Out-of-Band SHAKEN – Solving the adoption issues of STIR/SHAKEN

By Alan Percy, CMO @TelcoBridges

According to Metcalfe’s Law, “the effect of a telecommunications network is proportional to the square of the connected users”.   As service providers begin deploying STIR/SHAKEN, you can directly apply the law in determining the impact or effectiveness of protecting the integrity of the caller identity.  Without wide adoption, STIR/SHAKEN will have little value.

In the last few year there has been much progress on the legislative effort to mandate the implementation of STIR/SHAKEN, but the reality of doing so is much different.

Last month, we hosted a discussion with Jim Dalton from TransNexus on the challenges that smaller and mixed SIP/TDM service providers are having with STIR/SHAKEN Challengesimplementation of STIR/SHAKEN.  His first-hand experiences with service providers include:

  • The cost of upgrading their software and equipment to generate and verify SHAKEN identity tokens.
  • Tokens are blocked by softswitches or SBCs within the service provider network
  • Tokens that are lost in transport (on both SIP and TDM interconnects)
  • SIP over UDP packets become so large that they are fragmented
  • The destination softswitch or SBCs strip the SHAKEN identity tokens
  • Many rural and smaller service providers depend on TDM interconnects, unable to relay identity tokens

The result of any of the above is the same – an inability to pass or validate SHAKEN identity tokens, the service provider and all their subscribers are not part of the “square of the connected users”.   This means their subscriber’s calls may be blocked or ignored, and without callerID verification, makes them easy targets for spoofers and fraudsters.

So how do smaller and rural service providers participate in the STIR/SHAKEN solution?

Jim and his team have been working with the ATIS and others to devise an out-of-OOB SHAKEN Graphicband mechanism to deliver SHAKEN tokens via the Internet.   A seemingly simple solution to a complex problem, Out-of-Band SHAKEN uses HTTPS to deliver the identity token from the originating service provider’s Authentication Service (AS) to the terminating service provider’s Verification Service (VS).

Not only does this mechanism solve the issues with SIP softswitches, it also enables STIR/SHAKEN on TDM switches using media gateways.

There is much more detail covered in the recorded webinar in the TelcoBridges’ Video Library, along with past events on both STIR/SHAKEN and a range of other topics.

Both TelcoBridges and TransNexus have created a promotional bundle of services and software to help service providers implement Out-of-Band SHAKEN.   Request a consultation to learn how TelcoBridges and TransNexus can get your subscribers part of the “square of the connected users”.

NOW ON YOUTUBE: New Opportunities with Two Factor Authentication – A How To Webinar

Now available on YouTube, our “Build New Opportunities with 2FA – A How To” webinar where we explore Two Factor Authentication – more than just a means to confirm subscriber identities, 2FA is an opportunity for new revenue for service providers, offering it as a service to high-risk customers. Watch now here.

NOW ON YOUTUBE: Cloud Communications – Drivers and Barriers webinar

Our “Cloud Communications – Drivers and Barriers” webinar where we examine the market trends, technologies and alliances driving the adoption of cloud communications, is now on YouTube. Joining us to help explain some of these trends is Clark Peterson, Chairman of the Cloud Communications Alliance. Watch it here: https://www.youtube.com/watch?v=74HutjHtUXA