9th - Mar - 2016

OTT vs. SMS – It’s a Matter of Trust

You just received a message from “Frankenstein”, over Facebook Messenger, telling you your credit card has had some suspected fraudulent activity. Do you immediately call the bank to cancel your card and inquire about the monetary damage? I’m guessing not.

How about, instead of the above, you receive a connect request from “Big Boozer” over Skype, accompanied by a similar message. Do you take this seriously? Probably not this one either.

Perhaps these are extreme examples of obviously untrustworthy messages, since they came from blatantly fictitious names. Consider instead a similar scenario, but this time the message is from an unrecognized phone number; for example, 408-999-8888 through WhatsApp. What do you do? Again, you probably aren’t exactly panicking from this since you are not “friends” with your bank through the messaging app.

Let’s try one more. You receive an SMS (text) message from a short code; for example 54321 alerting you of possible fraud on your credit card. What do you do? This format is familiar to you, since you’ve received text messages from short codes before from other businesses you’ve interacted with; for instance, parcel delivery alerts and appointment reminders.     

To help further quell your skepticism, you notice the message came from a short code you’ve interacted with before. In fact you have used it to communicate with your bank when you checked your account balance in the past.  So, knowing this is a valid alert, you immediately call the bank’s toll-free number and they confirm with you your credit card was used fraudulently and the bank is taking the appropriate next steps to prevent further transactions.

Why did you handle these four scenarios differently? If you are like most mobile phone users in the U.S., you tend to trust SMS messages more than messages sent through mobile apps, like WhatsApp, Facebook, and Skype. Messages sent through mobile apps are known as Over-the-Top, or “OTT”, messages. While they serve an important function in the mobile ecosystem, they are regarded by most of us as channels for social communication, and not for important notifications from the businesses we patronize.

The trust difference between these message types is significant, and helps explain why application-to-person (“A2P”) SMS messaging in the United States continues to grow, year after year, while “person-to-person” SMS messaging (the kind of message you exchange with your buddies or your mom) is slowly losing ground to other forms of messaging.

In the U.S. there are compliance and regulations established for A2P SMS messaging.  For OTT there are some best practice initiatives, but no regulatory requirements since OTT uses a data layer to exchange messages, where SMS requires connectivity through mobile carriers who abide by local and federal government regulations.  The following highlights why A2P SMS carries a higher trust factor than OTT.

First, A2P SMS (over short codes) is regulated by the FCC, and organizations including the MMA (Mobile Marketing Association) have published best practices and arranged agreements with carriers. This essentially means you cannot use short code messaging to SPAM end users. End users must opt in and be able to opt out at any time. In addition, samples of message content must be submitted to all carriers prior to campaign approval, and the message content must be valid and legitimate. Any questionable campaign will be scrutinized by the carriers and likely be rejected. After launch, message content may be audited by the carriers at any time. If the messaging activity is found to be non-compliant, the carriers may provide a verbal warning, or they might just suspend the program, blocking any further messages on their networks until the business can show an effort to be compliant.

Second, short codes must be registered with each mobile carrier. Upon submission of a short code and campaign, the carrier must approve its use and then provision it on their network. If a company attempts to send a message through a carrier with a short code it does not own, the carrier will reject the message. This effectively prevents short code spoofing in the United States, ensuring that when you receive a message from a known short code, it really is from who you think it is from.

Third, many U.S. carriers require proof of valid business operations prior to approving a new short code for a company. This vetting process often includes verifying the business has a valid address, is engaging in legal business activities, and does not have a prior history of poor conduct over SMS.

While the process to becoming an A2P messaging sender can be a bit rigorous, it makes this channel one of the most reliable and trusted forms of digital communication in the United States today. Financial institutions, healthcare companies, airline carriers, charitable organizations, and dozens of other industries rely on SMS messaging for their most important messages, knowing end users trust short code SMS messaging more than almost any other form of A2P communication.

Author: Jason Epstein, Senior Solutions Engineer at Mblox

Originally posted on mblox.com

Signup for Blog Updates