What Is STIR/SHAKEN?
STIR/SHAKEN is the FCC-mandated caller ID authentication framework that cryptographically verifies whether a caller's carrier has confirmed they actually own the number displayed as Caller ID.
STIR/SHAKEN is the FCC-mandated caller ID authentication framework that uses cryptographic signatures to verify whether the number appearing as Caller ID on an incoming call can be confirmed by the originating carrier. It is the technical standard that forms the backbone of anti-spoofing enforcement in the US telecommunications network. All major US carriers are required to implement STIR/SHAKEN under the TRACED Act of 2019.
What the Acronyms Mean
STIR stands for Secure Telephony Identity Revisited, an IETF standard for digitally signing caller ID information. SHAKEN stands for Signature-based Handling of Asserted Information Using Tokens, the ATIS framework that governs how those signatures are applied across carrier networks.
The Three Attestation Levels
- A — Full Attestation: The carrier has verified both that the caller is a subscriber on their network and that they are authorized to use the specific number displayed. Calls from A-attested numbers are the most trustworthy Caller IDs available.
- B — Partial Attestation: The carrier has verified the caller's identity but not whether they have the right to use the specific number shown. The call originates from a known source but the displayed number may not be the caller's actual number.
- C — Gateway Attestation: The call entered the STIR/SHAKEN framework at an intermediate gateway from an unknown external source. The carrier can only confirm how the call entered their network, not who originated it. C-level or missing attestation is a strong spam signal.
Why It Doesn't Stop All Spoofing
STIR/SHAKEN is effective for calls originating within US carrier networks. Its enforcement gap is international VoIP calls — calls originating offshore and entering US carrier networks at gateway points, where full attestation chains cannot be verified. These calls typically carry C-level or no attestation, which is why C/no-attestation is such a reliable spam signal for apps like Callro.
For a full breakdown of the 2026 FCC framework update, see our article on the FCC 2026 STIR/SHAKEN framework.
Frequently Asked Questions
What is STIR/SHAKEN?
STIR/SHAKEN is the FCC-mandated caller ID authentication framework. It assigns a cryptographic attestation grade (A, B, or C) to incoming calls indicating how strongly the originating carrier has verified the caller's identity and right to use the displayed number.
What do the STIR/SHAKEN attestation levels mean?
A (Full) means the carrier verified both the caller's identity and their right to use the specific number shown. B (Partial) means the carrier verified identity but not number ownership. C (Gateway) means the call entered from an unknown external source. No attestation or C-level are strong spam signals.
Does STIR/SHAKEN stop all robocalls?
No. STIR/SHAKEN is effective for calls originating within US carrier networks but has an enforcement gap for calls originating internationally that enter US networks at gateway points. These calls typically carry C-level or no attestation, making the attestation level itself a reliable fraud signal even for calls STIR/SHAKEN cannot fully trace.
Stop the calls. No card required.
Callro's 26-layer Gauntlet Engine blocks robocalls, spoofed numbers, and scam callers before your phone rings. 7-day free trial.
Get Callro Free →