These slides present groundbreaking survey conducted by ECG in late 2023. For the first time, major US service providers and STIR/SHAKEN software vendors have joined forces to answer a pivotal question: Can STIR/SHAKEN data effectively block nuisance or illegal calls today? Gain insights from industry leaders on how they're harnessing this data to create a more secure and peaceful communication environment. Prevent outages and have confidence in your blocking strategy. Why STIR/SHAKEN Identity Headers are not being delivered consistently today. How many STIR/SHAKEN Identity headers are being delivered to different entities, from small to large service providers. The impact on low deliverability of STIR/SHAKEN Identity hreaders. Reasons that attestation verifications are failing, including number formatting, certificate access and date problems. The challenges of third-party certificates.

1. SHAKEN without
the EARTHQUAKE

2. 2
Faythe’s Story:
Protecting Subscribers
From Nuisance Calls
Scenario: Voice service provider, managed by Faythe
Largest client: A major contact center, operated by Bob
Problem: Robocalls interfering with business operations

3. 3
One Small Step for a Service
Provider, One Giant
Leap…
The Solution:
• Engineering team designs a nuisance call
blocking solution to exploit the great
STIR/SHAKEN data they're getting
• They test the solution and put it into production

4. 4
Plot Twist:
Alice Calls Bob
Next Day:
• Alice in Atlanta tries to call Bob in Biloxi…
but the call fails

5. 5
Bob's Emergency
• Bob's call center sales are plummeting.
• Some calls are still coming in – but not
many of them!

6. 6
What's going on?
• Faythe’s Service Provider is blocking
calls without valid STIR/SHAKEN
Identity
• . . . and it’s causing a massive outage!
• Between 25% and 75% of won't have
valid Identity headers.

7. 7
A Top-10 US-Based
Voice Provider
• Neustar / TransUnion
• Sansay
• Transnexus
Our Source of Information
ECG provides engineering staff for voice and internet service providers.
Expert sources:
Microsoft STIR/SHAKEN
Providers
AT&T

8. 8
Let’s Talk Robocall Blocking
1 2
4 5
The Case of the
Missing Identity
For Service
Providers, Size
is an Advantage
The Problem of
the Third-Party
Certificate
Look at a
Major, Legal
Robocaller
3
6
Why
Attestations Fail
So, how should
we do blocking?

9. It's hard to verify
an Identity header
that isn't there.
Key Limitation: TDM Gateways
TDM Gateways use the 1960s-2000s
technology and cannot natively deliver the
STIR/SHAKEN Identity header

10. How many Identity
headers are
making it through?
Hiya - Calls from Mobile to Hiya Customers
89%
Hiya - Calls from Non-Mobile Callers to Hiya
Customers
54%
Calls to TransNexus Clients
33%
Enterprise To
Mobile (Neustar)
20%
Calls to Microsoft Clients
66%
Calls to Service Provider SP-X - one of the top-10 US service providers
75%
Goal of Authenticated calls delivery to all US Service Providers
100%
Copyright 2023, ECG Inc.

11. 11
Low Identity Header Availability
"Neustar estimates that on average more than 80% of
enterprise-to-mobile (consumer) calls do not receive any
STIR/SHAKEN attestation."

12. 12
Let’s Talk Robocall Blocking
1 2
4 5
The Case of the
Missing Identity
For Service
Providers, Size
is an Advantage
The Problem of
the Third-Party
Certificate
Look at a
Major, Legal
Robocaller
3
6
Why
Attestations Fail
So, how should
we do blocking?

13. 13
Disparity Between the Largest Providers: TDM
In the US, large providers have more prolific SIP end-to-end
(TDM-free) connections to most US phones compared to
smaller providers.
Some of the largest PSTN gateway providers: Bandwidth,
CenturyLink, Sinch, Verizon Business
Gateway providers have TDM infrastructure, which is not
subject to Attestation requirements. Calls flowing through
TDM do not have Identity headers.

14. 14
One TDM Hop in a
call can mean that
no Identity header
is delivered, or
else a different one
is created
Caller
Alice
Callee
Bob
“Yellow”
Originating
Service
Provider Intermediate
Service
Provider 1
Intermediate
Service
Provider 2
“Pink”
Intermediate
Service
Provider 3
TDM
SS7
Intermediate
Service
Provider 4
Intermediate
Service
Provider 5
Terminating
Service
Provider
?
Copyright 2023, ECG Inc.
C
A
A
C
C

15. 15
Big Providers Have
More Identity headers
• Top-10 US provider: 75% of calls arrive with
Identity headers
• Microsoft: 66% of calls arrive with Identity
headers
• Big Providers are less dependent on TDM –
-- more of their calls are SIP end-to-end

16. 16
Let’s Talk Robocall Blocking
1 2
4 5
The Case of the
Missing Identity
For Service
Providers, Size
is an Advantage
The Problem of
the Third-Party
Certificate
Look at a
Major, Legal
Robocaller
3
6
Why
Attestations Fail
So, how should
we do blocking?

