Messente logo

SMS API Providers: Everything You Need to Know

Authors: Uku Tomikas, Joosep Pintsaar, Marko Sulamägi & Taavi Rebane

SMS (and SMS APIs) has been used by different sized companies for years (27 to be exact). It’s primarily used to communicate business-critical and marketing information to customers all over the world. 

How is it possible that one type of technology has been used for so long? Well, there are many reasons why companies are so fond of it.

The biggest argument for SMS is affordability. One message will cost you around 1 to 7 cents depending on the region and the volume you’re sending. If your monthly volume is bigger, your price per SMS will be reduced significantly. Thus, it provides a great return on your investment.

Secondly, 5.1 billion people are using mobile phones, making SMS more reliable and more widely used than communication applications that require an internet connection. 

This results in a high probability of reaching any customer, anywhere, at any time. Can you name one communication channel with a wider reach? We certainly can’t think of any.

Having that reach would be useless if nobody reads the messages. SMS boasts a whopping 98% open rate, so not only will people receive the message, they are (very) likely to read it. 

Furthermore, 90% of SMS messages are read within 3 minutes of delivery. This creates the ability to send transactional messages and service related updates (such as outage information) as they happen, limiting customer support requests and increasing client retention.

SMS boast stronger numbers when compared to email

SMS vs email infographic

It looks great, right? So, how can you get started with SMS messaging? Where can you get an SMS API? As it turns out, there are a lot of options to choose from. Too many actually. So, picking the best one can get a bit tricky without some previous research.

Thus, we have created a guide with all the important information, from SMS limitations and possibilities to SMS API integration and choosing a partner to make this journey as easy as possible for you. We have also included some expert tips about SMS messaging.

How can SMS API be used?

SMS reach is as broad as the variety of use-cases that it has. But why?  

Three things – it’s simple, has a huge reach and a high open rate.  

When these three factors are combined into a communication tool, it’s fair to assume that there will be a myriad of ways organizations can make use of it in their business. This is because it can be relied on to ensure information delivery for any required situation and can be done so at a reasonable price. After all, the average price of an SMS is around 2-3 cents.  

Three things – it’s simple, has a huge reach and a high open rate.  

Here are some of the main areas of application for using the good old SMS.


Either via a one-time password, passwords with a short, limited expiration time or a 2FA solution, SMS can be used to verify the customer and their phone number. 

This can help with fraud prevention. It also makes it harder for any assailant to commit fraudulent acts without gaining access to the person's phone, as well as their personal information and passwords. It can also prevent an assailant from hijacking devices remotely because they would need access to the device used for 2FA.  

Financial services are some of the most frequent users of this type of anti-fraud processing. Loans, money transfers and banking require a high level of certainty in the legitimacy of the person conducting the transaction. The most common uses are loan acceptance/denial messages, transactional confirmations and payment reminders.

Critical communication 

In times of emergency or rapid response, information needs to be readily available to ensure the best possible outcome. From severe weather warnings to municipal warnings, SMS can be used as a rapid mass outreach tool that can be put into action whenever a certain group of people needs to be informed.  

It’s even possible to reach out to a specific group of people by using SMS in combination with geolocation to deliver the warning to those within the vicinity of a certain mast or in a specific area in the city (this is a special feature that is usually reserved for emergency services and similar critical communication providers). 

IP geolocation is a valuable service to pair with and is common in weather apps and emergency communication tools because it allows for delivering highly targeted messages. This can ensure that the right people get the relevant information without causing panic amongst those to who the information does not pertain. 

With a 98% open rate, of which 95% are opened within the first 5 minutes, SMS can deliver critical information in a timely manner.

Both emergency services and healthcare organizations rely on SMS as a rapid communication tool. 

With a 98% open rate, of which 95% are opened within the first 5 minutes, they can deliver critical information in a timely manner and provide an additional level of confidentiality by hiding the SMS content from the service providers. This way, both emergency alerts and confidential patient information can be delivered via the same communication tool. 

Customer care 

The information we ask for can feel as important as the information we are given in times of need. Thus, a solid system of providing information to your clients has become one of the key aspects of a successful business.  

Be it information about the specific details of the service such as pick-up times, ticketing information or where the best places are to eat, nurturing the relationship you have with your client will increase the lifetime value of that customer. 

This communication is a vital part of logistics, as package delivery information, courier delivery times and package locker pick-up information becomes ever more prevalent with the growth of online shopping. The alternative cost of a missed delivery is also huge, so high delivery quality is essential. 

