Questions & Answers

What is STIR/SHAKEN?

It is a suite of protocols that enable service providers to identify the originator of a phone call. This enables building a reputation for each originator. Overtime this will help service providers identify which originators are the source of spoofed caller ID metadata and ultimately bring back trust to phone calls by blocking these calls.

How do I deploy STIR/SHAKEN signing?

We have built Vermouth an open source product, that makes signing and verifying caller metadata easy.

How can Martini Security help me implement STIR/SHAKEN?

Our goal is to make it as quick and easy as possible for you to acquire and manage STIR/SHAKEN certificates both from within the browser as well as programmatically. We also provide an open source signing server you can use to deploy STIR/SHAKEN.

How much does all of this cost?

Gin, our certificate issuance product, is available as a simple subscription model enabling your organization to get as many certificates as it needs for a flat rate. This allows you to adopt industry best practices of giving a unique certificate to each of your devices, and replacing them regularly without unexpected or excessive pricing. We also offer discounts for multi-year subscriptions. See the Gin pricing for more information. Vermouth and Olive, our signing/verification and certificate lifecycle products are both free. This allows you to deploy and manage your infrastructure as you see fit without worrying about complicated pricing and a slow sales process.

What is STIR/SHAKEN certificate?

At the core of STIR/SHAKEN is the concept of cryptographically signing call metadata using a private key associated with a certificate. This certificate identifies a service provider or specific telephone numbers. It is issued by a certificate authority, similar to how a passport is issued by the passport office, and identifies the organization that is represented in this certificate. The same basic approach is used to identity websites via HTTPS today.

As a service provider, what is my role in the STIR/SHAKEN program?

As a service provider, it is your responsibility to sign your call metadata with a digital certificate issued by an approved Certificate Authority (CA), like Martini Security, so that it is possible for other service providers to verify the origin and integrity of your call metadata.

How does Martini bill?

For our paid products pricing is structured as an annual subscription per organization. We currently accept all major credit cards.

Are Vermouth and Olive really free?

Yes, they are! We made Vermouth and Olive free because we want to make a difference in the fight against Robocalls. It is our hope that by doing so providers who have not yet implemented STIR/SHAKEN can do rapidly. The sooner providers all implement STIR/SHAKEN, the sooner we can all start making a difference in the Robocall problem.