Local network operators require all local messaging providers to belong to WASPA (www.waspa.org.za), and also contractually require these providers to not use international SMS gateways for local delivery. Foreign service providers, connected to foreign network operators, do not have this requirement. Such service providers could still terminate bulk SMS traffic to SA subscriber phones, and many SA businesses deal directly or indirectly with foreign messaging providers.
According to WASPA, SMS messages that originate from foreign SMS gateways are more difficult to trace. For this reason, criminal activities such as phishing scams, spam and identity theft of a company and its customers, can mostly not be traced to the originators via these gateways.
Local mobile network operators actively seek out and block foreign messaging routes that are abused. Businesses and marketers with legitimate messaging programs, but using foreign SMS gateways, are often negatively impacted when the foreign SMS gateway that they use is blocked.
Unregulated international gateways, although occasionally cheaper than local gateways, also fall outside of SA's telecoms regulatory ecosystem and businesses and operators face legal and reputational risks if commercial messages are sent through these gateways. Taking legal action against a foreign messaging provider is difficult, and thus using a foreign provider reduces the protection afforded to businesses by local laws such as the Electronic Communications and Transactions Act (ECT Act).
WASPA therefore suggests that, when using SMS messaging for business communication or marketing purposes, businesses should select a trusted messaging provider that will protect the confidentiality and privacy of client communications.
By selecting a messaging provider that is a member of WASPA and one that use local mobile network operators for local delivery, legal risks, privacy risks and confidentiality risks should be reduced significantly. WASPA members are held accountable to the WASPA Code of Conduct, and local service providers have to comply with the ECT act.
Receiving an SMS message where the sender ID was manipulated is a clear indication that a foreign messaging provider was used. Sender ID manipulation - eg, where an unknown sender uses a personal or business name instead of the numerical mobile number that gets displayed on a mobile phone - opens up a platform for rife abuse. Mobile numbers can be spoofed (faked), and can be used to impersonate individuals, friends, family members or business networks to extort information for financial gain.
According to Chaper 8, section 86 and 87 of the ECT Act, 2002, pertaining to unauthorised access to, interception of or interference with data, for the purpose of obtaining any unlawful advantage by causing fake data to be produced with the intent that it be considered or acted upon as if it were authentic, is guilty of an offence.
In light of these risks, WASPA encourages SA companies to look at combining their messaging and marketing efforts with companies that are WASPA-accredited and have invested sufficient capex to run these services reliably to avoid sending messages after hours or multiple times, because their platform cannot manage efficiently the load or the complexity of submitting traffic to multiple network gateways. Companies should also look to service providers that use mobile gateways that do not allow businesses to do sender ID manipulation.
Members of the public can view the WASPA Code of conduct at: www.waspa.org.za/code/codeconduct.shtml. The procedure to follow if you have a complaint about a WASP's conduct - sending out spam, for example - is as follows:
