October 5, 2022
Analyzing Attestation Ratings and STIR/SHAKEN Signed Robocalls
Ideally, STIR/SHAKEN signatures should put an end to robocalls that don’t follow strict regulations. The caller authentication technology has made some progress. Still, trends show that a surprising number of robocalls slip through. An unacceptable percentage of those robocalls even receive attestation ratings that supposedly verify their origins.
A closer look at numbers released by TransNexus shows several interesting trends. Perhaps most importantly, they suggest the FCC needs to implement more regulations to stop robocalls that erode consumer trust and damage the reputations of legitimate organizations.
The Role of Attestation Ratings
Attestation ratings tell you the accuracy of a call’s origin. STIR/SHAKEN uses a three-tier scale:
- A status (Full Attestation) – The service provider has authorized the call as coming from the correct origin, so consumers should feel confident answering their phones.
- B status (Partial Attestation) – The service provider can verify where the call comes from but cannot verify that the caller owns the number.
- C status (Gateway Attestation) – The service provider can verify the call’s origin but cannot verify its source, a situation that typically applies to international calls.
Robocalls should not receive any of these statuses because they’re considered “unsigned” calls. Despite this, most robocalls get partial or gateway attestation.
TransNexus’s numbers show that the majority of robocalls receive C attestation levels. In August, robocalls fell into the following categories:
- C status – 37.6%
- B status – 26.52%
- Unsigned – 7.04%
- A status – 3.42%
- Call errors – 3.14%
This continues a trend that has been evolving throughout 2022. The percentage of A-status robocalls has remained under 5% since March. That’s good news because it shows consumers typically trust calls with the highest verification level. The industry wants the percentage to reach zero, but 3.42% shows a laudable effort.
B-status robocalls peaked slightly above 35% in June and have fallen steadily since. They’re still high but moving in the right direction.
C-status robocall percentages are more erratic. They climbed from about 10% in April to over 40% in May. After dips in June and July, they increased again in August.
Robocalls that receive C attestation statuses create the most problems. People receiving the calls might assume they’re legitimate. Unfortunately, a loophole makes it possible for potential scammers to avoid the STIR/SHAKEN protocol.
Non-IP SHAKEN Exemption Causing Problems
The loophole comes from an FCC exemption for non-IP service providers. The FCC correctly assumes that service providers using non-IP networks cannot conform to STIR/SHAKEN standards. They simply don’t have the technology to evaluate call origins and assign attestation statuses.
Again, the TransNexus report shows a positive trend that should lead to fewer robocalls getting signed and receiving any attestation status. Critically, the number of SHAKEN-authorized providers keeps increasing. The percentage grew by 13.2% in July and 5.3% in August, bringing the total to 721 service providers.
While the FCC and most service providers like seeing that increase, the percentage of signed robocalls that reach terminating service providers (TOS) has stayed around 24%. The stagnant percentage suggests that the non-IP exemption allows some companies to exploit the system.
When you only look at the attestation ratings of calls received by TOS, you see:
- Unsigned – 77.51%
- A status – 15.33%
- B status – 2.98%
- C status – 2.24%
- Call errors – 1.94%
It’s concerning that more than 15% of calls exempt from the STIR/SHAKEN protocol receive full attestation (A status). Full attestation should only apply to calls from a confirmed owner’s number. The loophole makes it impossible for consumers and businesses to trust that the system works flawlessly, so most people will keep feeling wary of incoming calls.
Further FCC Regulations Required to Stop Robocalls
As long as the FCC exemption exists, some organizations will use the loophole to place unwanted robocalls to North American consumers. While it helps that more service providers adhere to the STIR/SHAKEN framework, several companies did not meet the FCC’s deadline and continue dragging their feet even after the agency cited two voice providers, Bandwidth Inc. and Vonage Holdings, for non-compliance.
Calls coming into North America from other countries make enforcement even more challenging. The FCC has taken steps to hold gateway providers responsible when they connect international calls. Still, the research from TransNexus shows that the industry needs further regulation. To the FCC’s credit, the STIR/SHAKEN framework has made call spoofing much more difficult for scammers. Robocalls remain a frustrating nuisance for Americans.
Tackling this problem relies on the FCC enforcing stricter regulations that protect consumers and help legitimate organizations rebuild trust. Until that happens, robocalls will continue annoying the public.
Take Control of Your Call Reputation
While you wait for the FCC to develop an action plan, you can take control of your phone number reputations by getting started with Caller ID Reputation. Caller ID Reputation helps you connect with your contacts by giving real-time information about your call center KPIs, alerts when numbers receive negative labels or flags, and actual device testing that shows you what your contacts see when you call them.
Start a 5-day free trial to see how Caller ID Reputation improves your call center’s success.