Enhanced Security for A2P SMS using SMPP with TLS


EMnify now offers SMPP over secure SSL/TLS as an enhanced security feature for Application-to-Peer (A2P) SMS.

As described in a previous blog post on the topic, SMS is an important feature for IoT and M2M developers and enterprises. SMPP is how applications send and receive large amounts of SMS messages to and from mobile devices. When it comes to A2P automation, SMPP remains a strong favourite, particularly for configuring large numbers of cellular devices over-the-air. On the EMnify platform, this can be simplified using an SMPP connection with EMnify's Short Message Service Center (ESMSC).

How it works

SMPP uses the client-server model of operation, where the EMnify SMSC acts as a server which awaits incoming connections from clients. The clients here are typically application servers owned by a customer who can then programmatically send SMS between the EMnify SMSC and their devices. With delivery reports of sent SMSs easily accessible to the EMnify API, customer application servers can intelligently roll out updates incrementally without disrupting service to all devices at once.

Enhanced Security Blog graphics-15


Why is TLS important for SMPP?

The Short Message Peer to Peer (SMPP) protocol is an open, industry standard. It was designed to provide a flexible data communication interface for short message data between devices (typically referred to as ESMEs) and the SMSC. It is a clear-text binary application layer protocol and, additionally, has no security measures specified. Our blog post on SMS and Voice Service Attacks describes some of the most common threats leveraged by attackers. If users are sending potentially sensitive information via SMPP, the lack of built-in security features and the fact that the protocols are open to anyone needs to be seriously considered.

EMnify addresses the weaknesses in the protocol itself by introducing Transport Layer Security (TLS) for SMPP. TLS encrypts the segments of network connections directly at the application layer which ensures secure end-to-end transit at the transport layer. Secure SMPP (SSMPP) is therefore better suited for cases where confidentiality, integrity and authentication are required.

Additionally, external SMS originating from other mobile devices can be blocked by the platform so that only the device owner can send / receive SMS to and from the device – only once their application is authenticated in advance.

Benefits / Summary:

  • Send secure SMS programmatically via the EMnify SMSC
  • Route messages directly from customer application to EMnify platform, to customer device
  • Bi-directional communication as devices can in turn send SMS payloads

If you would like to benefit from TLS security on your SMPP connections, please contact our support team at support.emnify.com.

What can your connectivity provider do for your device security? 

Check out our Guide for Cellular IoT Securityfor 25+ best practices
to ensure a secure IoT solutionfor your business.

New call-to-action