STIR/SHAKEN Customer Guide

Call Authentication & Robocall Mitigation

Q: Do I need my own OCN or SPC token?

No. As your provider, VOIP Awesome signs calls. Customers supply documentation so we can assign the correct attestation.

This page explains what we need from your organization to enable STIR/SHAKEN caller ID authentication and keep your calls trusted and answerable. It summarizes FCC requirements and the practical steps to achieve the highest feasible attestation for your traffic.

Quick

Checklist

Documents to provide, verification steps, and how to request updates or changes.

Policy

Requirements

Key FCC/STI-PA rules that affect caller ID signing and robocall mitigation.

Support

We're here

Email cs@voipawesome.com or call (800) 955‑1652.

What is STIR/SHAKEN?

STIR/SHAKEN is an industry framework that uses digital certificates to authenticate the caller ID of SIP calls. The originating service provider signs calls with an Identity header; downstream carriers verify that signature before completing the call. This helps combat illegal spoofing and improves answer rates for legitimate business calling.

In STIR/SHAKEN, every signed call includes an attest value of A, B, or C indicating the level of confidence in the caller’s identity and right to use the number.

Level	Meaning
A — Full	We know the customer and have verified they are authorized to use the calling number.
B — Partial	We know the customer, but cannot fully verify the source of the calling number.
C — Gateway	We can only confirm the call came from our network (least assurance).

Customer Requirements

1) Caller ID Number Proof

For owned numbers: invoice or LOA from your carrier, or proof of direct assignment (LRN/NPA‑NXX, RespOrg for TFN).
For third‑party numbers: signed authorization from the number owner permitting your use (campaign or account specific).

2) Business Verification (KYC)

Legal entity name, address, website, and primary contact.
Government registration (e.g., Articles of Incorporation) and doing‑business‑as names if used.
Use case description (who you call and why), opt‑in/consent method, and sample call scripts.

3) Traffic Compliance

No illegal spoofing, snowshoeing, or high‑risk patterns (e.g., short‑duration high‑CPS spam bursts).
Immediate cooperation with traceback requests and mitigation of any flagged campaigns.

What we do

Validate documents, map your numbers to your account, and enable STIR/SHAKEN signing.
Assign the highest feasible attestation per call based on your verification status and number provenance.
Monitor analytics to detect surges, answer‑rate drops, or complaints, and work with you to resolve quickly.

Attestation is per call and may vary by number and campaign. Supplying complete documentation enables Level A for eligible calls.

Onboarding Checklist

Share your numbers (DIDs or TFNs) and desired caller IDs with supporting invoices/LOAs.
Provide business details: legal name, address, website, point of contact, and short use‑case description.
Submit compliance artifacts (consent/opt‑in language, sample scripts, do‑not‑call process, TCPA policies if applicable).
Test calls to known recipients and test lines to confirm verification displays and answer rates.
Go‑live: we enable production signing and monitoring; you keep documentation current and notify us of any campaign changes.

Questions? Email cs@voipawesome.com with subject “STIR/SHAKEN Onboarding”.

Best Practices for Highest Attestation (A)

Use numbers you own or are expressly authorized to use, and keep proof up to date.
Keep a consistent calling name/brand and answerable callback on your caller IDs.
Maintain healthy calling patterns: reasonable CPS, average call duration, and opt‑out mechanisms.
Respond to traceback inquiries within 24 hours and remediate any issues promptly.

Regulatory Notes

Robocall Mitigation Database (RMD)

U.S. providers must maintain an accurate certification of their STIR/SHAKEN implementation and mitigation practices in the FCC’s Robocall Mitigation Database and cooperate with traceback. We keep our filings current and may request customer information to support compliance.

Reference: FCC rules at 47 CFR §§ 64.6300–64.6305 and related orders.

STI‑PA & Certificates

Only eligible providers with a valid OCN/SPC token can request STI certificates used to sign calls. Customers do not need their own certificates when sending traffic through us, but must supply documentation so we can attest appropriately.

Frequently Asked Questions

Can I get “A” attestation on all my calls?

Usually yes—if the caller ID is your own number (or you have authorization) and your business identity and use case are verified.

Do I need my own OCN or SPC token?

No. As your provider, we handle call signing. You only need to supply documentation so we can sign at the proper level.

How do I request changes to my caller IDs?

Email cs@voipawesome.com with the numbers to add/remove and the supporting proof of ownership or authorization.