Messente logo

SMS API Providers: Everything You Need to Know

Authors: Uku Tomikas, Joosep Pintsaar, Marko Sulamägi & Taavi Rebane

Last update: 01.10.2021

SMS and SMS APIs have been used by companies of all sizes for years. Their primary use is to deliver business-critical text messages and marketing information to customers all over the world.

How is it possible that one type of technology has been used for so long? Well, there are many reasons why companies are so fond of it.

The biggest advantage of SMS is affordability. One message will cost you around 1 to 7 cents depending on the region and the volume you’re sending. If your monthly volume is bigger, your price per SMS will be reduced significantly. Thus, it provides a great return on your investment.

5.1 billion people use mobile phones, which makes SMS more widely used than other communication applications that require an internet connection.

SMS has a high probability of reaching any customer, anywhere, at any time. Can you name one communication channel with a wider reach? We certainly can’t think of any.

SMS messages also get read often. SMS boasts a whopping 98% open rate, so not only will people receive the message but they are also likely to read it.

Furthermore, 90% of SMS messages are read within 3 minutes of delivery. This is great for transactional text messages and service-related updates such as emergency information.

SMS boast stronger numbers when compared to email

SMS vs email infographic

Considering all the benefits that SMS brings, you might be asking yourself “how can I get started with SMS?” and “where can I find an SMS API that meets my needs?”

There are plenty of SMS APIs and SMS gateways available, so start by researching the current market.

This guide contains all the important information that you will need to ensure any SMS APIs you are considering match your business requirements. From SMS limitations and possibilities to SMS API integration and choosing a partner to make this journey as easy as possible for you. We have also included some expert tips about SMS messaging.

How can SMS API be used?

SMS is super successful. But why?

Three things – it’s simple, has a huge reach, and a high open-rate.

When these three factors are combined together, you can see why it's such a popular communication tool for businesses to interact with their customer base. SMS text messages can be relied on to ensure that information is delivered quickly for any required situation, at a reasonable price. After all, the average price of an SMS is around 2-3 cents.



Three things – it’s simple, has a huge reach and a high open rate.  

Here are some of the main uses of SMS:

Security 

Whether it's via a one-time password (OTP), a password with an expiration time, or a two-factor authentication (2FA) solution, SMS messaging services can be used to verify a customer and their phone number.

This can help with fraud prevention. It also makes it harder for any assailant to commit fraudulent acts without gaining access to the person's phone, personal information, or passwords.

Financial services are some of the most frequent users of this type of anti-fraud processing as it is simple and effective. Banks need to ensure that transactions are legitimate and SMS is a sure-fire way to verify the individual making a transaction.

Critical communication 

In times of emergency or rapid response, information needs to be readily available to ensure the best possible outcome. From severe weather warnings to municipal warnings, emergency SMS alerts can be used as a rapid mass outreach tool that can be put into action whenever a certain group of people needs to be informed.

Using SMS in combination with geolocation allows emergency services to send vital SMS alerts to people in the area in which there is a weather warning.

IP geolocation is great to use with weather apps and emergency communication tools because it delivers highly targeted messages. This can ensure that the right people get the correct information at the right time, without causing panic amongst those to whom the information does not concern.

With a 98% open rate, of which 95% are opened within the first 5 minutes, SMS can deliver critical information in a timely manner.

With a 98% open rate, of which 95% are opened within the first 5 minutes, text messages can deliver critical information in a timely manner and provide an additional level of confidentiality by hiding the SMS content from the service providers. This way, both emergency alerts, and confidential patient information can be delivered via the same communication tool.

Customer care 

One of the best ways to provide customer care is to utilize a robust and reliable system in which businesses can provide customers with useful information.

Whether it's sending your customers a text message about pick-up times, ticketing information, or where the best places are to eat, nurturing the relationship you have with your client will increase the lifetime value of that customer.

The same goes for customer relationship management (CRM) technology providers. They send and receive SMS messages with clients to ensure their bookings are well organized and that they offer a well-rounded customer service experience, this can be achieved with the use of an SMS gateway.

An SMS gateway API allows businesses to send and receive text messages with their customers, without the use of mobile phones. This is a great way for businesses to enhance their customer service experience.

Doing this increases the likelihood of a client leaving a positive review on a social media page or a review site.

