<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview[1]
[{$pagename}] ([SMS]) is a text messaging service component of phone, [Web], or [Mobile Network] communication systems. [{$pagename}] uses standardized [communications|Telecommunications] [protocols] to allow fixed line or [Mobile Devices] to exchange short text [messages]

!! [{$pagename}] [Multi-Factor Authentication]
[{$pagename}] is often used as an [Authentication Factor] in [Multi-Factor Authentication]

! The pros and cons of SMS-based codes
* Pros
** SMS codes are convenient. There’s no fussing with downloading an app and going through set up for each account. It may be the only option if you don’t have a smartphone.
** SMS authentication can be a canary in the coal mine. If someone’s trying to break in to your account, the 2FA messages on your phone are warning that it’s time to investigate (and to change your password).
* Cons
** A crook can [hijack] your SMSes with a [SIM] swap scam. If they can convince a mobile phone shop that they are you, they can get them to issue a replacement [SIM] encoded with your phone number. Your phone will go dead and theirs will start receiving your calls and messages, including [2FA] codes.
** NIST has declared that the age of [SMS]-based [2FA] is [deprecated].!! Architectures [1]
The [Mobile Application Part] ([MAP]) of the [SS7] [protocol] included support for the transport of Short Messages through the Core Network from its inception. MAP Phase 2 expanded support for [SMS] by introducing a separate operation code for Mobile Terminated Short Message transport. Since Phase 2, there have been no changes to the [{$pagename}] operation packages in [MAP], although other operation packages have been enhanced to support CAMEL [SMS] control.

From [3GPP] Releases 99 and 4 onwards, CAMEL Phase 3 introduced the ability for the Intelligent Network (IN) to control aspects of the [Mobile Originated Short Message Service],[21] while CAMEL Phase 4, as part of 3GPP Release 5 and onwards, provides the IN with the ability to control the [Mobile Terminated service].[22] CAMEL allows the gsmSCP to block the submission (MO) or delivery (MT) of Short Messages, route messages to destinations other than that specified by the user, and perform real-time billing for the use of the service. Prior to standardized CAMEL control of the [{$pagename}], IN control relied on switch vendor specific extensions to the Intelligent Network Application Part (INAP) of [SS7].

!! [Vulnerability] 
[SIM Swap] Scam ([SS7 hack]) is a type of [fraud] that involves a criminal registering an existing number of a cellular company’s client on a new [SIM] card, that allows you to make and receive calls, [SMS]es, etc.). They usually do this in order to intercept notifications and [One-Time password], that are sent to the [Mobile Device]

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Short Message Service|Wikipedia:Short_Message_Service|target='_blank'] - based on information obtained 2013-04-10
</pre>