Hacker News new | ask | show | jobs
by jeffiel 1049 days ago
This article is a little dated, since then we’ve released Fraud Guard. Our model can detect and block 98% of pumping traffic with only .1% false positive. It’s working really well to deter these fraudsters. If you’re interested, you can learn more here [1].

Were also rolling out a version for all Programmable SMS customers with a higher false positive rate due to the wider variety of use cases supported.

[1] https://www.twilio.com/docs/verify/preventing-toll-fraud/sms...
5 comments
rsync 1049 days ago
Jeff - I use twilio as my personal telco to send and receive sms to friends and family.

What kind of business entity should I incorporate to continue texting my friends?

How would you define my current “campaigns” and what kind of opt-out language should I give to my children who receive my texts?

Can you show me example unsubscribe language that I can give to my wife ?

link
lxgr 1049 days ago
Taking a wild guess – but is there a chance that people using Twilio as their personal phone provider are not their target customer group?

Sounds a bit like opening a merchant account and using credit card payments as a way to split bills and rent with friends, and then being annoyed about being treated like a business (i.e. getting tax forms, having to declare a business model etc.)

Don't get me wrong, I also use a Twilio account for my home automation setup, but I can kind of see how that's pushing the boundaries of the product a bit.

link
rsync 1049 days ago
"Taking a wild guess – but is there a chance that people using Twilio as their personal phone provider are not their target customer group?"

I attended Signal 2018 and was told that (Twilio) "couldn't wait to see" what I built. I was handed IoT SIM cards and carrier SIM development kits and attended workshops and seminars exploring exactly these sort of use-cases.

I was also told by many highly placed individuals in product development that the CEO was personally enthusiastic about exactly these sort of use-cases.

So yes, I did some homework and made an attempt to align my incentives (I pay actual money for every SMS I send) with those of the company.

Now all of that has changed - in large part due to their own (bad) behavior.

"... I can kind of see how that's pushing the boundaries of the product a bit."

Agreed - that is my point and the source of my frustration.

Server alerts and (literal) fire alarms should not be a "campaign". If they are, I'm using the wrong tool.

If I need to define an opt-out message to SMS my kids, I'm using the wrong tool.

Twilio is explicitly telling us - loudly and emphatically - that they are the wrong tool.

I wanted telco infra. I got toys for children.

link
mh0pe 1048 days ago
It looks like you still have this kind of capability. You might need to adjust settings and supply KYC info as requirements change. From the Fraud Guard docs, "You can mark known phone numbers using the Safe List feature so they are never blocked."
link
braunshedd 1049 days ago
I'm actually in this exact same boat (I ported my US number to twilio when I had a long travel stint abroad to retain access, have since built a forwarding system to keep using it).

I registered with the IRS to get an EIN for my "sole proprietorship" (i.e. me), and that seemed to satisfy twilio for the brand registration requirements. Still waiting on a final A2P review for my use case (sending messages to family and friends) so not out of the woods yet, but hopefully that's the last step.

link
braunshedd 1043 days ago
Update: they approved my A2P use case! There is hope yet for using twilio for personal purposes :-)
link
pjc50 1049 days ago
Are you actually experiencing these problems or is this a hypothetical?
link
rsync 1049 days ago
First, a utility number that I send myself programmatic alerts[1] and do general messaging management with has broken entirely and it is certainly the result of A2P 10DLC and my "failure" to create a business entity for sending reminders to myself.

Second, the messaging - both email alerts and direct from customer support - has been crystal clear:

ALL SMS is a campaign. It is all spam. You need to register and qualify and opt-out your spam or you can't send your spam.

So yes, actual problems.

[1] Again, Jeff, what kind of (required) opt-out message should I craft for myself ? What if the third party ad-industry working group doesn't approve of my unsubscribe methods that I give to myself ?

link
Our_Benefactors 1049 days ago
Presumably their model would handle this based on your usage patterns, without needing to craft a specific “opt out” message.
link
rabidonrails 1049 days ago
Seems like sarcasm ;)
link
inetknght 1049 days ago
> Our model can detect and block 98% of pumping traffic with only .1% false positive.

Instead of "just" blocking it... have you considered referring the origination for prosecution?

I'd that would work better to deter fraud.

link
ljlolel 1049 days ago
the telcos are in places where that doesn't help or is too slow (palestine, philippines, etc)
link
hirsin 1049 days ago
This is only for customers who have outsourced their SMS OTP systems to you, though, isn't it?
link
ljlolel 1049 days ago
There is no date on this article, it would be good to have a date on this article.
link
rabidonrails 1049 days ago
Hey Jeff! Nice to see you're still engaged on HN!
link