March 24, 2015 by 

Mobile Operators are moving towards unified OTT messaging apps

joyn-588x288

After Apple introduced a modern smartphone to the world in 2007, having internet connection and a camera on your phone has become a standard on smartphones. This is where the downfall of SMS messaging started.

In developed markets P2P SMS traffic has been declining due to OTT messaging. Some operators are already blocking WhatsApp and Viber traffic on 3G/LTE to win back the market, but this it is a fight they have already lost.

The loss of revenue from SMS has forced operators to take action. This is already clearly visible by various filters and firewalls being actively added to protect against unsociliated A2P traffic.

Why is OTT messaging such a big threat all of a sudden?

OTT

1. It is free
You pay for internet anyway, so why pay extra for the SMS? As simple as that.

2. It has more features compared to SMS
One SMS is limited to 160 characters and MMS image quality is moderate at best. Modern OTT messaging apps do not have any text length limitations, they support sharing high-quality images and you get a live feedback if they have read the message.

What are the downsides of OTT messaging apps?

1. Quality
Current OTT messaging apps rely on the internet on your phone and it can be wonky. Also you rely on your messaging application framework (servers, internet connection) as well.

2. Fragmentation
None of the OTT apps are compatible and you may need to have many of those running at the same time. This is not very convenient and also chews a big chunk of your already-so-small phone battery.

3. Security
Do you trust that WhatsApp keeps your data safe? Is it really unbreakable and your semi-naked selfies are secure from your fans?

5G network planned for 2020

2G networks main focus was to cover as much area as possible. 3G/LTE networks focused on higher network throughput.

5G network however focuses heavily on lowering power consumption while also increasing throughput and offering lower latencies. Operators have understood that the all-IP based infrastructure and services is the way to go.

The Green Button Promise

The “Green Button Promise” means customers get reach, reliability and richness. Reach through interconnection to mobile phones and devices globally; quality and reliable services delivered within a trusted ecosystem with privacy and security, and richness from the wide range of IP-based operator services. [source]

The IP-based services that mobile operators promise to provide in 2020:

  • Voice over LTE (VoLTE) and HD Voice
  • Rich Communication Services (RCS) – Voice, Video Calling and Messaging
  • Video calls – Video over LTE

Rich Communication Services (RCS)

RCS is the most interesting part of the 5G network as this is the biggest feature everyone is currently missing from the mobile operators and phone manufacturers that lead to OTT messaging in the first place.

  • Based on data, no extra charge
  • No registration
  • You can send pictures, audio or videos
  • Fallback to SMS
  • Unified framework
  • Reliable and secure

RCS allows you to send text messages, voice, video – take it as an iMessage platform created and supported by all operators and phones.

It just works

RCS it is based on your phone number like SMS and phone calls – no need to sign up or any complicated verification process is required. You can start chatting with your friends right away.

With RCS supported phone you already have a preloaded application called joyn. Vodafone has also released a short video that promotes it:

You are also not limited to this one built-in application – at any point you can download another RCS-compatible app and have a totally new interface that you prefer.

P.S. You only pay for data and if the other recipient does not have RCS capable phone, it has a fallback to SMS as well.

The future is already here

41 operators have already launched RCS compatible ecosystem and 87 operators have commited to launch by the end of 2015. Also 8 device manufacturers like Sony, Samsung, HTC, Nokia, HUAWEI and LG have already joyn accredited devices on the market with BlackBerry and ZET to follow soon.

For the list of operators already supporting Rich Communication, check out the Network 2020 Ecosystem map by GSMA Intelligence.

Will it kill SMS?

The SMS is here to stay, but the volumes will decrease significantly in the P2P sector. It will probably hang around still for quite some time as the mobile operators have to support older devices.

March 4, 2015 by 

Messente launches 2-step verification API

For the last two days we have been busy meeting all of our international partners here at Mobile World Congress in Barcelona. This year’s event however is very special for us as we’re exited to announce the release of our 2-step verification API. It is a solution that makes it easy to build an extra layer of security on top of the usual website login system and validate mobile phone numbers.

We’ve had the pleasure of working with some of the fastest growing mobile apps, finacial service providers, logistics and payment companies in Europe and elsewhere. The new verification API takes advantage of our extensive experience in delivering one time passwords and PIN codes to over 1000 mobile networks across the world.

verify4We identify users based on their phone number by generating a unique PIN code and sending it to the user via SMS. The PIN is then submitted to the web by the user which completes the log in process.