The same goes for any CRM technology provider. They deliver critical information to keep any vacation or appointment on the straight and narrow by providing booking confirmation, accommodation details, travel reminders and useful information regarding any interesting events that might be happening near the client.  

This ensures a level of satisfaction that is rewarded via social media and rating platforms that ultimately determine the popularity of a destination or a service provider.

Actual companies and their stories 

Yet, there are even more use-cases that real-world companies have come up with to get SMS to work for them.  

Here’s a selection of companies that we work with daily (you can download case studies for each of them): 

  • Barking utilizes SMS to open parking lot gates and to verify their users. 
  • Worapay uses SMS for verification in helping you queue better and save time on purchases. 
  • Paytailor helps e-commerce companies know when their loyalty milestones are reached and market their products more effectively. 
  • Gobaba utilizes every facet of SMS. They use it to verify users, confirm transactions and deliver timely information on potential offers that might interest their customers.


SMS, as used on modern devices, originated from radio telegraphy in radio memo pagers that used standardized phone protocols. The first SMS message was sent in 1992.  

So, SMS is a whopping 27 years old. Yet, despite its age and P2P messaging migrating to WhatsApp and Facebook Messenger, SMS use in the A2P field is still growing. And it shows no sign of stopping as new and more innovative ways of using this tech are still being discovered.  

In this age, information is the key to success, and SMS enables companies to deliver that info in a timely and reliable manner.

How to integrate an SMS API?

Once you’ve decided to integrate SMS messaging into your application, you may ask yourself, “What now?”. A lot of technical jargon comes up when you research the topic, and it all seems very complicated. But don’t let that distract you…

Although some technical knowledge is required, integrating SMS is a simple task for developers with any skill level.

What is an SMS API?

In layman's terms, SMS API is a software service connecting your application with the telecommunication networks. It’s a way to send SMS messages to any network with backup solutions all over the world by only integrating to a single service.

There are various reasons why it is better to use an intermediary. Mobile operators use specialized technical solutions and connecting your application to them can be rather complicated.

SMS API is a software service connecting your application with the telecommunication networks.

SMS API providers, such as Messente, instead create their services with simplicity in mind. So, the functionality is accessible to anybody who can create a website or make a simple HTTP request. Unless you specifically need a direct connection with operators, then using SMS API providers is both faster and cheaper. 

Do I need a developer and how much time does it take?

Integrating SMS API is as simple as sending an automatic “Welcome!” email to your customers from your application. Some development is likely needed, but it should be something that a junior developer can put together in a day.

Essentially how it works is that every time you want to send an SMS, an automatic request is made to the API (like visiting a web page in your browser). After that, the SMS API provider will take over. The message gets translated into a protocol that mobile networks can understand and sent to the correct operator.

SMS API integration checklist cover picture

Make SMS API integration easy with a 
step-by-step checklist


The mobile network operator will respond back with various status updates about message delivery status or if there has been a problem (e.g. if the phone is turned off). The SMS API provider will again translate the status update into a simple application-readable structure and send it back to your application.

Often if you are using popular software applications (e.g. Salesforce, Wordpress or Pipedrive) it’s possible that there may already be pre-built plugins that you can use. Contact the provider’s support and ask if anything exists that will speed up your integration process.

Things to look out for

Although technical integration is relatively simple with most providers, there are a few things to look out for.

Sending SMS messages may not be the only thing you want to integrate. To add more automation into your day-to-day operations, it would also be useful if your selected SMS API provider helped you with service management tasks.

Account balance updates, phonebook management and price calculations can usually be done manually from the provider’s dashboards. But it’s often more effective to automate these processes or see them directly in your own application. It’s useful to look for API providers that have put in extra effort and created helper features that you can add to your integration.

The second thing to look out for is monitoring. Nobody wants to constantly keep an eye on their messages. Make sure you are informed with alerts and warnings if something out of the ordinary should happen.  

Where can I get help?

The most helpful person you can find is a developer. He can help you research the SMS API providers and eventually do the technical part of the integration. A developer’s view of API’s technical documentation gives you a better understanding if it’s easy-to-use and has the features you require.


Adding SMS capabilities to your application is as simple as sending an automatic welcome email to your customers. Choosing the correct SMS API provider often takes longer than the actual integration. Look for providers who have developer-friendly and helpful management tools apart from SMS sending.

How to choose an SMS API provider?

Choosing an SMS API provider can be a rather difficult thing to do. There are a whole host of aspects to consider and go through before committing to a partnership. Here are a few key aspects to keep in mind when picking a communications provider. 


