For years, voice security centered on a single question: “Is this caller ID authentic?” In many ways, STIR/SHAKEN answered it: If a call originates from a suspicious source or uses a spoofed number, the framework can help identify that risk before it reaches a recipient or drives up handle time.
But despite being a foundational tool for reducing unwanted calls, STIR/SHAKEN can’t prove that the person or organization behind the call is trustworthy. Fraud operators continue to exploit that visibility gap, with more than 4 billion robocalls placed in April 2026 alone.
Today’s challenge is no longer just verifying who a caller claims to be; it’s understanding how it reached you in the first place. And increasingly, that path runs through gaps in carrier networks, routing infrastructure, and attestation practices that can make illegitimate traffic appear trustworthy.
This blog explores where STIR/SHAKEN falls short, why understanding a call's origin matters, and what signals are critical for businesses to accurately identify and mitigate unwanted calls.
Why STIR/SHAKEN authentication is not enough to confirm call trust
STIR/SHAKEN introduced a crucial trust layer for domestic voice traffic, equipping carriers with a way to verify that caller ID information has not been tampered with in transit. However, it wasn’t designed to provide end-to-end visibility into a call’s journey across multiple networks.
Calls often traverse a patchwork of modern IP and legacy non-IP networks. At each handoff, authentication data can be stripped, degraded, or inconsistently preserved. As a result, calls may appear legitimate according to STIR/SHAKEN, but there may be authentication risks hidden beneath the surface.
In fact, up to 1 in 5 (20%) traffic segments receive inflated attestations from non-originating providers. In other cases, identity headers may be incomplete or missing altogether, limiting the ability for downstream providers to accurately assess trust.
How fraudsters are exploiting routing gaps to evade detection
Illegal robocall operations increasingly combine caller ID manipulation with routing-level techniques that obscure call origin across telecom infrastructure. For most authentication systems that verify calls at the network border or after they have already entered the environment, nuisance and nefarious calls can perfectly mirror legitimate ones.
Common nuisance call techniques include:
- SIM boxing: Bad actors use physical SIM cards to inject traffic into domestic mobile networks, allowing calls to appear locally originated and bypassing international termination controls.
- International grey routing or traffic pumping: A call is routed through low-governance jurisdictions with weak “Know Your Customer” practices to obscure its origin and blend into legitimate-looking local traffic.
- Telecom arbitrage and intermediary routing: Calls are passed through lower-cost carriers to reduce termination costs, sometimes degrading visibility into origin and influencing downstream trust signals.
Legitimate international callers, offshore employees, and roaming users may generate similar traffic patterns, making overly aggressive blocking risky. This creates a persistent balancing act between fraud prevention and false positives.
Regulatory efforts are underway to tighten the network through SIP origination requirements, stricter numbering policies, and improved transparency for international traffic, increasing urgency for organizations to evolve their risk detection frameworks.
Why businesses need a layered trust model
Because nuisance traffic increasingly mirrors legitimate behavior, organizations need to evaluate risk before a call reaches an IVR, virtual agent, or live representative. No single signal is sufficient; trust must be inferred from multiple data elements across the call path.
By combining attestation data with carrier reputation, historical caller behavior, and routing patterns, businesses can form a more complete view of risk than caller authentication alone.
Evolve beyond attestation to establish real trust
While STIR/SHAKEN remains a foundational advancement in telecom fraud prevention, limited call provenance visibility, uneven attestation practices, and multi-network call paths have increasingly difficult to detect from legitimate ones.
Effective risk mitigation depends on understanding not just who is calling, but how the call arrived. That requires pre-call signals that reveal call origin, routing behavior, carrier reputation, and traffic patterns — context that caller ID authentication alone cannot provide.
FreeClimb Risk Scoring Services classify risk at the earliest point — before a connection is established — by analyzing upstream carrier signaling, SIP-level metadata, and large-scale historical call patterns. Proven in the market for 7+ years, our pre-answer risk detection tools operate directly in the call path to surface fragments of truth about a caller that third-party overlays can’t. With a more comprehensive view of risk, businesses can precisely classify caller risk, reduce fraud exposure, and streamline the experience for legitimate callers.