STIR/SHAKEN uses digital certificates, based on common public key cryptography
techniques, to ensure the calling number of a telephone call is secure. In simple terms,
each telephone service provider obtains their digital certificate from a certificate
authority who is trusted by other telephone service providers.
STIR/SHAKEN is an industry-developed set of protocols and a governance model
designed to stop the deluge of illegal robocalls to ensure the caller ID has not been
spoofed.
STIR (Secure Telephony Identity Revisited) is a set of technical standards developed
by the Internet Engineering Task Force (IETF) to certify the identity of originating calls.
SHAKEN (Signature-based Handling of Asserted information using toKENs) is a
framework developed by the Alliance of Telecommunications Industry Solutions (ATIS)
that focuses on the implementation of STIR within IP-based service provider networks.
SHAKEN introduces a governance model that designates the roles and responsibilities
of the Policy Administrator (STI-PA) and Certificate Authority (STI-CA) and outlines
who is eligible to receive certificates.