Understanding STIR/SHAKEN - ( Secure Telephony Identity Revisited / Secure Handling of Asserted information using toKENs )
Public Key Infrastructure ( PKI ) for telephony.
"Criminals and unscrupulous robocallers often alter the calling number of their outbound telephone calls in order to deceive the called party. This deception can be as simple as changing the calling number so it appears that a neighbor is calling.
This deception increases the chance that the called party will answer a robocall. In other cases, the deception may be more malicious such as a fraudster impersonating an IRS agent in order to steal a tax refund. This practice of altering the calling number of a telephone call is known as spoofing.
The Federal Communications Commission (FCC) has been encouraging the telecommunications industry to develop a solution to stop robocalls and spoofed calling numbers since 2014. The industry’s response has been to develop a new technology standard called STIR  (Secure Telephony Identity Revisited) and SHAKEN  (Secure Handling of Asserted information using toKENs) which defines how telephone service providers should implement the STIR technology to ensure calling numbers are not spoofed.
How STIR/SHAKEN works
STIR/SHAKEN uses digital certificates, based on common public key cryptography techniques, to ensure the calling number of a telephone call is secure. In simple terms, each telephone service provider obtains their digital certificate from a certificate authority who is trusted by other telephone service providers. The certificate technology enables the called party to verify that the calling number is accurate and has not been spoofed. The details of how SHAKEN uses public key infrastructure is explained in our whitepaper on Certificate Management for STIR/SHAKEN."