STIR/SHAKEN and Robocall Mitigation

voice carrier image women on phone with glasses

NUSO has STIR/SHAKEN technology in place to mitigate call spoofing. Our technology authenticates and verifies traffic routed to stop unwanted calls.

Don’t Let Call Spoofing Waste Time, Productivity and Money

We’ve gone above and beyond what the FCC required and added additional layers of security to combat call spoofing. We can protect your voice traffic through our network.

Learn How NUSO Is Working to Prevent Robocalls on Our Network

The FCC estimates that the “wasted” time and nuisance caused by scam robocalls exceeds $3B each year. To combat this, Congress passed the  TRACED (Telephone Robocall Abuse Criminal Enforcement and Deterrence) Act which provides the FCC with new tools to fight unwanted, and often illegal, robocalls, the top consumer complaint reported to the FCC annually.

A robocall is any call generated by a machine, usually done in high volume, which can deliver either a recorded message or a live person on the line. There are many legitimate forms of robocalling such as appointment reminders from a healthcare provider, important messages from your city government, severe weather alerts, etc.

Many times, call scammers will spoof their caller ID, and use robocalling tactics to mass-produce telephone calls and make it appear as if the call is coming from a legitimate business so that they may trick unsuspecting consumers.

How NUSO is Implementing Robocall Mitigation

NUSO is following the FCC mandate by implementing STIR/SHAKEN, along with adding  additional layers of Robocall Mitigation to go above and beyond the FCC requirements in combatting unwanted robocalls. The additional Robocall Mitigation solution works alongside STIR/SHAKEN to identify unauthorized and suspicious use of phone numbers and detect trends and anomalies in calling patterns.

What Does STIR/SHAKEN and NUSO’s Additional Robocalling Solution Do for You?

Outbound Calls

NUSO will examine the caller ID and compare it to a known list of IDs for that customer. If the caller ID being sent out does not belong to that customer, the call will be denied. NUSO will also check the caller ID against known “Do Not Call” databases and if the caller ID is found in a known “Do Not Call” database then the call will also be denied. If the caller ID does belong to that customer, and not on a “Do NOT Call” list, NUSO will attach an encrypted and signed certificate to the call before sending it out of the network. Software on the receiving end will check the authenticity of the message by decrypting the certificate.

Inbound Calls

Upon receiving an inbound call, NUSO will decrypt the certificate and verify the call is from a known trusted source. If the call has been tampered with or is not from a trusted source who owns the telephone number, the call will be flagged as “SPAM” before passing it on to the receiving party. This will allow users to still receive calls, but the caller ID will be appended with “SPAM” or “ROBO” so that they can decide to answer/trust the call or not.



STIR (Secure Telephone Identity Revisited) and SHAKEN (Secure Handling of Asserted information using toKENs) are new telecommunications industry standards that help filter spam and robocalls. STIR is the set of industry technical standards to certify the identity of a call and SHAKEN determines how authentication of call identification is then handled by providers. Click here to learn more about STIR/SHAKEN from the FCC.

How does STIR/SHAKEN work?

For Consumers: STIR/SHAKEN will verify that the person calling you is legitimate and calling you from the number displayed on your screen. While this verification does not stop robocalls from coming to your phone, it gives you more information before you answer the phone.

For Communications Providers & Enterprises: STIR/SHAKEN utilizes a trusted digital certificate infrastructure to ensure originating call data integrity. IP signaling will now include SIP Identity headers that include an attestation field that contains a confidence indicator letting the recipient of the call know if the call initiator owns, or has the right to, the number they’re calling from.

There are three levels of attestation the originating service provider can give:

  1. Full (A) – The service provider has authenticated the caller and that caller is authorized to use that number.
  2. Partial (B) – The service provider has authenticated the caller but cannot verify their number authorization.
  3. Gateway (C) – The service provider has authenticated where it received the call, but cannot verify the call source (i.e. this call is from Greenland, but the service provider does not know the general identity of the customer originating the call).
What is NUSO doing to implement STIR/SHAKEN?

Our engineers have already implemented the necessary network modifications required for STIR/SHAKEN compliance to our customers and communication service provider partners.