Operators

Setting Up Your SMS Firewall The Right Way

There is more to consider than just traffic or access

June 15 2016

There is more to consider than just traffic or access

Our previous SMS firewall post looked at evaluating SMS firewall options beyond purely technical requirements to include the additional services the SMS firewall vendor offers. This post delves into deploying an ecosystem-focused SMS firewall.

Optimal deployment takes planning and consultation

The key to any successful SMS firewall deployment is considering all various levels of protection and monetization opportunities before starting the project. It’s important to consider not only your current needs, but your needs months and years in the future as both messaging and A2P SMS monetization evolve. Working with a partner and using phased implementation leads to optimal setup and performance for the SMS firewall and better overall project outcomes.

SMS firewall focus/positioning

SMS technology includes different ways of delivering messages into a mobile network and the focus of an SMS firewall deployment — how the firewall is integrated into a network — depends on the mobile operator’s particular traffic and monetization needs. The deployment point depends on the operator’s primary incoming SMS traffic source. Each source has its own specific requirements:

  • Local/national signaling or SMS exchange (signaling or SMPP) Generally this traffic is more regulated and less likely to cause inconveniences for the operator, but some operators may still require a firewall here.
  • SMS hubs (signaling or SMPP) SMS hubs often implement their own SMS firewall functionality, but it’s advisable for hub-connected operators to set up an SMS firewall and operate their own controlling logic for traffic coming from SMS hubs. Positioned on the hub, operators get better monitoring and dependable protection.
  • Network provided A2P SMS access (IP based: SMPP, SIM cards) Placed here, the SMS firewall lets operators differentiate between traffic sent from an app on one smartphone to another (such as app invites) from unsolicited traffic, and bill accordingly.
  • International signaling exchange (SCCP) A logical choice for operators with large numbers of international connections and related incoming SMS traffic.

Services monitored

Just like the SMS firewall placement, the services the firewall monitors depend on the operator’s unique circumstances, threat analysis findings, and needs:

  • SMS in general A general overview of incoming SMS traffic gives operators insight into P2P SMS behavior, helping them detect interworking bypass over another operator through the firewall’s ability to determine improper routing.
  • A2P SMS The key traffic type to monitor for monetization. Monitoring incoming A2P SMS traffic can detect monetization opportunities. The point here is not to necessarily block the incoming traffic, rather to properly charge for traffic and add to the operator’s bottom line.
  • SMS fraud There are several possible types of fraud in international SMS traffic which manipulate signaling transactions to misrepresent the originator of the SMS message and incur financial loss to the receiving operator. Monitoring for SMS fraud protects both the operator and customers.
  • USSD and SMS are similar in how they transmit data, and in some cases USSD can be used to deliver information sent as SMS messages. This bypass, exploiting different but similar channels, can be detected if the SMS firewall has USSD detection capabilities.
  • SRI (Send Routing Info) This MAP operation accesses the HLR to acquire information about the user’s mobile number, and monitoring these queries serves to improve detection of A2P SMS traffic and protect subscriber information.
  • Signaling errors Signaling errors can indicate messages trying to bypass standard network protections, such as faking an originator network with an SMS firewall deployed. In these cases, the SMS firewall deployed with the receiving operator helps improve indication-based detection.

Blocking capabilities

An SMS firewall needs to be able to detect and block traffic based on different parameters, criteria, or triggers, to fully address different types of traffic and scenarios that might arise from unchecked inbound SMS traffic.

  1. Blocking based on multiple parameters (from source GT, over MSISDN, IMSI to text)
  2. Blocking based on multiple criteria (if GT = XXXX and text = “%%%%”)
  3. Dynamic blocking (if MSISDN =/= Calling GT)
  4. Blocking based on triggers (if volume > XXXXX and SMSC = YYYY)

Monetization focus

The role of an SMS firewall is more about monetizing traffic, rather than simply blocking it. A firewall with a monetization focus determines which type of traffic should “survive” and be allowed to pass into the network and be charged. A fully-featured SMS firewall should be able to help monetize:

  • Large scale international clients and aggregators These are the key sources of legitimate SMS traffic and provide a tremendous monetization opportunity through their large volumes and certified traffic.
  • Large local aggregators Like international aggregators, local aggregators also deal with large volumes of monetizable traffic that should be allowed into the network.
  • Individual large local enterprises Although on a smaller scale than international businesses, local businesses can be a significant driver of SMS traffic and monetization opportunities.
  • Resellers and smaller clients As a flexible communication channel, SMS is widely used by smaller clients who generate lower traffic volumes, but through their sheer number, constitute an important monetization opportunity.

Monetization timelines and strategies

SMS firewall implementation phases correspond with the types of traffic and monetization strategy a company wishes to employ. The first phase might be managing high volume traffic, but over the long-term focus on volume creation and more monetized traffic that adds to the bottom line of the company.

Short-term: aggregators and online enterprise traffic

This includes various types of SMS notifications, alerts or 2-factor authentication sent by OTT apps, online stores, social or gaming networks, and similar mobile and online services. The short-term goal is to understand traffic volumes and who the largest (monetizable) senders are. This phase serves as the basis for the larger monetization strategy.

Mid-term: evolving bypass and local operators sending off-net

Trying to bypass an operator’s firewall is a response to seeing an SMS firewall in place, an attempt to circumvent the firewall after its deployment by identifying and exploiting potential weaknesses. Monitoring for attempts to bypass the firewall protects the operator and reduces potential losses in revenue.

Long-term: market mobilization and new volume creation

The long-term goal of any mobile operator should be to engage with other stakeholders in the A2P SMS industry to build a sustainable and profitable ecosystem. The revenue potential of A2P SMS is still far from exploited, and all operators will benefit from building an efficient and accessible channel for immediate communication.

Ecosystem focus

The increasingly complex messaging ecosystem translates into an increasingly complex monetization ecosystem as well. We recommend the following phased approach for tapping into key A2P monetization points:

  • International side monetization International side monetization offers the most monetization options for operators with large user bases who generate significant amounts of A2P SMS traffic.
  • Local regulation and pricing Keeping in line with local termination rates not only means traffic complies with relevant regulation, it also ensures a healthy A2P SMS traffic, the desired end result of any SMS firewall deployment.
  • Ecosystem alignment To properly monetize A2P SMS, internal stakeholders — VAS and international traffic departments especially — need to work together towards a common goal of driving SMS traffic monetization for the operator.

SMS firewalls are about more than traffic management

While SMS firewalls are essential to protect a mobile operator and its customers, traffic management and monitoring are just part of the solution. When an operator understands its traffic patterns, it can monetize A2P and other commercial traffic.

A properly implemented, fully-featured SMS firewall like sGate from Infobip is the first step to understanding, controlling, and monetizing traffic on operator networks.

 

Blog post by Amir Babovic, Director Operator Strategy and Partnerships

Contact Amir