Summary
- STIR/SHAKEN is a call authentication framework mandated by the FCC that assigns a verified identity score to every outbound call before it reaches the recipient.
- Calls receive one of three attestation levels — A, B, or C — based on whether the carrier can verify both the caller’s identity and their right to use the calling number.
- Attestation A calls display as “Caller Verified” or similar on modern smartphones. Attestation B and C calls are more likely to be screened, flagged, or declined.
- High-volume outbound calling operations that use number pools, local presence dialing, or rented numbers typically receive B or C attestation unless proper carrier agreements and number management are in place.
- Managing your attestation level is one of the most technically precise levers for improving outbound answer rates, and it cannot be handled through software configuration alone.
What STIR/SHAKEN Is and Why It Exists
Robocall volume in the United States reached tens of billions of calls per year before regulators stepped in. The core problem was technical: the traditional telephone network had no mechanism for verifying that a caller was who they claimed to be. Any carrier or service could send a call with any number in the caller ID field. This is why phone scams, spoofed calls, and impersonation-based fraud became so widespread.
STIR/SHAKEN is the industry’s answer to that problem. STIR stands for Secure Telephone Identity Revisited. SHAKEN stands for Signature-based Handling of Asserted information using toKENs. Together they form a cryptographic call authentication framework that allows carriers to attach a verified identity signature to every outbound call before it is delivered to the recipient’s carrier.
The result is that when a call arrives at a modern smartphone, the receiving carrier can check whether the calling number has been authenticated by a trusted source. If it has, the call may display as “Caller Verified” or receive a green checkmark. If it has not, or if the attestation level is low, the call may display as “Spam Risk,” be silently declined, or be routed to voicemail. For any business that depends on outbound calling, STIR/SHAKEN is no longer a background technical detail. It is one of the primary variables determining whether your calls get answered.
How STIR/SHAKEN Became Law
The Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, commonly called the , was signed into law in December 2019. It directed the FCC to require all voice service providers to implement STIR/SHAKEN authentication across their networks.
The FCC issued an order in March 2020 requiring large originating carriers (those with more than 100,000 subscriber lines) to implement STIR/SHAKEN in their IP networks by June 30, 2021. Smaller carriers had extensions but ultimately faced the same mandate.
By mid-2021, the major US carriers, such as AT&T, Verizon, T-Mobile, and their subsidiaries, were fully deployed on STIR/SHAKEN. This means that today, the majority of outbound calls in the United States are traveling through networks that evaluate and communicate attestation levels to receiving carriers.
The practical effect on legitimate outbound calling operations became clear quickly: calls that could not achieve A-level attestation became increasingly vulnerable to spam-screening algorithms that use attestation level as one of their primary inputs.
How Call Authentication Actually Works
When your outbound call is placed, it passes through an originating carrier. That carrier is responsible for assigning an attestation level based on two things: whether they can verify the identity of the customer placing the call, and whether that customer has the right to use the calling number presented in the caller ID. Once the carrier assigns an attestation level, it attaches a cryptographically signed certificate called a PASSporT (Personal ASSertion Token) to the call metadata. This certificate travels with the call through the network.
When the call reaches the terminating carrier (the carrier serving the person you are calling), that carrier reads the PASSporT, verifies the cryptographic signature, and checks the attestation level. Based on that level and its own spam-scoring algorithms, the terminating carrier decides how to present or handle the call. The entire process happens in milliseconds before the first ring reaches the recipient. By the time the person’s phone starts ringing, the call has already been evaluated and classified.
This is why spam-flagging is not something you can fix after the fact. The classification happens at the carrier level, before the call is presented to the user, and it is based on authentication data attached to the call at the origination point.
The Three Attestation Levels Explained
The STIR/SHAKEN framework defines three attestation levels, each representing a different degree of certainty about the caller’s identity and their right to use the calling number.
Attestation A: Full Attestation
The originating carrier has verified the identity of the calling party and confirms that they have the right to use the number presented in the caller ID. This is the highest level of trust. On modern Android and iOS devices, A-attested calls often display as “Caller Verified” or show a verification indicator. These calls are least likely to be flagged by spam-screening algorithms.
To achieve A attestation, you need a direct relationship with your originating carrier, and the numbers you are calling from must be registered to you in a way that the carrier can verify. This typically means direct phone number provisioning from the carrier, not resold or reassigned numbers.
Attestation B: Partial Attestation
The originating carrier has verified the identity of the calling party but cannot confirm that the caller has the right to use the specific number in the caller ID. This is the most common situation for businesses using number pools, virtual numbers, or numbers purchased through a VoIP reseller.
B-attested calls do not receive the verified indicator. They are treated as neutral by many spam-screening systems, though they remain more vulnerable to flagging than A-attested calls.