For a multinational sender or even a sender in a major market with multiple operators to handle, the issue of centralization is essential. Since having your own connections to each will take time to manage and might not be the most cost-efficient in the end.  

Brokering deals and contracts takes time. Before testing APIs and software, procurement departments team up with technical teams to research potential SMS messaging partners, handle communication, and compare offers.  

Based on the experience of our customers, it takes at least 5 hours to research the market in each country as there are several mobile network operators in every country. Also, boutique SMS aggregators end up in the mix, as they aggregate traffic in a smaller region.

Integrating APIs takes time as well

SMS API integration infographic

Once a partner is selected, it takes some time to iron out the kinks, as with any new software integration. It’s roughly a cumulative of 3 hours communication and support cases per partner.

Breaking down the math assuming there are 3 partners considered in a geographical market:

  • 5 hours of research & negotiations
  • 4 hours of testing & deployment per partner = 12 hours
  • 3 hours of final integration with 1 partner

Total: 20 hours per country (or geographical region)

Now imagine repeating this for more countries. To find SMS API providers for three countries would take up more time than most people spend working in one week. 

And the maintenance costs creep up too. Based on our customers’ insights, it takes about 2 hours a month to manage partner connections, campaigns, support, and accounts. 

Quickly doing the math, selecting then maintaining 3 partners in 3 countries takes 132 work hours in one year. 

Consolidating traffic to a global partner with good connections reduces accounting and operations time to no more than 1 hour. That is because an account manager is provided to handle most things. The selection process and integration of a global partner takes 20 hours, plus about 12 hours of annual operations management time. 100 hours have already been saved compared to 3 partners for 3 regions.   

And as time is money, cost-efficiency also comes into play here.  

Delivering SMS messages in multiple geographical markets is complex. There are hundreds of mobile operators and network hubs, and they only really care about volume.  

So, businesses get pricing from secondary markets (i.e. SMS service providers) because the pricing is 10-25% lower than going directly to network operators or boutique providers individually. This way, having a single provider who looks at the traffic across markets rather than in each market separately often leads to a significant decrease in the service price.

What do you get? 

Feature functionality, delivery quality, and relationship management are all vital to a successful partnership.  

The first enables the sender to find multiple ways to efficiently manage the communication with their clients, and the associated costs such as additional APIs for pricing, crediting, number look-up, etc. The second ensures that communication is handled in a timely and cost-efficient manner. And the third ensures that the service provider can keep up with the demands of a sender’s business as they grow, as well as provide answers and solutions ASAP. 

These apply to both finding a service provider by reaching out or by setting up a tender (though there are more aspects to take into consideration here).  

Your partner should also have a focus on the future. Looking to understand where the communication field is going as well as integrate new tools and channels such as WhatsApp, Telegram, Viber, etc. via something like an Omnichannel API.

Watch our webinar about omnichannel messaging

What to check for? 

In addition to checking delivery quality, cost efficiency and future-orientation, compliance is also a key factor.   

This includes both the lawfulness of the products and their use, the quality and transparency of the documents presented (e.g. the Service Agreements and Privacy Policy), physical security of the facilities where the data is stored and processed, as well as security measures applied to the systems and processes (e.g. encryption, limited access, 2FA, etc.) 

Comparing the pricing in the market between service providers and operators can add additional information to the decision-making process, such as what the average price is in the market for that volume, who might be asking for too much or too little to provide a quality service, and what you get for your money in the way of support, tools, features and future opportunities.  


Each SMS API provider has its pro’s and con’s, so going through all the relevant aspects to your business and use-case is important. This can help determine if the chosen service provider can provide a service that leads to a long-term partnership. So, it’s good to zoom out and look at the bigger picture.

What is an SMS Sender ID?

and how is it used for two-way messaging

A Sender ID (or sender name) is the displayed value of who sent the message on your handset. For example, the Sender ID of your friend is their phone number. It can also be a shortcode, such as 12302, or contain a limited number of characters, e.g. CoffeeShop.

Picture showing what is an SMS Sender ID.

The different types of sender IDs are usually the first points touched upon when starting to use the service.

There are three types of Sender ID:

  • Long numbers
  • Shortcodes
  • Alphanumeric

Long numbers are the numerical sender IDs, which are the same length as the national mobile numbers (up to 15 digits long, not including the + symbol). For example, 3725953854.

Shortcodes are special numerical senders that are shorter than the regular numeric senders. These types of senders may have different uses depending on the region the messages are being sent. Generally, in Europe, such numbers are used for things like customer support, voting, premium rate services, etc., whereas in Latin America, shortcodes are the most typical types of sender IDs. For example, 12302.

