Are you ready? If not, providers must block your calls.
Everyone hates robocalls. If you are a voice service provider, a white label provider, or reseller of these services whether via TDM or SIP, then you need to know what the FCC has directed providers to implement. If you support more than 100,000 lines you must implement SHAKEN for SIP connections or Robocall Mitigation for TDM lines. If you support fewer than 100,000 lines, you have the options to select SHAKEN for SIP or Robocall Mitigation for TDM. This is the most common path forward for small providers by Implementing Robocall Mitigation to meet June 30th deadline.
Every service provider who serves end users must certify they have implemented either a Robocall Mitigation Program or SHAKEN in their network. The filing of certifications needs to be submitted after June 30, 2021. Will you be ready?
Service providers must block all calls from any service provider that is not in the FCC database. This must become effective 90 days after the deadline for robocall mitigation program certifications. This affects all the main carriers, VoIP resellers, UCaaS providers, some MSPs, and all OTT providers. There will be penalties for non-compliance. Any provider located outside of the US that wants their calls to be verified when calling clients in USA/Canada, need to work with a North American Partner in order to satisfy these requirements. All the enterprises the providers support will want their calls marked as ‘verified’.
These solutions are new to most providers. In a recent survey, 51% of the providers have not started implementation, only 22% have started, a few (5%) have finished while 22% didn’t know what to do. This means that 73% need to learn more about the technologies, responsibilities, and legal issues for dealing with robocalls. The June 30, 2021 date for compliance is approaching fast.
When do you need a STIR-SHAKEN certificate of authority?
Spam calls have become normalized. Unfortunately, these are more than just a nuisance. These callers often have insidious intentions, which is why the STIR-SHAKEN certificate of authority is a crucial initiative.
However, mandated compliance is still new, as is the concept. If STIR-SHAKEN is still unclear, you are in luck. At Prescott-Martini, we are the leading token provider. We will help you retain your reputation and the trust of your clients.
Here is when you need STIR-SHAKEN certificates:
What is a STIR-SHAKEN certificate of authority?
Defining a STIR-SHAKEN certificate of authority requires understanding what it’s a solution to.
Robocallers, spam callers, and scammers have honed their abilities to contact people with malicious intent. Experts estimate robocallers make 3 to 5 billion robocalls each month. Over 40% of these are fraud-related.
This rise in robocalls and scams has impacted telecommunications companies and damaged public trust. STIR-SHAKEN is an industry-wide initiative to restore public trust in these companies. Requiring STIR-SHAKEN certificates of authority verifies callers are not only trustworthy but also who they purport to be.
Essentially, calls traveling through interconnected phone networks need their ID verified by originating carriers and legitimized by other carriers before reaching customers. This verification allows people to confirm the call is from the number displayed on the caller ID.
When do you need a STIR-SHAKEN certificate of authority?
Since compliance is federally mandated, you always need a STIR-SHAKEN certificate of authority when you generate a call with USA terminating traffic.
These certificates are a requirement for all US telecommunications companies. Specific instances that necessitate these certificates include:
Common carrier voice services
Interconnected voice over Internet Protocol (iVoIP)
Fax transmissions and services
Carriers do not apply these certificates until the terminating stage of the call. Furthermore, if someone’s carrier is Verizon and calls someone whose carrier is AT&T, the carrier for the party receiving the call needs to independently verify the caller's identity.
Every carrier needs STIR-SHAKEN certificates of authority because people with different carriers call each other all the time. Understanding when certificate authority is necessary requires examining attestation levels and their implications.
Anything less than full attestation damages your company and its reputation. Without a STIR-SHAKEN certificate of authority, it is impossible to obtain full attestation.
Full Attestation (A)
Full attestation means the service provider has authenticated the caller and attests they have the authorization to use the calling number. In essence, they have verified the subscriber identity and that they are using the associated number, so the carrier is certain the caller ID has not been spoofed.
Partial Attestation (B)
Partial attestation means the service provider has authenticated the call origination but cannot verify that the call source is authorized to use the number. Essentially, partial attestation means it is possible to confirm the subscriber identity but not the telephone number, and therefore they cannot be certain the caller ID has not been spoofed.
Gateway attestation (C)
Gateway attestation means the service provider has verified from where it received the call but cannot authenticate the source. This means it is only possible to confirm the point of entry to the IP network and that the carrier signing the call has no relationship with the call initiator, and therefore it's impossible to vouch for the caller ID.
Contact us now to solidify your reputation!
If you are a telecommunications provider, a STIR-SHAKEN certificate of authority is not optional. It is federally mandated, and failure to comply will result in more than just penalties. Failure to comply with STIR-SHAKEN protocols will damage your reputation and company. Luckily, at Prescott-Martini, we are the leading token provider, and we ensure the calls you originate always have full attestation. Get in touch now to get started!