Robocalls and STIR/SHAKEN

This could be a new topic for many of us in gulf region.

A robocall is a recorded message delivered in the form of a telephone call. The caller is not a real person, but a machine, and the system uses automatic dialing to reach your number.

What is STIR/SHAKEN?

STIR/SHAKEN is a framework that was created to help combat illegal caller ID spoofing and stop robocall companies from masking the true numbers of unwanted and illegal calls.

STIR, short for Secure Telephony Identity Revisited, has been defined as a series of RFC standards documents by a Working Group of the Internet Engineering Task Force. It works by adding a digital certificate to the Session Initiation Protocol information used to initiate and route calls in VoIP systems. The first public connection on the system, typically the VoIP service provider, examines the caller ID and compares it to a known list of IDs they provide to that customer. The provider then attaches an encrypted certificate to the SIP header with the service provider’s identity and a trust value. VoIP software on the receiving end can check the authenticity of the message by decrypting STIR using the provider’s public key.

For non-VoIP systems, like cell phones and landlines, call routing information is carried by SS7. In these cases, the SIP header is not directly useful as it cannot be sent to users unless they are on a VoIP connection. This is the purpose of the SHAKEN system, short for Signature-based Handling of Asserted information using toKENs. SHAKEN is a suite of guidelines for public switched telephone networks that indicate how to deal with calls that have incorrect or missing STIR information. This may be in the form of additional information in the CNAM information of caller ID indicating the number has been spoofed, but the details have not been finalized.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s