Cloud-hosted phone systems are a great way to support and enhance communications, making them more efficient and ready for integration with other systems.
It’s official: If your organisation uses SMS sender IDs to send SMS text messages as part of your operations in Singapore, and you wish to continue using your name within the SMS Sender ID as an alphanumeric identifier that appears on the recipient’s device, it will be mandatory for you to register with the Singapore SMS Sender ID Registry (SSIR) by January 31, 2023.
The latest move by the local regulator Infocomm Media Development Authority (IMDA), is part of a broader nationwide initiative in Singapore involving multiple stakeholders to ensure SMS remains a safe and secure communications channel for residents, businesses and all organisations.
How SSIR fits in the ongoing battle against scam SMS
Singapore’s SSIR was set up in March 2022 as a measure to curtail the surge in SMS-related scams that had been occurring around the time.
High-profile scams had been hitting the news regularly – including one with a local bank whose customers lost S$13.7 million to a slew of phishing scams. Independent consumer engagement research conducted by Toku around the period also unveiled a general lack of awareness around the risks of tapping on links sent in SMS.
For instance, it was reported that 40% of Singapore consumers who had tapped on a link in a scam SMS experienced monetary loss.
With so much at stake, everyone including consumers, businesses and organisations needed a set of countermeasures to safeguard SMS as a communications channel.
One of the milestones in the battle against scam SMS, was the setup of the SSIR. By April 2022, about 1,000 protected SMS sender IDs had been registered by 25 organisations including banks and government agencies.
As a result, there was a 64% reduction in scams through SMS from Q4 2021 to Q2 2022.
Why is SMS sender ID registration mandatory for organisations now?
Although SSIR has been effective in its role as an anti-spoofing registry serving to protect sender IDs and block spoofed SMS, more still needs to be done simply because until now, registration with the SSIR has been on a purely voluntary basis. Currently, the public is still able to receive SMS from non-registered Sender IDs (which may be from organisations that have yet to register with the SSIR).
The fact is pre-registering Sender IDs is nothing new in the global communications industry. The latest move by Singapore’s regulator is in line with similar measures being undertaken in many other countries, including Indonesia, Vietnam, Laos and Philippines.
The difference now is that instead of relying on organisations to proactively register and protect their Sender IDs, the mandatory regime builds stronger anti-scam capabilities.
Only bona fide Sender IDs belonging to SSIR-registered organisations will be allowed.
This ultimately means a safer SMS experience for end-users – one that everyone can trust in their communications with brands, governments and organisations.
If an enterprise does not register their SMS Sender ID, what will happen?
First, let’s break down what is an SMS Sender ID: A sender ID is a name or number that identifies the sender of an SMS.
The reason scam SMS were able to hoodwink users in the past is because they spoofed sender IDs to trick consumers into clicking through a link that masqueraded as a legitimate organisation such as a bank or government agency.
If an enterprise does not register with SSIR, the result is simple: any SMS they send out (even if it’s from a legitimate organisation) will be difficult to differentiate from other SMS that may be scam messages.
Because of this, all non-registered SMS Sender-IDs after 31 January 2023 will be channeled to a Sender ID with the header “Likely-SCAM” for a period of 6 months.
Furthermore, any unregistered Sender ID SMS will be blocked by default after the transitionary period.
Think of the “Likely-SCAM” as a filter that directs all unregistered Sender ID SMS to a spam bin. Although it’s a temporary measure by the IMDA to accommodate those organisations that may need more time to prepare and register, it will still likely impact businesses that don’t register.
In short, if you operate in Singapore and need to send SMS for daily operations, and you choose not to register with SSIR, your messages will be out of sight, out of mind for the end recipient.
What kinds of organisations will likely be impacted by SSIR if they do not register?
Think about it. ANY kind of operation involving SMS will be affected.
- Many brands rely on SMS to send promotional campaigns to their user-base.
- In Singapore, most banks still send SMS updates for credit card statements, promotions, transaction status updates, and more.
- Almost all logistics and delivery businesses send their customers delivery updates via SMS.
- Government ministries and agencies also use SMS to quickly update residents with reminders and notifications for all sorts of transactions.
If your organisation does not register and secure its Sender ID, your messages will likely get filtered into the “Likely-SCAM” bin, which immediately reduces the level of trust between you and the end-user.
Creating a positive, dynamic experience for customers starts with trust
Protecting your organisation’s brand on the SMS channel is more important than ever.
As scammers constantly evolve and adapt to the new SMS regulatory environment, businesses and government agencies need to act to rebuild their users’ trust on this important communication channel.
Partner with Toku to protect your brand and users from scams
As Toku is a licensed operator within the Singapore SMS governed framework, our Communications Platform as a Service (CPaaS) platform enables enterprises to utilise and protect your organisation’s name within the SMS Sender ID as an alphanumeric identifier that appears on the recipient’s device.
We don’t just fight scams on the SMS front though.
Toku continues to work with other stakeholders in the battle against scams on other channels – such as phone calls.
That’s just the way we roll at Toku: When we build our solutions, we make sure that encryption and security are at the top of our minds.