STIR/SHAKEN is the caller ID authentication framework US carriers use to digitally sign calls and prove the caller has the right to use the number displayed. Every call gets an attestation level — A, B, or C — and that level directly influences whether the call rings through clean, gets labeled "Spam Likely," or gets blocked.
What STIR/SHAKEN Actually Does
STIR (Secure Telephone Identity Revisited) is the IETF cryptographic standard; SHAKEN (Signature-based Handling of Asserted information using toKENs) is the framework for deploying it across carrier networks. Together they answer one question for every call: does the originating carrier vouch that this caller is allowed to use this number?
The sequence:
- The originating carrier examines the call and the caller's relationship to the number.
- It creates a signed Identity token (a PASSporT) containing the calling number, called number, timestamp, and an attestation level.
- The token travels with the call through the SIP network.
- The terminating carrier verifies the signature against the signing carrier's certificate and feeds the result into its call analytics — which decide labeling, blocking, or clean delivery.
STIR/SHAKEN does not block calls itself. It supplies an authenticated signal that carrier analytics engines and apps use to make labeling and blocking decisions.
Attestation Levels: A, B, and C
| Level | Name | What the Carrier Asserts | Typical Scenario |
|---|---|---|---|
| A | Full attestation | "I know this customer AND they are authorized to use this number" | Calls from numbers the carrier itself assigned to the customer |
| B | Partial attestation | "I know this customer, but I can't verify their right to this number" | Enterprise PBX presenting numbers acquired elsewhere; many BYON VoIP setups |
| C | Gateway attestation | "This call entered my network from somewhere I can't verify" | International gateway traffic, calls from non-IP networks |
Attestation is about the originating carrier's knowledge, not the caller's honesty. A perfectly legitimate business can receive B or C attestation simply because of how its calls enter the network — and analytics engines treat lower attestation as one more risk signal.
Why Legitimate Calls Get Marked Spam
STIR/SHAKEN attestation is one input among many. Calls commonly get labeled "Spam Likely" because of:
- B or C attestation — calls routed through resellers, mixed VoIP trunks, or carriers that haven't verified number ownership.
- High call velocity — short-duration, high-volume outbound patterns that look like robocalling regardless of signing.
- Crowd-sourced complaints — recipient spam reports attached to the number across analytics databases.
- Stale or missing CNAM — anonymous calls earn less trust than branded ones.
A full-attestation call from a number with a complaint history can still get flagged; a B-attested call from a clean number with normal patterns usually rings through. Monitoring how your numbers score is the only way to know.
STIR/SHAKEN and Robocall Mitigation
The TRACED Act (2019) made STIR/SHAKEN mandatory for US voice providers on their IP networks, and the FCC requires every provider to file in the Robocall Mitigation Database. Authentication makes caller ID spoofing traceable — a spoofed call either lacks a valid signature or carries a signature pointing back to the carrier that originated it, which enables traceback enforcement. See robocall mitigation for the compliance side.
What STIR/SHAKEN Does Not Fix
- TDM gaps: calls crossing legacy non-IP segments can lose their Identity token in transit.
- Lawful-but-unwanted calls: a signed call can still be a scam — the signature proves number authorization, not intent.
- Display: attestation levels are not shown to consumers directly; they feed carrier analytics and checkmark displays.
Checking Attestation and Spam Scoring via API
VRI returns spam risk scoring alongside CNAM, carrier, and line type in a single lookup — letting outbound teams audit their own numbers and screen inbound callers in one call:
curl -s "https://api.verirouteintel.com/v1/lookup" \
-H "Authorization: Bearer YOUR_API_KEY" \
-G --data-urlencode "phone=+12025550175" \
--data-urlencode "fields=spam_score,cnam,carrier,line_type"
Check whether your numbers are flagged as spam — spam score, CNAM, and carrier in one API call. Free sandbox, no card required. Get started →