Alphanumeric Sender IDs are sender names that compose of letters from the alphabet (A-Z), and numeric characters. This sender represents the brand name and is displayed as such when you receive a message (e.g. new text message received from Messente). This is for single-way communication with your customers.

It is important to note, however, that not all countries and operators offer all these sender IDs for use, even if the SMS service provider supports them.

SMS Sender ID verification

Whether it is an alphanumeric sender or a shortcode, the Sender ID verification process is used despite the kind of Sender ID you are applying for.

Here in Messente, for example, we take various steps to verify SMS sender IDs. The goal is to make sure that the Sender IDs are being used lawfully and so that no-one could misuse them.

Another reason for this process is the ever-changing operator and country regulations.

Whether it is an alphanumeric sender or a shortcode, the Sender ID verification process is used despite the kind of Sender ID you are applying for.

A simple registration is relatively easy and after the verification, all should be set. But unfortunately, that is not the case everywhere. The sender registration process in the background is more complicated than that.

Some countries have a very complex registration process in place to send your messages to their subscribers, whereas some operators do not allow alphanumeric Sender IDs at all. 

Two-way messaging with Sender IDs 

The nature of the SMS Sender ID brings about various possibilities in terms of appearance and use cases, one of which is two-way messaging. Although, the availability of such a feature depends on whether the Sender ID is a numerical or an alpha sender.

For two-way messaging to work, a numerical number is needed. In order to enable two-way messaging, a number needs to be registered by the partner beforehand. You have two options to choose from:

Long Number Sender ID

As mentioned before, it will appear on the recipient's handset as a long number (e.g. a mobile number). This enables two-way messaging for that number. The sender can reply back directly, and the reply is forwarded over the API or e-mail.

Picture showing an example of a long number sender ID.

A Shortcode Sender ID 

This Sender ID is like the previous long-code option, only that there is a little more variety in the short-code types: 

  • Dedicated Shortcode – this is a little more expensive version. A single company is the owner of the specific shortcode. This is almost always covered with two-way messaging, with no keywords required for the communication. 
  • Shared Shortcode – multiple entities share these shortcodes, meaning that several companies use the same Sender ID to notify their customers. In these cases, two-way communication is also possible when using a keyword (for example: “Reply with MESSENTE if you wish to know more”).

Picture with examples of dedicated shortcode and shared shortcode.

SMS restrictions

Due to the global nature, there are a variety of different measures taken by the mobile network operators to regulate the messaging.

A lot of the operators have incorporated their own business processes, restrictions and regulations in every aspect of the text message, from the Sender ID and content restrictions to the process of how messages can be submitted to their networks.

As the variety and the number of different regulations is quite high, we will outline a few of the more common ones: 

  • Registered sender names only – In some countries there is a specific restriction whereby A2P messaging is only allowed when they are whitelisted (registered) with the network operators.

    This is set in place so that either the operator itself or the central government agency in the destination country have a simple way of tracking the message back to the original sender. 
  • Sender ID restrictions – Many mobile network operators restrict the sender name types. The reasons for this vary, depending on the types of Sender IDs allowed.

    Some mobile operator networks only allow active long numbers for the recipient to have a clear and simple way to contact the sender.

    On the other hand, some operators only allow alpha sender IDs to be passed through the relevant channel to ensure that the recipients clearly identify the brand trying to contact them.

    Lastly, a few countries have set in place a set of regulations so that only shortcode senders are allowed through. These are licensed directly from the operators.
  • Sender signature included in the text – In some countries, the sender info must be included in the message body itself so that the customer knows that this is a valid message.

    Another reason for it can be due to country regulations where this signature serves as verification of the official sender using the long number Sender ID.
  • Spam filters – Almost every mobile network operator in the world requires that their clients and messaging partners prove strong spam prevention mechanisms. This is used to stop repeated messages being sent, or technical problems that could cause such issues.

    Also, messaging content is closely observed to stop any scam messages, inappropriate messages and messages that are against the local regulations.


When choosing your Sender ID, make sure that you consider the goals and needs of your business. Do you need two-way messaging? Go for Long Number Sender ID or a shortcode. If not, an alphanumeric one.

Also, make sure that you follow all the regulations. Different countries have different rules and regulations that you need to follow. Some of the Sender IDs might not work in a specific country. An SMS API service provider can help you with all of these decisions.

What are the costs of sending an SMS?

For any service, tool or project, a solid budget and return on investment are key. The same goes for SMS as a key communication channel.  