Actual companies and their stories 

Here’s a selection of companies that we work with daily (you can download case studies for each of them): 

  • Bigbank automates its business processes using SMS.
  • Fleep authenticates and onboards new customers with SMS.
  • Barking utilizes SMS to open parking lot gates and to verify their users. 
  • Worapay uses SMS for verification in helping you queue better and save time on purchases. 
  • Paytailor helps e-commerce companies know when their loyalty milestones are reached and market their products more effectively. 
  • Gobaba utilizes every facet of SMS. They use it to verify users, confirm transactions and deliver timely information on potential offers that might interest their customers.

Summary 

The first SMS message was sent in 1992.

SMS is a whopping 27 years old. Despite its age and P2P messaging migrating to WhatsApp and Facebook Messenger, SMS use in the A2P field is still growing, and it shows no sign of stopping as new and more innovative ways of using this tech are still being discovered.

In this age, information is the key to success, and SMS enables companies to deliver that info in a timely and reliable manner.

How to integrate an SMS API?

Once you’ve decided to integrate SMS messaging into your application, you may ask yourself, “What now?”. A lot of technical jargon comes up when you research the topic, and it all seems very complicated. But don’t let that confuse you…

Although some technical knowledge is required, integrating SMS is a simple task for developers at any skill level.


What is an SMS API?

SMS API stands for short message service application programming interface. It is not as complicated as it sounds. SMS API is a type of API platform that allows your business to integrate SMS messaging into your existing software. 

These SMS messages can be sent through an SMS gateway to networks with backup solutions all over the world by only integrating with a single service.

There are various reasons why it is better to use an intermediary. Mobile operators use specialized technical solutions and connecting your application to them can be complicated.


SMS API is a software service connecting your application with telecommunication networks.

SMS API providers, such as Messente, instead create their services with simplicity in mind. So, the functionality is accessible to anybody who can create a website or make a simple HTTP request. Unless you specifically need a direct connection with operators, then using SMS API providers is both faster and cheaper.

Do I need a developer and how much time does it take?

Integrating the SMS API is as simple as sending an automatic “Welcome!” email to your customers from your application. Some development is likely needed, but it should be something that a junior developer can put together in a day.

Essentially how it works is that every time you want to send an SMS, an automatic request is made to the API (like visiting a web page in your browser). 

After that, the SMS API provider will take over. The message gets translated into a protocol that mobile networks can understand and sent to the correct operator.

SMS API integration checklist cover picture

Make SMS API integration easy with a 
step-by-step checklist

GET MINE TODAY

The mobile network operator will respond back with various status updates about message delivery status or if there has been a problem (e.g. if the phone is turned off). The SMS API provider will again translate the status update into a simple application-readable structure and send it back to your application.

Often if you are using popular software applications (e.g. Salesforce, WordPress or Pipedrive) it’s possible that there may already be pre-built plugins that you can use. Contact the provider’s support and ask if anything exists that will speed up your integration process.

Things to look out for

Although technical integration is relatively simple with most providers, there are a few things to look out for.

Sending SMS messages may not be the only thing you want to integrate. To add more automation into your day-to-day business operations, it would also be useful if your selected SMS API provider helped you with service management tasks.

Account balance updates, phonebook management, and price calculations can usually be done manually from the SMS provider’s dashboards. But it’s often more effective to automate these processes or see them directly in your own application. We recommend looking for API providers that have created helper features that you can add to your integration.

Nobody wants to constantly keep an eye on their text messages to see if they have successfully been delivered. That’s why it’s important to choose an SMS API that offers monitoring. 

Monitoring is especially useful for bulk SMS marketing campaigns. Keeping you informed with SMS alerts and warnings if something out of the ordinary should happen during your SMS campaigns.

Where can I get help?

The most helpful person you can find is a developer. They can have helpful input when researching for the best SMS API integration and implement the technical part of the integration. A developer’s view of API’s technical documentation gives you a better understanding if it’s easy-to-use and has the features to meet your business’s requirements.

Summary

Adding SMS capabilities to your application is as simple as sending an automatic welcome email to your customers. Choosing the correct SMS API provider often takes longer than the actual integration. Look for providers who have developer-friendly and helpful management tools apart from SMS sending.

How to choose an SMS API provider?

There are a whole host of aspects to consider and go through before committing to a partnership with an API platform. Here are a few key aspects to keep in mind when picking a communications provider.

Time 

For a multinational sender or even a sender in a major market with multiple operators to handle, the issue of centralization is essential. Since having your own connections to each will take time to manage and might not be the most cost-efficient in the end.  

Brokering deals and contracts takes time. Before testing APIs and software, procurement departments team up with technical teams to research potential SMS messaging partners, handle communication, and compare offers.  

Based on the experience of our customers, it takes at least 5 hours to research the market in each country as there are several mobile network operators in every country. Also, boutique SMS aggregators end up in the mix, as they aggregate traffic in a smaller region.

Integrating APIs takes time as well

SMS API integration infographic

Once a partner is selected, it takes some time to iron out the kinks, as with any new software integration. It’s roughly a cumulative of 3 hours communication and support cases per partner.

Breaking down the math assuming there are 3 partners considered in a geographical market:

  • 5 hours of research & negotiations
  • 4 hours of testing & deployment per partner = 12 hours
  • 3 hours of final integration with 1 partner

Total: 20 hours per country (or geographical region)

Now imagine repeating this for more countries. To find SMS API providers for three countries would take up more time than most people spend working in one week. 

And the maintenance costs creep up too. Based on our customers’ insights, it takes about 2 hours a month to manage partner connections, campaigns, support, and accounts. 

Quickly doing the math, selecting then maintaining 3 partners in 3 countries takes 132 work hours in one year. 

Consolidating traffic to a global partner with good connections reduces accounting and operations time to no more than 1 hour. That is because an account manager is provided to handle most things. The selection process and integration of a global partner takes 20 hours, plus about 12 hours of annual operations management time. 100 hours have already been saved compared to 3 partners for 3 regions.   

And as time is money, cost-efficiency also comes into play here.  

Delivering SMS messages in multiple geographical markets is complex. There are hundreds of mobile operators and network hubs, and they only really care about volume.  

So, businesses get pricing from secondary markets (i.e. SMS service providers) because the pricing is 10-25% lower than going directly to network operators or boutique providers individually. This way, having a single provider who looks at the traffic across markets rather than in each market separately often leads to a significant decrease in the service price.

What do you get? 

Feature functionality, delivery quality, and relationship management are all vital to a successful partnership.

The first enables the sender to find multiple ways to efficiently manage the communication with their clients, and the associated costs such as additional APIs for pricing, crediting, number look-up, etc.

The second ensures that communication is handled in a timely and cost-efficient manner.

The third ensures that the service provider can keep up with the demands of a sender’s business as they grow, as well as provide answers and solutions ASAP.

These apply to both finding a service provider by reaching out or by setting up a tender (though there are more aspects to take into consideration here).

Your partner should also have a focus on the future. Looking to understand where the communication field is going as well as integrate new tools and channels such as WhatsApp, Telegram, Viber, etc. via something like an Omnichannel API.

Watch our webinar about omnichannel messaging


What to check for? 

In addition to checking delivery quality, cost efficiency, and future orientation, compliance is also a key factor.  

This includes both the lawfulness of the products and their use, the quality and transparency of the documents presented (e.g. the Service Agreements and Privacy Policy), physical security of the facilities where the data is stored and processed, as well as security measures applied to the systems and processes (e.g. encryption, limited access, 2FA, etc.)

You should compare the pricing in the market between service providers and operators such as what the average price is in the market for a specific volume of text messages, who is offering the cheapest price, and what you get for your money in the way of support, tools, features and future opportunities.

Summary 

Each SMS API or SMS gateway provider has its pros and cons, so assessing what your particular business needs are is important. This can help determine if the chosen service provider can provide a service that leads to a long-term partnership. So, it’s good to zoom out and look at the bigger picture.

What is an SMS Sender ID?

A Sender ID (or sender name) is the displayed value of who sent the message on your mobile phone. For example, the Sender ID of your friend is their phone number. It can also be a shortcode, such as 12302, or contain a limited number of characters, e.g. CoffeeShop.

Picture showing what is an SMS Sender ID.

The different types of sender IDs are usually the first points touched upon when starting to use the service.

There are three types of Sender ID:

  • Long numbers
  • Shortcodes
  • Alphanumeric

Long numbers are the numerical sender IDs, which are the same length as the national mobile numbers (up to 15 digits long, not including the + symbol). For example, 3725953854.

Shortcodes are special numerical senders that are shorter than the regular numeric senders. These types of senders may have different uses depending on the region the messages are being sent. Generally, in Europe, such numbers are used for things like customer support, voting, premium rate services, etc., whereas in Latin America, shortcodes are the most typical types of sender IDs. For example, 12302.

