Soriano, Leandro T.

• What is A2P SMS? Please provide your own example(s).

A2P (Application-to-Person) SMS is a message sent from a company, mobile application, or even the
daily services such as banking to a mobile subscriber on their phones.

The examples of these are:

Flight book confirmations – wherein the real-time route update, emergencies in case of needed,
reminders are given.

Password resets and services activations – Applications like Viber needs a confirmation from the mobile
subscriber thru SMS because the mobile phone of the user will be used for verification.

Booking Hotels and Services – Thru A2P, the mobile user is constantly updated for the booking
information.

Feedbacks and Surveys – Mobile Subscribers can send their feedbacks for the application or the services
they are using also surveys to help the developers get in touch with the users.

• What is SMS and how does SMS service flow?

SMS- stands for Short Message Service, typically used for daily communications thru text messaging
using mobile phones. A single SMS can consist up to maximum of 160 characters.

The SMS function is to send the message of Mobile Phone A to Mobile Phone B. The SMS has 2 parts in
order to function. The first part is MO SMS (Mobile Originating) wherein the SMS sent from the Mobile
Phone A will be received by the SMSC (Short message service center). The second part is MT SMS
(Mobile Terminating) wherein the SMSC will forward the SMS to the Mobile Phone B.

Mobile Phone A SMSC Mobile Phone B

• What is API and how it is being use?

API - stands for Application Programming Interface, is a software intermediary that allows two
applications to interact with each other. Also in computer programming, API defines a system of tools
and resources in an operating system enabling developers to create software applications.

The simplest interpretation of how API works in our daily lives is like ordering a food in a fast food
restaurant. Imagine a customer (user) needs to buy a meal from the counter. The counter or the API
receives an order from the customer. Then the counter will be sending the order to the kitchen or the
system to process it and after the process is completed, the counter or the API will be returning the
response of the customer’s order.

In applications such as online booking for flights, the client will be filling up the form for the flight and
once submitted, the database will be looking up for the available schedule for the specific flight. The last
step will be, the client will be notified by the website if the flight is available or not. If the flight is
available, the API will work again for the transaction process.

• What are the advantages of SMPP protocol over let's say HTTP or API for sending
SMS messages?

To know the advantages of SMPP protocol, let us know about SMPP protocol first.

SMPP stands for Short Message Peer-to-Peer- protocol, is an open message-transfer protocol that
enables short message entities (SMEs) outside the mobile network to interface with an SMSC. Non-
mobile entities that submit messages to, or receive message from an SMSC are known as External Short
Message Entities (ESMEs) The SMPP protocol is also based on request and response.

The typical applications of a SMPP protocol are: Mobile Commerce, Mobile Banking, Information
Service, Cell Broadcast, Notification/Security Application, and Email Gateway, SMS Chat, and Polling
Application.

The advantages of SMPP over HTTP or API for sending SMS messages are these:

1. SMPP is bigger- commonly SMPP can send up to 1000messages/second in comparison with

HTTP API that can send 20messages/second, SMPP can handle high volumes extremely well
which makes it ideal for large businesses, enterprise and organizations.
2. SMPP is broad in applications – SMPP can cover features more than HTTP API as it is more
complicated and requires an extensive knowledge of development in order to use
efficiently.
3. SMPP is more reliable – with the SMPP server downtime of 1%, businesses do not face the
risk associated with downtime or constant message failures.
• What is 2 factor authentication? Why is 2 factor authentication is so important for
OTT apps, and what are the common 2FA channels being use now a days?

Two-Factor Authentication also known as 2FA is a security process in which the user provides two
different authentication factors to verify themselves to better protect both the user’s credentials and
the resources the user can access. Also, 2FA provides a higher level of security than authentication
methods that depend on single-factor authentication (SFA), in which the user provides only one factor –
typically a password or passcode.

2FA methods rely on users providing a password as well as a second factor, usually either a security
token or a biometric factor like a fingerprint or facial scan.

• Why is 2 factor authentication is so important for OTT apps?

OTT (Over-the-Top) Applications is any application or service that provides a product over the Internet
and bypasses traditional distribution. OTT Applications defines anything that disrupts traditional billing
models – from telcos or cable/satellite companies. Examples include Netflix for video(replacing your
regular TV cable provider) or Skype (replacing your long distance provider).

2FA authentication is so important for OTT apps because 2FA provides the confirmation of the identity
of the user and provides more secured authentication for the users thus lessens the risk of being
hacked. Getting hacked can cause the user to put in danger, cost cash or be embarrassed – the private
messages, private contents can be leaked and the account can be used to spam messages.

• What are the common 2FA channels being used nowadays?

The common 2FA channels are being used nowadays are:

1. SMS – One of the most popular 2FA channel as it provides the easiest authentication for
2FA because the SMS channel is clientless –therefore, the user don’t need to install any
application. The user can receive the authentication token from the SMS without
needing the smartphone to verify it.
a. Process of SMS 2FA – When you enable an application’s SMS 2FA option, you’ll
be asked to provide a mobile phone number and next time you log in with your
username and password, you’ll be asked to enter a code (typically digits) that
gets texted to your phone.
2. Voice – Similar to SMS, the Voice is also clientless, therefore the Voice Channel can be
used for non-smartphone authentication.
a. Process of Voice 2FA – Similar to SMS 2FA, you’ll be asked to provide a mobile
phone number and next time you log in with your username and password,
you’ll be asked to enter a code (the code in which you got from the call).
3. Push Notification – It is used widely among apps like Google Authentication, wherein
the user’s smartphone is notified and is enabled to view the authentication details
making the user to decide whether to approve or deny the access in the App, typically
via a simple press of a button.
a. Process of Push Notification -

Login The client is The user Login via

Username notified to decides whether
to approve or
approve
review the
and deny the access button
authentication
Password

4. Software Token aka Soft Token – The Soft Token authentication needs a smartphone
and the app itself because the server will be giving the authentication code or the token
upon logging in the username and password in the application.
a. Process of Soft Token 2FA -

Login The server User Login using

Username sends an receives given 2FA
authentication
and the Code/ Soft Code
code / token
Password Token /Token
 • Define a relationship (draw a workflow) between OTT (Infobip – Mobile
Network Operators – End users)

Infobip’s mission is to create seamless mobile interactions between

businesses and people. Thru A2P messaging platform and as a global
leader in omnichannel management, Infobip helps the clients and partners
overcome the complexity of consumer communications, grow their
business and enhance customer experience – all in a fast, secure and
reliable way.

OTT such as Viber, Infobip Platform Mobile Network End Users

Whatsapp & Uber Operators
•The data is received and •Data is received from •The Data or the message
the OTT apps. •The services of the OTT
will be receiving is received to the SMSC
and through the support
requests for the API. •Then proceeds for the from the Infobip API and
of interaction of Infobip,
•Then proceeds with the process of Infobip API in thus the message or the
the message will be sent
data transfer to the which enables the service will be sent to
to the End Users such as
Infobip interaction between the the End Users.
SMS, Voice, Carrier
OTT and the Mobile Billing, Number Lookup
Network Operators. and USSD.