PAiCore × OpenTextShield: Real-Time AI SMS Content Classification

Q: What latency does OTS add to the submit_sm path?

On a co-located NVIDIA T4 with FP16 and dynamic batching, OTS adds <50ms p95 to the submit_sm latency. That's well inside the SMPP timeout headroom operators run with, and orders of magnitude faster than any cloud AI API. End-to-end content classification fits comfortably in real-time SMSC processing.

Q: Where can I read the GSMA feature?

The GSMA member resource page is at gsma.com/get-involved/gsma-membership/gsma_resources/paicore-and-telecomsxchange-sms-firewall/. It covers the joint solution, deployment context, and operator-facing benefits.

PAiCore designs and operates carrier-grade SMSC infrastructure for mobile network operators. By 2026, its operator customers were facing the same accelerating problem as every other tier-1 messaging network: SMS spam and phishing campaigns mutating faster than rule engines could keep up, spanning dozens of languages, and rotating templates within hours of being blocked. PAiCore set out to give those operators a content-aware classification layer that fit cleanly inside the SMSC's existing routing and filter pipeline — without shipping subscriber message bodies to a cloud AI endpoint, and without handing policy decisions to a black-box appliance.

"Through the strategic integration of OpenTextShield (OTS) with the PAiCore SMSC, we are officially launching an advanced solution designed to neutralize spam and phishing in real time."
— PAiCore Technology, launch announcement

Challenge

The classical answer to SMS abuse — a regex-based firewall with hand-curated keyword and URL blocklists — was failing PAiCore's operator customers on three fronts.

Rules went stale within days. Spammers rotated templates, swapped URL shorteners, used Unicode lookalikes, and switched locales faster than the team writing rules could ship updates. Detection accuracy started at 85–92% on day one and decayed from there.

Multilingual traffic broke single-language patterns. Operators in PAiCore's customer base served dozens of languages across their footprint. A rule engine tuned for English-language phishing missed Arabic, Portuguese, Mandarin, and Russian variants of the same campaigns. Hiring per-language rule authors was neither scalable nor sustainable.

Cloud AI APIs weren't compatible with the operator latency budget — or the regulatory environment. Inline SMS classification needs to add tens of milliseconds, not tens of seconds. And shipping subscriber message content to a third-party cloud creates a compliance conversation no operator's legal team wants to have.

What PAiCore needed was a content classification signal that held up across languages, generalized to new templates without rule rewrites, ran on-premise at SMSC latency, and arrived as a clean signal — not a black-box decision the SMSC had to defer to.

Solution

PAiCore evaluated commercial AI APIs and several rule-based vendors before selecting OpenTextShield (OTS) together with TelecomsXChange. OTS is an open-source, multilingual BERT-based content classifier: given the body of an SMS, it returns a label (ham, spam, or phishing) and a probability. It does one thing — classify content — and does it well across 50+ languages, with 99.7% accuracy on blended production test sets.

OTS does not attempt to identify A2P bypass traffic, score sender ID reputation, decide a route, or flag grey-route interconnects. Those are decisions about traffic metadata and patterns, not message content — and they belong in the SMSC's rule engine, not in the classifier.

How the integration works

PAiCore built a new component for the integration — the OTS bridge — designed from the ground up to run at carrier scale. The bridge sits between the SMSC and OpenTextShield: it takes the message body off each submit_sm, calls OTS's prediction endpoint, and hands the classification result back to the SMSC's rule engine. Building the bridge as a dedicated component — rather than wiring the SMSC directly to the model — lets PAiCore handle batching, connection pooling, retry and timeout policy, and back-pressure on its own terms. The rule engine and the inference layer stay decoupled, and the integration sustains SMSC-grade throughput without one side dragging the other down.

OpenTextShield itself ships as a multi-arch Docker image (linux/amd64 + linux/arm64), which lets PAiCore deploy it the same way it deploys every other piece of its stack: pull the pinned image, run it with --gpus all, and the inference service is up. Containerizing the model keeps its lifecycle — version pinning, rolling upgrades, retraining drops — independent of both the bridge and the SMSC, so each layer can move at its own cadence.

For every submit_sm the SMSC processes:

The SMSC hands the message body to the OTS bridge.
The bridge calls the local OpenTextShield /predict/ endpoint, which runs the message through the mBERT classifier on GPU and returns a label (ham / spam / phishing) plus a probability.
The bridge returns the result to PAiCore's programmable rule engine, which consumes it alongside its existing signals — sender ID, originating route, message rate, destination MCC/MNC, customer tier, time-of-day, prior-incident flags — and applies the operator's policy: forward, drop, quarantine, throttle, route to manual review, or send to a different downstream.
The classification event is logged for audit and analytics; aggregate counts are scraped from /metrics by the operator's existing Prometheus stack.

Why the division of labor matters

A single-vector firewall — "the AI says spam, drop it" — is brittle. False positives on legitimate enterprise traffic are expensive; false negatives on novel phishing templates are damaging. Operators need to combine signals.

PAiCore's SMSC is flexible enough to layer the OTS content signal alongside everything else the operator already knows about a message. An OTS phishing label on a message from a verified bank sender ID is treated very differently from the same label on an unknown shortcode arriving over a brand-new interconnect. Aggregate behavior over time — bursts, fan-out, repetition — is detected by SMSC-side counters, not by OTS. Combining content labels with rate signals is what catches campaign-style abuse. Customer tier, regulatory carve-outs, and language-specific exceptions are all expressible as programmable rules consuming the OTS signal as one input among many.