The reason we developed a verification solution is that we see that an increasing number of companies are looking for ways how to better protect the personal data of their users. In the light of the password leaks we see happening everywhere 2-step verification is becoming very relevant for many industries, not only banks or big OTT platforms. Our new API is the fastest way of setting up secure phone based authentication.

The new 2-step verification API is available for everyone at messente.com/verify
Feel free to contact me with additional questions about the new API: lauri.kinkar@messente.com

February 24, 2015 by 

Every business needs to know about data protection

r-BIG-DATA-large570

Recent high-profile data breaches have become a permanent concern to many private and public organizations. As the amount of information stored in cloud is growing exponentially new opportunities arise in both positive and negative directions. But a company can’t start protecting its users data unless it doesn’t know what to protect. So a new way of understanding data protection takes its place as advanced technologies and policies are being adopted to protect our valuable data.

Technology identifies us

Today there are more mobile devices than there are people on earth. This number is multiplying five times faster than our population. Our saved passwords, fingerprints, browser history, face recognition, or any other similar data are in many cases more valuable than the device itself. And this way of identification has in many cases become a default condition to, for example, apply for a loan, transfer money, or login to your bank account. So our connectivity devices have strongly started to change the way we understand the opportunities that lie within them.

Minimizing every possible threat

Starting to understand what needs to be protected is definitely a challenging task to any company. Appropriate safeguards can be used in different confidentiality impact levels. So not all personal data should be protected in the same manner. In many cases, it might be necessary to limit the requisite data to accomplish your security and business purpose. As Heartbleed happened the main questions was how to avoid this happening again. There is always the unpredictable factor of human mistake, so what can be done to limit the possibility of accidentally mistreating sensitive data?

Could 2-factor authentication help?

One of the recent hottest topics in cyber security is 2-factor authentication (2FA). Some big names such as Dropbox or LinkedIn have had their lesson with extensive security breaches that resulted in adopting 2FA. More and more companies who work with sensitive data pick up this topic rather at earlier stage to prevent becoming a victim of another massive password leak. So, what do you need to know about 2FA? Impelling your users to adopt 2FA solution will vastly minimize the risk of hacking a single password. Instead, 2FA makes sure that only the user has the access for the key by sending it to their mobile device via different channel such as SMS.

Even more, the password is generated only when the user triggers it and expires after a short time to minimize the leaking possibilities even more. And last but not least, as 2FA uses your mobile device it’s more likely that other layers of security are being used as well, such as passcode or fingerprint protected lock screen. While SMS remains as a secure and reliable technology, 2FA via SMS is surely one of the fastest and securest ways to protect your users sensitive information.

Messente is at Mobile World Congress

If you are going to attend Mobile World Congress at Barcelona on 3rd until 5th of March, don’t hesitate to contact our team (team@messente.com) to learn more about 2-factor authentication and how your business can use it.

Read more about What is 2-step verification and why should you care

February 11, 2015 by 

What is 2-step verification and why should you care?

Screen Shot 2015-02-11 at 13.53.33

One of the key trends of 2015 for web apps and services will likely be a much wider adoption of 2-step verification. In itself it’s not a security measure based on any new technologies and it is something that is already used by some service providers handling extremely personal information. Google and Facebook to just name a few.

To put it simply 2-step verification builds an extra layer of security on top of your existing account verification system. In addition to the regular user name and password a user is given a unique one time password or PIN code generated for this specific session only. The password has to then be entered correctly to log in.

This makes it much more difficult for any attacker to impersonate someone else and access his accounts or resources as simply getting a hold of your regular password and user name will not be enough.

How are the one time passwords delivered?

There are a few different ways:
1) E-mail. This is mostly used during the sign up process to make sure the e-mail address you claimed as your user name actually belongs to you. The reason why this is not widely used as a verification tool later on is that e-mail is generally not considered secure enough for password exchange. Also there is a high risk that in case someone has learned your passwords for any app, he has done it though gaining access to your primary e-mail account in the first place.

2) PIN code generating device. Used mostly by banks this verification method needs you to have a separate physical PIN or password generator which makes the whole process reasonably secure. This method however has a few major shortcomings – distribution and the cost of the physical devices being the most crucial ones.

3) Using mobile phone and SMS. The main reason this is the method used by Google as well as a few others is that it solves the security issues presented by e-mail and distribution/cost issues which come with dedicated password generating devices. At the same time it involves another physical device by making use of your phone, completely separating the two steps of the verification process.

