Compliance Guide
STIR/SHAKEN & call authentication.
AI voice agent campaigns depend on calls actually being answered. STIR/SHAKEN call authentication is a key part of maintaining a healthy answer rate and protecting your caller ID from being labeled "Spam Likely."
Last reviewed: May 2026
Key Concepts
What every outbound caller needs to know about STIR/SHAKEN.
Call authentication is not just a regulatory checkbox — it directly affects whether your calls are answered or blocked before they ring.
What STIR/SHAKEN Does
Cryptographically signs outbound calls so receiving carriers can verify the caller-ID number matches the actual originating number — preventing caller-ID spoofing.
A / B / C Attestation
Three levels of trust. 'A' attestation (full) means the carrier verified you are authorized to use the number. 'B' and 'C' provide weaker assurances and receive lower trust scores.
Why Calls Are Labeled Spam
Spam labels come from analytics engines (First Orion, Hiya, TNS) that score numbers based on complaint volume, call patterns, and attestation signals — not from STIR/SHAKEN alone.
Number Registration
Registering your business numbers with analytics providers (Free Caller Registry, Hiya Business, First Orion) signals to those engines that your number belongs to a verified business.
Dedicated vs. Shared Numbers
Dedicated numbers build calling history specific to your business. Shared or recycled numbers inherit the history of previous users — including any spam flags they accumulated.
Carrier-Level Enforcement
Under the TRACED Act, carriers can block calls with missing or invalid STIR/SHAKEN tokens. Calls without valid attestation may be blocked before reaching the recipient.
How call authentication affects AI voice agent campaigns.
For an AI voice agent campaign to be effective, calls must be answered. A call labeled "Spam Likely" on the recipient's screen — or blocked entirely before ringing — is a failed contact regardless of how well the agent is configured. Call authentication is the infrastructure layer that determines whether your caller ID is trusted by receiving carriers and analytics engines.
How STIR/SHAKEN works
When a call originates from a carrier that implements STIR/SHAKEN, the originating carrier digitally signs the call with a cryptographic token (called a PASSporT) that includes the caller-ID number, the attestation level, and a timestamp. As the call traverses the phone network, receiving carriers and analytics engines verify the signature. If the caller-ID matches the certified originating number, the call carries a valid attestation. If the signature is missing, invalid, or the caller-ID doesn't match, the call may be flagged or blocked.
Full (A) attestation is the strongest signal — it means the originating carrier has verified that the calling party is authorized to use the caller-ID number being presented. Businesses should work with telephony providers that can deliver A-level attestation for their provisioned numbers.
Why spam labeling is a separate problem
STIR/SHAKEN addresses caller-ID spoofing — it confirms a number was not faked. But spam labeling is a different system, operated by third-party analytics providers like First Orion (which powers T-Mobile's "Scam Shield"), Hiya (which powers AT&T's "Call Protect"), and TNS. These engines score numbers based on consumer complaints, calling patterns (call frequency, call duration, time of day), and signals from STIR/SHAKEN attestation — but they are independent systems that reach their own conclusions.
A number with valid A attestation can still be labeled spam if it has accumulated complaints or if its calling pattern resembles robocall behavior. Conversely, a number with no STIR/SHAKEN token may not be labeled if it has a clean complaint history. Managing spam labeling requires proactive number registration, monitoring, and calling pattern discipline — not just carrier authentication.
How Workforce Wave supports authenticated outbound
Workforce Wave provisions outbound calling through carrier infrastructure that supports STIR/SHAKEN signing. Numbers provisioned on the WFW platform originate calls through carriers that implement attestation, giving outbound calls the authentication signal that receiving carriers and analytics engines look for. WFW also provides guidance on registering calling numbers with the Free Caller Registry and major analytics providers to reduce spam-labeling exposure.
Answer rate outcomes depend on factors including the number's complaint history, calling volume, and third-party analytics engine scoring — which are beyond direct platform control. A well-configured WFW campaign uses dedicated numbers, respects calling-time windows (which also signals non-spam behavior to analytics engines), and monitors for labeling issues via carrier reporting.
