bringing certification-based authentication to voice

For decades, SSL certificates have helped authenticate websites. Now, the telecom industry is using a similar approach to fight illegal robocalls and Caller ID spoofing with an industry-standard protocol for authenticating calling numbers.  The solution lies in the implementation of the industry’s specifications known as SHAKEN (Signature-based Handling of Asserted information using toKENs). SHAKEN provides a framework for Certification Authorities to issue digital certificates to authorized service providers and RespOrgs, which are used to verify the integrity and accuracy of calling number data.

Clearly, the process for evaluating, vetting and monitoring the integrity of this system is vital. In fact, service providers, RespOrgs and Certification Authorities play a pivotal role in the initiative to win back the public’s trust that the calling number is authenticated. The solutions requires that the calling party’s service provider use the certificates to secure the authenticated calling party information in the call signaling. The called party’s phone service provider can then verify that the calling number is genuine and its use has been authenticated.

As the Secure Telephone Identity Policy Administrator (STI-PA), iconectiv verifies, confirms, manages and supports the issuance of digital certificates for use in the SHAKEN framework and ensures that only authorized service providers and RespOrgs are able to obtain digital certificates from authorized Certification Authorities. These Certification Authorities are vetted, verified and approved by a Policy Management Authority (PMA) to perform the security functions necessary to maintain the integrity of the SHAKEN framework. iconectiv serves as the director of the PMA, which is comprised of industry stakeholders, including members of the STI-GA technical committee. 

iconectiv manages the list of approved Certification Authorities available to service providers via a REST interface query. The SHAKEN Secure Telephone Identity Verification Service (STI-VS) can then use this list to validate a call was signed by a Service Provider using a STI certificate from an approved Certification Authority. iconectiv also maintains Service Provider Code tokens, which represent the credentials and validation of providers. Service Providers and RespOrgs then use this token when requesting issuance of digital certificates from an approved Certification Authority.

SHAKEN webinars

The SHAKEN Governance Model

Setting Robocall Mitigation Protocols into Action in the Networks

This webinar provides insight into how it is being set into action in the network using the SHAKEN governance model. It covers how the governance model was formed and the key requirements behind it.


Mitigating Illegal Robocalling and Caller ID Scams

This webinar provides updates on advances being made to set key robocalling mitigation protocols into action in the network. It explains how illegal robocalls and Caller ID spoofing work and how key capabilities of the STIR/SHAKEN protocols will work to combat this fraud.