Whenever a user wants to set up a mobile 2-step verification for an account, he has to tie his phone number to the account when setting it up and all one time passwords will be delivered to his personal number in the future.

Why should I care?

Phone numbers becoming an increasingly bigger part of our formal identity is an important trend for both web based service providers as well as the users.

a) General passwords are vulnerable. Leaks on a major scale have become more frequent last year. As data security keeps evolving, unfortunately so do methods of data theft. So leaks are unlikely to disappear. On the other hand the number of passwords people have as part of their everyday life increases year by year. As a result we are re-using passwords, creating them to be memorable and therefore vulnerable.

b) Users pay more and more attention to data security. If we are asked whether we would want our personal data to be 100% secure the answer is almost always yes. In practice people would sacrifice some security for added convenience. The question is to which extent.

Already now we would not trust a bank whose online banking environment only uses a regular password. The thought alone that the only thing standing between a hacker and my money is knowing the name of my goldfish would make me take my business elsewhere.

*****

Coming back to the very beginning of this post it is believed that 2015 will bring about the tipping point in adopting mobile 2-step verification driven by the increased concern for the security of personal data as well as resources.

In some cases is even predicted that 9 out of 10 service providers will embrace it as the new account security standard this year. In any case it is safe to say it will be not only used by financial institutions but all services (B2B or B2C) where a considerable amount of damage could be done by misusing your account.

February 3, 2015 by 

Meet Messente at #MWC2015

mwc2015_banner

Once again Barcelona is the place to be when you are in the mobile world for the annual Mobile World Congress is in just a few weeks. As always there will be countless opportunities to catch up with your partners, meet new ones, network and have a sneak peek into the future of the mobile industry.

Messente will be present in Barcelona during the whole event (2. – 5. March) and we’ll have some cool news.

Want to meet up and catch up?

Tweet us @messente or drop us an e-mail at messente@messente.com.

January 13, 2015 by 

On great support

support

For any company customer service and keeping all users happy is a big priority. Which is probably why a lot has been written about it. I think we’ve seen close to a hundred blogs dedicated on the topic. So at times the number of available suggestions, tips and case studies can be a bit overwhelming.

Instead of trying to take in everything that has been written on the topic make your own customer support revolve around a few key principles. Ones you always keep in mind and really believe in.

Although yours might be different – here’s what we believe in:

Getting to know the customers point of view

Try and put yourself in the customers place is the key. Always be sure you get the full overview of everything right from the start as nothing can be more irritating than getting hit by the boomerang of inquiries with questions which could have been asked in the beginning.

Time is of the essence

Time is always an important factor when dealing with customers. It is important to let people know they are being listened to and their feedback is being addressed. Sometimes it is necessary to prioritise, but at the same time leave no input unanswered.

Timely answers that can be understood

What goes to answers, sometimes you have to give the solution as quickly as possible before you can go in depth. In these cases providing an easy conclusion without the technical jargon nobody understands is a must. It can always be followed up with a more in-depth answer.

Got any ideas or posts of your own on this topic? Why not share them in Twitter with @messente

December 16, 2014 by 

Easy tips and tricks how to improve your notification messages.

Blogile

Use SMS messages as important notifications. Its easy and effective way how to keep your customers up to date with relevant info. Here are few tips and tricks what to keep in mind.

  • Sender – Always use sendernames, phone numbers or short codes what are connected to your business or brand. Let the message receiver know who are sending them information and try to avoid randomly generated senders.
  • Interactive – Try to make your notification messages more interactive by adding them clickable mobile friendly webpage links. For example: Dear Bill, here is your booking number “12345” and you can view your booking documents by clicking: m.airline.com/booking12345. Kind Regards Your Airlines
  • Personalize – Try adding message receiver first name or other information in the text body. For example: Dear “First name”, due to the fog, your flight to Amsterdam, leaving Heathrow at 11h00 today, has been delayed until 13h30. We apologize for the inconvenience. Kind Regards Your Airlines
  • Contacts – Give message receiver possibility to get back in touch with you by adding for example phone numbers to your customer support.

Keep texting :)

December 2, 2014 by 

Why should your service consider 2-step authentication?

passwordscloud

Security is a growing concern to many companies when their clients need to login and handle confidential information. The more  data we use online, the more possible data leaks there is. While big data makes companies more vulnerable to security threats, many complicated solutions have been taken into use to reduce the likelihood of abusing identity and confidential data.