Alphanumeric Sender IDs are sender names that compose of letters from the alphabet (A-Z), and numeric characters. This sender represents the brand name and is displayed as such when you receive a message (e.g. new text message received from Messente). This is for single-way communication with your customers.

It is important to note, however, that not all countries and operators offer all these sender IDs for use, even if the SMS service provider supports them.

SMS Sender ID verification

Whether it is an alphanumeric sender or a shortcode, the Sender ID verification process is used despite the kind of Sender ID you are applying for.

Here in Messente, for example, we take various steps to verify SMS sender IDs. The goal is to make sure that the Sender IDs are being used lawfully and so that no-one could misuse them.

Another reason for this process is the ever-changing operator and country regulations.

Whether it is an alphanumeric sender or a shortcode, the Sender ID verification process is used despite the kind of Sender ID you are applying for.

A simple registration is relatively easy and after the verification, all should be set. But unfortunately, that is not the case everywhere. The sender registration process in the background is more complicated than that.

Some countries have a very complex registration process in place to send your messages to their subscribers, whereas some operators do not allow alphanumeric Sender IDs at all. 

Two-way messaging with Sender IDs 

The nature of the SMS Sender ID brings about various possibilities in terms of appearance and use cases, one of which is two-way messaging. Although, the availability of such a feature depends on whether the Sender ID is a numerical or an alpha sender.

For two-way messaging to work, a numerical number is needed. In order to enable two-way messaging, a number needs to be registered by the partner beforehand. You have two options to choose from:

Long Number Sender ID

As mentioned before, it will appear on the recipient's mobile phone as a long number (e.g. a mobile number). This enables two-way messaging for that number. The sender can reply back directly, and the reply is forwarded over the API or e-mail.

Picture showing an example of a long number sender ID.


A Shortcode Sender ID 

This Sender ID is like the previous long-code option, only that there is a little more variety in the short-code types: 

  • Dedicated Shortcode – this is a little more expensive version. A single company is the owner of the specific shortcode. This is almost always covered with two-way messaging, with no keywords required for the communication. 
  • Shared Shortcode – multiple entities share these shortcodes, meaning that several companies use the same Sender ID to notify their customers. In these cases, two-way communication is also possible when using a keyword (for example: “Reply with MESSENTE if you wish to know more”).


Picture with examples of dedicated shortcode and shared shortcode.

SMS restrictions

Due to the global nature, there are a variety of different measures taken by the mobile network operators to regulate the text messaging.

A lot of the operators have incorporated their own business processes, restrictions and regulations in every aspect of the text message, from the Sender ID and content restrictions to the process of how text messages can be submitted to their networks.

As the variety and the number of different regulations is quite high, we will outline a few of the more common ones: 

  • Registered sender names only – In some countries there is a specific restriction whereby A2P messaging is only allowed when they are whitelisted (registered) with the network operators.

    This is set in place so that either the operator itself or the central government agency in the destination country has a simple way of tracking the text message back to the original sender.  
  • Sender ID restrictions – Many mobile network operators restrict the sender name types. The reasons for this vary, depending on the types of Sender IDs allowed.

    Some mobile operator networks only allow active long numbers for the recipient to have a clear and simple way to contact the sender.

    On the other hand, some operators only allow alpha sender IDs to be passed through the relevant channel to ensure that the recipients clearly identify the brand trying to contact them.

    Lastly, a few countries have set in place a set of regulations so that only shortcode senders are allowed through. These are licensed directly by the operators.
  • Sender signature included in the text – In some countries, the sender info must be included in the message body itself so that the customer knows that this is a valid message.

    Another reason for it can be due to country regulations where this signature serves as verification of the official sender using the long number Sender ID.
  • Spam filters – Almost every mobile network operator in the world require that their clients and messaging partners prove strong spam prevention mechanisms. This is used to stop repeated text messages being sent, or technical problems that could cause such issues.

    Also, messaging content is closely observed to stop any scam messages, inappropriate messages and messages that are against the local regulations.

Summary

When choosing your Sender ID, make sure that you consider the goals and needs of your business. Do you need two-way messaging? Go for Long Number Sender ID or a shortcode. If not, an alphanumeric one.

Also, make sure that you follow all the regulations. Different countries have different rules and regulations that you need to follow. Some of the Sender IDs might not work in a specific country. An SMS API service provider can help you with all of these decisions.