The costs of using an SMS API service can be divided into two:  

  • Direct costs on SMS delivery - the message cost (e.g. 0.01€ per message)
  • Indirect costs:
    • Message re-sends due to slow delivery
    • Loss of revenue due to undelivered messages
    • Support costs from undelivered message related queries
    • Product misuse related costs such as the client calculating the message length incorrectly

Indirect costs of transactional SMS and PIN codes 

When SMS messages are used to confirm transactions, log into online services, or sign up for accounts, the indirect cost is lost revenue.  

An abandoned registration process that does not lead to a subscription, a halted transaction that does not lead to an additional sale or reduced product use is an indirect cost that results from failed SMS messages. In addition, it affects the brand’s reputation, and support is often required to finish the process.  

For a payment service provider with a transaction fee of 1€, it means a loss of 1€ for each undelivered SMS. Plus support time (let’s say 15€ per hour,) plus resending the message, plus lost revenue due to lost sales opportunities and less use of the product.  

So, a 2% decrease in delivery quality per 1000 transactions would mean 20€ in missed fees, 25€ in work hours (estimating 5 minutes per query due to an undelivered SMS) and re-sending the messages. The total is 46€, or the equivalent of 4600 SMS messages. 

Indirect costs of reminders and notifications 

The indirect costs for missed reminders and notifications vary by use case. From severe, such as utility or emergency messages, to milder use cases, such as reminders for appointments or package deliveries. 

Regarding missed appointments, consider missed revenue (let’s use a dentist appointment in Estonia, costing 100€) the dentist’s unutilized labour (1 hour here is about 50€). Plus, the cost of re-sending the message, plus reduced customer satisfaction resulting in fewer patients. 

Add in support time, possible administrative issues (e.g. invoice reminders that are not sent out and latency is unduly charged), etc. Thus, a missed dentist appointment costs around 150€ in lost revenue and labour alone. That’s about 15 000 SMS messages.   

Indirect costs of SMS Marketing 

Clearly, the indirect cost here is the lower conversion rate or a missed conversion opportunity. For a campaign of 1000 messages with a conversion rate of 5% and a yield of 50€ per conversion, a 2% increase in messages delivered amounts to 50€ in extra revenue. That’s the cost of 5000 messages.

So, an increase in delivery rates by 2% pays for the campaign and 4 additional ones. Some companies must consider the brand image as well, as customers become accustomed to receiving discounts and coupons over SMS. Lastly, don’t forget the direct cost of re-sending mass amounts of missed messages, because the marketing department still expects conversion.  

How to ensure high-cost efficiency? 

Paying a bit more per message may seem like a dubious thing to do when talking about cost efficiency. But the cost of a single SMS is so low, and the alternative costs associated so high, that in most cases it would make sense to pay tenfold the amount of a single SMS just to avoid 1% of the total number going amiss.  

But there are other aspects to take into consideration as well when optimizing SMS costs. 

The SMS itself has some limitations that if neglected, can end up severely impacting the bottom line. Be it the fact that a single message may not be up to 160 characters in length every time or that the GSM alphabet is actually rather limited.  

Tools like our SMS Length Calculator help avoid doubling the costs. It checks the content and helps illustrate how long the actual message will be once sent and if it will be sent as one, two or even three messages.

SMS Length Calculator

SMS Length Calculator


For our customers, we’ve also added an Auto-Replace Tool to help mitigate the additional costs when using characters outside the GSM alphabet. When an API connection is used, the content is rarely checked using the calculator, so having an auto-replace tool can help avoid accidentally doubling the message count and thus doubling the invoice.  

The Phonebook 

It’s also important to start off on the right foot. The actual numbers that receive the messages are the other half of the cost efficiency optimization process. 

The phone number database needs to be correct to ensure maximum message delivery and minimal indirect costs. Even a slight typo in compiling a list of numbers for a marketing campaign may be the difference between 40% and 99% delivery rate.  

If some of the previously mentioned issues have persisted and made their way into the phonebook, there’s still a way to mitigate the damage made. Though timeliness is key.  

The phone number database needs to be correct to ensure maximum message delivery and minimal indirect costs.

A campaign moves in messages per second. So, if a campaign is sent out with a throughput of say 50 messages per second, you can deliver 180 000 messages per hour per connection. We usually have a few connections per each operator so, in Estonia for example, that number is tripled to more than half a million messages per hour.  

In other words, a 1000 SMS campaign would reach the customers in 6.7 seconds. Since that is rather fast, we usually deal with the consequences of a poorly set-up campaign rather than mitigate the damage. In these cases, only diligent pre-work can save the day. 

