Aovatalk Logo
Authentication Infrastructure

DEPLOY STIR/SHAKEN
IDENTITY TRUST

Secure your outbound voice traffic with carrier-grade call signing, identity attestation, and regulatory-aligned compliance workflows.

TALK TO SALES
STIR/SHAKEN Technology

Identity Verification for the
Modern Voice Ecosystem

Our STIR/SHAKEN platform provides the cryptographic foundation needed to authenticate your outbound calls. By digitally signing SIP headers, we ensure your legitimate business traffic is recognized as verified, helping you bypass spam filters and increase connection rates.

Trust-Based Routing
Global Interconnects
NOC Monitored
Scale-Ready

Enterprise Compliance Features

Automated Call Signing

Apply cryptographic signatures to SIP INVITE headers automatically without infrastructure changes.

Identity Attestation

Manage A, B, and C level attestations based on rigorous caller verification workflows.

Header Verification

Validate incoming signatures and pass authenticated display states to the terminating network.

Token Lifecycle

Automate token fetching, storage, and certificate rotation with governance authorities.

Fraud Protection

Inherent protection against caller ID spoofing and unauthorized network usage.

Regulatory Alignment

Assistance with FCC Robocall Mitigation Database filing and ongoing compliance auditing.

Protocol Definition

WHAT IS STIR/SHAKEN?

STIR/SHAKEN is a telecommunications framework designed to combat caller ID spoofing and robocall fraud. It provides a standardized method for carriers to authenticate the identity of the person or business making the call.

The protocol allows originating carriers to digitally sign outbound calls, proving the authenticity of the caller ID. Terminating carriers can then verify this signature before delivering the call to the end user.

STIR
Secure Telephone Identity Revisited
SHAKEN
Signature-based Handling of Asserted Information Using toKENs

Core Mechanism

  • Digital Signing
    Calls are cryptographically signed at the point of origin.
  • Public Key Crypto
    Uses certificate authority infrastructure for verification.
  • SIP Header Integration
    Identity tokens are passed within standard SIP protocol.
  • Attestation Levels
    Standardized trust levels (A, B, C) for every call.
Trust Hierarchies

ATTESTATION LEVELS EXPLAINED

STIR/SHAKEN uses three levels of identity verification depending on how confidently the originating provider can verify the caller.

A
LEVEL A
Full Attestation

The provider knows the caller and confirms they are authorized to use the caller ID.

  • Highest trust level
  • Highest pick-up rates
  • Verified branding eligibility
B
LEVEL B
Partial Attestation

The provider knows the customer but cannot confirm ownership of the caller ID.

  • Moderate trust level
  • Used by many SaaS/PBX
  • Reduces block risk
C
LEVEL C
Gateway Attestation

The call originates from an external network and the provider cannot verify the caller.

  • Lowest trust level
  • Applied to gateway traffic
  • Likely 'Spam' labels

HOW THE CALL FLOW WORKS

CALLER
Initiates Call
STI-AS
Signs INVITE Header
SIP NETWORK
Authenticated Transport
STI-VS
Verifies Signature
END USER
Displays 'Verified'
Standardized end-to-end cryptographic verification architecture

THE COST OF UNSIGNED TRAFFIC

94% of people don't answer calls from unknown numbers
Non-authenticated calls are 25x more likely to be blocked
Carrier 'Spam' labels damage business brand reputation
Regulatory fines of $10,000+ per violation for non-compliance

WHY STIR/SHAKEN IS IMPORTANT

Caller ID spoofing has become one of the biggest problems in telecommunications. Without authentication, fraudulent callers can impersonate legitimate businesses. STIR/SHAKEN restores sanity and trust to the network.

Identity Verification

Digital proof of ownership for every outbound call.

Labeling Control

Drastically reduce 'Spam' and 'Scam' labeling.

Connection Rates

Higher pick-up rates with 'Caller Verified' status.

Brand Safety

Prevent callers from impersonating your organization.

WHO SHOULD IMPLEMENT STIR/SHAKEN?

Telecom Operators

Meet strict regulatory requirements and authenticate inbound/outbound carrier traffic.

VoIP Providers

Ensure calls originating from your cloud customers are trusted by all terminating networks.

Call Centers

Protect outbound campaigns from being labeled as spam and ensure legitimate reach.

Large Enterprises

Protect global brand reputation and ensure critical customer communications are delivered.

UCaaS Platforms

Provide secure, authenticated PSTN connectivity for mission-critical business communications.

Healthcare Providers

Ensure appointment reminders and patient outreach are never blocked as suspicious traffic.

SEAMLESS SIP INTEGRATION

Our STIR/SHAKEN platform integrates directly into your standard SIP infrastructure. We handle the heavy lifting of header signing and validation at the network edge so you don't have to overhaul your current environment.

SIP PASSporT Header Generation
Identity Token Injection and Extraction
High-Availability Signing Gateways
Compatible with all Major SBCs and Softswitches
Real-time Verification Status in CDRs
Edge Gateway ConfigurationRunning
# Configure STI-AS signing for trunk_id: 8291
stir_shaken_mode: SIGNING_ACTIVE
attestation_policy: VERIFIED_OWNERSHIP
sti_ca_path: /etc/certs/stir/root-ca.pem
sti_token_refresh: 3600s
// Signed SIP INVITE successfully passed to peering carrier node...
Trust Infrastructure

CERTIFICATE AUTHORITY FRAMEWORK

STI-PA

Policy Administrator

Governs the overall trust framework and verifies eligible providers.

STI-CA

Certificate Authority

Issues secure digital certificates tied to a provider's identity.

STI-AS

Authentication Server

The core engine that cryptographically signs outbound calls.

STI-VS

Verification Server

Validates incoming signatures against the trust framework.

IMPLEMENTATION PROCESS

Strategic deployment of authenticated voice traffic

01

Network Assessment

Evaluate SIP infrastructure and identity policies for compatibility.

02

Certificate Provisioning

Obtain trusted signing certificates through the formal STI framework.

03

Signing Activation

Enable automated call signing for all qualified outbound traffic.

04

Verification Monitoring

Track attestation results and optimize for highest connect rates.

COMMON USE CASES

Customer Notifications

Ensure automated alerts and reminders reach users without labels.

Financial Services

Protect banking communications and prevents fraud impersonation.

Healthcare Outreach

Deliver patient reminders with trusted 'Provider Verified' status.

Global Sales Ops

Protect outbound sales teams from being blocked by carrier filters.

Information Center

STIR/SHAKEN FAQ

What is STIR/SHAKEN used for?

STIR/SHAKEN is used to authenticate caller identity and prevent caller ID spoofing at a protocol level.

Is STIR/SHAKEN implementation mandatory?

In many regions, including the United States (FCC regulations), telecom providers are legally required to implement STIR/SHAKEN architectures.

Does STIR/SHAKEN prevent all robocalls?

No. It verifies the identity of the caller, allowing networks to block fraudulent spoofing. It works best alongside advanced robocall mitigation systems.

Can STIR/SHAKEN integrate with legacy trunks?

STIR/SHAKEN is inherently SIP-based. While it works primarily with modern SIP networks, gateway solutions exist to integrate older infrastructure.

What is an STI-PA?

The Secure Telephone Identity Policy Administrator (STI-PA) is the entity that governs the trust framework and handles certificate management.

Start Authentication

Ready to PROTECT YOUR
VOICE REPUTATION?

Join the network of trusted communications. Implement STIR/SHAKEN identity verification today.

ACTIVATE COMPLIANCEVIEW SOLUTIONS