What are the costs of sending an SMS?

For any service, tool, or project, a solid budget and return on investment are key. The same goes for SMS when used as the main communication channel for businesses.

The costs of using an SMS API service can be divided into two:  

  • Direct costs on SMS delivery - the message cost (e.g. 0.01€ per message)
  • Indirect costs:
    • Text message re-sends due to slow delivery
    • Loss of revenue due to undelivered text messages
    • Support costs from undelivered text message related queries
    • Product misuse related costs such as the client calculating the text message length incorrectly

Indirect costs of transactional SMS and PIN codes 

When SMS text messages are used to confirm transactions, log in to online services, or sign up for accounts, the indirect cost is lost revenue.

An abandoned registration process that does not lead to a subscription, a halted transaction that does not lead to an additional sale or reduced product use is an indirect cost that results from failed SMS messages. In addition, it affects the brand’s reputation, and support is often required to finish the process.

For a payment service provider with a transaction fee of 1€, it means a loss of 1€ for each undelivered SMS. Plus support time (let’s say 15€ per hour,) plus resending the message, plus lost revenue due to lost sales opportunities and less use of the product.

So, a 2% decrease in delivery quality per 1000 transactions would mean 20€ in missed fees, 25€ in work hours (estimating 5 minutes per query due to an undelivered SMS) and re-sending the messages. The total is 46€, or the equivalent of 4600 SMS messages.

Indirect costs of reminders and notifications 

The indirect costs for missed reminders and notifications vary from case to case. From severe, such as utility or emergency messages, to milder use cases, such as reminders for appointments or package deliveries.

Regarding missed appointments, consider missed revenue (let’s use a dentist appointment in Estonia, costing 100€) the dentist’s unutilized labour (1 hour here is about 50€). Plus, the cost of re-sending the message, plus reduced customer satisfaction resulting in fewer patients.

Add in support time, possible administrative issues (e.g. invoice reminders that are not sent out and latency is unduly charged), etc. Thus, a missed dentist appointment costs around 150€ in lost revenue and labour alone. That’s about 15 000 SMS messages.   

Indirect costs of SMS Marketing 

Clearly, the indirect cost here is the lower conversion rate or a missed conversion opportunity. For an SMS marketing campaign of 1000 messages with a conversion rate of 5% and a yield of 50€ per conversion, a 2% increase in messages delivered amounts to 50€ in extra revenue. That’s the cost of 5000 messages.

So, an increase in delivery rates by 2% pays for the campaign and 4 additional ones. Some companies must consider the brand image as well, as customers become accustomed to receiving discounts and coupons over SMS. Lastly, don’t forget the direct cost of re-sending mass amounts of missed messages, because the marketing department still expects conversion.  

How to ensure high-cost efficiency? 

Paying a bit more per message may seem like a dubious thing to do when talking about cost-efficiency. But the cost of a single SMS is so low, and the alternative costs associated so high, that in most cases it would make sense to pay tenfold the amount of a single SMS just to avoid 1% of the total number going amiss.

But there are other aspects to take into consideration as well when optimizing SMS costs.

The SMS itself has some limitations that if neglected, can end up severely impacting the bottom line. Be it the fact that a single message may not be up to 160 characters in length every time or that the GSM alphabet is actually rather limited.

Tools like our SMS Length Calculator help avoid doubling the costs. It checks the content and helps illustrate how long the actual message will be once sent and if it will be sent as one, two, or even three messages.

SMS Length Calculator

Free SMS Length Calculator

Try It

For our customers, we’ve also added an Auto-Replace Tool to help mitigate the additional costs when using characters outside the GSM alphabet. When an API connection is used, the content is rarely checked using the calculator, so having an auto-replace tool can help avoid accidentally doubling the message count and thus doubling the invoice.  

The Phonebook 

It’s also important to start off on the right foot. The actual numbers that receive the messages are the other half of the cost-efficiency optimization process. 

The phone number database needs to be correct to ensure maximum message delivery and minimal indirect costs. Even a slight typo in compiling a list of numbers for a marketing campaign may be the difference between 40% and 99% delivery rate.  

If some of the previously mentioned issues have persisted and made their way into the phonebook, there’s still a way to mitigate the damage made. Though timeliness is key.  

The phone number database needs to be correct to ensure maximum message delivery and minimal indirect costs.

