The industry-led Secure Telephone Identity Governance Authority (STI-GA) today announced two policy changes in the SHAKEN ecosystem. The set of first policy changes will allow delegate certificates to be used by third-party callers as well as companies originating calls from toll-free numbers to also provide SHAKEN authentication.
With the STIR/SHAKEN protocol, a call is given the top level of attestation (A-level) only if the service provider signing the call can attest to the customer’s right to use that telephone number for outbound calls. A delegate certificate provides service providers a method to establish a customer’s right to use a telephone number when the service provider did not assign that number itself. The use of a delegated certificate enables calls to receive the highest level of attestation when a company sends an outbound call through one service provider using a number assigned to it by another service provider.
The STI-GA Board voted to support the optional use of delegate certificates within the SHAKEN ecosystem pursuant to ATIS Specification ATIS-1000092. Service providers may or may not choose to use delegate certificates, but the STI GA Board action to approve this policy change will clear the way for service providers that wish to use delegated certificates to do so.
The second set of policy changes adopted by the STI-GA Board, are designed to authorize Responsible Organizations (Resp Orgs) to access Service Provider Code tokens. A Resp Org is the entity that assigns a toll-free number to a customer and is the only entity that can authenticate a customer has the right to use a toll-free number. Unless a Resp Org is also a service provider, it is not involved in originating a call and previously was not able to provide the SHAKEN authentication. The policy revisions will afford companies sending traffic outbound from a toll-free number the means to qualify for the highest level of attestation.
The changes in policy follow recent standards decisions by the ATIS/SIP Forum IP-NNI Task Force, the industry-led body that drafts the standards that apply to the SHAKEN ecosystem. The STI-GA, which is responsible for setting policy direction for the SHAKEN ecosystem, considers relevant industry standards to be an important factor its policies. While the policy changes have been adopted by the STI-GA Board, technical changes must still be implemented in the SHAKEN framework to enable delegate certificate use and give Resp Orgs access to SPC tokens. The STI-GA Board is targeting to have these changes fully implemented by mid-October 2021 and will issue an industry advisory when the precise date is known.
In launching STIR/SHAKEN and now moving to expand its applicability to a broader range of call types, the STI-GA continues to advance the industry’s objective to consumer faith and confidence in answering their telephones. Learn more at sti-ga.atis.org.
About the STI-GA
Operating under the auspices of ATIS, the Secure Telephone Identity Governance Authority (STI-GA) is the industry-led effort to support the timely deployment of the STIR/SHAKEN protocol and framework.
The STI-GA Board consists of representatives from the following stakeholders:
• Chair – Linda Vandeloop, AT&T
• Vice Chair – Glenn Clepper, Charter Communications; appointed by NCTA – The Internet & Television Association
• Clinton Lee, Jackson Energy Authority; appointed by the America’s Communications Association
• Nathan Sutter, Nex-Tech Wireless; appointed by the Competitive Carriers Association
• Indra Chalk, T-Mobile; appointed by CTIA
• Greg Rogers, Bandwidth; appointed by INCOMPAS
• Dave Frigen, Wabash Communications; appointed by NTCA – The Rural Broadband Association
• Chris Oatway, Verizon; appointed by US Telecom
• Gunnar Halley, Microsoft; appointed by the VON Coalition
• Michael Starkey, QSI Consulting, Inc.; appointed by Western Telecommunications Alliance and TEXALTEL
• Tim Kagele, Comcast
• Darah Franklin, Google
As a leading technology and solutions development organization, the Alliance for Telecommunications Industry Solutions (ATIS) brings together the top global ICT companies to advance the industry’s business priorities. ATIS’ 150 member companies are currently working to address 6G, 5G, robocall mitigation, IoT, Smart Cities, artificial intelligence-enabled networks, distributed ledger/blockchain technology, cybersecurity, emergency services, quality of service, billing support, operations, and much more. These priorities follow a fast-track development lifecycle – from design and innovation through standards, specifications, requirements, business use cases, software toolkits, open source solutions, and interoperability testing.
ATIS is accredited by the American National Standards Institute (ANSI). ATIS is the North American Organizational Partner for the 3rd Generation Partnership Project (3GPP), a founding Partner of the oneM2M global initiative, a member of the International Telecommunication Union (ITU), as well as a member of the Inter-American Telecommunication Commission (CITEL).