First, is it just me, or is everyone else getting a ton of spoof and telemarketing calls these days?
I’m going through the process of obtaining my own cert (yeah, I’m late), but I can’t help feeling the real intent is to make it impossible for small companies to continue in business.
The cost is enormous for a small company like mine, whereas for the AT&Ts of this country, the cost is probably zero.
So, if anybody wants to buy a little VOIP provider, let me know. My customers pre-pay, so collecting is not a problem
How big is the user base? What kind of user base? And they pre-pay how? For usage or annually?
I am interested.
Please reach out to me directly at 949-393-1200
Or email me at [email protected].
@yahdie You might think twice about selling your business. There are ways to be stir/shaken compliant without costing an arm and a leg. I’d be interested in learning about your business model and why it’s costing you so much.
Depending on exactly what you’re doing, you may not even need your own cert.
If all you do is host customer PBXs, customers contract with you, but you purchase trunks for them from for instance ClearlyIP, or any other stir/shaken compliant SIP trunking provider:
You are a voice service provider (because customers buy voice service from you).
You lack control to implement STIR/SHAKEN (because ClearlyIP controls the signing edge).
Therefore you do not need your own SPC token/certificates, but you must file in the Robocall Mitigation Database (RMD) as a provider and explain that you lack control, plus describe your mitigation steps. This “lack of control” option is explicitly called out in 47 C.F.R. §64.6305.
Please reach out directly - we are interested in purchasing customer assets, but you may also be interested in working with us under our whitelabel program, where we can take care of a lot of the regulations for you, but you keep your customers and your brand. Jeff 703-496-4990 (StratusTalk)
I get trunks from Bandwidth and they certainly expect you to provide your own cert. Then they give you access to their Call Signing Service
If you want to go that route, you can get a cert from Telonium for about $500/yr + STI-PA minimum $450/yr - so you’re probably not looking at much more than $1000/yr. Is that too expensive for you to stay in business?
I came across Telonium last week after starting this thread and they are significantly cheaper than the other options. Having said that, it seems to me that the whole impetus of STIR/SHAKEN is to regulate all the independent VOIP Providers, Asterisk/FreePBX user-base who actually know their customers vs the RingCentrals and Vonages. I think that the competitive advantage that the users of this forum has been “bespoke VOIP” and the Open-Source Movement has, until now, allowed us to compete with features and affordability. Now I fear that the squeeze is coming for the de minimis providers such as me, first, and then sooner or later the rest of you.
I understand your frustration. However I don’t think the impetus behind stir/shaken is to put small providers out of business at all, nor to show favoritism to larger providers. It’s just that authenticating your calls can never be free and someone has to pay those costs. But as I showed above, the cost is really not an existential threat to small providers. Remember that STI-PA is a sliding fee based on volume, and is costing the very largest providers $97,500/year, so they definitely pay a larger share than small providers. Rather than trying to put small providers out of business, stir/shaken is an attempt, however faulty, to do something to stop the scourge of robocalls. it remains to be seen how effective this will be as the FCC is moving to close the non-ip gap and adding obligations upon US gateway entry points, and is actively pruning the ecosystem (e.g., over 1,200 providers recently removed from the Robocall Mitigation Database!), but cleanup takes time and it remains to be seen how effective this will really be in solving the problem.
Also remember that without these and many other stopgaps, those one or two or three spam calls you receive per day could easily be 20 or 30++ calls (like the wild days of email when dozens of spam messages per day was a thing). In fact your phone could be constantly ringing all day long with spam to such an extent that your phone becomes a worthless communication device and you go out of business because telephony just doesn’t work for people anymore. So in reality, these laws keep telephony legitimate and actually keep you in business! 
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.