A campaign is measured in messages per second. So, if a campaign is sent out with a throughput of say 50 messages per second, you can deliver 180 000 messages per hour per connection. We usually have a few connections per operator so, in Estonia for example, that number is tripled to more than half a million messages per hour.  

In other words, a 1000 SMS campaign would reach the customers in 6.7 seconds. Since that is rather fast, we usually deal with the consequences of a poorly set-up campaign rather than mitigate the damage. In these cases, only diligent pre-work can save the day. 

If content optimization tools aren't used, there is still some fallback to rely on. Such as an account low balance/credit warning that comes standard with most service providers. Or a specific API designed to allow account balance requests to stay on top of the budget.

Summary 

Using SMS as a communication tool requires diligent pre-work before attempting any bulk SMS marketing campaigns or setting up a constant flow of communication. Mistakes can pile up quickly and result in unexpectedly high costs. 

Both the delivery and the underlying client number database need to be of high quality and regularly maintained. Otherwise, the indirect costs of sending an SMS can get out of hand, thus increasing the overall costs of the campaign by a significant amount.

Why does SMS service quality matter?


SMS delivery quality is measured by three indicators: 

  1. How many text messages of the dataset are actually deliverable?

  2. How many text messages are actually delivered out of the text messages that can be delivered?

  3. And at what time did the delivery happen? 

Deliverable vs undeliverable messages 

The most common reason for low delivery rates is the quality of the dataset or in this case, the phone number contact list used to send SMS messages.

As most customer phone books consist of numbers submitted by the users, there is a rather high percentage of errors. Usually, between 5-10% of all phone numbers in the dataset are incorrect. Be it a missing country code or one that has been incorrectly inserted, simply a mistyped number or even a fraudulently given one.

Whatever the case, if the recipient’s number is incorrect, there is no way that they can receive the message, yet the sender will still be charged. This is because any SMS API system will attempt to send to any number that has been given, except when it’s not in the correct format.

If the recipient’s number is incorrect, there is no way that they can receive the message, yet the sender will still be charged.

In addition to invalid numbers, they may also be roaming (around 3% of the dataset). This refers to the mobile phone being used outside the range of its home network where it must connect to another available cell network.

It’s rather common that while the number is active and able to be used as it’s on another network, it won’t be able to receive messages. 

Delivery is still possible once the recipient returns to the home network’s area, but the request needs to be valid and not outdated. The timeliness though is most likely not there, especially when sending business-critical messages. So, it’s best to avoid sending text messages to these numbers if ever possible.  

So out of a 1000 number dataset, there are 5-10% invalid numbers and 3% roaming numbers. Meaning that there are only between 870-920 numbers where delivery is possible. Or more specifically, there are 80-130 messages that senders pay for that never even have a chance of being received. 

This has a large impact on any campaign and lowers the delivery quality if the issue is not dealt with beforehand. We’ll cover how to avoid these pitfalls in the following chapter.

SMS Service Quality Report

Read our comprehensive report on SMS service quality

GET THE REPORT

The connections used

There are thousands of mobile operators and telecommunication service providers in the world. Countries like Germany have more than 20 different operators that all share a piece of the market. Managing those connections can be quite a hassle.  

To avoid timeliness issues at peak times, SMS service providers like Messente use multiple connections to each network to ensure maximum delivery quality and speed.  

Due to there being so many providers in the world, any multinational company looking to send in multiple markets will find itself in quite a difficult situation. 

All these connections need to be actively managed and maintained. With varying technical requirements come potential leaks or bugs in the system where another few percent of messages get lost. And even one percent can have a major impact on the business.  

So, to deliver high message quality with minimal losses, using a service provider who has ironed out these kinks makes the most sense. It saves both time and money as the connections are managed for the sender and the priority of the messages remains high, ensuring timely delivery.

Find out more about SMS quality in one of our webinars


Delivery timeliness 

It’s a given that messages should arrive when they are intended to arrive. But when business-critical messages are delivered, the “when” needs to be in a matter of seconds as each second matters.

When transactional confirmations or PIN codes are sent, people tend to hit “resend” after mere seconds of waiting. This can result in multiple retries that end up costing the sender a lot more.

The same goes for reminders. They need to be delivered on time, as even a half a minute delay can be the difference between missing a flight or making it on time.

SMS routes have sending limits and this impacts how quickly messages arrive. Couple that with prioritization procedures and we risk missing out on that crucial window to get the messages to the clients exactly when they are intended to.

