General

At Plivo, protecting your account and ensuring the smooth delivery of your messages is a top priority. Over the past few years, our system for detecting unusual traffic and sending alerts has continuously evolved, helping us catch potential issues early and keep you informed.

Why Do Unusual Traffic Alerts Happen?

Unusual traffic alerts can be triggered by a variety of reasons, and understanding these can help you take the right steps if you receive one:

• Account Takeover: Sometimes, unauthorized users gain access to your account credentials and start sending messages on your behalf. To help prevent this, Plivo offers an option to whitelist incoming requests from specific IP addresses. This adds an extra layer of security by limiting access only to trusted sources. Reach out to our support team to configure this for your account.
• SMS Pumping: This occurs when someone exploits your account or messaging platform to send large volumes of messages illegitimately. To learn more about SMS pumping and how to protect your account, read more here.
• Application Logic Issues: Sometimes, bugs or unintended loops in your own applications can cause your system to send far more messages than intended, resulting in a traffic surge.

In all these cases, a sharp increase in message volume can impact your costs and the overall performance of your messaging.

How Does Plivo’s Alert System Help?

To keep you informed without overwhelming you, Plivo uses a smart alert system designed with carefully chosen thresholds. This means we aim to strike the perfect balance between:

• Sending timely alerts about suspicious spikes in your messaging volume, and
• Ensuring these alerts are meaningful and actionable, so you can focus on what truly matters.

By doing so, we help you respond quickly to potential security incidents or technical issues — minimizing disruption and keeping your communication flowing smoothly.

How These Alerts Work

Plivo monitors your messaging volume over different time periods and compares the recent activity to your historical patterns. This way, we can spot unusual spikes that might indicate problems. Here’s a simplified overview of how the system works:

1. Short-Term Spike Check (Last 7 Hours):
   Every hour, we review your message volume for the most recent 7-hour window and compare it against the same 7-hour windows across the past 2 months. This alert is triggered only if:
   
   • The total message spend in the last 7 hours exceeds $500, and
   • There is a sharp increase compared to your historical average for that period.
2. Weekly Trend Check:
   We compare your message spend over the last 7 days to the previous 7 days. This alert triggers only if:
   
   • Your spend in the last 7 days exceeds $1,000, and
   • Your spend is at least 30% more than the previous 7-day period.
3. Monthly Trend Check:
   Every day, we check your messaging spend over the last month. If your spend is more than $2,000 and there is more than a 50% increase compared to the previous month’s spend for the same period, this alert is triggered.

To avoid alert fatigue, if an alert was recently sent for the same type of spike, we suppress duplicate notifications unless the volume increases substantially again.

Newer accounts (created within the last 2 weeks or 2 months, depending on the check) may not be subject to some of these checks to avoid false positives.

Please note: 

We designed these thresholds considering that many accounts have sporadic or seasonal traffic patterns, such as marketing campaigns, that cause natural volume fluctuations. To avoid unnecessary alerts on normal variations, a minimum dollar spend threshold is included alongside percentage increases. This helps ensure alerts focus on truly unusual or actionable spikes.

These thresholds and alert check frequencies are fixed and not configurable at the moment. If you would like a custom alert setup tailored to your needs, please reach out to our support team.

Managing Your Alerts

• These unusual traffic alerts are enabled by default for all new accounts to help you stay protected right from the start.
• If you want to enable or disable these alerts at any time, simply log in to your Plivo Console and navigate to Messaging > Settings > Alerts.
• For these alerts to work effectively, you need to add one or more email addresses in the alert settings. This ensures the notifications are sent to the right people or groups responsible for monitoring your account activity. You can add individual email addresses or group mailing lists as needed.

Example Scenarios

Scenario 1: Sudden Spike Due to Account Takeover
Your account is normally sending about 1,000 messages every 7 hours. Suddenly, an unauthorized user logs in and sends 3,000 messages in one 7-hour period. Plivo detects this spike against your historical patterns and sends an unusual traffic alert.

Scenario 2: Legitimate Increase Without Alert
You run a marketing campaign every month-end that usually doubles your message volume. Since this increase is expected and consistent month-over-month, Plivo’s system recognizes the pattern and will not raise an alert.

Scenario 3: Application Bug Causing Message Loop
A recent app update unintentionally causes a loop sending 10 times more messages than usual in the past week. The weekly and short-term volume checks both notice this spike and trigger alerts so you can investigate quickly.

