What is STIR/SHAKEN?
STIR/SHAKEN (Secure Telephone Identity Revisited / Signature-based Handling of Asserted information using toKENs) is a pair of telecom standards that let a call’s originating carrier cryptographically sign the caller ID, so the terminating carrier can verify the call genuinely came from where it claims to. It’s the telecom industry’s primary technical defense against caller-ID spoofing and robocalls, and is a regulatory requirement for voice carriers in the US (via the TRACED Act) and increasingly elsewhere.
How it works
When a call originates, the carrier that owns (or is authorized to use) the calling number attaches a digital signature, called an attestation, asserting how confident it is in the caller’s right to use that number:
- A (Full): the carrier verified the caller is authorized to use this exact number.
- B (Partial): the carrier verified the customer, but not their right to this specific number.
- C (Gateway): the carrier only knows where the call entered its network; no identity verification.
The terminating carrier checks the signature against a public certificate registry and can use the attestation level to decide how to display or filter the call (for example, flagging low-attestation calls as “Spam Likely”).
Why it matters
For anyone placing outbound calls programmatically, whether sales dialers, appointment reminders, or verification codes, attestation level directly affects answer rates: unsigned or low-attestation calls are increasingly filtered, mislabeled, or blocked outright by carriers and phones. Platforms and carriers that sign calls with strong attestation, and that verify a customer actually owns the caller ID they’re presenting, protect deliverability for everyone sending calls through them.
How SIP.IO signs calls
SIP.IO’s carrier partner signs every outbound call, and the attestation level depends on where the number came from: numbers purchased directly through SIP.IO are signed with full attestation (A), since the carrier issued and controls the number end to end. For BYOC numbers (brought in from your own carrier), calls are signed with attestation B once you’ve completed KYC and provided ownership documentation for the number, confirming you’re the verified customer even though the carrier didn’t issue that specific number.
FAQ
What is STIR/SHAKEN? A pair of telecom standards that let the originating carrier cryptographically sign a call’s caller ID, so the terminating carrier can verify where the call really came from. It’s the industry’s main defense against caller-ID spoofing and robocalls.
What do the A, B, and C attestation levels mean? A (full) = the carrier verified the caller’s right to that exact number. B (partial) = the carrier verified the customer but not the specific number. C (gateway) = no identity verification, only network entry point.
What attestation level does SIP.IO sign calls with? Numbers purchased directly through SIP.IO get full attestation (A). BYOC numbers get attestation B once you’ve completed KYC and provided ownership documentation for the number.
Related: What is BYOC? · What is SIP trunking? · What is a DID number? · Trunks, Outbound & PSTN