STIR/SHAKEN

STIR/SHAKEN

BWT is a fully participating carrier in the STIR/SHAKEN framework for caller ID authentication. We sign outbound calls with SHAKEN attestation and verify inbound signed calls.

What STIR/SHAKEN Is

For the benefit of anyone who ended up here and isn’t sure: STIR/SHAKEN is a framework for digitally signing telephone calls so that the receiving carrier (and ultimately the called party) can verify that the caller ID hasn’t been spoofed. STIR is the standard (Secure Telephone Identity Revisited); SHAKEN is the carrier implementation framework (Signature-based Handling of Asserted information using toKENs).

The FCC mandates STIR/SHAKEN implementation for IP-based voice service providers. BWT complies fully.

Our Implementation

Signing (Origination)

All calls originating from the BWT network carry a SHAKEN Identity header with a signed PASSporT token. We assign attestation levels as follows:

Full Attestation (A) - We have authenticated the calling party, and the calling number is one we have assigned to that customer. This is the highest level of attestation and indicates the call is legitimate to the best of our knowledge.

Partial Attestation (B) - We have authenticated the calling party (they are a known customer), but we cannot verify that the calling number is assigned to them. This occurs when a customer uses a number ported from another carrier that hasn’t yet been updated in our records, or uses a number they have legitimate use of but that isn’t directly assigned by us.

Gateway Attestation (C) - The call entered our network from a source where we cannot fully authenticate the calling party or the calling number. This is the lowest attestation level.

Verification (Termination)

On the termination side, we verify SHAKEN signatures on inbound calls when present. Verification results are available to our customers for use in their own call handling decisions.

Robocall Mitigation

BWT maintains a robocall mitigation program as required by the FCC’s rules under the TRACED Act. Our filing is current in the FCC’s Robocall Mitigation Database.

Our Program Includes:

  • Know Your Customer (KYC): We vet all customers before provisioning service. We verify identity, business legitimacy, and intended use of our services.
  • Acceptable Use Enforcement: Our Terms of Service explicitly prohibit robocalling, auto-dialing, and high-volume unsolicited calling. Violations result in immediate suspension.
  • Traffic Monitoring: We monitor traffic patterns for indicators of illegal robocalling, including short-duration call patterns, high call volumes to residential numbers, and complaints.
  • Traceback Cooperation: We participate fully in USTelecom’s Industry Traceback Group process. When we receive a traceback request, we respond within the required timeframe with the information needed to identify the source of illegal calls.
  • Source Accountability: When we identify a customer as the source of illegal robocall traffic, we take immediate action up to and including service termination.

For Other Carriers

If you’re a carrier and need to discuss STIR/SHAKEN interoperability with BWT, or if you have questions about our attestation practices, contact us at support@bwt.io.

If you’re performing a traceback and need information about a call that transited our network, email regulatory@bwt.io with the traceback details. We take these seriously and respond promptly.