Checking the quality 

To ensure delivery quality, it needs to be checked and we try to be as transparent in enabling our customers to do so. Here’s how the process works:

The process of checking delivery quality


Infographic about checking SMS delivery quality

Summary 

SMS delivery quality depends on the quality of the dataset, the routes used to deliver the messages, and the throughput/priority capabilities of those routes. This way, only the messages that can be delivered will get delivered. These messages will be delivered via connections where the technical problems have been ironed out, and the loss is minimal.

All this is done on time to ensure as few resends and time-outs as possible. Only the SMS service providers who use these systems can provide 98-99% delivery rates, ensuring a consistent flow of communication between companies and their clients.

Security and compliance

As with any service, it’s crucial for peace of mind that the functionality provided is secure against any ill-intended miscreants.

This is especially critical when taking communication providers into account. The data transferred is often confidential and/or personal in nature. So, no prying eyes should have access to it, not even the service providers.

There are three key aspects to the service providers’ security.

Physical security

This applies to on-site security such as secure doors, cameras, an alarm system and a strong protocol for data transfer outside of the service provider’s facility. Also, the security of the servers. The latter needs to be housed within a secure facility with the same provisions and with a certification in accordance with DIN ISO/IEC 27001.

In Europe, the most secure facilities are in Germany, as their Federal Data Protection Act (BDSG) as well as the German Teleservices Act (TMG) require a very high level of protection for all data centres and anyone handling data. Access by foreign authorities might also be an issue that one would need to avoid. So, staying out of any jurisdiction that has had a history of sharing confidential information is also key.

System security

It’s essential to use firewalls and logical access control to protect the servers from unauthorized system access. This allows only trusted operations personnel, who are required to use necessary security measures when accessing and handling the data, to manage the systems.

This would mean that access is granted on a strict needs basis only. The access can also only be done via a secure VPN connection as well as 2FA enabled on all admin accounts. As human error is the most common security problem, limiting access is key.

Strong configuration standards should also be used to strengthen the servers and keep them up-to-date with the latest security patches. This goes hand in hand with constant vigilance via a Security Information and Event Management system that enables breach detection as well as immediate action to be taken when any possible leaks are found.

Application security

Strong cryptography for communication over public networks is a must so that your passwords, API username/password, and contents of your communications may be protected. When possible, only secure connections should be used, and connections used that support end-to-end encryption favoured.

Rate limiting is another tool to put in place on API calls to prevent brute force attacks. Password complexity requirements should be enforced on API usernames, passwords, and interface passwords at least. The passwords should also be cryptographically hashed before storing in the database, as well as strong password requirements enforced beforehand.

Wherever reasonable, a 2FA system should be in place to ensure multi-layered protection.

2FA report

Whitepaper: How 2FA Lowers the Risk of Data Breaches?

CRAB MY COPY 

What can the sender do? 

While the SMS service provider manages most of the security aspects, there is still a fair amount the sender can do to ensure confidentiality and mitigate the amount of data processed.

The key component of any text message is the content. There are several ways to ensure safe storage on the provider’s side. Such as using hashing or not storing the text message content altogether.

In hashing, the text message will appear as a jumbled mess to anyone peeking from the service provider’s side. And the “no-store” parameter in Messente’s API, for example, hides the content entirely, making it near impossible for others to see the content.

There are several ways to ensure safe storage on the provider’s side. Such as using hashing or not storing the text message content altogether.

You can also keep the text message from being saved on the user’s handset automatically by using Flash SMS. It enables rapid communication and an extra bit of security to boot.  

Using these tools will add an additional layer of protection on top of the existing security and can provide a bit more peace of mind for the customers. 

Compliance, documentation, and data protection 

Not only does the security need to be up to the bar, but the compliance must also be in-line, too. The first and most easily accessible pieces of legal information that can be checked are the Privacy Policy as well as the Terms and Conditions. 

These two documents set out the rules that govern the service on a day-to-day basis and the rules and processes the service provider commits to following. Checking these can give a good overview of how they handle their operations. 

Also, what type of security provisions, legal provisions and technical provisions have they committed to? Look for anything about payment terms, the liability of parties, confidentiality of communication, etc. 

If these documents seem too vague or aren’t quite up to scratch, you can either choose to not work with the service provider or ask for a separate Service Agreement. This will specify the terms of working together. 