Scenario 4: Minor Fluctuation in Volume
Your message volume increases by 15% compared to the previous week, but the total increase is small and below the threshold. Plivo’s system does not trigger an alert to avoid false alarms.

At Plivo, we’re committed to enhancing our detection capabilities and providing you with peace of mind. If you ever receive an unusual traffic alert, know that it’s part of our ongoing effort to protect your account and optimize your messaging experience.

At Plivo, protecting your SMS communications is a top priority. To help shield your applications and business from fraudulent SMS activity, we offer multiple layers of fraud protection designed to reduce risk and keep your costs under control. Here’s an overview of the key features we provide to safeguard you from SMS fraud:

1. Geo Permission Feature

Our Geo Permission feature lets you restrict SMS traffic to specific countries. By setting messaging thresholds, you can limit the number of messages sent to a country and automatically block any excess traffic. This helps prevent fraudulent messaging attempts targeting regions you don’t serve, while also avoiding unexpected charges caused by unauthorized use.

2. Fraud Shield for Verify

Fraud Shield protects your Verify applications from SMS pumping attacks by continuously analyzing both current and historical SMS traffic patterns. It detects anomalies in destination countries, carriers, and number sequences that may indicate artificially inflated or suspicious traffic. By combining these insights with known fraud patterns, Fraud Shield proactively blocks potentially harmful messages before they reach your users—helping you avoid unexpected charges and reduce the risk of abuse.

3. SMS Pumping Protection via SMS API

Our SMS Pumping Protection feature automatically detects and blocks suspicious messages sent through the SMS API. By analyzing both current and historical SMS traffic, the system identifies unusual spikes or known fraudulent behavior. When suspicious activity is detected, messages to associated phone numbers are blocked immediately, preventing fraud before it impacts your service.

While our fraud protection features significantly reduce the risk of SMS pumping and related attacks, no system can guarantee 100% protection. For the strongest defense, we encourage all customers to implement robust security practices within their applications.

Our fraud protection tools are designed to safeguard your business and complement your own security efforts. Please note these measures do not alter your responsibilities under Plivo’s Terms of Service.

If you have any questions about our fraud protection features, contact our support team.

Independent Software Vendors (ISVs) provide A2P messaging and voice services to businesses, helping them with campaign planning, content creation, deployment, monitoring, and analytics. A2P content may include P2P-like messaging, generic marketing, personalized marketing, notifications, OTP authentication, and more.

To maintain a secure and compliant ecosystem, Plivo has established the following guidelines for ISVs.

Messaging & Calling guidelines for onboarding end brands:

1. Direct Brands Only: ISVs should only onboard traffic from direct brands—businesses that engage directly with end subscribers and collect opt-ins. ISVs working with other ISVs need prior approval from Plivo.
2. Segregation of Traffic: ISVs must separate the traffic of each end brand using sub-accounts. Each sub-account should be assigned for all messaging and calling API requests.
3. Geography Access: By default, access to all regions outside the US is disabled at the main account level. ISVs should enable access to relevant geographies after completing KYC for each end brand.
4. Shortcode Access in the US & Canada: Plivo does not offer Shortcodes for A2P messaging in the US or Canada to ISV/Reseller customers, whether for their own use or on behalf of their end customers. Instead, long codes or toll-free numbers may be used to deliver messaging traffic in these regions.  For end-user authentication via OTPs, ISV/Reseller customers and their end users can leverage Plivo Verify for Shortcode-based OTP delivery in the US and Canada at no additional cost.
5. Compliance for Each Brand: All messaging and calling compliance flows must be completed for each end brand separately. For example, if a sender ID is approved for Brand B1, it cannot be used for Brand B2, even for legitimate use cases like two-factor authentication (2FA).
6. Prohibited URL Shorteners: Public URL shorteners (e.g., bit.ly, tinyurl.com) and ISV-owned shorteners are prohibited. Only brand-owned URL shorteners are allowed.
7. Prohibited Content: The following categories are strictly prohibited, and no campaign or toll-free verification will be supported for them:
   
   
   • Mortgage & Loan (including high-interest, student, auto, and personal loans)
   • Stock Alerts/Trading
   • Cryptocurrency
   • Deceptive Work-from-Home Programs
   • High-Risk Investment Opportunities
   • Multi-Level Marketing
   • Credit Repair Programs
   • Real Estate (Sales, Servicing)
   • Job Postings (Direct or Third-Party Listings)
   • Gambling/Sweepstakes
   • Debt Collection/Reduction/Consolidation
   • Lead Generation & Affiliate Marketing
   • Tobacco/Vape
   • Federally Illegal Drugs
   • SHAFT (Sex, Hate, Alcohol, Firearms, and Tobacco)

