Skip to content
RCT
Roha & Copita Telecom
Contact Sales
SMS API SMPP Gateway OTP / 2FA Bulk SMS Solutions / Industries Developers Compliance Pricing & Coverage Contact Client Login
A2P · SMS API · SMPP Gateway

Global A2P SMS,
Delivered.

Roha & Copita Telecom provides SMS API, SMPP connectivity and global messaging infrastructure for enterprises, telecom companies, aggregators and regulated high-volume senders.

SMPP 3.4
TLS · IP Whitelist
REST JSON
Bearer Token
EU + more
Global expansion
rocotele · live OPERATIONAL
Daily traffic
{{ c.daily }}
▲ messages / 24h
Platform uptime
{{ c.uptime }}
rolling 30d
Client throughput
{{ c.thr }} SMS/sec
System capacity
{{ c.cap }} SMS/sec
Delivery feed DLR · live
{{ row.time }} {{ row.to }} · {{ row.cc }} {{ row.status }}
Sample operational dashboard.
10M+
Daily messaging capacity
99.98%
Platform uptime
100/s
Default client throughput
10k+/s
System-level capacity
EU + more
Coverage, global expansion
Messaging experience across enterprise, telecom & high-volume traffic
Connectivity ecosystem for global A2P messaging
Mitto
Bird.com
Uber
Bolt Food
bikeNOW
Parik24
1win
Vodafone
Orange
BICS
Comfone
Alerion
01 · Products

SMS infrastructure for business-critical communication

{ }

SMS API

Send OTP, alerts and transactional messages from your application using a REST JSON API.

Explore →

SMPP Gateway

Connect high-volume A2P SMS traffic through SMPP 3.4 with TLS and IP whitelisting.

Explore →

OTP / 2FA

Deliver one-time passwords and verification codes through the SMS API.

Explore →

Bulk SMS

Send approved customer campaigns and operational notifications via dashboard and SMPP.

Explore →

Roha & Copita Telecom helps businesses route approved A2P SMS traffic through scalable messaging infrastructure — OTP delivery, transactional notifications, bulk customer campaigns, SMPP traffic and global SMS delivery for high-volume use cases.

02 · Onboarding

How approved A2P traffic goes live

01

Submit your traffic details

Destinations, monthly volume, traffic type and integration requirements.

02

Choose SMS API or SMPP

Pick the integration that matches your platform and volume profile.

03

Sender ID & traffic review

Complete sender ID and traffic review where destination rules require it.

04

Receive production credentials

Production credentials are issued after account and traffic approval.

05

Send & track delivery

Send messages and track delivery reports through webhooks and status calls.

06

Scale with custom terms

Scale traffic with commercial terms based on destination, route and volume.

03 · Industries

Built for regulated and high-volume messaging

{{ i.no }}

{{ i.name }}

{{ i.desc }}
04 · Developers

Developer-ready SMS API

REST JSON API with Bearer Token authentication, delivery reports and webhook callbacks. Production credentials are issued after account and traffic approval.

GSM-7, Unicode & long SMS concatenation
Retry & fallback routing
Webhooks & delivery reports
View API Docs →
POST /v1/messages request 
Authorization: Bearer YOUR_API_TOKEN
Content-Type: application/json

{
  "to": "+447700900000",
  "from": "BrandName",
  "text": "Your verification code is 482913",
  "callback_url": "https://example.com/webhooks/sms-status"
}
202 Accepted response 
{
  "message_id": "msg_123456789",
  "status": "accepted",
  "created_at": "2026-06-29T10:30:00Z"
}
Base URL · https://api.rocotele.com/v1
05 · Pricing

Destination-based pricing for approved A2P traffic

Pricing depends on destination, traffic type, sender ID requirements, route quality and monthly volume. Current rates are available on request.

A
Postpaid
for aggregators
B
Prepaid
for enterprise clients
C
€500
minimum commercial start
D
EUR & USDT
accepted currencies
E
Custom
after route & traffic review
Request Pricing →
06 · Compliance

Compliance-first messaging

Roha & Copita Telecom supports legitimate A2P messaging. Traffic may be reviewed before production access, especially for aggregators, licensed gaming, regulated industries and high-volume routes.

Acceptable Use
Sender ID Rules
Traffic Approval
Anti-Spam Policy
Data Protection
Licensed Industry Review
07 · FAQ

Frequently asked questions

{{ f.a }}

Ready to route approved A2P traffic?

Tell us about your destination countries, monthly volume, traffic type and integration requirements.

Contact Sales →
Home / Products / SMS API
REST JSON · Bearer Token

SMS API for Global Business Messaging

Send OTP, transactional alerts and customer notifications through a REST JSON SMS API.

