Definition of Attestation Level:
This indicator allows for both identifying the service provider that is vouching for the call as well as clearly
indicating what information the service provider is attesting to. This is the primary robocall mitigation within the SHAKEN framework. As of the date of this documentation (April 2021) we clearly define the following three (3) levels of attestation:
Full Attestation (Attestation A): The signing provider shall satisfy all of the following conditions:
Provider Is responsible for the origination of the call onto the IP based service provider voice network.
Provider Has a direct authenticated relationship with the customer and can identify the customer.
Has established a verified association with the telephone number used for the call.
INTERNAL USE ONLY FOR ATTESTATION LEVEL A: The signing provider is asserting that their customer can “legitimately” use the number that appears as the calling party (i.e., the Caller ID). The legitimacy of the telephone number(s) the originator of the call can use is subject to signer-specific policy. Those policies are so far defined as:
The number was assigned to this customer by the signing service provider.
This number is one of a range of numbers assigned to an enterprise or wholesale customer.
The signing service provider has ascertained that the customer is authorized to use a number (e.g., by business agreement or evidence the customer has access to use the number). This includes numbers assigned by another service provider.
Partial Attestation (Attestation B): The customer shall satisfy all of the following conditions:
Customer Is responsible for the origination of the call onto its IP-based voice network.
Customer has a direct authenticated relationship with the customer and can identify the customer.
Customer Has NOT established a verified association with the telephone number being used for the call.
Gateway Attestation (Attestation C): The customer shall satisfy all of the following conditions:
Customer Is the entry point of the call into its VoIP network.
Customer has no relationship with the initiator of the call (e.g., international gateways).
NOTE: The token will provide a unique origination identifier of the node in the “origin” claim. (The signer is not asserting anything other than “this is the point where the call entered my network”.)