STIR/SHAKEN and Caller ID trust for corporate VoIP

In 2026, corporate communications face significant challenges, with trust in Caller ID becoming a key element of security. The 2026–2027 horizon is highly relevant due to the rapid growth of telecom fraud and the need to adapt to new standards such as STIR/SHAKEN, which are designed to counteract these threats. Ignoring these changes can lead to financial losses and undermine trust in business communications.

Telecom Fraud Threats and the Role of Legacy Protocols

The problem of telecom fraud remains one of the most acute in the industry. According to the CFCA Global Fraud Loss Survey 2025 report, global losses from telecom fraud in 2025 were estimated at approximately $41.82 billion. These figures highlight the scale of the problem, which directly impacts the corporate sector through phishing, spoofing, unauthorized calls, and other schemes. A significant portion of these threats exploits the vulnerabilities of legacy signaling protocols.

In practice, many mobile networks still use protocols such as SS7 and Diameter. Despite their functionality, these protocols were developed in an era when security was not a top priority. As ENISA notes in its Threat Landscape 2025 report, the exploitation of these legacy protocols remains a significant risk for mobile networks. This allows attackers to manipulate Caller ID, intercept calls, perform spoofing, and commit other types of fraud, which undermines trust in calls and poses direct threats to corporate VoIP.

STIR/SHAKEN: A New Standard for Call Authentication

STIR/SHAKEN (Secure Telephone Identity Revisited / Signature-based Handling of Asserted information using Tokens) is a suite of protocols developed to combat Caller ID spoofing. Its primary goal is to provide cryptographic authentication of Caller ID information, verifying that the call originates from a legitimate source and that the caller identity has not been tampered with.

At a high level, the mechanism works as follows: when a call is initiated, the originating carrier creates a digital signature for the Caller ID information using its private key. This signature is added to the call’s SIP header. The terminating carrier, in turn, uses the originating carrier’s public key to verify this signature. If the signature is valid, it confirms that the Caller ID is authentic and was not altered during transit. This allows the end user or corporate VoIP system to display the level of trust for the incoming call, for example, with a “verified caller” label.

Building Trust in Caller ID: Challenges and Solutions for Corporations

For corporate VoIP, the lack of trust in Caller ID creates a range of issues: from decreased productivity due to important calls being filtered out as spam to direct financial losses from fraud. Companies that ignore this problem risk damaging their reputation, as their outbound calls may be flagged as potential spam, while inbound calls will expose the company to the risk of fraud.

The solution lies in the proactive implementation of mechanisms that support STIR/SHAKEN. This requires not only upgrading the technical infrastructure but also integrating with telecom carriers that already support these protocols. For instance, the DooxSwitch Platform (a corporate communications management platform from Softengi) provides tools for integration with new authentication standards, allowing corporations to effectively manage calls and their verification.

A Typical Mistake: Ignoring Business Processes When Implementing New Communication Technologies

Often, companies focus exclusively on the technical aspects of implementing new technologies, forgetting about their impact on business processes. In the case of STIR/SHAKEN and trust in Caller ID, this can lead to inefficiencies. For example, if the authentication system is implemented but internal policies are not adapted, employees may ignore trust labels or fail to understand their meaning. This negates the benefits of the technology.

In 2026, it is crucial to approach STIR/SHAKEN implementation comprehensively, reviewing internal procedures for handling inbound and outbound calls. This includes staff training, updating guidelines, and integrating call verification data into CRM systems or other business applications. Without this, even the most advanced technology will not deliver the expected results.

Adapting Corporate VoIP to the STIR/SHAKEN Era: Practical Steps

For successful adaptation to STIR/SHAKEN requirements and to increase trust in Caller ID, corporations should take a series of practical steps:

Corporate VoIP System Readiness Checklist for STIR/SHAKEN

The Future of Corporate Communications: 5G and Call Authentication

The 2026–2027 period sees the active rollout of 5G Standalone services and a growing number of 5G subscriptions. According to the Ericsson Mobility Report November 2025 forecast, 5G will become the dominant mobile access technology by subscription count by the end of 2027. This opens up new opportunities for corporate communications while also introducing new requirements for security and authentication.

Thanks to its low latency and high bandwidth, 5G networks provide the foundation for more reliable and secure VoIP solutions. However, without proper call authentication, even the most advanced networks will remain vulnerable to fraud. Integrating STIR/SHAKEN with 5G infrastructure is key to ensuring integrity and trust in voice communications moving forward. Companies investing in relevant technologies and processes today will be better prepared for the challenges and opportunities brought by the 5G era.

Corporate VoIP systems require the proactive implementation of STIR/SHAKEN protocols and the establishment of trust in Caller ID to protect against fraud, ensure communication reliability, and comply with future telecom industry standards. This is not just a technical upgrade, but a strategic investment in business security and efficiency.