The telecom industry is evolving with new innovations, tapping into a world of endless opportunities by connecting customer needs with open-network APIs. New technologies like 5G and the Internet of Things (IoT) are transforming the industry, making everything more connected and putting a lot of pressure on networks.

However, capitalizing on these advancements can be a challenge for telcos. With all the different fragmented APIs and inconsistent standards, developers struggle to build innovative apps that leverage the full potential of their networks.

Enter CAMARA, a game-changing project that’s building a set of standard APIs for open network integrations. These integrations will unlock a whole world of opportunities for both telcos and developers and create new revenue streams and monetization opportunities.

Read on to learn more about the CAMARA project and its impact on telco innovation. We will explore some of its potential use cases and how it paves the way for exciting new revenue streams.

As the engine for Open Gateway API development, CAMARA is an open-source project initiated by the Linux Foundation and GSMA to define, develop, and test Application Programming Interfaces (API) standards. The inspiration behind the name CAMARA comes from the Greek word for “arched roof,” symbolizing the collaboration and unity of diverse entities under a single vision.

According to the GSMA, the Open Gateway initiative is a framework of common network APIs designed to provide universal access to operator networks for developers. Those APIs are defined, developed and published in CAMARA.

This  helps developers and cloud providers enhance and deploy services faster on operator networks by accessing the world’s largest connectivity platform through one single point.

To date, over 47 mobile operator groups worldwide, representing over 239 mobile networks and 65% of global connections have signed up for the Open Gateway initiative.

The CAMARA project aims to bridge the gap between customers and Telecom network capabilities across various networks and countries. Working closely with the GSMA Operator Platform Group, the project ensures that API requirements are aligned and optimized for maximum efficiency.

But how do these open APIs work? Let’s find out.

Telco network capabilities have drastically improved with 5G, allowing us to gather data from the network and customize it based on our needs. These new 5G capabilities will be exposed through data service APIs which are more readily available across global telecom networks and countries, making it seamless and easy to access within a controlled and federated market. 

This process is achieved via common, northbound service APIs – supported by the CAMARA Project. CAMARA-compliant APIs provide secure, consistent and on-demand access to these capabilities, turning operator networks into powerful platforms for services.

This open API evolution opens up numerous possibilities for application-to-network integrations, which is essential for delivering enhanced customer experiences in the 5G era.

Through 5G, the CAMARA network APIs coupled with CPaaS, are creating a more integrated and powerful digital user experience. This integrated digital experience could lead to a promising future full of:

By exploring the capabilities of the 5G network further, we see the immense potential of these APIs and the exciting new opportunities they bring to the telecom industry. But how can telcos benefit from this, let’s take a look.

Telcos can benefit from open network APIs in many different ways. Not only do they serve as a puzzle piece connecting applications to one another, but they are critical to enterprises seamlessly tapping into 5G’s powerful capabilities for hundreds of potential use cases.

Here are the top benefits of opening your network APIs:

Traditionally, telcos have focused on delivering network reliability. However, customers today, both consumers and businesses, are expecting more than just connectivity.

In an interview with Deutsche Telekom (DT) at our annual Shift Conference, Petja Heimbach, Director of Architecture & Innovation Director at DT emphasized on the needs of the industry to transition from simply providing network services to offering adjacent solutions that enhance the value of connectivity.

This shift is particularly important in the enterprise space, where businesses require seamless integrations and security solutions that go beyond basic connectivity. By leveraging network APIs, telcos can unlock new revenue streams and stay relevant in the evolving digital landscape.

Watch the full interview below to learn more about our discussion and understand the significance of Network APIs.

One of the biggest challenges telcos face is bridging the gap between traditional telecommunications infrastructure and modern software development. As Heimbach points out, telcos excel in building and managing networks but are not necessarily experts in software engineering. This is why partnerships with technology companies and developer communities are essential.

This highlights why telcos need to engage directly with developers. Unlike traditional B2B or B2C customers who primarily purchase connectivity, developers require APIs that enable them to build innovative applications. By offering standardized APIs through platforms like CAMARA, telcos can provide developers with easy access to network capabilities, reducing the need for workarounds and fragmented solutions.

A major pain point in the industry has been the fragmentation of APIs across multiple telcos. If a developer wants to integrate a telco feature, they often need to connect separately to multiple providers.

Infobip addresses this issue by aggregating these APIs into a single, developer-friendly interface. This not only simplifies development but also accelerates innovation in areas such as authentication, security, and connectivity management.

To date, telcos have invested nearly $1 trillion for network upgrades, and yet they’re still struggling to monetize 5G. However, there is a growing interest in the potential of network APIs to make a difference. These APIs act as the connections that link applications to each other and to telecom networks.

Network APIs offer telcos a promising opportunity to see significant returns on their massive investments in 5G technology. In fact, it is estimated that the network API market could unlock approximately $100 billion to $300 billion in connectivity- and edge-computing and  $10 billion to $30 billion in revenue solely from APIs.

CAMARA empowers you to expose valuable network capabilities to developers, creating a thriving ecosystem of innovative applications and services. How? Using common APIs to access advanced 5G capabilities will enable you to leverage new ways to monetize 5G and quickly deliver new services on a global scale with speed.

By doing so, developers and enterprises will have the opportunity to create innovative applications and functionalities for any connected device using advanced network capabilities such as:

These capabilities are core network components that have not yet been exposed to the global developer community in a unified and easily consumable way. In turn, integrating those network features into new applications will accelerate enterprise digitalization and create new ways for operators to monetize their network investments.

As many telcos look to provide new services, Open Gateway and standardization have become crucial for monetizing subscriber data and solving key pain points and challenges for enterprise customers.

Let’s explore some of the potential 5G use cases for businesses across industries.

