网关中的短信源识别(SMS source identification in gateway)
I have built an application which deals with SMS from specific sender's, the SMS is received through SMS gateway into my Machine but i wonder how can i verify that the SMS received is really from trusted network source cos i seen some applications online which send SMS with alphanumeric sender this can confuse the system if care hasn't been taken.
What approaches can be deployed to stay in a safer side so that all the targeted SMS should be verified to be from trusted source.
trusted source: a trusted source should be the phone numbers holder's network or anything relevant
短信系统使用GSM网络，这是你无法控制的。 我有多年使用SMS的经验，并且还编写了一个旧的SMS平台。 据我所知，短信发送者ID可能很容易伪造，事实上，如果您有权访问低级GSM网络，您可以发送任何您想要的发件人ID（数字，字母等）
如果你想确保一个真实的电话号码发送短信，我认为唯一的和100％安全的方式是重新发送一个确认短信到这个发件人号码，并等待确认码。 这是粗鲁的，但值得信赖。 这并不意味着发件人是一个真正的电话，它可能是一个虚拟号码，但你无法做任何事情来解决这个问题。
the SMS system uses GSM network and this is out of your control. I have years of experience working with SMS and also programmed an old SMS platform. As I know the SMS sender ID could be fake easily, in fact if you have access to low-level GSM network you can send whatever sender id you want (numbers, alphanumieric, etc...)
If you want to make sure a SMS was sent by a real phone number I think the only and 100% secure way is to resend a confirmation SMS to this sender number and wait for the confirmation code. It's rude but is trustable. That does not mean the sender is a real phone, it could be a virtual number but you cannot do anything to solve that.
As I remember every specific network and provider have special services. For example in Spain I remember we consumed a service which inform us about any phone number, it was throuwing us the company (provider) and the time of the last connection of this number, but it was a paid service (very expensive, more or less 0,10€ for each check).
Anyway, any information depends on the implementation and interface of your API provider.
Here you have GSM 3.4 specification for more information.