If content optimization tools aren't used, there is still some fallback to rely on. Such as an account low balance/credit warning that comes standard with most service providers. Or a specific API designed to allow account balance requests to stay on top of the budget.


Using SMS as a communication tool requires diligent pre-work before attempting any campaigns or setting up a constant flow of communication. Mistakes can pile up quickly and result in unexpectedly high costs. Both the delivery and the underlying client number database need to be of high quality and regularly maintained. Otherwise, the indirect costs of sending an SMS can get out of hand, thus increasing the overall costs of the campaign by a significant amount.

Why SMS quality matters?

and what it actually means

SMS quality is a term often used yet rarely fully understood. The common question arises from daily SMS use in our lives: you send one message and it is received, so how could there be some sort of quality to it?  

The instance of an SMS not being received when we send it in a p2p format is super rare. But when the number of messages reaches into the thousands per day, the quality aspect becomes a real issue.  

SMS delivery quality is measured by three indicators: 

  1. How many messages of the dataset are actually deliverable?

  2. How many messages are actually delivered out of the messages that can be delivered?

  3. And in what time did the delivery happen? 

Deliverable vs undeliverable messages 

The most common reason for low delivery rates is the quality of the dataset or in this case, the contact list used to send SMS messages. 

As most customer phonebooks consist of numbers submitted by the users, there is a rather high percentage of errors. Usually, between 5-10% of all phone numbers in the dataset are incorrect. Be it a missing country code or one that has been incorrectly inserted, simply a mistyped number or even a fraudulently given one.  

Whatever the case, if the recipient’s number is incorrect, there is no way that they can receive the message, yet the sender will still be charged. This is because any SMS API system will attempt to send to any number that has been given, except when it’s not in the correct format.  

If there is a missing country code, the system will simply use the first numbers to find the first country that fits and send to any number that is appropriate and able to receive. Only when no such number exists is it possible to get an “undelivered” report in this context. And the sender gets charged per sending request, not per SMS delivered, as the vendors are also charged per attempt, not per successful delivery. 

If the recipient’s number is incorrect, there is no way that they can receive the message, yet the sender will still be charged.

In addition to invalid numbers, they may also be roaming (around 3% of the dataset). This refers to the mobile phone being used outside the range of its home network where it must connect to another available cell network.  

It’s rather common that while the number is active and able to be used as it’s on another network, it won’t be able to receive messages. This can be because the home network operator may not have an agreement in place with the roaming network operator, say an Estonian operator having an agreement with an operator in Mozambique. 

In these cases, though, the timeliness may suffer as the connections between different operators around the world can have a myriad of both technical and legislative issues. Delivery is still possible once the recipient returns to the home network’s area, but the request needs to be valid and not outdated. The timeliness though is most likely not there, especially when sending business-critical messages. So, it’s best to avoid sending to these numbers if ever possible.  

So out of a 1000 number dataset, there are 5-10% invalid numbers and 3% roaming numbers. Meaning that there are only between 870-920 numbers where delivery is possible to. Or more specifically, there are 80-130 messages that senders pay for that never even have a chance of being received.  

This has a large impact on any campaign and lowers the delivery quality if the issue is not dealt with beforehand. We’ll cover how to avoid these pitfalls in the following chapter.

SMS Service Quality Report

Read our comprehensive report on SMS service quality


The connections used

There are thousands of mobile operators and telecommunication service providers in the world. Countries like Germany have more than 20 different operators that all share a piece of the market. Managing those connections can be quite a hassle.  

To avoid timeliness issues at peak times, SMS service providers like Messente use multiple connections to each network to ensure maximum delivery quality and speed.  

Due to there being so many providers in the world, any multinational company looking to send in multiple markets will find itself in quite a difficult situation. All these connections need to be actively managed and maintained. With varying technical requirements come potential leaks or bugs in the system where another few percent of messages get lost. And even one percent can have a major impact on the business.  

So, to deliver high message quality with minimal losses, using a service provider who has ironed out these kinks makes the most sense. It saves both time and money as the connections are managed for the sender and the priority of the messages remains high, ensuring timely delivery.

Find out more about SMS quality in one of our webinars

Delivery timeliness 

It’s a given that messages should arrive when they are intended to arrive. But when business-critical messages are delivered, the “when” needs to be in a matter of seconds and each second matters.  

When transactional confirmations or PIN codes are sent, people tend to hit “resend” after mere seconds of waiting. This can result in multiple retries that end up costing the sender a lot more.  

The same goes for reminders. They need to be delivered on time, as even a half a minute delay can be the difference between missing a flight, for example. 