Best Practices and Prohibited Content

7. Opt-Out Guidelines:
   • If an end subscriber opts out of messages, they should not be contacted again, regardless of the sender ID used.
   • ISVs should monitor incoming messages and remove customers who have opted out from contact lists.
   • Subscribers on national do-not-call lists must be excluded from campaigns. ISVs should subscribe to available DNC lists.
8. Keyword Monitoring: Plivo will block outbound messages containing specific keywords that may violate our AUP. ISVs can request to whitelist specific keywords on a case-by-case basis. The decision is at the discretion of Plivo's compliance team. A heads-up of two weeks will be given before the enforcement of changes.
9. No Redaction Capabilities: ISVs will not be able to redact message content or destination phone numbers. This policy allows Plivo’s compliance team to effectively monitor for non-compliance.
   
   

Enforcement and Penalties:

• Any violation of A2P compliance rules will result in penalties according to Plivo’s guidelines.
• Violations can lead to the suspension of a SID or campaign, and if deemed serious, all SIDs or campaigns linked to a sub-account may be suspended without prior notice.
• Multiple violations may lead to account suspension.
• If an ISV detects a compromise affecting message or call traffic, they must report it immediately via email to security-report@plivo.com with relevant supporting details.
  
  

Plivo's Messaging Platform lets you customize data storage preferences for your SMS, MMS, and WhatsApp messages.

Outbound Messages

The data logging preference for outbound messages is set as a parameter in the Send Message endpoint and is applied at the message level. There are four settings for adjusting your data storage preferences as follows:

Illustration

Here's an example message processed under each storage setting option, using the destination number ‘+12025550123’ and the content: 'Hello, your appointment is confirmed for tomorrow at 3 PM.'

Important Note: Redacting the content of messages prevents Plivo from debugging issues or recovering messages if there are any issues. The default value is to store both Number and Message Content, so outbound messages are not redacted unless the log request parameter is explicitly set to false.

Default Settings for Outbound Messages

Our standard policy ensures access to the content of outbound messages for 7 days, while access to numbers is available for 90 days. Post this stipulated time period, the message content and numbers are redacted and stored in compliance with GDPR.

Inbound Messages

The data logging preference for Inbound messages are set at the application level. 

Setting the application-level flag log_incoming_messages to ‘false’ enables redaction. When message redaction is enabled for an application, incoming messages associated with the application are redacted. Both the message content and from_number fields are redacted, as demonstrated in the example above.

The default value for the flag log_incoming_messages  is set to ‘true’, so inbound message content and from_numbers  are stored by default.  . 

Important Note: If inbound messages are redacted, Plivo cannot debug or recover message content if there are any issues with the callback URL.

Default Settings for Inbound Messages

Our standard policy ensures access to the content of inbound messages for 7 days, while access to numbers is available for 90 days. Post this stipulated time period, the message content and numbers are redacted and stored in compliance with GDPR.

You can read more about data logging preferences in our concepts section here.

Prohibited Content

All messaging programs must follow the laws, regulations, and ethical standards of the regions they operate in. The following types of content are strictly prohibited:

• Unsolicited or spam messages
• Fraudulent, misleading, or deceptive content
• Content promoting or encouraging violence
• Obscene, inappropriate, or offensive material
• Profanity, hate speech, or discriminatory content
• Promotion or endorsement of illegal drugs or substances

Messaging programs must comply with all applicable national and regional laws. Additionally, marketing to children under 13 must meet strict legal and ethical requirements and may require extra carrier review.

Age Gating Requirement

Messages containing age-restricted content must include a proper age verification mechanism. Any content related to Sex, Hate, Alcohol, Firearms, Tobacco (S.H.A.F.T.) or other regulated material must require users to confirm their date of birth before opting in.

Non-Compliance Enforcement and Penalties

Violations of these messaging standards or the Acceptable Usage Policy may result in penalties. If a carrier identifies a violation, fines will be applied based on the following categories, regardless of the country:

• Tier 1: $2,000 USD (or equivalent) for phishing, smishing, and social engineering violations.
• Tier 2: $1,000 USD for illegal content violations.
• Tier 3: $500 USD for other violations, including but not limited to S.H.A.F.T. content.

