LineShield
Free audit
← All research
Compliance·November 11, 2025·Insurance Dudes Research Team

STIR/SHAKEN for Insurance Agents: A Plain-English Guide

STIR/SHAKEN explained for insurance agents. What attestation levels A, B, and C mean, why they matter, and how to verify your own calls.

Short answer

STIR/SHAKEN is the federally mandated call-authentication framework that signs every outbound US call with one of three attestation levels — A (full: your carrier verifies you and that you own the number), B (partial: verifies you but not the number), or C (gateway: the call entered the carrier's network from elsewhere). Level B and C calls are increasingly deprioritized, labeled, or blocked by terminating carriers. The rules are codified at 47 CFR 64.6301–64.6305 (eCFR), and the FCC's Eighth Report and Order (effective September 18, 2025) made originating providers explicitly responsible for attestation-level decisions (Federal Register 2025). Most insurance agents are unknowingly signing at Level B; a meaningful minority are at Level C.

If your dialer vendor told you STIR/SHAKEN was "handled" and moved on, you should probably double-check. STIR/SHAKEN is the federally mandated call authentication framework that signs every outbound call with a trust level — A, B, or C — and that level quietly determines whether your call rings as "Verified" or gets silently demoted on the receiving network. This post is the plain-English version every agent should have read two years ago.

What STIR/SHAKEN actually does

STIR/SHAKEN is two intertwined specs:

  • STIR (Secure Telephony Identity Revisited) is the cryptographic standard. It defines how a carrier signs a call with a digital certificate that proves the call came from a legitimate source.
  • SHAKEN (Signature-based Handling of Asserted information using toKENs) is the carrier-to-carrier framework that actually moves those signatures across the US telephone network.

Together, they answer one question: "Can the terminating carrier trust that the calling number on this call is real?" If yes, the call rings normally. If no, the call can be downgraded, labeled, or in some cases blocked outright.

The FCC mandated STIR/SHAKEN deployment on IP networks for most US carriers starting June 30, 2021, with subsequent deadlines closing the loopholes for small carriers, gateway carriers, and non-IP networks (FCC Call Authentication overview). In 2026, effectively every domestic outbound call on a modern network is getting signed by something — TNS's 2025 data shows 85% of inter-Tier-1 traffic was signed, with 93% of that signed traffic at Level A (TNS 2025 Robocall Report). Among smaller carriers the figure drops to around 17.5% signed — which is exactly the gap the Eighth Report and Order was written to close.

The three attestation levels — this is the part that matters

When your carrier signs your call, they stamp it with one of three attestation levels. This is the single most important concept in STIR/SHAKEN for agents to understand.

LevelNameWhat the carrier is asserting
AFull Attestation"I know this customer, I assigned them this number, and I verify they have the right to use it."
BPartial Attestation"I know this customer, but I can't verify they own this specific number."
CGateway Attestation"This call entered my network from somewhere else. I can't verify the customer or the number."

Most agents are getting signed at Level B. A meaningful minority are getting signed at Level C without realizing it. Almost nobody checks. Industry guidance is blunt: calls below Level A are at increasing risk of being tagged as spam or outright blocked by the terminating provider (TransUnion — STIR/SHAKEN attestation levels).

Why it matters

Terminating carriers treat the three levels very differently:

  • Level A calls can display "Verified Caller" (checkmark or green shield depending on handset). They are most resistant to being downgraded by analytics engines.
  • Level B calls display normally but carry slightly higher scrutiny in reputation scoring.
  • Level C calls are increasingly being labeled, deprioritized, or in some cases silently blocked — particularly on T-Mobile's network.

Read that again. If your carrier is signing at Level C, you can have a perfectly clean reputation and still have calls never ring because the terminating carrier treats unauthenticated traffic as suspicious by default.

Why agents get stuck at Level B or C

Level A requires the carrier to have a verifiable relationship between you, your business entity, and the specific DID you are calling from. That chain breaks in four common ways:

  1. Ported-in numbers where the ownership record was never updated. You brought the number over from a prior provider but the LOA and ownership attestation paperwork never caught up.
  2. Shared DID pools. If your dialer uses a shared pool of outbound numbers across many customers, the carrier cannot assert that you specifically own this number today.
  3. Reseller chains. If you buy service from a VoIP reseller who buys from an upstream carrier, the Level A chain often breaks at the reseller boundary.
  4. Consumer-grade VoIP treated as business. Some consumer VoIP platforms sign at B by default because they were not designed for regulated outbound at scale.

Operator reports mirror this exactly. On the VoIP.ms community forum, a thread titled "STIR/SHAKEN attestation level set to B" documented a common pattern where carriers default to B for business customers even when the DID is clearly owned and assigned to a specific entity, requiring a ticket and re-attestation to move to A (VoIP.ms community thread).

How to find out what attestation level you are actually getting

Three ways:

  1. Ask your carrier, in writing, for the attestation level on your outbound calls. Get it in an email so you can reference it later. Under the Eighth Report and Order, originating providers now have a documented, non-delegable responsibility for attestation-level decisions (Telnyx — Eighth Report summary).
  2. Call a phone that displays attestation. Some modern Android handsets (and a growing number of iOS builds) indicate verified status visually.
  3. Pull the PASSporT. Any terminating carrier can show you the SIP INVITE header on a received call. The verstat parameter in the Identity header will tell you TN-Validation-Passed-A, TN-Validation-Passed-B, TN-Validation-Passed-C, or TN-Validation-Failed.

