Debates about “verified” calls often mix up three very different layers: network signature, regulatory legitimacy of the displayed number, and the commercial identity shown on screen. In 2026, confusing those layers leads to bad decisions in operations, compliance, and customer communications.
The French framework starts with MAN, the national number-authentication mechanism imposed by the 2020 law and supervised by Arcep. STIR/SHAKEN is the international technical building block used to sign and verify certain calls. Branded calling sits above that layer: it does not replace network authentication or numbering-plan obligations, but adds a verified brand display when specific conditions are met.
The short answer: no, these three concepts do not do the same job
| Layer | Main role | Who actually acts? | What it does not guarantee |
|---|---|---|---|
| STIR/SHAKEN | Cryptographically sign the telecom identity of a call on compatible networks | Operators and technical interconnections | That the call is commercially welcome or that a brand will be displayed |
| MAN | Apply caller-number authentication in France within a framework tied to lawful number usage | French operators under regulatory supervision | That an authenticated call is automatically useful, honest, or accepted |
| Branded calling | Display a verified company name during the call | An operator or operator-grade platform with vetting and eligibility rules | That a logo alone can replace compliance, reputation, or network signature |
MAN: the layer that matters first in France
Arcep explains that the French authentication mechanism is designed to prevent number spoofing and improve traceability for fraudulent calls. In the decision published in late 2025, which mostly took effect on 1 January 2026, the regulator states that an international call displaying an unauthenticated French 06 or 07 mobile number must be presented as “No caller ID”. So the issue is not only technical. It is also about how much trust users should place in the number shown on screen.
In other words, MAN is not just about “signing SIP packets.” In practice, it ties authentication to the operator’s ability to justify that its customer is actually allowed to use the displayed number. That is why our analysis of the 2026 ARCEP rule for spoofed 06/07 numbers from abroad remains central to understanding the real obligations imposed on operators.
STIR/SHAKEN: a technical building block, not a UX promise
STIR/SHAKEN is the signature-and-verification architecture used to authenticate the telecom identity of a call. It is essential, but one common simplification needs to be resisted: a signed call is not automatically a trusted call. A call can be legitimate from a numbering-rights perspective and still be badly timed, unwanted, or poorly perceived by the recipient.
For telecom teams, the right reflex is to separate three questions: is the call signed, is the number genuinely authorized, and are the brand or call context clear enough for the user to answer? This completes our technical guide to implementing STIR/SHAKEN, which focuses more on the signing mechanics than on the visible product layer for end users.
Branded calling: a presentation layer, not a regulatory substitute
This is where many organisations get it wrong. Branded calling is not “the new version of STIR/SHAKEN.” It is a product layer that allows a verified company name, and eventually other trust markers, to appear on screen, provided that the number, the company, and the verification path all comply with the operator’s rules.
Orange explains, for instance, that its Branded Calling offer in France relies on strict network-layer validation through MAN, combined with brand-rights and number-rights checks. In its MWC 2026 communication, the operator also says that the company name is displayed only for calls reaching the highest authentication level, within a system that combines vetting, authentication, and anti-fraud checks. That aligns with our article on Orange Branded Calling and trusted calls, which examines the product promise from the operator side.
So who really authenticates a call?
The rigorous answer is this: the actual authentication of the number is performed by the operator chain within the MAN/STIR-SHAKEN framework. Branded calling does not authenticate a number by itself. It uses existing authentication and governance to turn part of that network trust into a visible on-screen signal.
This distinction matters for call centres and sales teams. If your traffic is poorly governed, your numbers are badly assigned, or your caller reputation is already degraded, a future brand display will not fix the root problem. Branded calling may improve reachability. It does not repair weak compliance or poor numbering hygiene.
What 2026 really changes for ops and compliance teams
1. Unauthenticated international calls using French 06/07 numbers become more visibly abnormal
Since 1 January 2026, masking such calls as “No caller ID” makes risk easier to read for users and increases operational pressure on operators.
2. Companies need much cleaner proof of their rights to use displayed numbers
The issue is no longer only about placing calls through a trunk or a provider. It is also about proving that displayed numbers are contractually and technically legitimate.
3. Brand display becomes a secondary advantage, not the foundation
Branded calling may raise answer rates, but only after the network layer and number governance are already sound. That is why authentication has to be solved before call marketing, not the other way around.
The right mental model to stop mixing everything up
The most useful way to think about it is a three-storey model. Layer 1: STIR/SHAKEN signs the call. Layer 2: MAN defines in France who may use which number and how authentication must propagate. Layer 3: branded calling turns part of that technical trust into a visible experience for the recipient.
So when a compliance lead, CIO, or contact-centre manager asks, “who really authenticates our calls?”, the answer is neither “our CRM” nor “our branded calling provider.” It is first and foremost the operators and their authentication chain, within a precise regulatory framework. Branded calling comes afterward, as a conditional visible trust layer. If you want to operationalise that logic in your workflows, our API documentation also shows how to connect reputation and verification controls more cleanly into business processes.












