---
title: "What STIR/SHAKEN obligations apply to white-label softphone operators?"
topic: "Compliance & Legal"
updated: 2026-05-06
canonical: https://acrobits.net/resources/knowledge-base/stir-shaken-white-label/
summary: "Your customers are complaining that their outbound calls show up as \"Spam Likely.\" Or worse — calls aren't connecting at all. The problem isn't your softphone app. It's your SIP trunk provider's STIR/SHAKEN compliance."
---

# What STIR/SHAKEN obligations apply to white-label softphone operators?

> Your customers are complaining that their outbound calls show up as "Spam Likely." Or worse — calls aren't connecting at all. The problem isn't your softphone app. It's your SIP trunk provider's STIR/SHAKEN compliance.

Your customers are complaining that their outbound calls show up as "Spam Likely." Or worse — calls aren't connecting at all. The problem isn't your softphone app. It's your SIP trunk provider's STIR/SHAKEN compliance.

## What STIR/SHAKEN Actually Does

STIR/SHAKEN is a caller ID authentication framework mandated by the FCC since June 2021. It works like a digital signature for phone calls.

When a call is placed, the originating carrier cryptographically signs it with an attestation level:

AttestationMeaningImpact on Delivery

**Full (A)**Carrier verified the caller's identity and their right to use that numberCalls go through normally
**Partial (B)**Carrier verified the caller but not their right to that specific numberMay trigger warnings on some devices
**Gateway (C)**Carrier received the call from an international gateway or can't verify the callerFrequently flagged or blocked
**None**No signature attachedIncreasingly blocked by receiving carriers

The receiving carrier checks the signature. If it's missing or low-level, the call gets flagged, labeled as spam, or silently dropped. This is happening more aggressively every quarter as carriers tighten their analytics.

## Who Signs the Call? (It's Not You)

Here's the part that confuses operators entering the white-label space: **you don't sign calls.** Your softphone app doesn't sign calls. Your white-label vendor doesn't sign calls.

The originating carrier — your SIP trunk provider — is responsible for signing every outbound call with a STIR/SHAKEN attestation. They hold the certificate. They apply the signature. They determine the attestation level.

Your softphone app is a client. It sends SIP INVITE messages to your trunk provider's infrastructure. From there, your trunk provider originates the call into the PSTN and attaches the attestation.

This means your call quality depends entirely on a decision made by a company you may not have evaluated for STIR/SHAKEN compliance.

## What You Need to Verify With Your Trunk Provider

Before you sign a trunk agreement — or if you're already seeing spam flags — ask these questions:

**1. Are you registered in the STI-PA database?**

Every carrier that signs calls must be registered with the Secure Telephone Identity Policy Administrator. You can check the [FCC Robocall Mitigation Database](https://fccprod.servicenowservices.com/rmd) yourself.

**2. What attestation level do my calls receive?**

Full (A) attestation is what you want. If your trunk provider can only offer Partial (B) or Gateway (C), your calls will be treated as lower trust by receiving carriers.

**3. Do you support number validation for my [DIDs](/voip-glossary/did/)?**

Full attestation requires that the trunk provider can confirm your right to use each number. If you bring your own numbers (LNP/ported), make sure the provider's system recognizes them.

**4. What happens if attestation fails?**

Some providers fall back silently to unsigned calls. Others reject the call. Know which behavior you're getting.

**5. Do you have a SHAKEN certificate from an approved CA?**

The certificate must come from an STI-approved Certificate Authority. Not all providers have completed this step, especially smaller regional carriers.

## Where Cloud Softphone Fits

Cloud Softphone operates at the application layer. It handles SIP registration, call setup, audio/video, and push notifications. When a user dials a number, the app sends a standard SIP INVITE to whatever SIP infrastructure you've configured.

Cloud Softphone passes through the caller ID exactly as configured in your provisioning. It doesn't modify, strip, or inject caller ID information. It doesn't touch STIR/SHAKEN attestation because that process happens downstream at the trunk level.

This is by design. A softphone app that attempted to modify attestation would be overstepping its role — and would likely break compliance rather than help it.

## What Operators Should Do Today

If you're launching a branded softphone service, STIR/SHAKEN compliance is a trunk-side checklist item, not an app-side one. But ignoring it means your subscribers' calls get flagged, and they'll blame your app.

Three steps to protect your service:

  - **Audit your trunk provider** using the questions above. Verify their STI-PA registration.

  - **Test outbound calls** to major carriers (AT&T, T-Mobile, Verizon) and check whether your number shows as verified or flagged.

  - **Monitor ongoing attestation** — trunk providers can lose compliance status. Build a quarterly check into your operations.

Your app delivers the experience. Your trunk provider delivers the trust. Make sure both are doing their job.

*Running a white-label softphone service? [Learn how Cloud Softphone integrates with your existing SIP infrastructure](/cloud-softphone/) — no attestation headaches on the app side.* STIR/SHAKEN is one of several obligations that attach when you add voice; the related [E911 and legal requirements for ISPs adding voice](/blog/cloud-softphone/e911-legal-isp-voice/) activate at the same time.

{
  "@context": "https://schema.org",
  "@type": "Article",
  "headline": "STIR/SHAKEN Obligations for White-Label Softphone Operators",
  "description": "Your customers are complaining that their outbound calls show up as \"Spam Likely.\" Or worse — calls aren't connecting at all. The problem isn't your softphone app. It's your SIP trunk provider's ST...",
  "url": "https://acrobits.net/blog/cloud-softphone/stir-shaken-white-label/",
  "datePublished": "2026-05-06T09:00:00Z",
  "dateModified": "2026-05-06T09:00:00Z",
  "author": {"@type": "Organization", "name": "Acrobits"},
  "publisher": {"@type": "Organization", "name": "Acrobits", "url": "https://acrobits.net"}
}