Network APIs are critical to enterprises tapping into 5G’s powerful capabilities for hundreds of potential use cases, such as credit card fraud prevention, glitch-free videoconferencing, metaverse interactions, and entertainment.

Other potential use cases include:

Enable real-time video streaming for applications such as live video broadcasting, video conferencing, security monitoring, and more.

Provide location data and services to enable applications such as geotagging, location tracking, route optimization, and location-based advertising.

Network APIs can be integrated with Internet of Things (IoT) devices and sensors to collect data, monitor processes, and automate tasks in various industries such as smart cities, healthcare, agriculture, and more.

Support VR and AR applications by providing real-time data transmission, low latency communication, and high-quality video streaming for immersive experiences.

Integrate location APIs into existing processes to optimize security, prevent fraud, and protect sensitive customer data.

Enable telemedicine, remote patient monitoring, medical device integration, and healthcare data analytics to enhance patient care, optimize healthcare delivery, and improve outcomes.

Enable personalized shopping experiences, inventory management, location-based advertising, customer engagement, and data analytics for retailers and marketers to drive sales and customer loyalty.

Infobip has partnered with three mobile network operators (MNOs) to launch the first CAMARA-compliant Network APIs in Brazil under the GSMA Open Gateway initiative. The collaboration is part of Infobip’s CPaaS enablement solution for telcos, which allows them to easily launch and monetize their emerging services, such as their core network capabilities, exposed through CAMARA APIs.

Through our partnership, Claro Brazil, TIM Brazil, and Vivo (Telefonica Brazil) launched three CAMARA-compliant APIs focused on digital security and anti-fraud: Number Verification, SIM Swap, and Device Location.

This partnership enables Claro, TIM and Vivo to integrate CAMARA-compliant APIs with developers through Infobip’s cloud communications platform, one single point of access.

At MWC this year, we met with Ageu Dantas, Head of Data Analytics and Messaging at Claro Brazil to discuss the impact of open network APIs and how CAMARA will transform the telco industry. Watch the video below for more insight.

As an Open Gateway channel partner, Infobip has played a pivotal role in launching CAMARA APIs for the 3 MNOs in Brazil through:

By partnering with us, you can tap into the GSMA Open Gateway initiative and unlock the full potential of CAMARA APIs.

This will enable you to:

With Infobip, you will have access to a global partner network with a history of strategic telco collaborations, strong developer relationships, and extensive CPaaS knowledge and expertise.

In today’s interconnected world, businesses face increasing pressure to innovate and adapt. The fast-paced business landscape is characterized by a constant push toward digitalization, with companies across various industries seeking to leverage technology to streamline operations, cut costs, and deliver top-notch service.

As the digital revolution sweeps across industries, the demand for robust, flexible, and innovative solutions continues to rise. Leading this transformation is e& enterprise, the digital transformation unit of global technology powerhouse e& Group previously known as Etisalat Group.

The digital transformation unit enables enterprises and governments to become smarter, more agile, and highly efficient through advanced technologies like conversational messaging, cybersecurity, the Internet of Things, artificial intelligence (AI), and more.

We sat down with Miguel Angel Villalonga, Chief Operations Officer (COO)  at e& enterprise, to discuss how e& enterprise is embracing emerging technologies, the value of partnering with a digital transformation partner to accelerate enterprise digitalization and the impact of Open Gateway on the tech industry.

Watch the full interview or read on to learn more about our discussion.

e& enterprise is a digital solutions company experiencing rapid growth and expansion in the GCC region. It offers a wide range of services and has acquired key players in the digitalization field.

e& enterprise helps businesses maximize and realize their digital potential. They design, deliver, implement, and operate smart and secure end-to-end digital solutions, blending the strength of a telco and the agility of a managed service provider.

To date, e& enterprise boasts over 1,800 digital experts, serves more than 4,700 clients, and offers capabilities and services in digital infrastructure including:

Villalonga pointed out that the significance of a cloud solution extends beyond offering the necessary capacity and services to diverse industries. Through its AI digitalization journey, e& enterprise is set to deliver data-driven services to a wide array of industries.

One key focus area to enable this transition was reallocating valuable resources efficiently. As technology advances, the way customers interact with businesses is changing too. With the help of Artificial Intelligence (AI) and chatbots, e& enterprise customers can now access self-service options more easily, reducing the need for traditional call centers and customer service representatives.

On the back end, virtual networks and cloud-based services help free up specific technical resources, allowing them to focus on innovative projects that could drive future revenue growth.

Businesses, including large enterprises and small and medium-sized businesses (SMBs), looking to enhance customer experience and digitalize customer communication rely on innovative cloud communication technologies to facilitate this. While many businesses prioritize digital platforms, communication tools serve as an extension that simplifies building conversational experiences with customers.

e& enterprise partnered with Infobip, a leading cloud communication provider, to accelerate the digital transformation of its enterprise customers. Combining the power of Infobip’s global communications platform with e& enterprise’s most connected mobile networks, businesses can set up interactive, personalized conversational messaging experiences at scale.

Advanced CPaaS solutions open an entirely new market, helping small and medium enterprise clients better engage with customers through increased deliverability on the most popular channels.

Villalonga discussed how today’s end users look for quality and simplicity. They want a unified, standardized way to interact with their brands, telcos, banks, or other service providers.

Our customer engagement solution, chatbot building platform, and customer data platform also enable businesses of all sizes to automate, personalize, and orchestrate communication according to their customer’s behavior and preferences.

These channels and cloud solutions, coupled with e&’s network, make improving engagement, payments, shopping, and any other interaction across the customer journey simple and attainable for small, medium, and large enterprises.

Villalonga also stressed the importance of collaboration and interoperability. e& enterprise has strengthened cross-sector collaboration and promoted cross-regional collaboration with other operators to better understand customers’ requirements. This enabled them to manage capital expenditures more efficiently while maximizing opportunities for revenue growth.

