Deploying STIR/SHAKEN as a Service – HardenStance Briefing
In an era of increasingly intensive, software-based, innovation, decisions to ‘build or buy’ new infrastructures and services are getting more complex for telecom operators. Whereas the call of tradition implores them to build themselves, the benefits of cloud and SaaS models beckon telcos to offload or outsource to specialized third parties.
One market space that HardenStance identifies as having ‘don’t go building this yourself’ written all over it is the new STIR/SHAKEN standard. This uses digital certificates based on common public key cryptography techniques to filter and block scam calls and unwanted robocalls driven by Caller ID spoofing. In North America, this has escalated into a major problem, with Americans now being plagued by tens of billions of these calls a year. US and Canadian regulators have intervened on behalf of consumers to mandate STIR/SHAKEN implementation by their domestic carriers.
For a telco, STIR/SHAKEN isn’t a capability that’s typically worth building up internally. It’s complex, it’s primarily a cost (albeit with a potential revenue upside, as will be shown). It’s not a capability that can be leveraged to materially grow revenues or reduce costs in other parts of the business either. Provided a vendor is trusted to have the expertise and commitment to the STIR/SHAKEN standard, and provided the price is right, HardenStance believes a cloud-based service model should be the default option for all but the very largest telcos.