Groups Say Stir/Shaken Is Working but Needs Further Refinement From FCC
Groups representing financial institutions called on the FCC to impose tougher Stir/Shaken rules in comments filed last week (docket 17-97) in response to a Wireline Bureau request (see 2508280040). Telecom industry groups and companies also sought tweaks to how illegal robocalls are addressed, through Stir/Shaken and beyond.
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
Years after Stir/Shaken was implemented, “spoofed calls remain a major driver of consumer fraud, with losses exceeding $12.5 billion in 2024 and robocall volumes reaching nearly 5 billion in April 2025,” the financial associations said. The evaluation standard for the rules is focused on technical authentication “but should also measure actual reductions in illegal robocalls, where progress has been minimal,” said groups including the American Bankers Association, America’s Credit Unions, the American Financial Services Association, ACA International and the Mortgage Bankers Association.
Among other changes, the FCC should set “a firm deadline” for transitioning all network traffic from legacy time-division multiplexing (TDM) networks to IP-based networks, since Stir/Shaken “only works over IP,” the financial groups said. Enforcement against improper attestations “must be enhanced, including penalties and stricter entry requirements for the Robocall Mitigation Database,” and “clearer guidance” on know-your-customer standards is “needed to ensure providers exercise due diligence before allowing traffic on their networks.”
Incompas and the Cloud Communications Alliance agreed that the continued use of TDM networks “frustrates the ability of STIR/SHAKEN to help mitigate illegal calls and will hamper the evolution of STIR/SHAKEN technology to provide verified caller identity.” The groups said industry needs to take other steps to combat illegal robocalls, which “remain persistently high, underscoring the need for enhanced capabilities, such as the inclusion of Rich Call Data, to verify caller identity.”
Stir/Shaken has underperformed, said security company Numeracle. “To put it bluntly, STIR/SHAKEN has not lived up to expectations.” The technology works, but “the public has expected it to solve problems it was not designed to solve,” and “numerous gaps remain that prevent STIR/SHAKEN information from transmitting reliably from end to end.” Improvements such as the adoption of rich call data technology would help Stir/Shaken meet expectations, Numeracle said. “We want to know who’s calling; we want the good calls to come through; and we want the bad calls to stop, get blocked, or at least accurately be labeled as spam.”
USTelecom called for improvements in how the risk of calls is graded, arguing that too many calls are classified as “A” list calls, meaning that the carrier knows the customer and the caller ID is authorized for use. “Some providers continue to assign ‘A’-level attestations to calls that are invalid, misformatted, unassigned, non-routable, or designated as Do Not Originate.” Stir/Shaken also has limitations, the group said. “Fraudsters continue to evolve, using tactics that extend beyond spoofed robocalls -- including live impersonation scams and cross-platform fraud that STIR/SHAKEN alone cannot prevent.”
Stir/Shaken rules are sometimes inconsistently applied, CTIA warned. Stir/Shaken “is a technical standard, and like any standard, its success depends on proper implementation by participating voice service providers."
All providers that aren’t subject to a Stir/Shaken exemption should have to “conform to the call authentication standards developed by the Alliance for Telecommunications Industry Solutions and adopted by the Commission,” CTIA said. In addition, the technology itself isn’t a “silver bullet” for solving the illegal robocall problem, the group said. Major carriers such as AT&T, T-Mobile and Verizon “have all adopted enterprise branded calling solutions to display more information to consumers on who is calling and why.”
NTCA urged the FCC to address persistent problems with Stir/Shaken. While the framework itself “is effective when utilized as intended, the Commission should acknowledge the role that the ‘non-IP gap’ plays in undermining as a practical matter the end-to-end successful transmission of authentication information.” The group also noted other work by the commission that should help, including proceedings looking at rules for copper retirement (see 2509300039) and the IP gap (see 2508180029). Action on both “will no doubt further advance technology transitions and result in more successful transmittal of call authentication data.”
Stir/Shaken is just one tool against illegal robocalls, the Voice on the Net Coalition commented. “The Commission and industry should not look at any single tool in isolation, determine it is ineffective on its own, and abandon it when no better or more effective solution is available.”