Common Questions
STIR/SHAKEN and call authentication questions.
What is STIR/SHAKEN?
STIR/SHAKEN is a set of technical standards for caller-ID authentication. STIR stands for Secure Telephone Identity Revisited; SHAKEN stands for Signature-based Handling of Asserted information using toKENs. Together, they allow telephone carriers to cryptographically sign outbound calls and verify that the caller-ID number presented matches the actual originating number. The standards were mandated by the FCC for major US carriers under the TRACED Act and have been required since 2021.
Why do legitimate business calls get labeled as 'Spam Likely'?
A call can be labeled 'Spam Likely' or 'Scam Risk' for several reasons: the originating number has been flagged in a third-party analytics database (such as First Orion or Hiya) due to complaint volume or calling pattern; the call was not authenticated via STIR/SHAKEN and lacks a valid attestation token; the carrier assigned a low trust score to the originating number; or the calling pattern resembles spam behavior (high volume, short duration, same number). Even a legitimate business number can accumulate flags if it's associated with high-volume calling.
What are the three STIR/SHAKEN attestation levels?
STIR/SHAKEN uses three attestation levels conveyed in a digital token called a PASSporT. 'A' attestation (full attestation) means the carrier has verified that the calling party is authorized to use the number being presented as the caller ID. 'B' attestation (partial attestation) means the carrier authenticated the call origination point but could not verify the called-party's right to the number. 'C' attestation (gateway attestation) means the call was authenticated only at the gateway — the weakest signal. Calls with A attestation receive the highest trust scores from receiving carriers.
Does STIR/SHAKEN prevent calls from being labeled as spam?
STIR/SHAKEN authentication improves caller-ID integrity by confirming that the number presented has not been spoofed, but it does not guarantee a call will not be labeled as spam. Spam labeling decisions are made by analytics engines maintained by companies like First Orion, Hiya, and TNS — which use call pattern data, consumer complaints, and carrier signals in addition to STIR/SHAKEN attestation. A number with a valid STIR/SHAKEN A attestation can still be labeled spam if it has accumulated complaints or calling patterns associated with spam behavior.
How can businesses improve their answer rates and reduce spam labeling?
Businesses can take several steps to reduce spam labeling: register calling numbers with analytics providers through programs like Free Caller Registry or direct registration with First Orion and Hiya; ensure outbound calls carry valid STIR/SHAKEN attestation through a compliant carrier; use dedicated numbers for specific call types rather than shared or recycled numbers; monitor numbers for complaint-based flags using analytics tools; and ensure calling patterns (volume, duration, time of day) align with legitimate business calling rather than robocall patterns.
What is the TRACED Act and how does it relate to STIR/SHAKEN?
The TRACED Act (Telephone Robocall Abuse Criminal Enforcement and Deterrence Act), signed in 2019, directed the FCC to require major US voice service providers to implement STIR/SHAKEN call authentication by June 2021. The Act also gave the FCC and DOJ broader authority to investigate and prosecute illegal robocallers. The TRACED Act is the legislative foundation that made STIR/SHAKEN implementation mandatory for US carriers, and it authorized the FCC to create a safe harbor for carriers that block calls failing STIR/SHAKEN standards.
How does Workforce Wave support STIR/SHAKEN authentication?
Workforce Wave supports authenticated outbound calling through carrier infrastructure that provides STIR/SHAKEN attestation for numbers provisioned on the platform. When you use dedicated numbers through WFW's telephony layer, outbound calls are originated through carriers that implement STIR/SHAKEN signing. Additionally, WFW provides guidance on caller-ID registration with major analytics providers to help reduce spam-labeling exposure. These are infrastructure-level supports — answer rate outcomes depend on factors including number history, call patterns, and third-party analytics engines beyond WFW's direct control.
Launch outbound AI calling with authenticated caller ID.
Workforce Wave routes outbound calls through carrier infrastructure that supports STIR/SHAKEN signing — giving your AI campaigns the authentication signal they need.