Skip to main content

A2P messaging is growing yet fraud is endangering consumer’s trust in the platform

According to Telefonica the yearly volume of text messages sent is 8.3 trillion. And then there are the businesses that are increasingly turning to messaging as a key technology for engaging consumers. Banks, doctor’s surgeries, media companies and charities are all embracing Application-to-Person (A2P) SMS as the most effective channel for engaging with their audiences.   

And there’s good reason.  In a world that is characterised by more and more digital interaction that is competing for tinier and tinier moments of consumer attention, messaging delivers two vital ingredients – convenience and cut through.  Often quoted Dynmark reserach indicates that SMS has a 98 per cent open rate.  SMS wins, chapter and verse.    

And whilst there’s certainly a shift towards messaging apps like WhatsApp and Facebook Messenger as a rich peer-to-peer alternative, A2P SMS messaging is growing in tandem. Analyst firm mobleSQUARED forecasts the A2P market to be worth $58 billion by 2020 (rising from $12.88 billion in 2015).   

What’s interesting about the mobileSQUARED research is that it is unusually conservative. It accounts for growth based on mobile operators deploying revenue assurance platforms to shut down grey routes, not market growth initiated by business in to new vertical sectors, growth markets in countries that haven’t reached ‘peak mobile’ or innovation in to new technology sectors like IoT. However, it does point to the wider problem of fraud within the messaging  ecosystem.   

Grey routes, which fraudulently ride on the dedicated P2P [person to person] connections of operators, are one aspect but there are many other types of fraud in messaging that range from the technical exploitation of vulnerabilities in any given network through to more direct manipulation of consumers.

The prevalence of spam

Perhaps more worrying is the prevalence of spam and SMiShing (SMS phishing), practices that are commonplace in both mobile messaging and messaging via chat apps.   

Earlier this year Global trade body MEF released the Mobile Messaging Fraud Report 2016. It found that more than a quarter of consumers (28 per cent) receive an unsolicited SMS message every day and 58 per cent report receiving one every week.     

Within messaging apps, the problem is only slightly less prevalent with, 26 per cent of chat app users receiving an unsolicited text message every day, while 49 per cent receive at least one a week.   

Whilst the majority of unsolicited mobile messages are not much more than a nuisance – notifying users of an unwanted offer or service for example - 33 per cent of consumers said that they had received a SMiShing message aiming to trick them into disclosing personal data such as bank details or passwords for online services.  

MEF estimates that SMiShing contributes an estimated $680 million to the $2 billion annual fraud cost currently borne by mobile operators and consumers.      It’s also interesting to note that although the SMS channel receives the highest daily occurrence of unsolicited messages it remains the most trusted with 35 per cent indicating that it was their most trusted channel, against 28 per cent trusting messaging apps the most and only 18 per cent choosing platforms such as Facebook, Yahoo and Skype.   

This is likely because the percentage of spam messages is still less than one per cent of the overall volume of messages. When compared to the nearly 50 per cent on email, SMS is still a clean and powerful channel.

The cost correlation

It’s also true that there is a high correlation between the cost to deliver a message and the amount of spam and fraud the channel attracts. For example, it could be argued that the reason for low levels of spam in Germany and France is directly related to:   a.) The cost to send a message through legitimate routes being relatively high b.) The effectiveness of local operators in those countries to block grey routes and filter spam being very good.   

By contrast India, Nigeria and South Africa the cost for sending a message is relatively low, and although things are improving these networks have historically been less protected. At the same time in many mobile first countries consumers are less likely to have email addresses and SMS therefore acts as a substitute for email marketing.   

A lack of cost may be the reason why 72 per cent of users in the study have received unsolicited messages from messaging apps like Whatsapp. Yet no official API exists for sending Enterprise to Consumer messages on many of these platforms. This is concerning as it indicates that fraudsters are using weaknesses in the person to person capabilities of these apps to send messages on behalf of enterprises.   

Moreover, messaging apps will need to be cautious when they move to legitimate enterprise communications if they don’t want to replicate the fate of Push Notifications, where overzealous marketers have polluted the channel which is now only trusted by 16 per cent of consumers.   

There are a number of things that can be done in order to reduce fraud and spam across all channels:

  • Create a global shortcode, long number or email that can be used to report unsolicited messages. The easier we make it, the more people will do it. Ensure these reports are shared across the ecosystem in an automated way so they can be acted on.
  • Operators must continue to install SMS and ss7 firewalls in their network to prevent grey and fraudulent routes from being exploited for sending spam and SMiShing messages.
  • OTT apps must close weaknesses in their systems that allow individual user accounts to send large amounts of unsolicited messages undetected.
  • When OTT apps finally allow for Enterprise-to-Consumer messages to be sent legitimately via an API, they must charge on a per message basis for the service to ensure that both fraudsters and overzealous marketers do not abuse the channel.
  • Innovate on how cloud message providers can better validate the identity of companies to ensure that SMiShing attempts are thwarted early and often.

Whilst it's very encouraging that the A2P market is expected to grow over the coming years, we can’t take consumer trust in the platform for granted.  

Clearly the industry needs to enact measures that will protect and nourish trust as an enabler for future growth in new vertical markets and innovation in new areas of technology like IoT and machine-to-machine messaging.

Robert Gerstmann, MD, CLX Networks
Image Credit: Melina Sampaio Manfrinatti / Flickr

Robert Gerstmann is the MD and co-founder of CLX Networks. He has also held management positions at mBlox and Netgiro/Digital River. Robert has an MSc in Industrial Engineering and Management from Linköping Institute of Technology.