The FCC’s recent ruling to prevent SPAM calls may be the reason

Have you ever answered a call, that presented a calling ID with a local phone number, only to find out it was an out-of-state, or out-of-country, caller whose intentions were disguised? At best the calls are annoying as it’s someone trying to sell you something. At worst, it’s a call perpetrating social hacking. Most often, social hacking attacks are achieved by impersonating an individual or group who is directly or indirectly known to the victims or by representing an individual or group in a position of authority. This is done through pre-meditated research and planning to gain victims’ confidence. Social hackers take great measures to present overtones of familiarity and trustworthiness to elicit confidential or personal information.

Thankfully, this issue was taken up by the Federal Communications Commission to combat the fraud. You can read the specifics on the FCC mandated rules below.  It includes links to a database to check if your voice provider is compliant. You can also reach out to the Partners at BroadReach Technology Advisors and we can help you understand if your current voice line provider is compliant, and if they aren’t, what your options are.

Graphical user interface, text, application Description automatically generated

What is STIR/SHAKEN Compliance?

The FCC is here to help. They are introducing new regulations, known as STIR/SHAKEN, to combat spoofed robocalls in North America by mandating authentication of Caller IDs by 30 June 2021.

STIR/SHAKEN is a framework of interconnected standards. STIR/SHAKEN are acronyms for the Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using toKENs (SHAKEN) standards. This means that calls traveling through interconnected phone networks would have their caller ID “signed” by originating carriers with an appropriate trust rating and validated by other carriers before reaching consumers. So whether end consumers prefer their cocktails shaken or stirred, happy hour won’t be interrupted by annoying spam phone calls.

What Does This Mean for Businesses?

The person in charge of a business’ voice service needs to be sure their voice services provider has taken the proper steps, so your calls achieve the highest possible level of trust to ensure your customers pick up your call safely in the knowledge it’s you they’re talking to. If no action is taken, your calls would be assigned the minimum level of trust which may result in your calls being marked as SPAM, or even blocked by terminating carriers within North America.

In an attempt to stop unwanted “robo-calling,” North American carriers, will use attestation levels to sign calls with a level of trust to indicate our confidence that the call is from a legitimate entity. They shall assign outgoing calls with trust levels A, B, or C, depending on the information we hold on our customers and the numbers in use:

Be Proactive!

1. Contact your current voice service provider to learn about there plans to comply with this new FCC regulation.

2. Visit to the Robocall Mitigation Database, and enter your vendors name in the search option, to learn about their status: Robocall Mitigation Database

3. Visit the FCC website to obtain updated information: Combating Spoofed Robocalls with Caller ID Authentication


Technical Details

To combat illegal robo-calling the Federal Communications Commission (FCC) has mandated that from June 30, 2021, STIR/SHAKEN regulations come into effect.  The Canadian Radio-television and Telecommunications Commission (CRTC) has resolved that STIR/SHAKEN must be implemented by November 30, 2021. STIR/SHAKEN are acronyms for the Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information using toKENs (SHAKEN) standards.

Starting June 30, 2021, all voice service providers that originate calls directed to U.S. number recipients must digitally “sign” or attest those calls so that the terminating provider can verify that the calling number is accurate and has not been spoofed. The originating provider is required to attest these calls based upon the caller and caller-ID number. More specifically, the level of attestation may be at the “A” (most trusted), “B” or “C” level as follows:

Table Description automatically generated

  • A (full) attestation means that the originating provider (your current voice carrier) has verified the identity of the calling party and the calling party’s right to use the caller-ID number.
  • B (partial) attestation means that the originating provider has verified the identity of the calling party, but has not verified that the caller is authorized to use the number shown as caller-ID.
  • C (gateway) attestation means that the originating provider has authenticated the gateway from which it received the call, but it has not verified the calling party.

While calls may be connected with an “A,” “B” or “C” attestation, higher attestation levels carry important benefits. For example, it can be expected that many terminating providers will indicate to their own subscribers the level of trust to be afforded a given incoming call based upon the attestation the terminating provider receives. In turn, it can be expected that recipients will be more likely to screen calls carrying lower attestation levels.

How are Attestation Levels set?

The FCC provides guidelines for attestation ratings:

· Know Your Customer (KYC) is required for attestation levels A or B

· TN validation is required for attestation level A

· Calls not meeting the above criteria attested as level C