The STIR/SHAKEN Framework: Unraveling Token Attestations

Explore the heart of the STIR/SHAKEN framework with our latest deep-dive blog post. Understand token attestation. #STIRSHAKEN #TokenAttestations #Telecommunications

In the age of digital communication, ensuring call authenticity is paramount. To address issues of caller ID spoofing and robocalls, the telecommunications industry has embraced the STIR/SHAKEN framework. In this article, we will delve deep into the heart of STIR/SHAKEN: token attestations.

Understanding STIR/SHAKEN

Secure Telephony Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using toKENs (SHAKEN) form a suite of protocols designed to certify the authenticity of a call. They provide a level of trust in the caller ID information displayed, curbing issues such as caller ID spoofing.

At the core of STIR/SHAKEN lies the principle of token attestations. These are digital signatures added by the originating service provider to the SIP INVITE, the initial step in creating a telephone call over IP networks.

The Role of Token Attestations

The attestation level determines the trustworthiness of the call originator’s assertion of caller ID information. There are three levels of attestation:

  1. Full Attestation (A-Level): This is the highest level of trust, given when the service provider has authenticated the caller and can confirm that they are authorized to use the calling number.
  2. Partial Attestation (B-Level): This level is given when the service provider has authenticated the caller but can’t verify if they are authorized to use the calling number.
  3. Gateway Attestation (C-Level): This is the lowest level, given when the service provider has only confirmed that the call entered their network, but the caller’s identity and authorization to use the calling number are unknown.

How Does Token Attestation Work?

Here’s a simplified step-by-step process of how token attestation works in STIR/SHAKEN:

  1. When a call is placed, the originating service provider creates a SIP INVITE that includes caller ID information.
  2. The service provider authenticates the caller and determines the appropriate attestation level. They then sign the SIP INVITE with their private key to create a token.
  3. The signed call is then sent through the network to the terminating service provider.
  4. The terminating service provider verifies the digital signature using the originating service provider’s public key. They then decide how to handle the call based on the attestation level and verification status.
  5. The call is delivered to the recipient, potentially with information about the verification status.


Token attestations are integral to STIR/SHAKEN, providing a mechanism to gauge the trustworthiness of a call. They are a crucial tool in the ongoing battle against robocalls and caller ID spoofing.

In our next posts, we’ll delve deeper into how businesses can implement STIR/SHAKEN and what these changes mean for the future of telecommunications.

Related posts

STIR/SHAKEN and Phone Number Remediation: A Comprehensive Guide

Reading Time: 2:54 min

With the increasing pervasiveness of robocalls and Caller ID spoofing, STIR/SHAKEN has emerged as a critical response in the telecommunications industry. This comprehensive guide will dive into STIR/SHAKEN, its role…

View post

An Introduction to STIR/SHAKEN: The Future of Call Authentication

Reading Time: 2:10 min

Gain insights into STIR/SHAKEN and token attestation. Learn how these call authentication frameworks can revolutionize your customer engagement practices. #STIRSHAKEN #CustomerEngagement

View post

STIR/SHAKEN: Revolutionizing Caller Authentication in Telecommunications

Reading Time: 1:28 min

Telecommunications technology continues to evolve at a rapid pace. In recent years, one of the most significant developments in the industry is the implementation of the STIR/SHAKEN protocol. As telemarketing…

View post