Most agents will never run a SIP trace themselves. Asking the carrier in writing is the realistic path.

What STIR/SHAKEN does NOT solve

This is the confusion that gets agents burned. STIR/SHAKEN is about authentication, not reputation.

STIR/SHAKEN handlesSTIR/SHAKEN does NOT handle
"Is this caller spoofing a number they don't own?""Does this number have a history of spam complaints?"
"Is this call traceable if it turns out to be fraud?""Is the CNAM name accurate?"
"Did this call originate on a legitimate US carrier?""Should this call be labeled Scam Likely?"

Level A attestation does not exempt you from being labeled "Scam Likely" by Hiya Inc., TNS, or First Orion. The analytics layer sits downstream of authentication. TNS's 2026 report even flagged over-attestation as an emerging problem — up to 13% of traffic using invalid numbers was signed Level A in 2025 — which is pushing terminating carriers to weight reputation scores more heavily even on signed traffic (TNS 2026 Robocall Investigation Report). See SCAM LIKELY: Why Your Outbound Calls Are Getting Flagged for the full labeling picture.

What an agent should actually do

  1. Verify your attestation level with your carrier in writing.
  2. If you are at Level B or C, ask specifically what it would take to move to Level A — often it is a simple ownership re-attestation form.
  3. Get off shared DID pools. Dedicated numbers, tied to your entity, sign cleaner.
  4. Keep your entity name consistent across STIR/SHAKEN signing, CNAM, and branded-calling enrollment. Mismatches penalize you.
  5. Re-verify annually. Your carrier may change signing policies, your numbers may be re-categorized.

Small carriers and the Robocall Mitigation Database

One detail worth knowing: originating carriers who cannot sign at Level A for all traffic are required to file a Robocall Mitigation Plan in the FCC's RMD (Robocall Mitigation Database). If your carrier is using a mitigation plan as a substitute for proper attestation, you are in the "best effort" bucket. That is not necessarily bad, but it is worth knowing where you stand.

You can search the RMD directly at the FCC's public database to see whether your carrier is filed and what they claim (FCC Call Authentication — RMD link).

FAQ

Q: What is the difference between STIR/SHAKEN attestation level A vs B vs C? A: Level A means the originating carrier has verified both the customer identity and their right to use the specific calling number. Level B verifies the customer but not the number. Level C is gateway attestation — the call entered the carrier's network from somewhere else, and the carrier can attest to neither the customer nor the number. Terminating carriers trust A the most; B and C are increasingly scrutinized or blocked.

Q: Does STIR/SHAKEN cost me anything? A: The underlying signing is baked into modern carrier pricing. Moving to Level A may require paperwork but typically no additional fee. Some carriers do upsell "Level A guarantee" packages, which is mostly administrative hand-holding.

Q: If I get Level A, will my call ring "Verified"? A: Level A is a prerequisite for the verified display on some handsets, but the display layer is controlled by the terminating carrier and its analytics vendor. Level A raises the ceiling; it does not guarantee the display.

Q: Can I sign my own calls? A: No. Only approved US carriers (technically, service providers with an OCN and access to the STI-PA, the policy administrator) can sign STIR/SHAKEN calls. The Eighth Report and Order also clarified that providers may use a third-party authenticator but must retain responsibility for attestation decisions and use their own certificate (Federal Register 2025).

Q: Do calls to landlines use STIR/SHAKEN? A: STIR/SHAKEN signs IP-originated calls. Calls that terminate on non-IP (TDM) networks lose the signature at the interconnection point, but the FCC has extended enforcement to cover gateway carriers and non-IP interconnects.

Q: Does STIR/SHAKEN apply internationally? A: Not uniformly. The US is the most mature deployment. Canada uses the same framework. Most other countries are in earlier stages.

Q: Will STIR/SHAKEN stop me from being labeled "Spam Risk"? A: No. Labeling is a reputation-analytics function that operates above the authentication layer. Good STIR/SHAKEN helps reputation; it does not replace it. See What a "Clean" DID Actually Looks Like in 2026.

Q: Who is responsible if my calls are downgraded for bad attestation — me or my carrier? A: Operationally, you. Contractually, your carrier signed the call and owes you a clear attestation level. Under 47 CFR 64.6301 and the Eighth Report and Order, the originating provider must make and document attestation decisions, which gives you a written-record lever to push on.

Q: How do I look up my carrier in the Robocall Mitigation Database? A: The FCC hosts the public RMD; any originating provider should be filed there with either a full STIR/SHAKEN implementation certification or a robocall mitigation plan. Entries are searchable by provider name and OCN.

Stop guessing. Run the audit.

LineAudit checks your first 20 DIDs free. You'll see exactly which numbers are flagged, mis-registered, or at risk — in 30 seconds.

Run Free Audit →

Published by
Insurance Dudes Research Team
Phone reputation research for insurance agents · November 11, 2025

Related research

Compliance
2026 Outlook: Telephony Regulation Changes Every Agent Should Know
Compliance
Call Abandonment and Its Impact on Carrier Reputation
Compliance
TCPA 2026: What the New Consent Rules Mean for Agent Dialers