twiliocon 2013 - communications without boundaries

#TWILIOCON

Communications without Boundaries - Preparing your App for Global Use

ANDREW JORDAN, SALES ENGINEER, @ TWILIO

#TWILIOCON

Hi. I’m Andrew Jordan.I’m a Sales Engineer at Twilio.

My Twitter handle is @andrewkirk

#TWILIOCON

Going Global. Avoiding Common Pitfalls.Four common issues my team encounters & how to avoid them.

1. Optimizing Call Latency

2. Delivering Unicode encoded SMS

3. Formatting Phone Numbers

4. Preventing Telecom Fraud

GLOBAL LOW LATENCY

#TWILIOCON

Global Low Latency

Oregon

Virginia

Sao Paulo

Dublin

Tokyo

Singapore

#TWILIOCON

Global Low Latency

Virginia

#TWILIOCON

Global Low Latency

Virginia

#TWILIOCON

Global Low Latency

Dublin

#TWILIOCON

Implementing GLL

PSTN <Dial> PSTN REST

PSTN <Record> <Client>

<Conference>

2012 2013

CHARACTER ENCODING

#TWILIOCON

Character Encoding: GSM

GSM is the standard encoding for SMS. Using GSM,

you can send up to 160 characters per message.

Basic Character Set.

(7 Bits, 128 Characters)

#TWILIOCON

Character Encoding: UCS-2

Much larger than GSM. Covers 110,000 characters

(each character is 16-bit). Maximum SMS sizes

drops to 70 characters.

#TWILIOCON

Unicode + Twilio.We’ve got your back.

out how to encode your message for delivery.

All our client libraries do this by default.

Send us a UTF-8 encoded request and we’ll !gure

#TWILIOCON

Character Encoding: Common Pitfalls

MAXIMUM

CHARACTERS

If all your characters are GSM, you’ll have 160 maximum

characters per message - otherwise you only get 70.

DATABASE

STORAGE

Make sure your database connections speak UTF-8. If

you’re using MySQL, make sure your columns are stored

in utf8mb4 if you want emoji or other 4 byte characters.

HTTP

PARAMETERS

Make sure your language / framework interprets percent

escaped HTTP parameters as UTF-8, not Latin-1.

NUMBER FORMATTING

#TWILIOCON

Number Formatting: E.164

The E.164 speci!cation is awesome for machines, but

not people. We don’t really use it in our day-to-day lives,

so it’s dif!cult for us to understand.

Ex. 0844 809 0200 vs. +44 844 809 0200

#TWILIOCON

Design your interfaces to help your users

#TWILIOCON

#TWILIOCON

#TWILIOCON

#TWILIOCON

Libphonenumber

#TWILIOCON

• It’s great for number formatting but also will do the following:

•Parse phone numbers

•Tell you if they’re valid or even possible

•Geocode numbers and tell you their locale in various languages

•Bindings for Java, JS, C#, Obj-C, Python, Ruby, and PHP

Libphonenumber

#TWILIOCON

Oppa Demo Time.

FRAUD

#TWILIOCON

Telecom Fraud: Traffic Pumping.

1. BUY NUMBERS Attackers buy telephone numbers (or blocks of them).

Typically these have a high per-minute charge.

2. DRIVE TRAFFIC Attackers then drive as much traf!c as possible to the

numbers.

3. PROFIT Carriers that receive calls are paid by the carrier where

the call terminates. Typically, attackers are associated

with (or are) carriers.

#TWILIOCON

Telecom Fraud: Protecting Yourself

You have to be proactive to protect yourself from Telecom

Fraud. Make sure you setup sanity checks & limits.

Don’t allow unauthenticated users to make an unlimited

number of phone calls, and charge users in real time, not

after the fact.

#TWILIOCON

Telecom Fraud: Twilio’s Anti-Fraud Measures

Twilio works hard to prevent fraud before it happens. We

use algorithms to detect suspicious behavior and maintain

internal blacklists of known bad or risky routes.

You can also setup International Permissions let

you whitelist places where you do business.

Usage triggers allow you to setup alerts.

#TWILIOCON

Conclusion. Try these at home!

• Use GLL resources to reduce call latency.

• Encode your requests in UTF-8. We’ll pick the right the encoding.

• Encourage correct Phone Number input & validate with libphonenumber.

• Be aware of Telecom Fraud & protect yourself with Twilio’s tools.

QUESTIONS?