SMS routes have sending limits though and this impacts how quickly messages arrive. Couple that with prioritization procedures and we risk missing out on that crucial window to get the messages to the clients exactly when they are intended to. 

Checking the quality 

To ensure delivery quality, it needs to be checked and we try to be as transparent in enabling our customers to do so. Here’s how the process works:

The process of checking delivery quality

Infographic about checking SMS delivery quality


SMS delivery quality depends on the quality of the dataset, the routes used to deliver the messages and the throughput/priority capabilities of those routes. This way, only the messages that can be delivered will get delivered. These messages will be delivered via connections where the technical problems have been ironed out, and the loss is minimal. 

All this is done on time to ensure as little resends and time-outs as possible. Only the SMS service providers who use these systems can provide 98-99% delivery rates, ensuring a consistent flow of communication between companies and their clients.

Security and compliance

As with any service, it’s crucial for peace of mind that the functionality provided is secure against any ill-intended miscreants. Also, it needs to be lawful in how the service is built up, managed and provided.  

This is especially critical when taking communication providers into account. The data transferred is often confidential and/or personal in nature. So, no prying eyes should have access to it, not even the service providers.  

There are three key aspects to the service providers’ security. 

Physical security

This applies to on-site security such as secure doors, cameras, an alarm system and a strong protocol for data transfer outside of the service provider’s facility. Also, the security of the servers. The latter needs to be housed within a secure facility with the same provisions and with a certification in accordance with DIN ISO/IEC 27001.  

In Europe, the most secure facilities are in Germany, as their Federal Data Protection Act (BDSG) as well as the German Teleservices Act (TMG) require a very high level of protection for all data centres and anyone handling data. Access by foreign authorities might also be an issue that one would need to avoid. So, staying out of any jurisdiction that has had a history of sharing confidential information is also key. 

System security

It’s essential to use firewalls and logical access control to protect the servers from unauthorized system access. This allows only trusted operations personnel, who are required to use necessary security measures when accessing and handling the data, to manage the systems. 

This would mean that access is granted on a strict needs basis only. The access can also only be done via a secure VPN connection as well as 2FA enabled on all admin accounts. As human error is the most common security problem, limiting access is key. 

Strong configuration standards should also be used to strengthen the servers and keep them up-to-date with the latest security patches. This goes hand in hand with constant vigilance via a Security Information and Event Management system that enables breach detection as well as immediate action to be taken when any possible leaks are found. 

Application security

Strong cryptography for communication over public networks is a must so that your passwords, API username/password, and contents of your communications may be protected. When possible, only secure connections should be used, and connections used that support end-to-end encryption favored. 

Rate limiting is another tool to put in place on API calls to prevent brute force attacks. Password complexity requirements should be enforced on API usernames, passwords and interface passwords at least. The passwords should also be cryptographically hashed before storing in the database, as well as strong password requirements enforced beforehand. 

Wherever reasonable, a 2FA system should be in place to ensure multi-layered protection.

2FA report

Whitepaper: How 2FA Lowers the Risk of Data Breaches?


What can the sender do? 

While the service provider manages most of the security aspects, there is still a fair amount the sender can do to ensure confidentiality and mitigate the amount of data processed. 

The key component of any message is the content. There are several ways to ensure safe storage on the provider’s side. Such as using hashing or not storing message content altogether. 

In hashing, the message will appear as a jumbled mess to anyone peeking from the service provider’s side. And the “no-store” parameter in Messente’s API, for example, hides the content entirely, making it near impossible for others to see the content. 

There are several ways to ensure safe storage on the provider’s side. Such as using hashing or not storing message content altogether.

You can also keep the message from being saved on the user’s handset automatically by using Flash SMS. It enables rapid communication and an extra bit of security to boot.  

Using these tools will add an additional layer of protection on top of the existing security and can provide a bit more peace of mind for the customers. 

Compliance, documentation and data protection 

Not only does the security need to be up to the bar, but the compliance must also be in-line, too. The first and most easily accessible pieces of legal information that can be checked are the Privacy Policy as well as the Terms and Conditions. 

These two documents set out the rules that govern the service on a day-to-day basis and the rules and processes the service provider commits to follow. Checking these can give a good overview of how they handle their operations. 

Also, what type of security provisions, legal provisions and technical provisions have they committed to? Look for anything about payment terms, the liability of parties, confidentiality of communication, etc. 

If these documents seem too vague or aren’t quite up to scratch, you can either choose to not work with the service provider or ask for a separate Service Agreement. This will specify the terms of working together. 