Being a member of GSMA Open Gateway has opened more collaboration opportunities for e&. It enables direct interaction between applications and the network through APIs, enhancing communication performance. Not to mention, Open Gateway is giving developers around the world an opportunity to use the Telco infrastructure.

Open Gateway also provides an opportunity for cloud communications service providers like Infobip to partner with telcos and offer communications platform-as-a-service (CPaaS) as a solution to build customer-centric experiences and boost engagement. How?

Open Gateway offers a standardized platform for cloud communication providers and telecoms to seamlessly integrate their services and offerings. By opening up their gateways, Infobip can enable easier communication and collaboration between their systems, allowing for more efficient and effective sharing of resources, data, and services.

In 2022, the FTC reported that US consumers lost $330 million to fraudulent texts. Not just individuals are affected; a staggering 74% of organizations worldwide reported experiencing smishing. In 2023, the Bank of Valletta (BOV) was even held responsible for a smishing scam that led to its clients losing money.

This shows that smishing is one of the biggest threats to the mobile industry today. It’s essential to understand what smishing is and how it works, but it’s equally important to know how to prevent it.

If you’re already familiar with smishing, you can skip right to the prevention chapter here.

Smishing has become increasingly popular among cybercriminals primarily because of two reasons:

Effective smishing attacks rely on a recipient taking an action, such as clicking on a link in an SMS message that takes them to a fake landing page or submitting private information by return SMS.

Popular scam tactics include impersonating trusted brands or using multi-stage social engineering tactics that exploit harvested data or information, which could be anything from a name and address to an account number.

Scammers are also very good at adapting, unscrupulously using current events like the war in Ukraine or a crypto crash to legitimize their scams.

There are broadly three types of smishing attacks, ranging from borderline-legal guerrilla marketing tactics to sophisticated multi-stage criminal attacks that can have a significant financial impact on victims.

The one thing all smishing attacks have in common is a strong prompt for the recipient to act quickly. Usually, they offer something attractive or alert the recipient to something bad that could cost much or cause embarrassment if not done soon. The sense of urgency encourages victims to act immediately without giving it much thought.

Starting on the less sophisticated (and less plausible) end of the spectrum, we have all received messages that promise an unexpected boost to our bank balances. These range from lottery wins to inheritances from unknown relatives or even Nigerian royalty. The carrot of a big pay day is often enough to make people drop their guard and click on a link or provide personal information.

This approach has grown in prominence over the past two years as more people shop online and retailers rush to roll out new SMS notification use cases. Fraudsters have quickly exploited this opportunity and created very realistic messages from retailers and delivery companies that flag ‘an issue with your delivery.’ They may ask the recipient to pay additional delivery charges or enter their login credentials to get more information about the problem.

Ironically, one of the most successful smishing tactics is for fraudsters to mimic a message from a bank flagging unusual activity on the customer’s account. These messages are easy to copy as they follow a consistent format and as there are a limited number of retail banks, there is a high probability that recipients will recognize their own bank as the sender.

The message will likely encourage the person to change their password to prevent any further fraudulent activity. Clicking on a link in the message takes the user to a fake login page where they are asked for their login credentials to change their password.

With these details, criminals have a window of opportunity to log in and transfer money from the account before the victim notices. Many banks are becoming wise to this tactic and incorporating 2FA checks when an account is accessed from a new device, or the requested amount goes above a certain threshold.

This approach uses some very basic social engineering tactics to improve the effectiveness of the smishing attack exponentially. If a message includes the name and details of a person we know and trust, then we are far more likely to believe that it is legitimate.

All the scammers have to do is scrape victims’ social media accounts to find out who their close friends or business acquaintances are. They then use this information, perhaps by offering them a job, an unmissable business opportunity, or an invitation to an event that would be right up their street.

People seem to lose their sense of perspective when faced with the possibility that there is an unflattering picture of them on the internet. A very successful tactic has been SMS messages that claim to be from a social-media Samaritan alerting the person about something they wouldn’t like: “You won’t believe the photo that John tagged you in on Facebook! Check this out….”

When a prominent event in the news occurs, such as elections, a natural disaster, a war, or a refugee crisis, scammers exploit it to persuade people to donate money or provide personal information that can then be used fraudulently.

Smishing prevention starts with mobile operators (MNOs), who can deploy various anti-fraud solutions to protect their networks against various types of SMS fraud. They play a crucial role in safeguarding the security of mobile users.

In Poland, for instance, there is a law called The Act on Combating Abuses in Electronic Communication (CAECA), which came into effect in 2023. It requires mobile operators to:

Not complying with these obligations could result in a fine of up to 3% of their revenue generated in the previous calendar year.

In the UK, leading telecom providers and the government are working together to combat fraud under the Telecommunications Fraud Sector Charter, through coordinated actions and solutions adhering to legal and data protection obligations. The actions defined by the charter include implementing additional techniques to block smishing:

NAB, an Australian bank, has also taken an active approach to combating fraud. It is placing the bank’s phone numbers on the ‘Do Not Originate’ list to help reduce scam calls impersonating the bank. They have also added additional protections to reduce scam messages appearing in legitimate bank text message threads, making it difficult for scammers to replicate NAB’s phone number.

Implementation of SMS firewalls is a crucial step in defense against smishing and other types of fraud. At Infobip, we already work with over 120 MNOs around the globe, helping them protect over 1.1 billion mobile users with an advanced SMS firewall that offers several key features:

In addition to an SMS firewall, we employ a straightforward plug-and-play solution called Signals. This tool is particularly effective for OTP traffic, employing a combination of strategies to identify and halt fraud. Signals monitors for unusual patterns and behaviors, uses data analysis to evaluate risks, and leverages machine learning to block fraudulent traffic in real time.

