appliedbits
FIELD NOTES PUBLISHED
PUBLISHED 2026-05-27

TNS's 2026 Robocall Report: the non-Tier-1 STIR/SHAKEN gap is widening, not closing

TNS  ·  February 1, 2026  ·  source ↗

TNS’s 2026 Robocall Investigation Report — the annual FCC-cited data drop — landed in February. The Tier-1 headline number is familiar enough: top-tier inter-carrier signed traffic averaged ~85% across 2025, ending the year at 85.4% in Q4. The story underneath that number is more interesting, and worse. By TNS’s measure, non-top-tier signed traffic fell from 24.8% in Q1 2024 to 12.8% in Q4 2025 — a decline through every quarter. Three years into full STIR/SHAKEN enforcement, the bottom of the carrier stack is moving the wrong direction.

The volume composition has shifted in parallel. Total unwanted-call volume fell across 2025, but in TNS’s classification the dangerous slice grew: nuisance calls dropped from 7.94B in Q1 to 4.22B in Q4, while high-risk calls climbed from 1.19B to 3.03B. High-risk now makes up 60% of unwanted robocalls, with AI-generated voices detected in 15% of high-risk incidents — “a nearly 50% rise in less than two years.” Bad actors are operating in the gap where attestation breaks; the framework is doing what it was designed to do at the top of the stack, and far less of it below.

TNS also flags two quieter problems in the data. Over-attestation: up to 13% of traffic using invalid numbers is being signed with “A” attestation, and in some networks as much as 20% of signed traffic carries A-level attestation on “known invalid” or Do-Not-Originate numbers. STIR/SHAKEN proves a signature, not that the signer should have signed. TDM bypasses: roughly 40% of TDM traffic lacks signatures entirely, which is where traceback efforts compromise and the chain dies. Smaller carriers’ continuing reliance on TDM and SS7 — which strip STIR/SHAKEN signatures in transit — is the structural reason their signing rate keeps declining.

And even where attestation chains hold at the top, there’s a quieter leak underneath. In one top-tier network analysis, TNS traced 10–15% of spam-tagged calls back to SIM-farm operations — scammers pumping numbers through what reads as A-attested traffic from inside a trusted carrier, exploiting MVNO complexities to make their flows look like native traffic. The UK has banned non-conforming SIM farms; SIM-boxing incidents are up roughly 15% year-over-year on TNS’s count, fueled by easier bulk-SIM access and AI-enhanced human-behavior simulation that defeats traditional pattern analysis. The framework can be doing its job and still letting bad traffic through, because the bad traffic looks the same as the good once it’s inside the trusted boundary. The VoIP picture compounds it: VoIP lines now carry 50% of unwanted traffic while representing 35% of total call volume, and the unwanted-VoIP share has climbed from 26.7% in Q1 2024 to 37.1% in Q4 2025.

This is precisely the gap the FCC’s KYUP FNPRM is positioned to close — making upstream-provider diligence enforceable changes the cost-benefit calculus for the carriers passing unsigned traffic into the system, rather than just describing the right behavior. KYUP also reaches further than TDM legacy: it gives the FCC traction against the SIM-farm and MVNO origination patterns that show up as plausible inside the trusted boundary. TNS’s data is what the FCC will cite when it argues so.

Tagstnsstir-shakenattestationkyuprobocalldata