Content classification by a specialized model, policy enforcement by a programmable SMSC. Together they cover ground neither could on its own — and the operator owns every line of policy that ties them together.

Results

The joint solution is now in production at PAiCore's operator customers and has been published in the GSMA's member resources as a working reference architecture for AI-driven SMS content classification at the SMSC layer.

99.7% classification accuracy across blended ham/spam/phishing test sets, holding steady across 50+ languages.
Sub-50ms p95 classifier overhead on a co-located NVIDIA T4 with FP16 and dynamic batching — orders of magnitude faster than any cloud AI API and well inside the SMPP timeout headroom operators run with.
100% on-premise inference. Subscriber message bodies never cross an external boundary. Only labels, probabilities, and aggregate metrics are exposed.
Operator-owned policy. PAiCore's programmable rule engine composes OTS content labels with sender ID, route, rate, and customer signals — the operator decides what each combination means.
Continuous model updates shipped through the OTS Professional release cadence; new spam and phishing template detection lands without retraining work on PAiCore's side.
Published in the GSMA member resources. The integration now stands as a reference architecture other operators and SMSC vendors can replicate.

"This is an A.I. use we can proudly get behind — flexible SMSC routing and filter rules + a dynamic open source A.I.-powered SMS firewall."
— Celeo Arias, Open Source Telecom Solutions

About PAiCore

PAiCore designs and operates carrier-grade SMSC infrastructure for mobile network operators. The full GSMA writeup of the joint solution is available on the GSMA member resources page. Operators evaluating a similar deployment can contact the TelecomsXChange team to discuss the OpenTextShield Community and Professional editions.

Frequently Asked Questions

What is the PAiCore + OpenTextShield SMS firewall?

It's a joint solution where PAiCore's SMSC integrates OpenTextShield (OTS) — TelecomsXChange's open-source AI SMS content classifier — directly into its submit_sm path. OTS classifies every message in real time as ham, spam, or phishing using a multilingual BERT model running on-premise. PAiCore's programmable SMSC consumes those labels alongside other signals it already has (sender ID, route, rate, customer tier) and applies the operator's filter and routing policy. The integration is featured by GSMA as a member resource.

What does OpenTextShield classify, and what does it not classify?

OpenTextShield classifies the content of an SMS body — ham, spam, or phishing — using a multilingual BERT model. It does not analyse sender ID reputation, traffic rates, route quality, or interconnect-level signals. Those are SMSC-side concerns. OTS gives the SMSC a strong, multilingual content signal; the SMSC composes that signal with everything else it knows about a message to make policy decisions. This separation is intentional — content classification and traffic policy are different problems and should live in different layers.

How does PAiCore's programmable SMSC use the OTS labels?

PAiCore's rule engine consumes the OTS label and probability as one input alongside others — sender ID, originating route, message rate, destination MCC/MNC, customer tier, time-of-day, prior-incident flags. The operator writes rules that combine those signals: "phishing label + unknown sender + new route = drop," "phishing label + verified enterprise sender = quarantine and alert," "spam label + low-tier customer = throttle." The flexibility is the point — content classification is one signal, not the whole policy.

Does OpenTextShield detect A2P bypass or grey-route abuse on its own?

No, and it shouldn't. A2P bypass and grey-route detection are about traffic metadata — sender IDs, routes, interconnect agreements, rate patterns — not message content. OTS classifies content. The PAiCore + OTS integration addresses these problems indirectly: when illegitimate A2P or grey-route traffic carries spam or phishing content (which it usually does), OTS labels it, and PAiCore's rule engine can act on the combination of content label + suspicious metadata. The detection logic for the metadata side lives in PAiCore's SMSC, not in OTS.

Does subscriber message content leave the operator's network?

No. OpenTextShield runs entirely on-premise, co-located with PAiCore's SMSC. Message bodies are classified by the local model and never sent to an external cloud or third-party API. Only labels, probabilities, and aggregate metrics are exposed — message content stays inside the operator's perimeter, which keeps the deployment compatible with GDPR, operator licence conditions, and enterprise A2P contracts.

How does this differ from a regex-based SMS firewall?

A rule-based firewall pattern-matches on keywords, URLs, and sender IDs. It works for about a week after deployment, then degrades as spammers rotate templates, swap URL shorteners, use Unicode lookalikes, and switch languages. The OTS mBERT classifier labels on the semantic intent of the message — it generalises to new templates and new locales without a human rewriting rules. Production accuracy is 99.7% across 50+ languages versus the 85–92% range typical of well-tuned rule engines. Note that OTS is a classifier, not a full firewall — pair it with PAiCore's SMSC (or another programmable rule engine) to turn labels into enforcement.

What latency does OTS add to the submit_sm path?

Can other SMSC vendors integrate OpenTextShield the same way PAiCore did?

Yes. The integration pattern is generic: any SMSC with an inline filter hook on submit_sm can call the local OTS /predict/ endpoint and act on the returned label. The benefit of the PAiCore reference is the programmability of its rule engine — operators get to compose the OTS content signal with their own metadata signals. Other SMSC vendors with similarly flexible rule engines can follow the same pattern. The Community Edition (MIT-licensed, on GitHub) is suitable for in-house integration; the Professional Edition adds a pre-integrated SMPP stack and a 24/7 SLA.

Where can I read the GSMA feature?

#opentextshield #ots #paicore #gsma #sms-firewall #sms-content-classification #smishing #smsc #case-study #partnership #mbert #ai-sms-classification #on-premise-ai #programmable-smsc

Back to all posts