Here are some recommendations from the Federal Communications Commission (FCC) on how to protect yourself against smishing attempts:

The rise in smishing attacks will erode confidence in SMS, causing individual users and brands to move away from this channel. This will reduce revenue opportunities for players within the messaging ecosystem, all of which have a part to play:

Mobile operators bear a significant responsibility as they are the first line of defense against fraud. By protecting their networks, they can prevent these fraudulent messages from reaching users in the first place.

To do so, they need to collaborate with vendors capable of providing advanced anti-fraud solutions. With this, they not only safeguard their customers but also ensure the sustainability of their business revenue from A2P SMS in the long run.

This blog was originally published on August 31^st 2022, and last updated on April 15^th 2024. Updates include adding various examples of smishing attacks, and a new chapter on smishing prevention.

Put simply, SMS fraud is when bad actors misuse SMS to trick others for their own benefit, which could be financial or otherwise. By taking advantage of weaknesses in SMS systems and human mistakes, they might steal data from the recipients or trick them into signing up for paid services.

Also, fraudsters can send fake SMS traffic and profit from charging the sending costs to businesses or charge advertisers for fake traffic.

SMS fraud is so widespread because of the vital role SMS (still) plays in digital communication. It’s accessible on all phone types worldwide, gets delivered instantly, and opened almost immediately. Unfortunately, scammers know this, so they continuously develop new methods to trick mobile users and businesses via SMS. Staying vigilant and informed is crucial to protect ourselves from these scams.

If you are already familiar with the impact of SMS fraud and its types, you can skip to the chapter about SMS fraud detection and prevention by clicking here.

In January 2023, the US Federal Trade Commission reported that in 2022, US consumers lost $330 million to fraudulent text messages. This represents a whopping 151% increase compared to 2021, which was $131 million. Sending fake bank security messages was the most common type of fraud, which reportedly increased almost 20x since 2019.

A particular spike happened in the first six months of 2021 when studies in the UK showed that SMS smishing attacks increased by a massive 700%. This can be partly attributed to the increase in home deliveries and associated SMS notifications during Covid lockdowns, but the trend is definitely on a steep upward curve.

Consumers are not the only ones affected – 74% of organizations worldwide have experienced smishing in 2022. According to the Global Fraud Loss Survey 2023 by CFCA, the telecommunications industry lost $38.95 billion in revenue globally in 2022, which makes 2.5% of global revenue lost to fraud, up from 2.2% in 2021. In 2023, the Bank of Valletta (BOV) was even held party responsible when its clients lost money due to an SMS scam.

In addition to the direct monetary losses, other impacts are less obvious but still detrimental:

There are many ways criminals use SMS for scams. In 2021, the Mobile Ecosystem Forum identified 14 types of SMS fraud, dividing them into four categories: identity theft, data theft, network manipulation, and commercial exploitation.

Let’s explore the most common types of SMS fraud in more detail.

Smishing is a type of fraud where criminals contact potential victims by SMS to trick them into providing personal or bank account information or clicking on links that download malware onto their phones. It is the SMS equivalent of email phishing.

Sophisticated smishing attacks will use social engineering tactics to gather information about potential victims, including where they live, who they interact with online, and which banks and credit card companies they are customers of.

This information can then be used in the creation of very realistic spoof SMS messages that deceive the victim into believing that they are from a legitimate business or person.

SMS spoofing is a way of changing the sender information on a text so that the recipient sees whatever alphanumeric text is defined, rather than a mobile number.

SMS spoofing is not inherently illegal. There are many valid applications for it and there are even free SMS spoofing services on the internet (we won’t link to them, just in case).

Here are a few valid examples:

The problem is that fraudsters often use SMS spoofing to mimic messages from legitimate businesses as part of smishing attacks. They could pretend to be from a bank, a delivery company, a trusted institution like the tax office, or even the recipient’s own employer in the case of targeted ‘spear’ attacks.

Not realizing that the message is fake, recipients may drop their guard and click on links, which could download malware to their phones or take them to fake landing pages designed to extract private information from them.

Another sly tactic that criminals use is to use SMS spoofing to fake payment confirmations for the purchase of expensive items from individuals or businesses. They offer to pay for an item by bank transfer, but instead of actually making the payment, they fake a confirmation text message to the seller from their bank with the correct reference and exact amount of the sale for authenticity.

This fraud is particularly prevalent on buy-and-sell pages that don’t have stringent identity checks. A good tip, if you are selling a valuable item like a car or appliance, is to always log into your online banking to check that the funds are actually there before letting the buyer take it.

You can read more about spoofing here.

SIM swapping fraud is when fraudsters abuse the process of swapping SIM cards to steal data, money and in many cases the mobile user’s identity. It is a significant threat for businesses that have been slow to implement SIM swap detection solutions.

There are of course valid reasons to swap a SIM card – for example when a subscriber switches network provider and wants to move their mobile number from one SIM card to another. This process is common enough that fraudsters can exploit it to take over a person’s mobile number by simply contacting the provider and employing some simple social engineering tactics to impersonate them.

Once the account has been taken over, the criminal will have access to all the person’s personal details and their message inbox to receive the 2FA notifications required to change banking and credit card passwords.

SIM swap detection services use a number of inputs to flag both attempted and successful takeover attempts, for example by checking the IMSI register for any changes to the SIM activation date. Mobile operators that implement these solutions are able to protect their subscribers from account takeover fraud and the stress of identity theft.

SMS pumping, also known as artificially inflated traffic (AIT) or toll-free fraud, is a type of SMS fraud can significantly harm a business’ SMS budget. Essentially, fraudsters will artificially inflate SMS traffic by sending fake SMS OTP messages, and charge the business for it.  

This kind of fraud even affects some of the world’s biggest businesses. Elon Musk claimed that SMS pumping costs Twitter $60 million a year. That’s a shocking amount of money that proves no one is truly safe from this kind of SMS fraud.

