STIR/SHAKEN and Robocall Mitigation: What Outbound Teams Need to Know

What STIR/SHAKEN Actually Is

STIR/SHAKEN (Secure Telephone Identity Revisited / Signature-based Handling of Asserted information using toKENs) is a set of protocols adopted under FCC mandate for US and CRTC requirements for Canada. The framework enables originating carriers to cryptographically sign outbound calls, asserting a level of confidence that the caller ID presented on a call accurately reflects the originating account.

The signature travels with the call through the SIP signaling chain. Terminating carriers and analytics engines can read it and use it as one factor in deciding how to display the call — whether to pass it cleanly, label it with a "Spam Risk" overlay, or block it outright.

STIR/SHAKEN currently applies to voice calls on IP networks in the US and Canada. It does not apply to calls terminating in other countries on UnlimCall's 33-market network, though international equivalents are under development in several jurisdictions.

The Three Attestation Levels

Originating carriers assign one of three attestation levels when signing a call:

• Full Attestation (A): The carrier knows the customer and has verified that the customer is authorized to use the calling number. This is the highest level and is most beneficial for caller ID display.
• Partial Attestation (B): The carrier knows the customer but cannot verify that they are authorized to use the specific number presented — for example, when a customer presents a number from a pool not explicitly registered with the carrier.
• Gateway Attestation (C): The carrier knows only the origination point of the call (a gateway), not the full identity or number authorization. Common for traffic entering the US from international gateways.

For outbound call centers, the goal is to achieve Full (A) attestation wherever possible. This typically requires that the caller ID numbers you present on your outbound calls are explicitly registered to and authorized by your account with the originating carrier.

How UnlimCall Provisions Caller IDs for STIR/SHAKEN Purposes

Because caller ID numbers on the UnlimCall network are provisioned on demand against your specific account — not pulled from a shared inventory pool — the association between your account and the numbers you present is explicit and documented. This supports the chain of custody that Full Attestation requires for US and Canadian outbound calls.

Caller IDs provisioned across our other 31 markets operate under their own local frameworks. STIR/SHAKEN specifically governs US and Canadian traffic, but consistent provisioning practices across all markets support your broader caller ID governance.

The Robocall Mitigation Database

FCC rules require voice service providers to register in the FCC's Robocall Mitigation Database if they cannot fully implement STIR/SHAKEN — for example, on non-IP portions of their network. All traffic that originates with or transits a provider in the database is subject to downstream carrier scrutiny.

As a business placing outbound calls, you are not directly required to register in the database — that obligation sits with your carrier. However, choosing a carrier that has implemented full STIR/SHAKEN on its network (rather than one filing a mitigation plan) materially affects how your calls are treated by terminating networks.

Why Analytics Engines Matter as Much as the Protocol

STIR/SHAKEN is one input into downstream call analytics platforms. Networks like Hiya, First Orion, and Transaction Network Services analyze call patterns — call frequency, number reuse, abandoned call rate, consumer complaints — and apply their own scoring to caller IDs. A number that carries Full Attestation but is associated with a high complaint rate will still accumulate negative labels.

This is why your DNC compliance workflow, your calling window discipline, and your abandoned call rate all feed into the health of your caller IDs as a practical matter, not just as a legal matter. A clean compliance program produces clean calling patterns that support good attestation outcomes.

What Outbound Teams Should Do Now

• Verify with your carrier what attestation level is assigned to your outbound traffic
• Ensure the caller ID numbers you present are explicitly registered to your account, not borrowed from a shared pool
• Register with your carrier's STIR/SHAKEN portal if one is available
• Monitor your caller ID health through a reachability testing program — call your own numbers periodically from consumer devices to check for spam labels
• Review our audit trail guide for how to document caller ID assignment and call patterns over time