Detailed Breakdown
The Problem:
With STIR/SHAKEN compliance deadlines rolling out across the telecom industry, simply signing our customers' calls wasn't a sustainable long-term solution. We saw the writing on the wall: the FCC would eventually require service providers to take ownership of signing their own calls. Our prediction was confirmed when a new FCC Report & Order suggested exactly that, creating an urgent need for our customers to have a way to sign calls using their own STIR/SHAKEN certificate.
The Opportunity:
This regulatory shift presented a classic "0 to 1" product opportunity. We could move beyond just being compliant and create a new Platform as a Service (PaaS) that would empower our customers to meet their own compliance obligations. The goal was to build a STIR/SHAKEN service that allowed customers to sign calls using their own digital certificates, creating a new, valuable, and revenue-generating product line from a market necessity.
Target Persona:
The primary target customer was any service provider customer who was not yet signing their own calls. This included a wide range of businesses that needed a straightforward path to compliance without having to build and maintain their own complex signing infrastructure. I interviewed several key customers to understand their primary concerns and feature priorities, which directly informed the product roadmap.
Key Insights:
Our research and customer interviews revealed that customers desired compliance without complexity. The most critical insight was that speed-to-market was essential. Providing a simple, secure certificate upload method was far more valuable to our target users than waiting to build complex, time-consuming API integrations. This understanding validated that a PaaS model focused on usability was the right approach.
Product Vision:
To create an intuitive, reliable, and secure STIR/SHAKEN Platform as a Service that abstracts away the technical complexity of call signing, allowing customers to easily use their own certificates and control their attestation decisions, thereby ensuring their own compliance while relying on our robust infrastructure.
Strategic Roadmap:
I outlined a two-phased approach to get the product to market quickly while allowing for iterative improvement:
• Phase 1 (MVP Launch): Focus on the core functionality—a stable signing service with secure, manual certificate uploads. The goal was to capture early adopters, validate the core concept, and establish a crucial feedback loop.
• Phase 2 (Full-Feature Expansion): Use insights from MVP feedback to build out the platform with enhanced reporting, advanced user management controls, and other high-value features identified by our initial user base.
Solution:
We designed a platform where our service performs the technical function of signing the call, but the two key components for compliance—the customer's certificate and their attestation decision—remain entirely under their control. The main technical challenge was determining how to securely get a customer's certificate into our platform. After evaluating options, we chose to build a simple, secure upload path via our portal rather than pursuing complex and time-consuming API integrations with numerous Certificate Authorities, which prioritized speed-to-market and user simplicity. However, customers could connect to our platform directly if they wanted a hands-off and automated approach of transferring their certificates.
Key Features:
The final product was a comprehensive PaaS solution that supported:
• Customer-Issued Certificates: The platform was architected to use the customer's certificate, issued by an approved Certificate Authority (STI-CA), for signing.
• Customer-Controlled Attestation: Customers retained full control over the attestation level for their calls, a key requirement for compliance.
• Secure Certificate Management: A straightforward and encrypted path for customers to upload and manage their certificates via the user portal.
• Data Security Measures: All sensitive customer data is encrypted while at rest.
• Migration Path: The service also served as a key incentive to encourage customer migration from a legacy network to our new, go-forward network platform.
Process & Collaboration:
As the Product Manager, I was responsible for the end-to-end product lifecycle. This involved establishing the product vision, defining the roadmap, and representing the voice of the customer to stakeholders and development teams. I collaborated closely with our Legal team to solve for compliance concerns, worked with Marketing to create effective messaging and web content, and provided key market research to the Commercial team to help establish pricing and incentives. My role was to ensure all teams were aligned and moving toward the same goal: a successful product launch.
Results & Impact:
The project was a success. We delivered the Minimum Viable Product (MVP) ahead of schedule, which gave us a crucial window to establish a feedback loop with early adopters. This iterative process allowed us to refine the service before the full-feature launch. The Hosted Signing Service became our first revenue-generating STIR/SHAKEN product, successfully turning a regulatory requirement into a new business opportunity and helping to accelerate the adoption of our go-forward network platform.
Reflection:
This project was a powerful lesson in the value of foresight in a highly regulated industry. By anticipating the FCC's next move, we were able to get ahead of the market and provide a solution right when our customers needed it most. The decision to deliver an MVP early proved invaluable, reinforcing the importance of iterative development and customer feedback. Ultimately, the success of the Hosted Signing Service demonstrated how effective cross-functional collaboration between Product, Engineering, Legal, and Marketing can transform a compliance challenge into a strategic commercial asset.