SMS pumping is tricky to catch, especially for businesses that send large amounts of SMS messages every month. There are a few techniques fraudsters use to get away with this. 

For example:  

Most businesses will notice something is wrong when they go over their monthly SMS budget in a very short amount of time. Another way is by noticing a very low conversion rate on OTP messages, meaning the customers you sent OTPs to never used them. By then, it’s too late to stop the fraudster but not too late to prevent SMS pumping from happening again.  

Identified as a new major type of SMS fraud in 2021, SMS trashing happens when a portion of SMS messages are not even sent to a mobile subscriber number (MSISDN), but are nonetheless charged to a business.

The only ones benefiting from message trashing are rogue (or fraudulent) SMS aggregators, as they charge the sending of undelivered messages at full price to a business, without calculating the percentage that should be paid out to a mobile operator (since the messages are „trashed“ on the aggregator’s platform, and not actually delivered to a mobile number).

SMS grey routes represent a type of fraud committed by rogue mobile operators (MNOs) where A2P SMS messages, which should be charged at a premium rate, are passed off as P2P traffic for all or parts of their journey to benefit from reduced rates. This results in other mobile operators, who facilitate the delivery of the messages through their network infrastructure, not being compensated for the services they provide.

There are three types of grey route fraud:

While grey route traffic does not impact mobile users directly as fraud, it upsets the balance of the mobile ecosystem. The measures required to prevent it lead to overall higher prices and a more disjointed customer experience.

There are several valid and useful reasons to receive unsolicited SMS messages – text alerts warning of a potential fraud or an extreme weather event are definitely beneficial. Spam will do neither, and it breaks SMS compliance laws in almost every country globally. Unfortunately, this doesn’t stop unprincipled businesses from buying up lists of mobile numbers and bombarding them with irrelevant offers and promotions.

SMS spam is a problem that is only growing. With the introduction of both legislation and technology to combat robocalling, spammers are turning to SMS to mass-distribute their messages. This type of fraud has been a severe threat to the mobile industry for at least five years.

As a mobile user, you can do very little to stop SMS spam completely. Spam text blocking and reporting may be satisfying, but they are largely ineffective. Spammers have a vast pool of numbers to choose from, and the number you report would probably have already been discarded.

Usually, the emphasis is on reducing the impact of spam texts to your phone. For example, if your phone supports it, you could switch off notifications from ‘unknown’ numbers or have these filtered into a separate inbox.

However, in doing this, you risk missing an important text alert from your bank about a possible fraud, or even an extreme weather warning from a local government agency.

So, the responsibility ultimately falls to mobile operators to cut off spam texts and other fraud attempts before they even make it to their subscribers.

But how can they do this without blocking genuine traffic? This is the million-dollar question that the industry is currently trying to find an answer to. We’ll explore possible solutions for detecting and preventing SMS fraud below.

There are two main strategies for detecting and preventing SMS fraud. The first is on a micro-level, where businesses, A2P SMS providers, and mobile operators can implement better security solutions to protect the quality of their connections.

The second one is a broader, collective effort that includes local regulators and government organizations, who can introduce stricter regulations or set the benchmark for everyone on the market. Let’s explain each of these strategies in more detail.

A key part in the defense against SMS fraud is implementing SMS firewalls, such as the one we use at Infobip. It features include:

In a whitepaper, we described how our SMS firewall was the first to detect a previously unknown type of fraud that was spreading globally. It identified an unusual SMS message content pattern that did not appear to be either A2P traffic or legitimate P2P messaging. It wasn’t spam either as the messages were traced back to legitimate senders.

Investigations showed that the traffic was being routed via a particular third-party app that was able to bypass international message charges. Mobile operators were briefed so that action could be taken to protect both their business and subscribers from this new fraud threat.

Our SMS firewall was updated to detect and block these messages automatically, and the information about affected subscribers was passed to each mobile operator so that they could help them to deal with the problem. The solution was shown to be extremely accurate with less than 0.1% false-positive cases.

Besides an SMS firewall, we also use a simple plug-and-play solution called Signals that uses a mix of methods to spot and stop fraud, particularly for OTP traffic. It checks for unusual patterns and behaviors, uses data analysis to assess risks, and employs machine learning to block fake traffic as it happens.

You can check out an overview of Signals in this video:

One notable example of a collective effort to stop SMS fraud is the initiative by the UK’s mobile industry, banking and finance sector, and the UK government’s National Cyber Security Centre (NCSC). They joined forces to prevent criminals from sending scam text messages exploiting the Covid-19 crisis.

As part of the initiative, they have developed a ‘white list’ that allows organizations to register and protect the sender IDs used when sending out legitimate text messages. This limits the ability of criminals to send messages using the same sender ID as a particular brand or government department already registered. Also, the NCSC published guidance for businesses on „scam-proofing“ their SMS messages and phone calls.

When it comes to regulations, there is the example of new legislation in Poland called The Act on Combating Abuses in Electronic Communication (CAECA), enacted in 2023. It requires mobile operators to:

In the case of NAB, an Australian bank that joined forces with telco providers to combat text scams, the need for legislative action is directly mentioned by Chris Sheehan, NAB Executive for Group Investigations and Fraud: “One observation I would make is while we have had great co-operation from the telcos and they have moved as quickly as they can, there is no central, overarching legislative requirement,” he said. “We are very much reliant on them acting voluntarily across the entire industry.”

The problem is also, however, that not all mobile operators have the solutions needed to stop fraud, which is why they need to work with partners who can help them.

Let’s summarize the main takeaways:

To sum up, tackling SMS fraud is crucial for the future of the A2P SMS industry. Both individual and collective efforts are necessary to keep the ecosystem secure and beneficial to businesses, mobile operators, aggregators, and ultimately, mobile users.

