STIR/SHAKEN and Caller ID trust for corporate VoIP

In 2026, corporate communications face significant challenges where trust in Caller ID becomes a key security element. The 2026–2027 horizon is relevant due to the rapid growth of telecom fraud and the need to adapt to new standards like STIR/SHAKEN, designed to counter these threats. Ignoring these changes can lead to financial losses and erode trust in business communications.

Telecom Fraud Threats and the Role of Legacy Protocols

The problem of telecom fraud remains one of the most acute in the industry. According to the CFCA Global Fraud Loss Survey 2025, global losses from telecom fraud in 2025 were estimated at approximately $41.82 billion. These figures highlight the scale of the issue, which directly impacts the corporate sector through phishing, spoofing, unauthorized calls, and other schemes. A significant portion of these threats exploits vulnerabilities in legacy signaling protocols.

In practice, many mobile networks still use protocols like SS7 and Diameter. These protocols, despite their functionality, were developed in an era when security was not a priority. As ENISA notes in its Threat Landscape 2025 report, exploiting these legacy protocols remains a substantial risk for mobile networks. This allows attackers to manipulate Caller ID, intercept calls, perform spoofing, and other types of fraud, undermining trust in calls and posing direct threats to corporate VoIP.

STIR/SHAKEN: A New Standard for Call Authentication

STIR/SHAKEN (Secure Telephone Identity Revisited / Signature-based Handling of Asserted information using Tokens) is a set of protocols designed to combat Caller ID spoofing. Its primary goal is to provide cryptographic authentication of Caller ID information, confirming that a call originates from a legitimate source and that the caller ID has not been tampered with.

At a high level, the mechanism works as follows: when a call is initiated, the originating carrier creates a digital signature for the Caller ID information using its private key. This signature is appended to the call’s SIP header. The receiving carrier, in turn, uses the originating carrier’s public key to verify this signature. If the signature is valid, it confirms that the Caller ID is authentic and has not been altered in transit. This allows the end-user or corporate VoIP system to display a trust level for the incoming call, for example, with a “verified caller” indicator.

Building Caller ID Trust: Challenges and Solutions for Corporations

For corporate VoIP, the lack of trust in Caller ID creates a range of problems, from reduced productivity due to important calls being filtered as spam to direct financial losses from fraud. Companies that ignore this issue risk damaging their reputation, as their outgoing calls may be flagged as potential spam, and incoming calls will be susceptible to fraud.

The solution lies in proactively implementing mechanisms that support STIR/SHAKEN. This requires not only updating technical infrastructure but also integrating with communication providers that already support these protocols. For example, DooxSwitch Platform (a corporate communications management platform from Softengi) provides tools for integration with new authentication standards, enabling corporations to effectively manage calls and their verification.

A Common Mistake: Ignoring Business Processes When Implementing New Communication Technologies

Companies often focus solely on the technical aspects of implementing new technologies, forgetting their impact on business processes. In the case of STIR/SHAKEN and Caller ID trust, this can lead to inefficiency. For instance, if an authentication system is implemented but internal policies are not adapted, employees may ignore trust indicators or not understand their significance, negating the technology’s benefits.

In 2026, it is crucial to approach STIR/SHAKEN implementation comprehensively, reviewing internal procedures for handling incoming and outgoing calls. This includes staff training, updating instructions, and integrating call verification data into CRM systems or other business applications. Without this, even the most advanced technology will not yield the expected results.

Adapting Corporate VoIP to the STIR/SHAKEN Era: Practical Steps

For successful adaptation to STIR/SHAKEN requirements and enhancing Caller ID trust, corporations should take a series of practical steps:

Corporate VoIP System Readiness Checklist for STIR/SHAKEN

The Future of Corporate Communications: 5G and Call Authentication

During 2026–2027, there is active deployment of 5G standalone services and growth in 5G subscriptions. According to the Ericsson Mobility Report November 2025, 5G will become the dominant mobile access technology by subscription count by the end of 2027. This opens new opportunities for corporate communications but also introduces new security and authentication requirements.

5G, with its low latency and high bandwidth, provides a foundation for more reliable and secure VoIP solutions. However, without proper call authentication, even the most advanced networks will remain vulnerable to fraud. Integrating STIR/SHAKEN with 5G infrastructure is key to ensuring the integrity and trust of voice communications in the future. Companies that invest in relevant technologies and processes today will be better prepared for the challenges and opportunities that the 5G era will bring.

Corporate VoIP systems require proactive implementation of STIR/SHAKEN protocols and building Caller ID trust to protect against fraud, ensure communication reliability, and comply with future telecom industry standards. This is not just a technical upgrade but a strategic investment in business security and efficiency.