Return to sender: How verified SMS improves security and trust
Could you tell the difference between a real and fake text message? The ongoing COVID-19 pandemic has provided ample opportunities for fraudsters to exploit communication channels, especially SMS, says Kola Layokun, product management director, Syniverse.
The latest initiative to be exploited in the UK is the National Health Service (NHS) track and trace application. The Chartered Trading Standards Institute (CTSI) recently alerted users to fraudulent text messages containing malicious links, supposedly sent by contact tracers.
The historic challenge that arises with SMS communication is that messages are often sent from numbers unknown to the recipient. Coupled with improvements in the apparent legitimacy of these messages and increased sophistication from the fraudsters, users are often unable to distinguish the real from the fraudulent. As such, verifying messages has never been more important, both for consumer and business audiences.
Enterprises are increasingly using SMS as a primary communication channel, the volume of mobile messaging increasing by 20% compared to the previous year. Organisations especially in the financial industry often share sensitive information over SMS, such as account authentication details and updates. For this reason, maintaining the resilience of this channel is top of mind.
Breaking this resilience can have a negative impact on trust, especially if a user falls foul of a scam. With its role at the centre of the communication model, the telecoms sector is constantly working on ways to make SMS more secure and optimising existing security features. One major step towards that goal is sender verification.
Fighting fire with fire
The market needs a solution that allows businesses to confirm their true identity when contacting customers. Bad actors will impersonate trusted and familiar brands to entice users to click a malicious link to gain personal details. Using Verified SMS, brands can add several factors to improve the veracity of their messages, such as logos, a description of the company and an avatar, which can be displayed in the heading.
Critically, these features can only be seen by the recipient if the message is verified, in which case a small badge is visible in the message thread. This process works on a per-message basis. Customers can recognise the origin of the message at one glance and have the peace of mind that the source is trustworthy.
This negates the danger of messages to be spoofed (when an SMS is disguised as being sent from a known and trusted entity rather than an unknown source), or seemingly act like SMS containing a link, in which case phishing may occur. Verified SMS mitigates this fraudulent behaviour by ensuring that not only is the Sender ID verifiable, but the message is authenticated as being from the intended source reducing or eliminating the possibility of fraud.
The value of trust
The knock-on effect for businesses and brands is that it’s not solely the customers who benefit from the end-security. Being hacked or spoofed risks fracturing confidence in the brand especially where sensitive information or private data is concerned. If you look at some of the biggest hacks in recent history, it’s the brand which takes the majority of the blame, both in terms of online and mobile attacks.
In the enterprise space, where SMS is used a communications channel, this element of trust is equally salient. For those businesses who use SMS for communication with partners and customers, the channel needs to be exceptionally and reliable. It only takes a single breach to damage a vendor’s reputation with customers to make them walk away to a competitor how can you trust a business with yours, if it can’t even look after its own?
Veracity a catalyst for change
Traditional SMS does a job and always will; this is not in doubt. However, augmenting this with verification adds a crucial extra layer to how these messages are delivered, and how they are received. For both consumers and enterprises (and for those enterprises whose customers have customers), protection and security remains a driving force behind success.
Mobile is a key channel through which information is shared; however, it is often exploited by fraudsters and the increasing threats to SMS messaging act as a driving force towards improved security. Protecting private data remains a key priority for businesses when nurturing relationships and inspiring advocacy and loyalty in their customer base.
Simply put; businesses should invest in solutions that put the security of customers, privacy and data first. In this way, they will ultimately improve their resilience towards future opportunistic threats.
The author is Kola Layokun, Product Management director, Syniverse.