This blog was originally published on Sep 15th, 2023, and last updated on Apr 5th, 2024. Updates include a definition of SMS fraud, the statistics on its impact, a chapter on SMS trashing as a new type of fraud categorized by MEF, and strategies for SMS fraud detection and prevention.

Think of it as a game plan to get the most out of your relationships with customers, from day one to—forever, really. It’s all about figuring out what customers want, giving them superior products or services, and making sure they stick around.

At the end of the day, CVM is all about making customers happy and loyal, and getting good returns for the business.

CVM is a strategic approach brands use to maximize the value they provide customers throughout their lifecycle. It includes different tools and tactics focused on understanding, measuring, and improving the value customers get from products or services.

Essentially, CVM aims to ensure that customers consistently perceive (and receive!) value from their interactions with a business. This boosts customer loyalty and increases customer lifetime value. It’s not just about meeting their immediate needs, but also tuning into their changing preferences and expectations.

Here are the key aspects and principles of customer value management we’ll cover in more detail throughout this blog:

In a nutshell, organizations can build strong, lasting relationships with their customer base by delivering value at every touchpoint across the customer journey.

Customer value management is often referred to by alternative expressions or related terms, which can be used interchangeably or adapted to fit specific contexts or business goals. The choice of terminology often depends on the organization’s focus and the way it communicates with its stakeholders.

That’s why customer value management is sometimes called customer value improvement or optimization, while some businesses choose to put greater focus on the loyalty aspect (i.e. customer loyalty management).

In today’s fast-paced business world, offering top-notch customer service is a must to build and maintain your competitive advantage. This is particularly true for telecom operators, where customer expectations have hit an all-time high. 

Still, more than half of customer turnover can be traced back to less-than-stellar customer service. This highlights how quickly people explore other options if their needs aren’t met. In fact, 73% of them are ready to switch operators after just one not-so-great customer experience.

Here are the most frequent types of friction we’re talking about:

People will stay loyal if they feel they’re genuinely valued, and in the telecom industry, this translates to top-notch service quality, personalized experiences, convenience, and overall satisfaction. Easier said than done.

Taking a more well-rounded approach to crafting customer experience can work wonders. Think of it as a toolkit that helps you truly connect with your customers, understand their needs, create personalized journeys, and design unforgettable experiences that foster long-term loyalty.

This is the road to implement customer value management throughout the entire customer journey. Scroll down to explore how a telecommunications company can enhance customer satisfaction, boost loyalty, and maximize customer lifetime value through systematic value management.

Customer value management can be broken down into three key stages: acquisition, development, and retention.

It’s worth noting that co-creating value is an evolving landscape, and businesses are recognizing the merit of partnering with their customers to craft their offerings. By co-creating with customers from the outset and genuinely listening to their feedback, you gain unique insights into their motivations and values, paving the way to effectively address their needs.

A structured, step-by-step approach to customer value management allows you to form a comprehensive customer value management framework, which in turn serves as a basis for your CVM strategy.

A framework helps businesses understand, deliver, and measure the value perceived by customers, which can increase retention, loyalty, and profitability. While specific steps and components may vary by industry or source, the CVM framework typically includes the following core elements mapped out across the key stages outlined above:

The goal of the CVM framework is not just to acquire customers but to build long-term relationships, ensuring customers see value in what you offer, which ultimately drives growth and helps you reach your business goals.

Building upon the customer value management framework, crafting a CVM strategy becomes a straightforward process. Let’s see how it helps optimize customer interactions, enhance satisfaction, and maximize revenue in the telecom industry.

When it comes to segmentation, customers are grouped based on usage patterns, preferences, and behaviors, which is a starting point for the value proposition development, i.e. crafting attractive enough tariffs, bundles, and service offerings for specific customer segments. Furthermore, the pricing models ideally reflect the value customers get from your services, taking into account factors like data speed, coverage, and customer support.

Once you know who you’re talking to, what you’re offering, and how you’re communicating, you can map out the journey, detailing every touchpoint, from purchasing a plan to customer service interactions, cross-selling, upselling, etc.

Thanks to data-driven insights, you can personalize the services, offers, and your interaction with customers, regardless of the stage of the journey they’re in. If you provide a friction-free conversational experience across all touchpoints (in-store, online, or the mobile app) and on channels your customers already use and trust, you are more likely to keep them engaged and loyal.

But, the strategy doesn’t end once a product or service is in the target market. The key is to measure continuously, in some form or another, gauging the value being provided. By assessing the impact of CVM initiatives on customer satisfaction, revenue, and market share, you can predict churn and deploy retention strategies (like loyalty programs and special offers), or adjust your overall strategy to keep up with the evolving trends.

Having the right tech at your disposal makes the whole CVM process easier. It’s even more convenient when all these tools are housed on a single platform. This ensures seamless integration of omnichannel capabilities, authentication tools, chatbot building platform, customer engagement, and contact center solutions—all anchored by an integrated customer data platform, AI-powered and easy-to-use over an intuitive web interface.

 Here’s how these solutions power your telco CVM:

When it comes to segmentation, a customer data platform not only gives you a 360° view of your customers and their journeys with everything unified in a single place, but you leverage that same data to get actionable insights and build comprehensive customer profiles, where you have their needs clearly outlined.

With such a customer-centric approach, you are equipped to craft the most attractive value proposition structure, which won’t go unnoticed. You’ll be able to optimize and retain your current customer base (rather than acquire new users), building a successful ecosystem across your adjacent products, and creating a so-called “flywheel effect”—with self-reinforcing cycles. That way, you boost engagement, attract more partners, and grow new revenue streams.

Future-forward telcos who adopt new technologies are in a better position to achieve market differentiation. They can capitalize on data from customer interactions, offering big data services, insights, and consultancy to corporate clients. This data assists various sectors, from aiding retail in analyzing customer interactions to assisting government traffic control.

