The UK-based Mobile Ecosystem Forum’s SMS Sender ID Protection Registry has formally launched in Spain.
The announcement was made at the Future of Mobile summit hosted by MEF at MWC Barcelona. After a soft trial started in December 2021, the MEF SMS SenderID Protection Registry is now up and running in Spain, with partners including three major network operators and seven financial brands, and multiple business messaging solutions providers.
The MEF SMS SenderID Protection Registry, which was developed in the UK, is an ecosystem-wide anti-fraud solution that significantly reduces the impact of Smishing & Spoofing by SMS.
“Globally the threat of phishing by SMS is becoming more concerning. Consumers and business are finding that their savings are at risk from people impersonating trusted financial agencies via text messages. It is a vile crime that often impacts vulnerable people both financially and emotionally.” Dario Betti, CEO of MEF, comments.
“We are happy to see that the industry in Spain is pro-actively building a platform to react to these threats. While we are not able to name the companies involved in this pilot for security reasons, MEF is very grateful to the large support we have encountered in the market.”
What is it?
It reduces the ability for fraudsters to send messages impersonating a brand in the message header, by checking whether the sender using that sender ID is authorised by the merchant/brand. If not, messages from this route are blocked as fraudulent, ensuring SMS remains a trusted communication channel for brands and consumers alike.
At times, fraudsters can also be made Sender IDs that are made up of misspellings and special characters that can differentiate form the brand but are unnoticed by users. The Registry actively monitors and blocks these via a ‘denied list’ circulated to partners.
Text messaging scams, which trick consumers into sending money or sharing their account details with fraudsters, are known as ‘Smishing’ (or phishing by SMS). Criminals send bogus texts which appear to come from a trusted sender.
How does it work?
The MEF SMS Sender ID Protection Registry was established to automate cross-stakeholder processes, allowing reliable and fast sharing of information to facilitate an orchestrated blocking system.
The online Registry platform helps identify and block fraudulent SMS texts, protecting consumers, legitimate businesses and organisations falling victim to text messaging scams.
It enables organisations to register the sender IDs/message headers used when sending text messages to their customers. This limits the ability of fraudsters to impersonate a brand, as the Registry automatically checks whether the sender is the genuine authorised party.
Sometimes fraudsters create an exact copy or ‘spoof’ of a genuine merchant sender ID. These messages, when received by consumers, can be placed into existing message threads or conversations from the same target merchant on the customers smartphone – giving more credibility to the fraudulent message. The MEF SMS Sender ID Protection Registry works to reduce spoofing by registering the legitimate and authorised message sources.
These fake texts can also spread harmful malware, which once downloaded, gives the fraudster access to sensitive information on your device.
With the MEF SMS Sender ID Protection Registry, everything stays the same for the consumer – all that changes is the reduction on Smishing texts. There are no additional steps for consumers to take, however consumers are strongly advised to stay vigilant and to react only to texts if they are expecting to be contacted, for example, you’ve just requested a one-time-PIN.
Consumers should be particularly wary of clicking on embedded links within texts and should contact their bank/merchant via the contact number on the back of their card if they are in any doubt before reacting to a text request.
Whilst the brands suffer adverse PR, the Banking groups often bear the brunt of the financial losses experienced by consumers, as well as the adverse PR. Hence by reducing smishing the Registry provides benefits for many merchants, as well as consumers.
In the UK, where the Registry has been live for over a year, many major banks and Government brands are currently being protected with 352 trusted Sender IDs registered to date. Over 1500 unauthorised variants are being blocked on an ever-growing list, including 300 Sender IDs relating to the Government’s Coronavirus campaign. There has been a significant drop in fraudulent messages being sent to the UK consumers of the participating merchants.
Following the success in the UK, the MEF SMS SenderID Protection Registry is being launched in Spain with the support of three Mobile Network Operators and seven financial brands.
“There are millions of faked SMS sent by fraudsters trying to steal passwords every day. We need to help Spanish consumers and organisations fight back. Thanks to the collective efforts of the mobile industry MEF has managed to show a way: a Registry for SMS short-code names. The fight against fraudsters is a relentless one, it will never stop. But we are happy to celebrate one successful tool, created in the UK, and to bring that tool to Spain.” said Dario Betti, CEO of the Mobile Ecosystem Forum.
MEF (Mobile Ecosystem Forum) is a global trade body established in 2000 and headquartered in the UK with members across the world. As the voice of the mobile ecosystem, it focuses on cross-industry best practices, anti-fraud and monetisation. The Forum provides its members with global and cross-sector platforms for networking, collaboration and advancing industry solutions.