Plivo reserves the right to assess violations and impose fines at its discretion. If a carrier imposes a fine, the applicable amount will be deducted from the customer's account. Repeated or serious violations may result in further action.

For further guidance, refer to the best practices for messaging. 

Messages per second (MPS) refers to limits on your account for sending messages. By default, we assign an outbound MPS limit of 5 for SMS and 0.25 for MMS at signup time. Plivo offers MMS services in the US and Canada only and the messages are dispatched as per the allocated MPS. You can find your allocated outbound MPS by visiting the SMS Overview page of the Plivo console and looking in the Account section.

Outbound MPS

For outbound messaging, MPS represents a limit on the rate at which messages are initiated for a specific account. If you exceed your allotted outbound MPS, your messages will not be dropped; instead, they will be queued and dispatched once the MPS rate falls below the limit.

You can send as many messages as required, but the rate at which messages are dispatched adheres to the allocation in your account. Here are a couple of examples.

Scenario 1: If a user has an allocated outbound limit of 5 MPS and sends 5 API messages in a second, all 5 messages will be dispatched simultaneously.

Scenario 2: If a user has an allocated outbound limit of 5 MPS and places 10 API messages in a second, the first 5 messages will be dispatched simultaneously, and the remaining 5 messages will be queued and executed during the next available MPS interval.

Can I increase my allocated MPS?

If you have a use case that requires a higher MPS limit, contact the Plivo support team. Please be advised that extra fees will be incurred for additional MPS.

A2P messaging throughput in Canada depends on the type of service (SMS or MMS) and the type of number that you use.

Throughput for long code, toll-free, and short code numbers is set at a per-number level. 

You must verify your toll-free numbers to avoid running into sending limits.

Application-to-peer (A2P) messaging in the US is subject to throughput limits depending on the type of number and the type of service you use. In practice, that means you are only permitted to send a certain number of messages per minute and per day according to carrier regulations. 

This guide breaks down everything Plivo customers need to know about A2P messaging throughput limits in the US. Use this resource to avoid going over your allocated number of messages and risking a disruption in your A2P communication. 

A2P throughput limits by number type

Shortcode, toll-free, and long-code numbers each have different A2P messaging throughput limits. Short code and toll-free number messaging limits are set at a per-number level as outlined in the table below. Verify your toll-free numbers to avoid running into sending limits. 

Messaging limits for long code numbers depend on your 10DLC registration.

These limits are imposed by the carriers. If your use case requires higher throughput for toll-free or short code numbers, contact your customer success manager or our support team.

A2P throughput limits by message type

A2P messaging throughput limits are also impacted by the message type (either SMS or MMS). SMS throughput is defined by the carriers and depends on your vetting score, as shown in the table below. 

The carriers define their throughput limits on a throughput per minute (TPM) metric. Your brand’s TPM is determined by its vetting score. For example, if your brand receives a vetting score of 80, then all campaigns collectively under that brand can send up to 4,500 messages per minute towards AT&T, T-Mobile, and Verizon numbers.

*Including T-Mobile, Sprint, and Metro by T-Mobile

Smaller carriers (<5% of US messaging volume) have not explicitly declared their throughput assignment details but we expect them to be in similar ranges for a given vetting score.

Unlike SMS throughput, which depends on vetting score and campaign type, MMS throughput has been defined at a per-number level by the carriers. Each number linked to a campaign can send up to 50 messages per minute per carrier. For higher throughput, you can link multiple numbers to the same campaign.

T-Mobile TPD restrictions

T-Mobile (including Sprint) also applies a throughput per day (TPD) limit to SMS and MMS messages. Like TPM, this limit varies according to a brand’s vetting score. 

Note that T-Mobile’s TPD limit takes into account both SMS and MMS messages; in other words, the daily limit is shared across SMS and MMS services. This means that even if you are vetted for a throughput of 4,500 TPM towards T-Mobile, any messages sent after the 200,000 limit will fail.

What if I reach the TPD limit set by T-Mobile for my brand?

Check your T-Mobile TPD cap on the Plivo console. Once you hit the TPD limit, any additional messages sent to T-Mobile by your brand will fail for the remainder of the day. T-Mobile operates on Pacific Time (PT), and your message limit resets at the beginning of each day.

