USSD can be used for WAP browsing, prepaid callback service, mobile money services, location-based content services, menu-based information services, or even as part of configuring the phone on the network. From the diagram above, a request is sent from a mobile phone to a telecom network such Vodafone. The Ussd Gateway telecom then sends the request to your ussd application i. Your ussd application then responds to the request, and Ussd gateway goes ahead and displays your content to the user. As you have seen in the previous section your ussd application is responsible for the content displayed. The problem is once you start having many ussd screens and multiple ussd application and many requirements of changing ussd screen, the task that was peanuts becomes overwhelming and would probably start thinking of a way the Product owners would change the ussd content without you being involved and thats where ussd aiflow comes in, providing an interface for users to change ussd workflows without code change.
|Published (Last):||19 February 2006|
|PDF File Size:||3.55 Mb|
|ePub File Size:||10.37 Mb|
|Price:||Free* [*Free Regsitration Required]|
It presents information and guidance but does not support a specific plan of action, which would require additional information and insights into each situation. The vulnerabilities, analyses, and risks shown and analyzed in this tutorial are intended to be indicative of the risks an application vendor, third-party host, or network operator might face. The analysis given should not to be considered an exhaustive or fully objective list.
It is important that risks be assessed and validated based on the situation, the intended functionality to be offered, and the process controls that will be required or are already in place. Additional guidance should be sought wherever necessary before taking any action.
With growing competition in the telecom industry, operators must be diligent in how they price both new and existing services. They are therefore looking for faster and more economical technologies.
USSD technology is the key solution in all cases. It is a messaging service that is almost seven times faster than SMS and is highly cost effective. The operations involved in using USSD are simple and handset independent, which means the service can be accessed from almost any mobile device from old cell phones to the latest smartphones. From the core network to the internet, the reach of modern USSD services is rapidly transforming the telecom cloud into a services cloud.
USSD is fast emerging as the communication protocol, which can ouster the dependency on SMS for quick messaging services. However, it does not cover:. USSD is a communication protocol used to send text messages between a mobile phone and applications running on the network. Because of its real-time and instant messaging service capability, USSD service is up to seven times faster and much cheaper than SMS for two-way transactions.
As GSM networks have evolved over the years, several supplementary services have been introduced at various stages. But some of these newly introduced services are not recognized by older Mobile Stations MSs.
There was no session held between the handset and the application; it was just like SMS service. Phase 1. In the core network, the message was delivered over MAP. As GSM networks evolved, packet-oriented data transmission was introduced.
As compared to a once-off transaction allowed in Phase 1. This means the handset and the USSD application can now have the technical equivalent of a dialogue. USSD Phase 2. USSD has several advantages as a bearer technology, such as:. USSD is increasingly being adopted to develop interactive applications like mobile chatting, roaming with prepaid service, callback service, simultaneous software up-gradation of huge customer base, prepaid recharge, mobile banking, etc.
Competitive pressure to deploy innovative services is driving the demand for USSD. USSD is proving to be the ideal medium for quickly deploying a variety of new services and applications. USSD codes, also known as short codes, are simple to use. Users can directly enter the USSD string and press the call key to send a message. The asterisk and hash codes are much like simple programming codes in that they signify the beginning and end of the request.
Asterisks can also be used to separate the codes into multiple requests to access the different tiers of information. The intermediate set of digits, called the parameter, has variable lengths and is separated by the asterisk. Short codes are standard messages pre-defined in the USSD platform. There are some generalized rules based on which USSD codes are derived.
Listing those rules and their derivations would be out of scope of this tutorial. A real-time session is initiated between the mobile user and the USSD application platform when the service is invoked, allowing data to be sent back and forth. The session remains open over a radio connection until the USSD service is completed, the user terminates the application, an incorrect option is entered from the menu, or a time-out happens.
Network operators often use USSD to query users about the network to receive a fast response. In practice, only USSD-specific modifications are needed for external applications. USSD transactions can be initiated by either the network or the subscriber.
Figure 1 shows the USSD network architecture. These features allow rapid deployment of new services and encourage existing messaging applications to leverage the USSD technology.
The mobile network comprises components that carry data messages between the handset and the corresponding USSD application. Figure 2 explains the elements of the mobile network and the communication protocols they use. USSD services reside as applications in the mobile network. The gateway interprets the code and routes it to the specific USSD application server to fetch the necessary information requested by the user.
In response, the application sends the relevant information to the USSD Gateway, which in turn converts the message to MAP format, and then sends to the mobile terminal. The application can also be a hyperlink to an internet site or information stored locally in the Service Application System. In a mobile-initiated service request, a session is created between the network and the mobile terminal.