Attestation C: Gateway Attestation
The originating carrier cannot verify the identity of the calling party at all. This typically applies to calls arriving at the carrier from another network, such as international calls or calls routed through intermediary carriers. C-attested calls are the most likely to be screened, flagged, or declined.
For domestic outbound sales calling, C attestation is a significant liability. Calls arriving with C attestation have no identity verification and are treated with maximum suspicion by downstream spam-screening tools.
How Attestation Affects Answer Rates in Practice
Answer rate is the percentage of your outbound dials that result in a live human picking up the call. Everything else in your calling operation,including qualification conversations, live transfers, and enrollment rates, depends on this number. Attestation level affects answer rate through two distinct mechanisms.
The first is carrier-level filtering. Terminating carriers run their own spam-detection algorithms that incorporate attestation level as a primary signal. A call with B or C attestation that also comes from a number with a history of high call volume or complaint patterns will receive a much higher spam score than a call with A attestation from a freshly provisioned number. Calls above the carrier’s spam threshold are flagged, declined, or silently dropped before the phone ever rings.
The second mechanism is consumer behavior. Even when a B or C attested call gets through carrier filtering, modern smartphones display the attestation status. iOS and Android both surface spam warnings, “Spam Risk” labels, or “Potential Fraud” indicators for calls that fail to pass authentication checks. Consumers have become trained to decline calls with these labels.
The combined effect means that a calling operation with consistently B or C attestation is working at a structural disadvantage. It is not just a matter of the occasional screened call. It is a persistent reduction in effective reach across every campaign.
Why Outbound Call Centers Struggle With Attestation
Most outbound calling operations, especially high-volume ones, face a structural challenge with STIR/SHAKEN attestation. The challenge comes from how call center numbers are typically provisioned and managed.
A contact center or outbound sales team rarely buys phone numbers directly from AT&T or Verizon with a dedicated business relationship. More commonly, numbers are provisioned through a VoIP provider, a calling software platform, or a telephony reseller. When numbers pass through intermediary providers, the originating carrier often cannot confirm with certainty that the end business (you) has the right to use that specific number, which pushes attestation down to B.
Additionally, many outbound operations use large number pools and rotate through them to avoid call fatigue on any individual number. , but rotating through numbers that were previously used by another business, or that have not been registered to your organization with the carrier, creates attestation gaps.
The highest-risk scenario is using numbers that were recently reassigned. If a number was previously associated with a high-complaint-volume operation and was then reassigned to your account, that number’s history follows it into spam-scoring algorithms even if the STIR/SHAKEN attestation is technically sound.
Local Presence Dialing and Attestation
is the practice of displaying a phone number with an area code that matches the geographic area of the person being called. A prospect in Texas sees a Texas area code. A prospect in Ohio sees an Ohio area code. This significantly improves answer rates because consumers are more likely to pick up calls that appear to be from their own area.
The STIR/SHAKEN complication with local presence dialing is attestation. If you are a Florida-based business calling a Texas prospect with a Texas area code, your originating carrier must confirm you have the right to use that Texas number. If the number was provisioned specifically for your use through a carrier relationship that supports this, A attestation is possible. If the number is from a shared pool or was provisioned through a reseller without a direct carrier relationship, B attestation is the likely result.
This does not mean local presence dialing is incompatible with strong attestation. It means the implementation details matter. A platform that provisions local presence numbers through direct carrier relationships, rather than through reseller pools, can achieve better attestation outcomes than one that uses generic shared number inventories.
How AI Calling Platforms Handle Call Authentication
Not every AI calling platform approaches STIR/SHAKEN with the same level of rigor. The differences in approach directly translate to differences in answer rates at scale. A platform that manages call authentication as infrastructure, rather than leaving it as a configuration detail for the customer to handle, provides several things that matter for attestation outcomes.
- Direct carrier relationships. Platforms with direct carrier agreements can request higher attestation levels for properly registered numbers. This is not available through most VoIP resellers.
- Number registration and monitoring. Numbers used in the calling operation should be registered with the carrier to enable A or B attestation, and their reputation should be monitored continuously. Numbers that begin accumulating complaints need to be rotated before they affect overall campaign performance.
- Real-time call analytics by number. A platform should be able to show you answer rate, connect rate, and flagging rate broken down by calling number. This lets you identify attestation or reputation problems at the number level before they degrade overall campaign results.
- Carrier whitelisting. Some platforms work directly with carriers to whitelist numbers used in legitimate outbound campaigns. This is separate from STIR/SHAKEN attestation but works alongside it to improve how carrier spam-scoring algorithms treat your calls.
