Introducing STIR/SHAKEN Compliance with Microtalk

STIR/SHAKEN is used to help defeat scammers and illegal robocalls. If you’re thinking it sounds like something out of James Bond’s cocktail order, you’d be right as the acronyms (‘Secure Telephony Identity Revisited’ and ‘Signature-based Handling of Asserted Information Using Tokens’) were created as a nod to the character’s villain fighting skills. It may not seem like a dramatic threat, but just under 2000 robocalls are made per second. According to the FCC, these calls are the number one source of consumer complaints. So, it’s good news that we’ll soon be able to avoid scam call trickery and, thanks to Microtalk, your business can be one of the first in the UK to benefit.

What is caller ID spoofing?

STIR/SHAKEN refers to a new range of protocols and procedures that are designed to stop caller ID spoofing. Most people complain about getting too many phone calls from spammers and telemarketers at work or home. These days, they’re getting harder to spot. You may see a familiar number — either a local area code or a recognisable local business number or even the name of your bank — and assume the call is legitimate. However, caller ID spoofing is the act of maliciously faking the caller ID on a phone call and using this to increase the chances of the call being answered. Once the receiver picks up, they’re open to any number of scams as they assume, judging by the number, the caller is either local or a trustworthy business and familiar.

In the past, there was little to be done to stop this, but STIR/SHAKEN ensures there are steps we can take to battle nuisance callers.

How can STIR/SHAKEN stop caller ID spoofing?

In short, STIR provides the ability to authenticate the caller ID and SHAKEN is the set of guidelines that set out how to deal with calls that have suspicious or missing STIR information.

To give a little more detail, STIR works by adding a digital certificate to the Session Initiation Protocol (SIP) information used to initiate and route calls via your VoIP system, for example, a call made using a Cloud PBX. The VoIP service provider automatically examines the caller ID and compares it to the existing list of IDs that have already been provided to that customer. Then, the VoIP service provider can add the digital certificate to the SIP information; it includes the service provider’s identity and a trust value. The VoIP software on the receiving end can check the authenticity and can decide whether to reroute any suspicious calls.

What are the different trust tokens?

The digital certificate differentiates between trusted, unsure, and untrustworthy calls with a simple ABC.

Full (A) — This means the carrier knows the caller ID has not been spoofed. For example, the carrier is responsible for the origination of the call, it’s on the list of known caller IDs as the caller has an authenticated relationship with the customer and the number used to make the call has already been verified with that ID.

Partial (B) — This means that, although the carrier originated the call and has a relationship with the customer making the call, the carrier cannot be certain the caller ID has not been spoofed as the number used for the call may not be recognised.

Gateway (C) — Lastly, this means the carrier isn’t familiar with caller ID. It may have entered their network, but its origins are unknown.

What happens as a result of the different verifications?

All calls aid Real-Time Analytics, so the system will be better placed to tell the difference between spam and real calls by the more calls received. Practice makes perfect!

In the meantime, receivers can also be notified on the interface where they receive the call, showing if the caller ID has been verified. You can also have the B and C calls intercepted and diverted to voicemails.

How can my business use STIR/SHAKEN?

If your business or contact center uses STIR/SHAKEN, all your calls are signed based on their trust so you’ll instantly improve performance, productivity and it’ll result in happier workers as they will no longer be caught out by spam and robocalls multiple times per day.

With the number of spam and robocalls on the rise, you’ll be pleased to hear Microtalk is one of the only providers in the UK that offer this extra line of security. Microtalk is a US FCC licensed company, meaning we recognised the importance of this new technology early on and we’re now fully compliant. To our current knowledge, we’re the only carrier in the UK that is STIR/SHAKEN compliant.

Microtalk connects over 40 million calls a month and, being management-owned, we’re dedicated to ensuring our customers get the support they need and so are constantly on the lookout for new technologies that can help your business succeed. Visit our website to request your trial and learn more.

Back to Blog