This session is used for all information transfers and must be released before another session can be started. This can be a request for information or a notification. Again, the session must be released upon completion. A billing mechanism for USSD services is not implemented in most cases. However, there are some rare cases where network operators implement a billing system.
Depending on the sophistication of the rating platform, the subscriber will be billed according to one of the following criteria:. Generally, billing is based on the duration of the session. Duration-based charging permits users to search for information within a session-based service.
It is charged on a per minute basis and is more economical than SMS. USSD is device independent and does not require specific activation. This string contains operator-determined information that is relevant to the user. If the information is unable to reach the MS, an error is returned to the network node that originated the operation. Because the MSC initiated the transaction, it is also responsible for controlling the transaction.
The MSC normally releases the transaction after receiving a response from the MS, but in some cases may release the transaction before receiving a response e. If the application in the MSC needs to send further operations to the same MS, it will continue to use the same transaction until all operations are completed. If a different transaction is used for a subsequent operation, the MSC releases the first transaction before starting the next.
If the MS releases the transaction at any time e. Because the VLR initiated the transaction, it is also responsible for controlling the transaction. Because the HLR initiated the transaction, it is also responsible for controlling the transaction. The MS processes the operation if it is in a state in which it can handle the operation. If even HLR is unable to decode it, an error message gets passed downward and the session is terminated. If the mobile-initiated USSD transaction is found to be incompatible, the operation is rejected by a non-supporting network and the attempt fails.
Figure 5 shows the flow diagram for a mobile-initiated USSD request. That scenario is not shown here. It also depicts a case where an MS clears the transaction before it receives a response to the initiated USSD request.
USSD is an excellent choice for roaming with mobile prepaid service, which utilizes the USSD connection to originate a call while roaming. USSD messages from handsets always route to the home network. Thus, when roaming in another network, dialing a USSD string will always route the application on the home network.
This feature allows for the virtual home environment concept. Also, users accustomed to accessing a particular service in their home network are able to access that network from another country. The processing happens in the same way as explained above, but the supporting USSD application server may be different.
Conversely, roaming subscribers from other networks cannot access USSD services on a host network. Some applications that are still in their naive stages of development, or that have yet to be developed, are discussed in detail below. No other channels have the ability to reach the consumer as thoroughly as mobile phone. The coverage of cell phone networks in relation to fixed ATMs and branches helps reach more customers. It is necessary for translating banking instructions received from consumers through bank channels such as ATMs, the internet, and mobile devices into a format it can process.
This translation is normally performed by an Exchange Traded Funds EFT channel switch that switches transactions from the channel to the appropriate area within the core banking system. Client-side technologies include J2ME. Mobile banking brings new opportunities and new horizons, but also comes with implicit risks to financial providers, carriers, and the financial system.
On the one hand, it holds out the prospect of adding convenience for accessing banking and payment services to customers. But the addition of a new channel also brings new operational risks to providers, just as the introduction of internet banking posed the risks a decade ago. For this reason, mobile Financial Service Providers mFSP seeking to enter the market have to assess their risks and develop strategies to mitigate those risks on an ongoing basis.
Data carried across the mobile network is protected by the standard GSM security protocols at the communication layer. The subscriber identity is also protected across this chain. The risk in transporting data across the GSM channel is directly dependent on the number of stoppages the data must make before reaching the bank. SMS service is deemed to be the least secured of the technologies suggested for mobile banking because of the number of points where the SMS data is available to others in a clear or unencrypted format.
There, it is typically stored in an unencrypted form, making it unsecure at also the second step. The third party then passes the message to the bank across an encrypted fixed line to the bank, where it is typically stored in a secured environment.
In all, there are three highly susceptive points of exposure during the transaction where the data is stored, making the SMS service far less secure.
Ussd Call Flow
It presents information and guidance but does not support a specific plan of action, which would require additional information and insights into each situation. The vulnerabilities, analyses, and risks shown and analyzed in this tutorial are intended to be indicative of the risks an application vendor, third-party host, or network operator might face. The analysis given should not to be considered an exhaustive or fully objective list. It is important that risks be assessed and validated based on the situation, the intended functionality to be offered, and the process controls that will be required or are already in place.
Unstructured Supplementary Service Data
A mobile operator offers an essential service, along with voice and SMS. It does not require the internet connection from the device. Enables USSD to run on elementary phones. V ery useful to reach people living in rural areas and can not afford smartphones.