Bigly Sales manages all of these components as part of its fully managed service. Number provisioning, registration, attestation management, and reputation monitoring are handled on the platform side, not delegated to the client’s team.
What to Ask Your Calling Platform About STIR/SHAKEN
If you are evaluating AI calling platforms or reviewing your current setup, these are the questions that surface whether a vendor has genuinely solved call authentication or is leaving the problem with you.
- What attestation level do my outbound calls typically receive? A vendor who cannot answer this or who says “it depends on your carrier” is not actively managing the problem.
- How are my outbound numbers provisioned? Are they registered directly with a carrier, or sourced through a reseller pool?
- Do you provide carrier whitelisting for your clients’ numbers? How does that process work?
- What happens when a number starts getting flagged? How quickly is it detected, and what is the remediation process?
- Do your local presence dialing numbers achieve A or B attestation? What carrier relationships support that?
These questions distinguish platforms that manage deliverability as infrastructure from those that handle it as an afterthought.
Frequently Asked Questions
What is STIR/SHAKEN in simple terms?
STIR/SHAKEN is a system that lets phone carriers attach a verified identity certificate to outbound calls. When your call arrives at the recipient’s carrier, that carrier checks the certificate and uses it to decide how to present or handle the call. Calls with strong certificates are less likely to be labeled as spam or screened.
What is an attestation level?
An attestation level is the trust rating that your originating carrier assigns to an outbound call. Level A means the carrier has fully verified your identity and your right to use the calling number. Level B means the identity is verified but the number ownership is uncertain. Level C means neither could be verified. A is the most trusted and C is the least.
Does STIR/SHAKEN prevent all spam calls?
No. STIR/SHAKEN authenticates the identity of the caller, but it does not determine whether the caller is behaving legitimately. A verified spammer can still receive A attestation if they own the number they are calling from. STIR/SHAKEN reduces spoofing and impersonation fraud, but carrier spam-scoring algorithms use additional signals beyond attestation level.
How do I know what attestation level my calls are receiving?
Your originating carrier or calling platform should be able to tell you. Most enterprise calling platforms provide call analytics that include attestation data. If your platform cannot surface this information, that is itself a warning sign about how closely your call authentication is being managed.
Can local presence dialing achieve A attestation?
Yes, but it requires that the local presence numbers are directly registered to your organization through a carrier relationship that supports full attestation. Numbers sourced from shared reseller pools typically achieve B attestation. The difference matters for answer rates at scale.
How does STIR/SHAKEN interact with TCPA compliance?
They are separate frameworks. TCPA governs the legal requirements for outbound calling, including consent requirements and DNC compliance. STIR/SHAKEN governs call authentication and delivery. A call can be fully TCPA-compliant and still receive low attestation if the number management is not set up correctly. Both need to be managed.
What is the TRACED Act?
The TRACED Act (Telephone Robocall Abuse Criminal Enforcement and Deterrence Act) is the 2019 federal law that directed the FCC to require phone carriers to implement STIR/SHAKEN authentication. Large carriers were required to comply by June 30, 2021.
What happens to a call with C attestation?
A C-attested call has no verified identity information. Terminating carriers and spam-scoring algorithms treat it with maximum suspicion. Depending on the carrier and the user’s device settings, a C-attested call may be silently dropped, routed directly to voicemail, or displayed with a fraud warning. C attestation is the riskiest outcome for any legitimate outbound calling operation.
What is carrier whitelisting and how does it relate to STIR/SHAKEN?
Carrier whitelisting is a separate process where a calling organization registers its numbers directly with carriers to signal legitimate business use. It works alongside STIR/SHAKEN attestation rather than replacing it. A number that is both A-attested and whitelisted with major carriers has the best chance of being delivered cleanly and answered.
How often should a business review its STIR/SHAKEN and number health status?
Continuously, not periodically. Attestation levels can change based on how a number is used, and spam-scoring algorithms update in real time. A number that was performing cleanly last week may have accumulated enough flagging signals to affect delivery this week. Platforms that monitor number health in real time and alert to changes are preferable to those that require manual reviews.
If your outbound team is grinding through low connect rates and burning through reps, Bigly Sales gives you a better way. Our AI voice agents qualify your leads, book appointments, and hand off warm prospects to your closers so your team spends every hour on real selling.
See what Bigly Sales can do for your pipeline at biglysales.com.
About Bigly Sales
Bigly Sales is an AI-powered outbound calling platform designed for sales teams that need to move faster, stay TCPA compliant, and scale without adding headcount. From insurance and mortgage to debt relief and solar, Bigly Sales helps high-velocity teams automate prospecting, qualify leads, and book more meetings with AI voice agents. Learn more at biglysales.com.