Note that Your messages directed to AT&T, Verizon, and other carriers remain unaffected by the T-Mobile quota.

Can I increase my throughput?

Plivo recommends undergoing vetting during the brand registration process to unlock higher throughputs. If, even after your business has been vetted, the allocated throughput (TPM) remains insufficient, you can appeal your vetting score by collaborating with our support team. Should your appeal be rejected and your daily messaging volume toward T-Mobile exceeds the allocated TPD (throughput per day), you have the option to request a Special Business Review (SBR) from T-Mobile. The purpose of the SBR is to grant access to higher daily volumes.

Additionally, if your campaign necessitates linking more than 49 phone numbers, T-Mobile mandates that you submit a Number Pool Request (NPR).

T-Mobile imposes a fee for each SBR or NPR. Plivo transparently passes on carrier fees to its customers without any additional markup. Before submitting an SBR or NPR request, ensure that your brand and campaign are registered with TCR (T-Mobile Compliance Registry).

To initiate an SBR or NPR, please reach out to your customer success manager or our support team.

Messages per Second (MPS) Limits

Plivo imposes Messages per Second (MPS) limits on accounts to manage the rate at which messages are dispatched. These limits are essential to understand for maintaining efficient messaging operations without exceeding allocated capacities. Below, find key details about outbound MPS limits and procedures for adjustments if necessary.

MPS Management

Messages exceeding the MPS limit are queued, not dropped, ensuring all your messages are eventually dispatched according to the specified rate.

• Scenario 1: Sending 5 API messages in a second with a 5 MPS limit results in simultaneous dispatch.
• Scenario 2: Sending 10 API messages in a second with a 5 MPS limit leads to the first 5 being dispatched immediately, with the remaining 5 queued for the next interval.

MPS Details and Adjustments

Find your MPS allocation under the SMS Overview page in the Plivo console, within the Account section. Adjustments to MPS settings are facilitated through support, with the assurance that exceeding limits does not result in message loss but rather in queued dispatch.

Increasing MPS Limits

Should your operational requirements exceed the standard MPS allocations, our support team is ready to assist in evaluating and implementing suitable adjustments. Note that additional fees will be incurred for extra MPS.

What is message expiry?

Some text messages have a limited useful lifetime. If they’re not delivered within a certain period, they become useless. By default, Plivo expires messages that remain in the messaging queues after three hours. These messages are marked “failed” with error code 420 and are not charged to customers.

Why might a message expire?

When customers send a message through Plivo, it spends a short time in Plivo’s messaging queue before we forward it to a carrier. Typically this time is on the order of seconds, but it might be longer, typically due to messaging rate limits or an outage.

Each Plivo account and sender (the source number in the API) has an upper cap of how many messages it can handle, because we need to comply with carrier-level guidelines in each country. For instance, a short code in the US supports throughput of 100 messages per second. Sending messages at a higher rate results in queuing delays.

Another common cause of message expiry is an outage, either on Plivo’s side or on carriers’, that causes messages to be delayed.

In such cases your users might be getting messages at a time later than you expected — sometimes too late to be useful. A one-time password (OTP) that gets delayed by 15 minutes is no good when your application expects the OTP to be entered within one minute.

How can I customize the expiry of my messages with Plivo?

You can set the expiry time for each message with our send message API by passing the parameter message_expiry. Its default value is 10,800 seconds (three hours); you can set the expiry time to be 5 to 10,799 seconds. 

When Plivo dequeues each message to send it to the carrier, we evaluate the time it has spent in Plivo’s messaging queue and compare that value with the expiry interval. If the elapsed time is more than the expiry period of the message, we mark the messages as failed and don’t charge for it.

What does Plivo recommend for message expiry values?

If your use case revolves around authentication, set message expiry to a value of between 60 and 600 seconds, depending on the time your application allows for a value to be input. For less time-sensitive use cases, such as promotional messaging, you can keep the default value of three hours or lower it to one hour (3,600 seconds).

Setting a too aggressive message expiry period might mean your messages don’t reach your customers, so choose your expiry period based on the upper limit of when the message will be useful.

You can check for message expiry by filtering your message log for an error code of 420.

If you see messages expiring frequently, you might be sending too many messages in too short a period, beyond the allowed limit for your account or number type. Your customer success manager or our support team can help you resolve the issue.

Sign up for a free Plivo account, and register for or log in to a Bitrix24 account. Then search for Plivo in the Bitrix24 Marketplace, and install Plivo by clicking on the Install button.

