Table of Contents
A spam-free network exists solely in marketing copy. All networks, regardless of size, experience spam. Every network operator recognizes this and relies on feedback loops to identify, escalate, and address violations. Several feedback loops exist today, such as the Report Junk feature on your Android or iPhone and the 7726 message-forwarding feature. But are these methods sufficient? Could we do more?
Feedback loops can be a complex and intricate topic. For the purpose of this discussion, we will concentrate on two types of feedback. The first, which we will call in-channel feedback, concerns the message itself and involves taking action on message delivery during active transmission. The second type focuses on the sender and helps prevent future infractions; we will call this out-of-channel feedback.
In-Channel Feedback
Among all types of feedback, this is the most actionable. The message is “live” on the network, with the sender, recipient, and message being clear, as well as the sender’s intent. In this scenario, the network has two options: 1) block the message before it reaches the recipient’s device or 2) monitor spam reports via 7726 and Report Junk taps, using them for future blocking.
Acting on in-channel feedback is a network operator’s most potent weapon against spam. When the message is on the network, the operator controls its delivery and whether it should be delivered. To make this decision, sophisticated networks rely on numerous external partners, such as ENEA’s AdaptiveMobile platform.
Vendors such as AdaptiveMobile and ProofPoint, due to their global reach, continually monitor networks worldwide and use this information to score messages and give feedback to individual operators regarding a message’s reliability. This process, also known as message filtering, allows operators to decide whether to stop a message before it reaches their subscribers.
Although there have been well-publicized cases of legitimate messages being blocked, message filtering is effective. So, if you receive a spam or phishing message, use the Report Junk feature on your phone or forward the offending messages to short code 7726 (in the US). Carriers actively monitor these reports!
While in-channel feedback loops are well defined, there is room for improvement. Gaining access to these reports is nearly impossible for applications or end-user platforms unless they pay a vendor or have a trusted relationship with a carrier. Enhancing feedback loops also involves refining the feedback that network intermediaries provide to each other.
Existing mechanisms, such as delivery receipts and message throughput violations, are highly unreliable. Without access to a top-tier intermediary, determining whether a message was delivered is mostly speculative. Improving the reliability of these mechanisms would enhance communication by addressing not only device delivery but also message blocking by the network.
This proposal elicits two responses: First, sharing device delivery information potentially compromises subscribers’ privacy. Second, signaling message blocking back to the originating network may undermine spam mitigation efforts. Both concerns are vestiges of a bygone era.
In most messaging apps, the default setting is to share the “delivered” status with the sender. Disabling this sharing feature is often hidden in user settings. In iMessage, it’s not even an option; the only way to avoid sharing delivery status is to force every message to be sent as an SMS. Yikes! Considering this, a network operator’s reluctance to share device delivery information seems unreasonable.
Lastly, refusing to share message blocking status with the originating network implies collusion with the offending sender. While this has occurred and continues to happen, recent industry changes and obligations imposed on A2P senders to validate themselves and their customers (also known as KYCC—Know Your Customer’s Customer) make it increasingly difficult to conceal. Moreover, sharing the status quickly exposes any nefarious collaboration between a vendor and a spammer.
Out-of-Channel Feedback
What we say influences our reputation, and the same principle applies to messages within a system. The content communicated by a brand impacts its reputation. Out-of-channel feedback helps bridge the gap between the sender’s claimed identity and their actions.
When SMS, MMS, email, and websites are treated as a single conversation, out-of-channel feedback gathers and shares information about a sender across these platforms. Spammers typically utilize multiple mediums in their tactics. If they use SMS, they likely have an email strategy and a deceptive website designed to steal data. However, feedback from email to SMS and vice versa rarely happens.
Legitimate privacy concerns prevent the implementation of such feedback loops. Let’s go back to our dentist who sends appointment reminders but begins to send teeth-whitening promotions without proper consent. The dentist may be shut down from that route, but technically nothing prevents them from using another provider to send the same message. The dentist’s reputation will not carry over across messaging platforms. Also, there is no obligation to share customer data or behavioral signals, and rightfully so.
Technological solutions are possible, such as cryptographically tokenizing a brand’s reputation. Ethereum founder Vitalik Buterin points out that “When you switch from Uber to Lyft, your Uber rating does not carry over.” Zero-knowledge reputation systems enable users to provide cryptographic certificates, allowing, for example, your Uber ratings to transfer to Lyft without revealing any information about your Uber activity.
While private reputation portability is a long-term goal, in the short-term it is a tactical and manual task. For instance, within a platform, banning a user while also blocking their number without human intervention is rare. Banning the same user across multiple networks is near impossible.
This Is Personal
I had a vested interest in spam mitigation, as spam impacted my business more than it does carriers or intermediaries. When I was in an operational role, I knew we had to monitor spammers. We not only participated in the text messaging industry’s efforts but were also members of groups such as M3AAWG. If email providers were going to shut down payday loans or if Google planned to disallow cell phone repair ads, we could expect spammers to target SMS. It was one of those essential activities you had to do to ensure delivery.
Next
Robust feedback loops, improved SMS user experience, and standardized KYC form the three pillars of effective spam mitigation. Next, we’ll examine how a seasoned, sophisticated regulator provides the foundation for these pillars to stand.