Many telcos are expanding their portfolios with digital services to boost revenue, such as creating payment platform ecosystems for third-party apps and establishing eCommerce platforms in collaboration with retailers. As the connectivity market wanes, telcos diversify their core offerings to enhance profitability and solidify their market position.

Business-to-customer interactions today are more about the experiences than they are about product service superiority. That’s a given (or at least it should be). All your communication needs to be hyper-personalized, behavior-driven, and conversational.

To achieve that, you need a holistic conversational experience solution to help you orchestrate these personalized journeys, analyze behavioral data, and automate omnichannel support.

Omnichannel has been around for a while. If you’re looking to be where your customers are, you’re better off being channel-agnostic. And rather than offering a specific set of channels, offer all the channels, because, at the end of the day, customers dictate where and when you’ll interact. In fact, 70% of them want quick assistance on the channel of their choice.

Call centers are still an important aspect of the telco customer support ecosystem, but co-exist with digital channels people use to interact with friends and family.

Our cloud contact center solution allows you to seamlessly connect digital channels and provide the same level of service no matter how customers get in touch. That’s the basis of the excellent customer experience people expect.

For customers, the ideal experience is all about getting the right message at the right time, and on their favorite channel. To make that happen, telcos should evolve from traditional customer journeys to more digital, self-service paths, ensuring optimal CX.

Empowering people with a self-service model means they can utilize the benefits and get the right information at their own convenience. If you’re looking to master the digital journey, you shouldn’t just THINK digital; you need to BE digital.

That’s how you stay top of mind with customers and make them feel truly valued. When you do your due diligence, you know exactly who is on the other side. By understanding your customers, you’ll be able to boost marketing efficiency across different touchpoints of their journey.

Such a data-driven setup also allows you to increase retention due to the exceptional customer service you can provide. Ultimately, it all leads to you gaining a competitive edge, resulting in higher engagement and more conversions.

Telcos that prioritize customer-centric innovation build trust and make customers feel valued and appreciated. By investing in the right technologies to measure customer value, telcos can boost revenues about 2.5 times faster.

We’ve highlighted the importance of using technology and data-driven insights in CVM. For telcos today, segmentation is a powerful marketing strategy, transforming raw data into truly personalized value.

Segmenting customers and leads can be tedious and time-consuming; a customer data platform (CDP) streamlines this process by consolidating company data from various sources, empowering marketers to utilize it effectively.

Using a CDP enables precise customer segmentation, tracks their journey, and tailors offers based on their preferences, leading to revenue growth and enhanced marketing and customer value.

In other words, throughout the customer’s lifecycle—from onboarding to retention—you can proactively manage touchpoints to enhance customer experience. Here are some foolproof tactics you can put to work across stages of the telco customer journey:

The metrics associated with customer value management often derive from measuring customer value and other related parameters. Here’s how it breaks down:

Every business should kick off by defining and measuring customer value. First, get to know the different types of customers you have, those with shared needs and likes. Figure out what parts of your product or service they truly value. Once you’ve got that, you can dive into some formulas to define those key customer value metrics.

CVM isn’t just about understanding the value; it’s about boosting it. Therefore, metrics related to the activities and outcomes of CVM practices are key. These might include:

The qualitative data, often gathered through feedback channels, is key to CVM. Direct customer feedback, focus group insights, and social media sentiments provide context to numerical metrics and can help fine-tune how you implement customer value management practices.

Customer relationship management (CRM) and customer value management (CVM) are two distinct but closely related concepts in customer management. Here are some basic differences to consider:

Basically, CRM lays the foundation for managing customer relationships and interactions, while CVM builds upon this foundation by focusing on strategies and tactics to maximize the value derived from each customer.

Both are essential components of customer-centric business strategies and even though there are some overlaps, they have distinct objectives and approaches.

Digital transformation and conversational experiences have taken shape across the globe. It can, however, look different from region to region – or country to country. 

Brands in countries and regions accustomed to modern solutions are adapting the latest trends in AI and cloud technology to expand their existing conversational model. While others are just entering the space with new channels and digital solutions. 

Telcos play an integral role in enabling these channels and technologies for brands within their region. Leveraging a global cloud communication provider can help them combine the power of local expertise and connection with widespread CPaaS technology and use cases. 

Our CEO, Silvio Kutic, sat down with Jazz Pakistan’s CEO, Aamir Ibrahim, to share the various ways our telco/CPaaS partnership is accelerating digital transformation for brands within the region. Watch the video or read on to learn more. 

There is currently a digital divide within the country that needs to be reduced, with only 50% of Pakistan’s population using smartphones. We can expect this to change as the population of youth increases and these consumers turn to their smartphones for everyday activities through mobile apps, email, and social media platforms.

With the rise of conversational experiences on customers’ favorite channels, it will become increasingly important for brands in all regions to be present with automated, personalized solutions. Channels such as WhatsApp, RCS, and Viber, in combination with SMS, Email, and mobile apps, will be the go-to approach for delivering end-to-end experiences. Then building on top of these channels with cloud technology, including chatbots, AI, customer data platforms, and cloud contact centers, will help brands anticipate and deliver what customers want at the right time and in the right spaces.

A strong telco and CPaaS partnership enables brands within the region to develop the end-to-end experiences this new customer segment will come to expect. Telcos own the accessibility aspect of devices and connection among consumers. While embedding a cloud communications platform into their existing offering helps them enable B2B and B2C brands to use these various channels and technologies as part of a wider omnichannel strategy – minimizing siloed and fragmented customer experiences. 

In fact, Jazz leads by example, having experienced the benefits of this first-hand. With an initial goal to minimize this digital divide, Jazz wanted to provide digitalized customer care through a self-serve channel using CPaaS solutions. They first used Infobip’s platform to offer WhatsApp as a self-service option to their own postpaid customers, enabling them to complete daily activities through their favorite app. 