• . 

You'll then be redirected to the Plivo Application page. Enter your Plivo Auth ID, Auth Token, and sender ID details. Save the details, then click on the Test SMS button to validate the integration. 

Please note that sender ID refers to the source number. You can rent a Plivo US/Canada number if the destination number is a US/Canada number.   

Test and validate

Once you're done with the implementation, you can test the setup from the Test SMS page. You can trigger a test SMS message by entering a destination number and message content. 

Note: 

• You can trigger bulk SMS messages to multiple recipients by providing a list of destination numbers separated with the delimiter "<" (e.g. 14156667777<14157778888<14158889999).
• Bitrix24/Plivo integration supports only outbound SMS.

To utilize toll-free numbers for Application-to-Person (A2P) messaging in the US and Canada, completing the toll-free number verification process is imperative. This verification process serves to identify the sender, ensure adherence to best practices in toll-free messaging, and prevent unauthorized access by malicious entities.

During the verification procedure, pertinent details about the company and reasons for employing A2P messaging on toll-free numbers must be furnished. For resellers, providing information regarding the customers on whose behalf text messages will be sent is necessary.

How do I submit a verification request for a toll-free number?

You can submit a verification request using the Plivo console or Plivo's Verification API. Please refer to our quick guide on submitting a toll-free verification request via Plivo Console.

Please note that it can take three to seven business days to complete the verification process.

What if I want to change the content of a message on a verified toll-free number?

You must submit a new verification request if you wish to change the content of a message on a verified toll-free number.  This ensures that messages with revised content will not be filtered by the network.

Can I port a verified toll-free number to another carrier?

You can obtain a toll-free number from any vendor and have it verified. If you port the number to a different vendor, you must submit a new request for verification.

To include line breaks in messages sent from Plivo, you may need to encode the newline escape sequence "\n" in your code. Here’s an example of how this works:

curl -X POST https://api.plivo.com/v1/Account/<auth_id>/Message/ \
  -u <auth_id>:<auth_token> -H 'Content-Type: application/json' \
  -d '{  "src" : "14845355114", 
  "dst" : "14845355111"  , 
  "text": "Here is my first line\nHere is my second line" 
}'

This example sends an outbound message from the sender (484) 535-5114 (+14845355114) to the recipient at (484) 535-5111 (+14845355111), and includes the message:

Here is my first line
Here is my second line

In your own applications, you can use similar syntax, updating several <variables> and strings:

• Line 1 — your Auth ID
• Line 2 — your Auth ID and Auth Token
• Line 3 — a valid sender/from number
• Line 4 — a valid destination number
• Line 5 — the desired message text

We support inbound SMS in the following countries:

Australia
Austria
Belgium
Canada
France
Netherlands
Sweden
United Kingdom
United States

We support outbound SMS in more than 200 countries.

A promotional SMS message is sent with the objective of promoting a product or service. These are sales and marketing messages which may or may not be solicited by the recipient.

A transactional SMS message is sent to customers with the purpose of passing on information necessary for using your product or service. For example: 

• Messages sent for two-factor authentication or one-time passwords
  
• Notifications regarding a product or service used by a customer, such as an appointment reminder

Customers can generate Message Detail Record (MDR) reports directly from the Plivo console. 

 To find your MDRs, log in to your account. Navigate to SMS, then Logs. Filter the logs by clicking on Filter Logs. From the drop-down list select either "Select MDRs on this page" or "Select all MDRs," then click Export.

If the logs are of downloadable size, the file will automatically be downloaded to your device. If the logs are too large, exported logs will be emailed to your registered email address.

Note: For outbound messages, the 'From' number will be the source number that belongs to the customer, and the 'To' number will be the destination number that belongs to the receiver. In the case of inbound messages, the 'From' number will be the number of the end user sending the message, and the 'To' number will be the number that belongs to the customer.

The information included in your MDR export includes: 

For a downloaded file:

Message UUID

From

To    

To Country ISO2

Direction    

Message Time    

Status    

Error Code    

Error Reason    

Units    

Rate Per Unit (USD)    

Carrier Surcharge Per Unit (USD)    

Total Charge Per Unit (USD)    

Total Charge (USD)

For an emailed file:

Message UUID

From    

To    

Direction    

Time    

Status    

Units    

Amount    

Message Rate    

Message Charge

We retain MDRs in our transactional databases for 90 days.