Additionally, sign a Non-Disclosure Agreement to describe the importance and level of confidentiality expected. To specify support times and contact methods, a Service Level Agreement is also a possible add-on to the Service Agreement. 

With the introduction of the General Data Protection Regulation, all data processing has become quite rigidly regulated for any company providing a service to European citizens and residents. Hence a vast majority of multinational companies are affected by it.

It sets clear limits to what, how, and for how long data can be processed. These aspects need to be covered in the Privacy Policy or in another document such as a Data Handling Policy.

Watch our webinar that delves more deeply into this topic


These documents need to demonstrate the following: 

  • The nature and content of the processed data as well as the subject of the data
  • The way the data is processed and what provisions are used to protect it
  • Retention times for the data need to be reasonable in length as compared to the data in question and the data subjects’ rights to minimal data retention. 

So, for example, meta-data that describes the message time and delivery statistics could be kept for a year to provide support and analytics. But more than that would need a rather well-based explanation. 

PSD2 Report

Report: What Changes Will the New Payment Services Directive Bring?

CRAB MY COPY

Summary

It’s important to take care of and analyze the security and compliance practices that a company employs daily. Since the regulations concerning data protection become ever more stringent, and the frequency of data theft and fraud become more prevalent, having a secure and transparent partner is key in ensuring that your customer's data is kept safe and confidential.

Tips and tricks

SMS has been around a while now, and the world around it has changed quite a bit. As it was a tool of its time, there are some shortcomings - content length and a defined character set. But it still has a fair few tricks up its sleeve to keep pace with its modern counterparts like WhatsApp and Facebook Messenger.  

And it’s still important to note that while WhatsApp has 1.5bn+ monthly users and Facebook Messenger has around the same amount, SMS still tops the pile with a total of 5.1bn people. That’s because SMS still comes as standard with all mobile devices and to receive messages, you don’t have to register or even have a data plan.  

Tips for use-cases 

First, let it be known that SMS can just be a gateway for information delivery. You can add any hyperlink to the message and use that as a call-to-action for customers to respond to. Since customers can’t really buy anything via SMS without migrating to another site or service for at least a moment, having it as a forwarding tool is absolutely fine.  

Make sure the content is good though. People can always blacklist you if the offers become too intrusive or tedious.  

As a marketing tool SMS excels at reach and open-rate (a whopping 98%). So, it makes sense to use it for a variety of promotions and client loyalty programs. Be it to deliver news about milestones in your training app and suggest additional features or just go down the good old “get this now because it’s 50% off” road, SMS is a functional marketing tool.  

For notifications, you can hardly go wrong with SMS. The same reach and timeliness aspects come into play as well as the fact that a data connection is not needed. Just regular cellular reception is fine. This way, there’s a chance to deliver emergency notifications to the backwaters of the world and ensure that everyone has access to crucial information.  

It can even do emojis to add a little bit more flair and make the newer generation a bit more excited about receiving a good old SMS. Visual appeal helps with any generation though. A more appealing message can soothe minds if the news is rather disappointing or add even more excitement when the news is good (e.g. getting that package you’ve been waiting for ages).  

SMS intrigues people 

Receiving an SMS is getting more and more like receiving an actual letter. We seem to get intrigued when we get one and are tempted to look as soon as one pops on our screen.  

By making the SMS more appealing, using its potential as a mediator or as a conveyor of integral information, and making use of the many shortcuts that we’ve described, SMS will be a valued tool for another 20 years. Or at least until it’s no longer a standard that the world of mobile devices adheres to.

Takeaways

SMS might be a quarter of a century old, but it is far from dead. Thanks to the growing number of mobile users, high open rate, and fast delivery, the technology is still popular amongst companies who need to communicate business-critical information to their customers every day.

To help businesses use this technology, modern service providers offer SMS API to make messaging operations scalable and easy to use.

Before you start sending SMS messages, make sure that you:

  • Verify your Sender ID
  • Use a suitable Sender ID for two-way messaging
  • Follow all the messaging regulations
  • Know what the quality of an SMS means
  • Know the cost and indirect costs of sending an SMS
  • Choose a suitable partner
  • Integrate an SMS API
  • Follow security and privacy regulations

And you’re good to go!

Hopefully, this guide will help you get started without too much of a hassle. You can always come back to it if you need to remind yourself of something. 

Also, you can download the PDF version for easy access. Feel free to contact us if you have questions that you can’t find answers to in this guide. We’ll gladly help you.