TwilioCon 2013 - Communications Without Boundaries
Communicationswithout Boundaries -
PreparingyourApp forGlobal Use
ANDREW JORDAN, SALES ENGINEER, @ TWILIO
Hi. I’m Andrew Jordan.
I’m a Sales Engineer at Twilio.
My Twitter handle is @andrewkirk
Going Global. Avoiding Common Pitfalls.
Four common issues my team encounters & how to avoid them.
1. Optimizing Call Latency
2. Delivering Unicode encoded SMS
3. Formatting Phone Numbers
4. Preventing Telecom Fraud
Character Encoding: GSM
GSM is the standard encoding for SMS. Using GSM,
you can send up to 160 characters per message.
Basic Character Set.
(7 Bits, 128 Characters)
Character Encoding: UCS-2
Much larger than GSM. Covers 110,000 characters
(each character is 16-bit). Maximum SMS sizes
drops to 70 characters.
Unicode + Twilio.We’ve got your back.
out how to encode your message for delivery.
All our client libraries do this by default.
Send us a UTF-8 encoded request and we’ll figure
Character Encoding: Common Pitfalls
If all your characters are GSM, you’ll have 160 maximum
characters per message - otherwise you only get 70.
Make sure your database connections speak UTF-8. If
you’re using MySQL, make sure your columns are stored
in utf8mb4 if you want emoji or other 4 byte characters.
Make sure your language / framework interprets percent
escaped HTTP parameters as UTF-8, not Latin-1.
Number Formatting: E.164
The E.164 specification is awesome for machines, but
not people. We don’t really use it in our day-to-day lives,
so it’s difficult for us to understand.
Ex. 0844 809 0200 vs. +44 844 809 0200
Design your interfaces to help your users
•It’s great for number formatting but also will do the following:
•Parse phone numbers
•Tell you if they’re valid or even possible
•Geocode numbers and tell you their locale in various
•Bindings for Java, JS, C#, Obj-C, Python, Ruby, and PHP
Telecom Fraud: Traffic Pumping.
1. BUY NUMBERS Attackers buy telephone numbers (or blocks of them).
Typically these have a high per-minute charge.
2. DRIVE TRAFFIC Attackers then drive as much traffic as possible to the
3. PROFIT Carriers that receive calls are paid by the carrier where
the call terminates. Typically, attackers are associated
with (or are) carriers.
Telecom Fraud: Protecting Yourself
You have to be proactive to protect yourself from Telecom
Fraud. Make sure you setup sanity checks & limits.
Don’t allow unauthenticated users to make an unlimited
number of phone calls, and charge users in real time, not
after the fact.
Telecom Fraud: Twilio’s Anti-Fraud Measures
Twilio works hard to prevent fraud before it happens. We
use algorithms to detect suspicious behavior and maintain
internal blacklists of known bad or risky routes.
You can also setup International Permissions let
you whitelist places where you do business.
Usage triggers allow you to setup alerts.
Conclusion. Try these at home!
• Use GLL resources to reduce call latency.
• Encode your requests in UTF-8. We’ll pick the right the encoding.
• Encourage correct Phone Number input & validate with libphonenumber.
• Be aware of Telecom Fraud & protect yourself with Twilio’s tools.