Additionally, sign a Non-Disclosure Agreement to describe the importance and level of confidentiality expected. To specify support times and contact methods, a Service Level Agreement is also a possible add-on to the Service Agreement. 

With the introduction of the General Data Protection Regulation, all data processing has become quite rigidly regulated for any company providing a service to European citizens and residents. Hence a vast majority of multinational companies are affected by it.

It sets clear limits to what, how and for how long data can be processed. These aspects need to be covered in the Privacy Policy or in another document such as a Data Handling Policy.

Watch our webinar that delves more deeply into this topic

These documents need to demonstrate the following: 

  • The nature and content of the data processed as well as the subject of the data
  • The way the data is processed and what provisions are used to protect it
  • Retention times for the data that need to be reasonable in length as compared to the data in question and the data subjects’ rights to minimal data retention. 

So, for example, meta-data that describes the message time and delivery statistics could be kept for a year to provide support and analytics. But more than that would need a rather well-based explanation. 

Looking at how marketing communication consent and cookies are managed can also give you a fairly good idea of how in-tune the service provider is with the data protection laws and requirements. Unsolicited newsletters and a no-cookie policy notification are clear warning signs as to a lack of compliance.

PSD2 Report

Report: What Changes Will the New Payment Services Directive Bring?



It’s important to take care of and analyse the security and compliance practices a company employs daily. Since the regulations concerning data protection become ever more stringent, and the frequency of data theft and fraud become more prevalent, having a secure and transparent partner is key in ensuring that your customer's data is kept safe and confidential.

Tips and tricks

SMS has been around a while now, and the world around it has changed quite a bit. As it was a tool of its time, there are some shortcomings - content length and a defined character set. But it still has a fair few tricks up its sleeve to keep pace with its modern counterparts like WhatsApp and Facebook Messenger.  

And it’s still important to note that while WhatsApp has 1.5bn+ monthly users and Facebook Messenger has around the same amount, SMS still tops the pile with a total of 5.1bn people. That’s because SMS still comes as standard with all mobile devices and to receive messages, you don’t have to register or even have a data plan.  

Tips for use-cases 

First, let it be known that SMS can just be a gateway for information delivery. You can add any hyperlink to the message and use that as a call-to-action for customers to respond to. Since customers can’t really buy anything via SMS without migrating to another site or service for at least a moment, having it as a forwarding tool is absolutely fine.  

Make sure the content is good though. People can always blacklist you if the offers become too intrusive or tedious.  

As a marketing tool SMS excels at reach and open-rate (a whopping 98%). So, it makes sense to use it for a variety of promotions and client loyalty programs. Be it to deliver news about milestones in your training app and suggest additional features or just go down the good old “get this now because it’s 50% off” road, SMS is a functional marketing tool.  

For notifications, you can hardly go wrong with the SMS. The same reach and timeliness aspects come into play as well as the fact that a data connection is not needed. Just regular cellular reception is fine. This way, there’s a chance to deliver emergency notifications to the backwaters of the world and ensure that everyone has access to crucial information.  

It can even do emojis to add a little bit more flair and make the newer generation a bit more excited about receiving a good old SMS. Visual appeal helps with any generation though. A more appealing message can sooth minds if the news is rather disappointing or add even more excitement when the news is good (e.g. getting that package you’ve been waiting for ages).  

SMS intrigues people 

Receiving an SMS is getting more and more like receiving an actual letter. We seem to get intrigued when we get one and are tempted to look as soon as one pops on our screen.  

By making the SMS more appealing, using its potential as a mediator or as a conveyor of integral information, and making use of the many shortcuts that we’ve described, SMS will be a valued tool for another 20 years. Or at least until it’s no longer a standard that the world of mobile devices adheres to.


SMS might be a quarter of a century old, but it is far from dead. Thanks to the growing number of mobile users, high open rate, and fast delivery, the technology is still popular amongst companies who need to communicate business-critical information to their customers every day.

To help businesses use this technology, modern service providers offer SMS API to make messaging operations scalable and easy to use.

Before you start sending SMS messages, make sure that you:

  • Verify your Sender ID
  • Use a suitable Sender ID for two-way messaging
  • Follow all the messaging regulations
  • Know what the quality of an SMS means
  • Know the cost and indirect costs of sending an SMS
  • Choose a suitable partner
  • Integrate an SMS API
  • Follow security and privacy regulations

And you’re good to go!

Hopefully, this guide will help you get started without too much of a hassle. You can always come back to it if you need to remind yourself of something. 

Also, you can download the PDF version for easy access. Feel free to contact us if you have questions that you can’t find answers to in this guide. We’ll gladly help you.