03.21.2012 09:23 PM
I guess it depends on exactly what you mean, but all of AT&T's APIs require HTTPS protocol, which is a secure connection to AT&T's servers. After it hits the servers, it will be on a secure network.
Does that help?
03.22.2012 06:40 AM
Thanks for the response.
I was speaking of when the SMS/MMS is sent using SMPP. My understanding was that shortcodes use SMPP while longcodes use SMTP(?) Is this correct?
>>AT&T's APIs require HTTPS protocol, which is a secure connection to AT&T's servers.
03.22.2012 10:03 AM
Ok. So, from your application, all requests are sent using REST. This is intentional so that the developer doesn't need to know SMPP or MM7. Our gateway takes care of the underlining protocol for you. And after it hits our gateway, it's on AT&T's internal network, which is secure.
SMPP - This is a binary protocol used for external applications (ESMEs) to send/receive SMS messages to a messaging infrastructure (i.e. SMSC).
MM7 - This is a XML based protocol used for external applications to send/receive MMS messages to a message infrastructure (i.e. MMSC).
You will never have to worry about the above 2 protocols, since AT&T does the transformations for you from REST to SMPP/MM7.
Hope that helps,
03.25.2012 06:26 PM
Hello and thanks for the response :)
Almost there. Have 2 more questions. I found the following items:
However, SMS and MMS are facing significant security challenges. Today since content of most messages sent through the services is totally plain, SMS and MMS messages may be read by unauthorized and unwanted people when they are being transmitted or stored somewhere.
A5/1 is being used on the radio link between mobile and base station controller (BSC, the network entity entity that manages the radio resources). The radio link transports a couple of higher level protocols, among them MAP which is used to transport SMS.
or SMS encrypted with A5/1
With that said,
QUESTION: When one uses the AT&T network and sends out SMS/MMS messages (that are not using the AT&T API), are they A5/1 encrypted?
Multimedia Messaging Service (MMS) greatly enhances the power of your communications by moving beyond the text-only capabilities of Short Message Service (SMS) messaging. With MMS, users can send messages from their mobile device to your application ("mobile originate")
My understanding is that this refers to the following scenario:
CLIENT : Browser-written code (written by us) running on any network/phone
SERVER : on AT&T network - it is to receive the MMS/SMS sent by the client.
QUESTION: The client can only be a part of the AT&T network - right? In other words, this API is only available to AT&T customers
while the API below:
Is usable by all customers (AT&T, Verizon, Cricket, etc.)
Is this correct?
Thanks again for your input.
03.26.2012 02:51 PM
For your first question, I will need to get back to you.
Your second question:
First off, the server could be the developer's server. Imagine some alert service that sends weather updates to phones via SMS/MMS. Those alerts could originate from a developer's server application. Or a voting application, where the user sends a SMS to a shortcode with a certain message. That message would route to the application's server.
In order to use our APIs, then the end customers need to be AT&T customers. Note that the GSMA OneAPI is just a specification, and most of our APIs implement that specification as well. It's just a common API that all carriers may use. However, the FQDN would be different for each of the carriers that support GSMA OneAPI.
04.03.2012 01:58 PM
Hi there, below you wrote:
In order to use our APIs, then the end customers need to be AT&T customers.
So, in the case of voting with a shortcode, the customer would be charged for sending the text and the application developer would be charged for receiving the text?