August 27, 2021

STIR/SHAKEN: What the FCC’s New Standard Means For Your Business

STIR/SHAKEN: What the FCC’s New Standard Means For Your Business

Incoming phone calls weren’t always treated with skepticism. However, robocallers and scammers have eroded the public’s trust in a vital communication tool. Consider this: Americans received 35 billion spam calls in the first half of 2021. They lost $275 million as a result.

In the face of a relentless barrage of calls — and knowing all too well the dangers of getting scammed — people have made a choice: I’ll just let it go to voicemail. Now, 8 in 10 Americans say they don’t answer their phone when an unknown number pops up.

This widespread reluctance to pick up the phone presents all sorts of problems for businesses: important calls go unanswered, time and resources are wasted, and prospects never quite convert to customers. Meanwhile, companies (like everyone else) get flooded with unwanted and potentially dangerous robocalls.

Which brings us to STIR/SHAKEN, a set of protocols and procedures outlined by the FCC to combat caller ID spoofing — a technique spammers employ to conceal their identities and rip people off.

How, exactly, does STIR/SHAKEN work? Will it solve the spam call epidemic? And if not, what can you do to mitigate the many risks to your business posed by robocalls? 

We break all of that down, and more.


Short for Secure Telephone Identity Revisited/Signature-based Handling of Asserted information using toKENs, STIR/SHAKEN is a set of interconnected standards designed to make it harder for scammers to spoof calls. These guidelines, set forth by the FCC, went into effect on June 30, 2021.

Voice service providers (VSPs) are required to fully comply with STIR/SHAKEN and/or institute a robocall mitigation program. There are exceptions to the mandate, including VSPs with fewer than 100,000 subscriber lines, carriers that rely on non-IP networks, and providers outside of the United States.

If you’re a voice service provider seeking assistance with STIR/SHAKEN compliance, RoboKiller Enterprise can help. Contact us to learn more.

How does STIR/SHAKEN work?

STIR/SHAKEN is a framework of standards that enables service providers to authenticate caller ID information. It uses digital certificates from a trusted certificate authority to assess whether a call is secure and assign an attestation level.

There are three attestation levels:

  • Full (A-Level): The service provider knows who is calling and can confirm the caller is authorized to use that number.
  • Partial (B-Level): The service provider can authenticate who owns the calling number, but not who is using it to place the call.
  • Gateway (C-Level): The service provider knows who sent the call to their network, but not who originated the call.

From there, it’s up to the service provider to decide what, if anything, to do with the signal. STIR/SHAKEN simply provides the attestation level, but does not dictate what steps to take with the resulting information.

Will STIR/SHAKEN end robocalls for good?

It’s highly improbable.

STIR/SHAKEN is sometimes mistaken as a robocall blocker. That’s not its function. Instead, it allows for calls to be signed off as legitimate by the originating carrier and then validated by the recipient’s carrier. What, if anything, each carrier does with the attestation, is at their discretion.

Another limitation in the FCC’s framework is that it doesn’t delve into caller intent, and therefore can’t be relied upon to make call blocking determinations. A spam caller with nefarious motives may gain full (A-Level) attestation, while a legitimate caller may not. Authentication levels do not necessarily equate with call safety.

Further, not every carrier will be able to implement STIR/SHAKEN. Calls passing through these providers will effectively be a series of unknowns.

All of this to say, the framework has limitations. STIR/SHAKEN is a useful spam identification tool when used in concert with robust analytics services. Moreover, it’s a step in the right direction for the telecommunications industry in that it represents an increasingly unified approach to combating robocalls.

It’s just not likely to solve the spam call problem on its own.

Is STIR/SHAKEN proving effective so far?

Although it’s unlikely to eliminate robocalls, STIR/SHAKEN may prove effective in slowing down spoofers. Preliminary data suggests that the technological framework is making a positive, albeit limited impact thus far.

  • Total robocalls decreased by 3% in July (the first month following the deadline to implement STIR/SHAKEN)
  • Spam calls using caller ID spoofing decreased by 5% in that same timeframe

RoboKiller predicts that spoofed spam calls will decrease as a percentage of total spam calls from approximately 35% in July 2021 to 30% in December 2021. This dip will likely be the result of the continued adoption of, and improvements to, the FCC protocol.

RoboKiller Press Release: Total Robocalls Decrease by 3% in the First Month of STIR/SHAKEN Release

What does STIR/SHAKEN mean for your business?

Even if STIR/SHAKEN continues to put a dent in spoof calls, chances are the problem will remain widespread. To put things in context, even with a 3% month-over-month decrease, Americans received a whopping 5.74 billion spam calls in July 2021.

Your business isn’t immune to robocalls, and people are generally unwilling to pick up the phone if they don’t know who’s on the other end. That means, even with the new FCC regulations in place, your business faces the prospect of:

  • Receiving unwanted spam calls
  • Time spent on the wrong phone calls
  • Devoting resources to fruitless outreach
  • Failing to reach potential customers who don’t answer when you dial

All of the above affects your bottom line.

The good news is, there is a solution to the problem: RoboKiller Enterprise can help you develop a comprehensive robocall mitigation strategy to protect your business against spam calls and their harmful effects.

What is a robocall mitigation program?

As the name suggests, a robocall mitigation program is a plan to reduce the frequency of robocalls. There’s no single approach; rather, these programs can take several forms. The following are among the most effective tools in fighting back against spam.

Audio fingerprinting

Audio fingerprinting goes beyond simple good vs. bad number matching and actually examines the audio within a call. When a call is fingerprinted, it’s quickly compared to other suspicious calls in an ever-growing database. Ultimately, audio fingerprinting seeks to understand the motive behind the call, not simply its origin.


Blocklists involve keeping a list of numbers found to have originated fraudulent calls. Incoming and outgoing calls are compared to the list; if there’s a match, the call is blocked.

Blocklists aren’t a new mechanism, nor are they a foolproof solution. Phone numbers change hands often, so numbers that are blocked today may not warrant being blocked tomorrow. This is why at RoboKiller we use both Blocklists and Audio Fingerprinting.

Call data record (CDR) analysis

The objective in CDR analysis is to parse out patterns that indicate problematic calling. For example, CDR may assist in identifying a number making hundreds of outbound calls in a short timeframe.

Artificial intelligence (AI) and machine learning (ML) are useful tools because CDR analysis typically involves assessing large quantities of call record data.

Call reputation

Call reputation seeks to attribute a standing (positive, negative, or neutral) to a phone number. As is the case with CDR analysis, the more plentiful the data, the more accurate the findings.

Call screening

Call screening lets the recipient know who is calling and why before they pick up the phone. Although this robocall mitigation mechanism can take many forms, they all involve requiring the originating caller to take a specific action.

How to stop robocalls to your business

If you’re not sure how to block robocalls to your business, you’re not alone. Companies across the United States have found themselves at the center of the spam call crisis. Fortunately, RoboKiller Enterprise offers advanced, real-time technology that eliminates 99% of spam calls, so you can get more business done.

RoboKiller Enterprise’s Command API — which is supported by a robust database of over 600 million phone numbers and 500 million customer feedback reports — empowers businesses to strengthen their defense against phone scammers. Our API feeds data into RoboKiller’s AI-powered Command Center, where call information and customer feedback are captured and analyzed in real-time.

The end result: our advanced technologies allow your business to stop robocalls on your voice network without requiring you to spend significant time and resources building new technologies and staffing a team.

  • Block 99% of unwanted spam calls to your business
  • Trust the calls you receive
  • Spend your time making better calls
  • Get more customers to pick up the phone
  • Get more prospects to call you back
  • Improve your image with prospective clients
  • Keep your business safe from scams
  • Protect your bottom line

Ready to learn more about how Robokiller Enterprise can help your business? Head to our website and sign up for your free 15-day trial.

Free 15 day trial
Start your free 15-day trial of Robokiller Enterprise
You’re one step away from a spam-free phones.
Get Started
Learn about Robokiller Enterprise's pricing options
Learn more
Free 15 day trial
Fight back against spam and reclaim your phone.
You’re one step away from a spam-free phone (and a little poetic justice, thanks to Answer Bots).
Sign up for a 15-day free trial
STIR/SHAKEN: What the FCC’s New Standard Means For Your Business
August 27, 2021
STIR/SHAKEN: What the FCC’s New Standard Means For Your Business
Read more
arrow right
STIR/SHAKEN 101: Your Quick & Easy Guide to FCC Compliance
August 20, 2021
STIR/SHAKEN 101: Your Quick & Easy Guide to FCC Compliance
Read more
arrow right
What is a Robocall Mitigation Program?
November 12, 2021
What is a Robocall Mitigation Program?
Read more
arrow right