Security

We ensure that your data is safe and always protected.

Redundancy, Availability, and Uptime

We strive to maintain a highly available platform with minimal outages. Using a content delivery network and redundancy within our data centres, we ensure failovers exist at multiple levels to maximise uptime.

The status of our systems can be found on our Status Page outlining system availability and any outages that may occur.\


Security Testing

We aim to provide the best possible service and this requires ongoing audits of our application security. We implement periodic testing across all of our systems to continuously strengthen our services.\


Physical Security

The SMSPortal servers are now hosted at the Teraco data centres in South Africa, with infrastructure deployed across two locations: CT1 and CT2. By partnering with Teraco, we ensure that your data remains secure, protected, and locally hosted. Teraco data centres are Tier III+ facilities and hold certifications for ISO 27001 (Information Security Management), ISO 9001 (Quality Management), and SOC 2 Type II. They are also PCI-DSS compliant. These certifications reflect Teraco’s adherence to globally recognised standards for security, quality, and operational excellence. More information on the Teraco data centres can be found here.\


System Security

We use firewalls and logical access control to protect our servers from unauthorised system access, allowing only trusted operations personnel to manage our systems. We also make sure to use strong configuration standards to harden our servers, and we keep them up-to-date with the latest security patches.\


Application Security

We support strong cryptography for communication over public networks, ensuring that your password, your API secret, and the contents of your communications are always protected, as seen in the table below.

TYPE OF COMMUNICATION

SECURE PROTOCOLS USED

OTHER PROTOCOLS USED

Between customers and SMSPortal APIs

HTTPS, SFTP

HTTP, FTP, SMTP, SMPP

SMSPortal Control Panel

HTTPS


Between SMSPortal and carriers

HTTPS, SMPP-over-SSL, SMPP-over-IPsec

HTTP, SMPP, SIGTRAN

Supported Cipher Suites

TLS_AES_256_GCM_SHA384
TLS_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_NULL_SHA256 TLS_RSA_WITH_NULL_SHA TLS_PSK_WITH_AES_256_GCM_SHA384 TLS_PSK_WITH_AES_128_GCM_SHA256 TLS_PSK_WITH_AES_256_CBC_SHA384 TLS_PSK_WITH_AES_128_CBC_SHA256 TLS_PSK_WITH_NULL_SHA384 TLS_PSK_WITH_NULL_SHA256