal regulations
In the United States, the FCC requires voice service providers to implement STIR/SHAKEN to combat illegal robocalling. As a result, authentication is no longer optional for modern telephony providers.
For revenue teams operating at scale, authentication should be viewed as foundational infrastructure rather than a technical afterthought.
Limitations of STIR/SHAKEN
Although powerful, STIR/SHAKEN does not eliminate spam or unwanted calls.
It does not:
-
Block calls automatically
-
Prevent high-volume dialing from being flagged
-
Guarantee improved answer rates
-
Display brand names
Carriers still rely on analytics models that incorporate complaint data, call frequency patterns, and reputation signals.
STIR/SHAKEN verifies identity. It does not validate intent.
Protect Your Caller Identity with RingDNA
STIR/SHAKEN authentication is essential for call deliverability. The RingDNA Communications Hub by Revenue.io helps revenue teams maintain caller authentication, manage number reputation, and protect outbound performance at scale.