Multi-factor authentication (MFA)

The usage of smart phones is growing and users have started to adapt more security measures to protect their information. So there are three possible factors that help to protect confidential information:

  • knowledge factors, such as passwords
  • possession factors, such as mobile phones
  • inherence factors, such as biometrics

2-step verification

Knowledge factor passwords have a higher chance of violation due to its nature of staying static. But changing this password every now and then raises the likeability of forgetting it. Inherence factor protection needs hardware to read a fingerprint or eye iris, which is simply impractical solution in most cases. That is why possession factors come in handy. SMS password method helps to add an extensive amount of security by sending out a random, one-time password (OTP) over SMS. The exclusivity behind is that SMS is reachable only to the owner of the phone while the password is useless after first time usage, or it will expire after a certain time. This makes OTP as one of the simpliest yet safest security solutions. World biggest brands such as Google, Facebook, Snapchat use 2-step authentication in addition to its basic password request. In Messente we have exclusively concentrated on delivering business and time critical SMS message to many financial services and web applications. It sure is one of the most effective and safest ways to cut down chances of information violation.

In case you want to learn more about security capabilities of SMS, simply drop us a line at support@messente.com.

Read more about Application to Person Messaging on the Rise

November 18, 2014 by 

Boost your Christmas promotion campaign

the word 'sale' using colorful cubes

Did you know that the number of online searches like “perfect christmas present“ or “dress for christmas party” start increasing in numbers right after Halloween?

As a matter of fact most large retailers already report increased sales starting from 5-6 weeks prior to Christmas Day.

It’s the end of November now and in case retail is your line of work then surely the Christmas period has started in your office. But the holiday season is not only busy for retailers. Service providers from almost all industries use this time of year to get new customers and increase sales.

Here’s a few tips how some of our customers do it.

An increasing number of companies use SMS in different creative ways as a part of their Christmas campaigns to engage with their customers. The main reasons for this are quite obvious.

a) There are no technical restrictions to reach someone (like customers having access to internet or having/not having an app installed)

b) It’s delivered (and also read) instantly which works extremely well in case of time critical messages.

All this makes SMS one of the best call to action channels as well as one of the most sensitive channels available.

This is what we learned form some of our customers who have mastered the use of SMS in their holiday campaigns.

1) Expect a lot of competition

Whether you are in retail or any other industry your Christmas promotions are competing for customer attention with thousands of online offers. That is much more than just your local competitors.

Simple discount offers might work during the low season but not when fighting for attention with campaigns powered by some of the most creative advertising agencies in the world.

2) Make it relevant and personal

Make your message relevant for every single customer your send it to in order to maximise conversion. Most companies we have talked to who use Messente always opt for sending a more relevant offer to fewer customers rather than sending out a generic one to more people.

Segment your customer pool into as many smaller groups you can based on as much data as possible. Design your message carefully based on each group’s profile.

3) Master the timing

SMS enables to time your messages very accurately because the time from sending it out to getting read is usually less than a few minutes.

Try out different sending times and figure out what works best for your business.

4) Create a conversation

Sending out promotional messages is just the starting point. Successful companies work hard to engage people in conversations once they hit the stores.

Because Christmas promotions offer a great opportunity to get excellent insight about what your customers like. Take the opportunity to update contact information, renew permissions to get in touch every now and then or have people download your app.

5) Measure and analyse

Every promotion campaign should be regarded as an experiment. Measure as much as you can, not just the bottom line sales figures. Dig in all kinds of data starting from SMS delivery statistics to conversion of each step of the whole process.

Hopefully keeping all this in mind helps you to fine tune your Christmas promotions and make the most of it regardless of the industry you are in.

——

Read more on features which make your Christmas campaigns more cost effective.

November 10, 2014 by 

Certificate Update for API Server on 15. November 2014

Current api2.messente.com HTTPS certificate will expire on 15. November 2014. We already have new one ready and will update it on the same day @ 21:00 UTC (23:00 EET).

Affected server: api2.messente.com
Date of update: 15. November 2014 @ 21:00 UTC (23:00 EET)
New certificateapi2-messente-com.crt

If you are using https://api2.messente.com/ for making API queries (not just http://), you will need to make sure you do not cache the https certificate.

There are known issues with some Java implementations, where the certificate is cached in the keystore and needs to be manually updated. Check this forum thread on how to clear the Java certificate cache.

If you are using some other ready-made library like cURL (PHP, C++) or httplib (Python), you should be already fine. Just make sure to double-check everything on the next day :)