Every time you request a verification code or a password reset, a digital spark leaves the enterprise network, triggering an OTP. To the end-consumer, this handoff feels instantaneous and clean. But the moment that one-time password is triggered (an A2P, Application-to-Person message), it enters a deep, dark forest full of hidden perils: the downstream A2P SMS delivery chain.
Not every message exits this forest unscathed. Along an opaque path managed by unknown intermediaries, some are disfigured beyond recognition, some are forced down cut-rate routes, while others are quietly erased from existence entirely… Yet, the enterprise bill remains the same.
Shining a light on these mechanisms shows what honest businesses, aggregators, and operators risk losing. Consequently, rogue downstream routing exposes them to real financial and operational harm.
The Hidden Paths
When an enterprise hands traffic to its primary aggregator, it expects a clean, direct path to the mobile network operator on the chosen delivery channel. In reality, the message is cast into a maze of suppliers, automatic load-balancers, and parallel pathways.
To maximise their own profit margins, downstream providers exploit the opaque nature of this ecosystem. They manipulate traffic behind the scenes using highly sophisticated, deceptive technical manoeuvres designed to obscure the roots of each message’s delivery chain.
Channel Conversion
Instead of honouring the SMS channel path purchased and well paid for by the client, suppliers proactively divert high-value text traffic to cheaper, non-compliant alternative channels. This includes silently converting and anonymising standard text into an Over-The-Top (OTT) message via apps such as WhatsApp, Telegram, or regional platforms like Viber.
In its most disruptive form, it manifests as Text-to-Speech (TTS) flipping, where a text message is stripped down and converted into an automated voice call that reads the mere authentication digits aloud to a startled user.
Message Trashing
This is the outright deletion of a fixed percentage of an enterprise’s traffic. A downstream supplier will systematically drop deliverable messages instead of forwarding to end users. To cover their tracks and maximise their margins, they pair this deletion with the generation of fake positive delivery receipts (DLRs) sent back up the delivery chain. The sender is charged and led to believe in a 100% delivery success rate. In reality, a good percentage of end users are left with nothing. This lack of transparency puts the customer in a position where they can’t see the wood for the trees.
Template Spoofing
This mechanism relies on the unauthorised, systematic alteration of the verified Sender ID and the message content itself. Downstream actors intentionally rewrite both the Sender ID and parts of the delivered content to mimic specific domestic templates.
By turning international enterprise traffic into locally branded messages, they exploit much lower domestic termination rates. They then pocket the international price difference.
Read a full breakdown of the Template Spoofing method here.
Grey Routing
To avoid paying legitimate network access fees, providers bypass official operator termination gateways entirely. They accomplish this by routing traffic through unauthorised, vulnerable paths:
- SIM Farms (or SIM Boxes): Hardware racks stacked with local SIM cards that mask corporate traffic as cheap, person-to-person domestic texts. Mobile apps that form cloud-based virtual SIM Farms are a new generation of this threat, avoiding the increasing complexity of sourcing multiple SIM cards.
- SS7 Leaks: Exploiting unmonitored, global signalling connectivity to inject messages into mobile networks without paying termination fees.
- Illegitimate Off-Net Paths: Forcing traffic through detour routes across different networks within a country to favour lower-cost termination.
What’s really at stake?
These techniques, individually and collectively, cause severe, lasting damage to the quality and reputation of aggregators and the SMS channel altogether. The bad experiences accumulated from these practices inevitably ripple through the entire telco and business ecosystem, polluting trust overall.
1. The Enterprise Side: Splintered Trust and Wasted Spend
For banks, social media platforms, and digital enterprises sending traffic, the means of getting your messages delivered to your customers are full of hidden financial and operational pitfalls.
- Direct Financial Damage: When suppliers practice “trashing,” enterprises pay 100% of the undelivered traffic. They are actively billed for messages that were deliberately thrown in the trash.
- User Churn & Lost Revenue: If an authentication code or OTP takes too long due to multi-hop latency or fails to arrive, the user abandons the registration or transaction. A broken messaging chain directly translates into abandoned shopping carts and lost customers.
- Compliance & Legal Risk: When a provider switches a critical message from SMS to WhatsApp or Telegram without user consent, the enterprise inadvertently breaches regional data compliance and privacy regulations.
- Brand Dilution: When a verified brand sender ID is replaced by a random SIM‑box number or spoofed template, trust evaporates. Users instantly doubt the message’s authenticity. Consumers are trained to view unbranded, random-number texts as phishing scams.
2. The Fair Aggregator Side: Caught in the Crossfire
Not all aggregators act in bad faith. Those trying to play a fair, compliant game face an existential threat from the hidden manoeuvres of their downstream partners.
- Unfair Competitive Disadvantage: Honest aggregators who buy clean, legitimate routes from operators cannot compete on price with rogue providers whose business models rely on 5% traffic trashing and cheap WhatsApp bypassing. The fair players are consistently undercut by margins built on deception.
- Severe Reputational Damage: When an enterprise sees OTP delivery rates drop or messages arrive as distorted text, they lose confidence. They usually blame their primary aggregator. The primary aggregator—completely blind to what its downstream suppliers are doing—takes the fall, loses the contract, and suffers catastrophic brand damage.
3. The Operator Side: Bypassed Gateways
“Mobile Network Operators need to protect their infrastructure investments. But steep, rapid increases in official termination tariffs can unintentionally distort market dynamics. When pricing rises beyond a sustainable range for global enterprises, it creates pressure in the ecosystem. This accelerates the search for alternative delivery channels to meet real market demand.
Consequently, these economic pressures unintentionally incentivise downstream reliance on bypass methods, driving traffic away from official network gateways.
Operators set specific commercial tariffs for international Application-to-Person traffic. When downstream aggregators use grey routes like SIM boxes or OTT apps, they bypass the operator’s official A2P termination gateways. This deprives the network of its rightful termination revenue.
Bringing Transparency to the Shadows
The downstream delivery chain doesn’t have to remain a black box. While rogue routing tactics dilute brand trust, bleed corporate budgets, and starve operators of revenue, this structural blindness is now optional…
Protecting the integrity of global A2P messaging requires moving past reliance on delivery receipts that are routinely faked. When honest enterprises, fair aggregators, and mobile operators demand granular, real-world visibility into every hop, the shadows disappear and the balance of power shifts back to those funding the journey.
At GTC, we have the tools, industry insight, and technical expertise to unpack this black box. We expose downstream non‑compliance and help you regain control of your messaging ecosystem.
Initiate an A2P messaging black box discussion with one of our experts here.
