STIR/SHAKEN: When James Bond makes his way to your mobile phone

Since November 30, 2021, the CRTC has required Canadian telecommunications service providers to implement the STIR/SHAKEN standards. James Bond enthusiasts initially raised eyebrows at this acronym, but what does Agent 007, who prefers his martinis “shaken, not stirred,” have to do with the fight against unwanted calls? Let’s look at the story behind these new standards.

A “geek” moment

Unsolicited calls, whether made for business or fraudulent reasons, have been a nuisance for years. In the 1990s, the introduction of call displays made it possible for customers to better recognize unwanted telephone calls. Who has not already sent to voicemail a number that looks like it comes from abroad, for fear of answering another robocall? As with all scams, fraudsters have adapted their practices over time. It’s now pretty easy for them to fool your call display with a fake phone number that looks trustworthy (from your community, for example). This phenomenon is called caller identity spoofing.

With the growth of this technique and increase in unwanted calls—nearly 2.5 billion robocalls are made every month in the United States—industry players have taken action. According to Jim McEachern, senior technology consultant for the Alliance for Telecommunications Industry Solutions, it is against this backdrop that the STIR/SHAKEN acronym was created.

The first verification system proposed by the industry was called STIR, which is the Secure Telephone Identity Revisited. McEachern, a James Bond fan, picked up the ball: “STIR already existed, so we knew we had to call the new system SHAKEN. We tortured the English language until we came up with an acronym,” he told the Los Angeles Times. The framework for the implementation of the STIR protocol was therefore titled Signature-based Handling of Asserted Information Using TokENs. A bit far-fetched? Perhaps, but the reference to the famous secret agent is nice. The consultant himself admits that “it was a geek moment!”

How does it work?

The STIR/SHAKEN standards are used to authenticate and verify caller identity. In short, the caller’s telecommunications service provider authenticates their identity by assigning an electronic signature to the call. The recipient’s service provider then verifies the signature. If valid, a green checkmark and the word “Verified” appear on the recipient’s display when the call is received.

These standards are being rolled out gradually and are not being implemented for all calls. Several conditions must be met for a caller’s number to appear verified. For more information, visit our STIR/SHAKEN Mobile Standards support page.

Combatting unwanted calls

The CRTC anticipates that this technological verification framework will help deter fraudsters and reduce the number of unsolicited calls received by the public. In the meantime, you can still register your number on the National Do Not Call List. If you have a recent device, you may soon see a small green checkmark on your display when you receive calls from a verified number. You can then thank James Bond for your peace of mind!