17. 17
Validation Errors Are Rampant
Invalid Attestation. This is when the Identity header is
delivered, but the Attestation fails validation for some reason.
• Number Formatting / Mismatch Problems
• Expired Certificate
• Recycled Identity Header
• Time Synchronization Problems

18. 18
Number Formatting / Mismatch Problems
Number formatting mismatch causing validation failure:
To: <sip:2293160013@1.2.3.4;user=phone>
Identity: Decodes as . . ."dest":{"tn":[ "2293160013" ]}
Call forwarding causing validation failure:
To: <sip:12296305555@1.2.3.4;user=phone>
Identity: Decodes as . . . "dest":{"tn":[ "12293160013" ]}

19. 19
Number Formatting / Mismatch Problems
“Green”
Originating
Service
Provider
Intermediate
Providers
Terminating
Service
Provider
Callee
Bob
Caller
Alice
A
From: 2292442099
orig tn: 2292442099
Incorrect number
formatting; missing CC
A
“Teal”
Originating
Service
Provider
Caller
Frank
A
Date: 1970-01-01
Incorrect Date
timestamp
A
“Red”
Originating
Service
Provider
Caller
Dave
A
Certificate
https://inacccessible
Certificate inaccessible
for Verification
A
“Purple”
Originating
Service
Provider
Caller
Carlos
A
To: 12293160013
dest tn: 12296305553
Forwarded call, reused
token
A

20. 20
Let’s Talk Robocall Blocking
1 2
4 5
The Case of the
Missing Identity
For Service
Providers, Size
is an Advantage
The Problem of
the Third-Party
Certificate
Look at a
Major, Legal
Robocaller
3
6
Why
Attestations Fail
So, how should
we do blocking?

21. 21
Quality Limitations – Even With Valid Attestations
Limitation #1: Third Party
Certificates
The originating service provider
doesn't sign; instead an
intermediate SP signs with their
own certificate.
In effect, the PSTN Access Provider
is saying they have a direct
relationship with Alice – but they
don’t.
“Green”
Originating
Service
Provider
“Pink”
Intermediate
Service
Provider 1
Other
Intermediate
Providers
Terminating
Service
Provider
Callee
Bob
Caller
Alice
1 2
3
4
5
A
A

22. 22
I'm the originating service
provider with a direct
relationship to the calling end-
user or enterprise, who is using
their own number (which I've
verified).
A
I'm the originating service
provider with a direct
relationship to the calling end-
user or enterprise.
B
I'm receiving this call from
another service provider, or from
someone forwarding the call.
C
Quality Limitations – Even With Valid Attestations
Limitation #2: Incorrect Attestations
When C should be used, A or B are being used.
Credit: Alec Finechel, TransNexus

23. 23
Both TDM & Third-Party Certificates Allow Masking
"The most valuable source of information in SHAKEN should
be the identity of the originating service provider.“

24. 24
I'm the originating service
provider with a direct
relationship to the calling end-
user or enterprise, who is using
their own number (which I've
verified).
A
I'm the originating service
provider with a direct
relationship to the calling end-
user or enterprise.
B
I'm receiving this call from
another service provider, or from
someone forwarding the call.
C
Quality Limitations – Even With Valid Attestations
Some third-party certificate intermediate providers are only using A & B.

25. 25
Let’s Talk Robocall Blocking
1 2
4 5
The Case of the
Missing Identity
For Service
Providers, Size
is an Advantage
The Problem of
the Third-Party
Certificate
Look at a
Major, Legal
Robocaller
3
6
Why
Attestations Fail
So, how should
we do blocking?

26. 26
90% attested,
10% not attested
The Case of One
Important Caller
One US government caller places millions of robocalls
per month.
Potential explanation: About 10% of calls traverse TDM
(From the perspective of one large service provider)

27. 27
Let’s Talk Robocall Blocking
1 2
4 5
The Case of the
Missing Identity
For Service
Providers, Size
is an Advantage
The Problem of
the Third-Party
Certificate
Look at a
Major, Legal
Robocaller
3
6
Why
Attestations Fail
So, how should
we do blocking?

28. 28
SHAKEN Data Is Valuable for Traceback
"The traceback value of STIR/SHAKEN has been and will
continue to be useful. We believe that calls that ostensibly
would be subject to spam tagging or blocking are going to
be those from enterprises (landline) to (mobile) consumer."
Traceback is the semi-manual process of tracking a call back to the originating service provider.

29. 29
When is it advisable to block calls?
Not yet
• All experts advised against blocking based
solely on available 2023 SHAKEN/STIR data.
• How do you block calls with STIR/SHAKEN?
• Action Item: Begin verifying and analyzing the
STIR/SHAKEN data you are getting today.
• Too many US service providers are sending Identity
headers but not performing verification.

30. 30
How should you
handle blocking?
• Analytics platforms to detect nuisance
robocalling calling detection are crucial (e.g.,
TransNexus, Hiya, First Orion, TrueCNAM,
TNS, Neustar, Mutare, Redshift)
• Plumbing should be built to send
STIR/SHAKEN data should be sent to the
analytics platforms.
• But some argue outright blocking will never
be a good option:
• Perhaps better to send it to voicemail
(Microsoft)
• Or send to a Voice Captcha (Mutare)

31. 31
How should you
handle blocking?
Is SHAKEN Data useable for automated
blocking and labeling today? Yes!
"Calls signed with B-level attestation are far
more more likely to be robocalls than
unsigned calls." -- Transnexus
Bottom Line:
STIR/SHAKEN data will be useful in
ways you don’t expect – and you need
to get verification into all your analytics
systems as soon as possible.

32. Thank You!
Ready for more effective call blocking?
ECG’s experts are here to help.
https://www.ecg.co/contact
sales@e-c-group.com