After experiencing riveting results, including a 32% cost reduction and a Net Promoter Score of 80/100, they decided to partner with us to enhance their offerings as a digital operator – enabling enterprises and SMEs to combine the forces of global communication solutions with a fast, reliable network. 

Combining the local expertise of a telco with the experience of a global CPaaS provider results in innovations that address future expectations, the best use cases for the market, and how to make engagement for customers across industries faster and more personalized. 

Gartner predicts that by 2026, 90% of enterprises will use CPaaS technology. 

And with today’s drag-and-drop solutions available on the market, enterprises of all sizes can use CPaaS technology regardless of their experience level. They can choose to start with simple use cases, such as transactional alerts and promotional campaigns – then later add on smart technology such as chatbots and AI to turn one-way communication into two-way, engaging conversations. 

The goal of any successful communications strategy is to connect with customers better, faster, and cost-effectively – which is what telco and CPaaS partnerships enable enterprises to do. As the use of technology grows, so does the number of enterprises implementing this technology and its variety of use cases – which means opportunities within the market are growing as well. 

Combining the power of a fast network with the world’s most popular channels through easy-to-use, affordable technology enables enterprises to digitally interact with their customers – be it for marketing, sales, customer service, or any other point in the customer journey.

Combining global experience with local expertise enables us to build a better ecosystem for brands within the region. Learning from success stories in different parts of the world helps Infobip and Jazz develop a strategic plan that enables various types of services for brands looking to adopt a customer-centric approach.

As the first MNO in Pakistan to implement a CPaaS platform and launch a cloud data center, Jazz has been able to power the digital transformation and future of communication for brands within the region. Through Infobip, Jazz can offer brands a secure, localized, and scalable customer engagement solution with their customers’ favorite channels – improving the experience of their enterprise and small business clients.

We look forward to expanding these offerings with new channels and technologies as they become available – continuing to meet the demands of consumers as they evolve over time.

The European telecommunications industry is experiencing a wave of regulatory changes aimed at enhancing security and combating fraud. These changes will have a significant impact on the industry, and it is important for telecom companies to stay informed and adapt accordingly.

However, at the same time the EU has been grappling with the issue of balancing privacy and security obligations for mobile operators for several years now. While there is a strict privacy obligation that prohibits operators from checking or recording any telecommunication between individuals, in the past few years the regulation has seen several exceptions to this obligation with the aim of preserving security of users and/or networks.

To give you a snapshot, on one hand you have the General Data Protection Regulation (GDPR) that went into effect in May 2018, giving individuals greater control over their personal data and places strict requirements on how companies collect, store, and process this data. This includes telecom companies who must ensure they comply with GDPR provisions if they want to avoid heavy fines and reputational damage.

However, one thing to keep in mind is that GDPR provisions the processing of personal data if it’s strictly necessary and proportionate for ensuring network and information security; such as accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data, and the security of the related services offered by, or accessible via, those networks and systems, by public authorities, by computer emergency response teams (CERTs), computer security incident response teams (CSIRTs), by providers of electronic communications networks and services and by providers of security technologies and services, constitutes a legitimate interest of the data controller concerned.

And on the other hand, telecom companies need to balance that with:

The above rules make it feel that telecoms cannot fully protect end customers without affecting their privacy, resulting in a fight between security and privacy obligations. However, there is a compliant way to do this, where telcos can protect customers from fraudulent messages and respect their privacy at the same time.

But first, it’s important to know why this important, and for that we need to deep dive into the cost of fraud.

A2P messaging has become incredibly popular because it’s simple, fast, and direct. However, A2P SMS is also a channel that fraudsters have been taking advantage of more and more in recent years.

According to the Communications Fraud Control Association – Fraud Loss Survey Report 2021, the estimated global telecoms revenues was $1.8 trillion but the estimated global telecom fraud loss was $39.893 billion, or 2.22% of the former amount.

Some of the most common SMS frauds are:

According to a report from Europol’s European Cybercrime Centre, fraud cost the telecom industry an estimated €10.6 billion ($12 billion) in 2019. This includes a range of different types of fraud such as international revenue share fraud, PBX hacking, roaming fraud, and more.

The problem with combating this kind of activity is that it’s incredibly time-consuming. The Communications Fraud Control Association reported that many operators with between one million and 10 million subscribers are dealing with more than 10,000 incidents per month.

And in a study by PwC two-thirds of operators reported facing fraud in the last two years.

So, just how costly is all of this? Usually MNOs bear the cost of fraud themselves as investigations take a long time, and sometimes, cases cannot be resolved. On top of that fraud gives rise to other issues such as damage resolution costs time and reputation control.

Then there is the loss of revenue, subscriber churn and the deterioration of their brand image. Acquiring new customers costs much more time, money and effort than retaining existing ones.

For the end-user, the biggest threat is arguably smishing, where the victim unknowingly shares personal information with a criminal who has sent a fraudulent SMS. According to data from consumer group ‘Which?’, reports of smishing attacks in the UK grew by more than 700% in the first six months of 2021.

Shockingly, young people are most at risk. A UK study found that a quarter of young people trust scam messages, and Gen Z is twice as likely to fall victim to smishing than the older generation. The reason could very well be because of the need for instant communications and transactions, which often means being lazy at validation. And if that is so, then this makes the case for being more vigilant on messages being sent, as this would increase the number and also types of frauds.

All of this just goes to show how important it is to be aware of the risks associated with A2P messaging and the reason why telcos need to comply with the recent European and national regulations. Especially with an increasing number of EU countries (such as Netherlands, Germany and Croatia) stipulating that confidentiality of electronic communications obligation does not apply to activities necessary to maintain the security of electronic communications networks and services.