The Roha & Copita Telecom SMS API helps enterprises, platforms and regulated businesses connect messaging directly to their applications. Use it to send verification codes, customer alerts, order updates, service notifications and business-critical SMS traffic.

Use cases
OTP and 2FA delivery
Signup and login verification
Payment and transaction alerts
Order and delivery notifications
Appointment reminders
System alerts
Customer service notifications
Approved campaign triggers
API capabilities
REST JSON API
Bearer Token auth
Delivery reports
Webhook callbacks
Sender ID where available
GSM-7 & Unicode
Long SMS concatenation
Retry & fallback routing
API flow

From request to delivery report

01

Your application sends a message request to the API.

02

The platform validates credentials, sender ID, destination and traffic rules.

03

The SMS is processed through approved A2P routes.

04

Delivery status is updated as the message moves through the network.

05

Your system receives DLR updates through webhooks or status requests.

POST/v1/messagesrequest
Authorization: Bearer YOUR_API_TOKEN
Content-Type: application/json

{
  "to": "+447700900000",
  "from": "BrandName",
  "text": "Your verification code is 482913",
  "callback_url": "https://example.com/webhooks/sms-status"
}
202Acceptedresponse
{
  "message_id": "msg_123456789",
  "status": "accepted",
  "created_at": "2026-06-29T10:30:00Z"
}
Delivery statuses accepted submitted delivered failed expired rejected unknown

Public API documentation is available as a preview. Production credentials are issued after account and traffic approval.

Route quality

What makes a good SMS route

Not all SMS routes are equal. The platform routes A2P traffic only on carrier-grade connections — direct operator agreements or Tier-1 aggregator interconnects where applicable. Grey-route or SIM-farm traffic is prohibited and actively filtered at ingress.

A2P routes

Carrier-grade A2P SMS connections. No consumer SIM routing, no grey routes.

Sender ID

Alphanumeric sender IDs where the destination allows. Pre-registration managed on your behalf.

DLR accuracy

Delivery receipts reflect actual carrier acknowledgement, not just submission. Fake DLR routes are rejected.

99.4% delivery

Average across approved European destinations. Per-destination breakdowns are available in account reports.

Integration

What you need to integrate

  • A Bearer Token — issued after account approval
  • HTTPS POST to https://api.rocotele.com/v1/messages
  • JSON body with to, from, text
  • An endpoint to receive delivery reports (optional but recommended)
Minimum working example
curl -X POST https://api.rocotele.com/v1/messages \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"to":"+447700900000","from":"Brand","text":"Hello!"}'

// 202 Accepted
{ "message_id": "msg_01J5KQ7N", "status": "accepted" }
Rate limits & features

API limits and advanced parameters

Parameter
Default / limit
Throughput
100 msg/sec default
Max message length
160 GSM-7 / 70 Unicode
Max parts (long SMS)
Up to 8 segments
Validity period
1–2880 min (default 1440)
Idempotency key
Header: Idempotency-Key
Priority flag
priority: "high" | "normal"

Throughput limits can be increased for approved accounts. Contact your account manager to request a higher limit for your destination and traffic profile.

FAQ
Are undelivered messages charged?

Messages are charged on submission to the carrier, not on delivery confirmation. Some destinations allow failed-message credits — discussed individually by destination and route.

How do I avoid duplicate sends on retry?

Send an Idempotency-Key header (e.g. a UUID) with every request. If the same key is received twice within 10 minutes, the second request returns the original response without sending another SMS.

What encoding is used — GSM-7 or Unicode?

The API auto-detects encoding. Plain Latin characters use GSM-7 (160 chars/segment). Any non-GSM character — including emojis or Cyrillic — switches to Unicode (70 chars/segment). The API response includes the detected encoding and part count.

How are DLR webhooks authenticated?

Delivery receipt webhooks include an X-Signature header — an HMAC-SHA256 signature of the request body using your account secret. Verify it before processing the payload.

Ready to connect your application?

Request API Access →
Home / Products / SMPP Gateway
SMPP 3.4 · TLS · IP Whitelist

SMPP Gateway for High-Volume A2P SMS Traffic

Connect enterprise messaging systems, telecom platforms and aggregators through SMPP 3.4.

Request SMPP Access →

The Roha & Copita Telecom SMPP Gateway is designed for high-volume A2P senders that need persistent connectivity, protocol-level delivery receipts and structured traffic control.

Who it is for
Telecom companies SMS aggregators Enterprise messaging teams CPaaS platforms Licensed gaming operators High-volume senders Messaging infrastructure providers
Technical specification

Connection parameters

Parameter
Value
Host
smpp.rocotele.com
Plain port
2775
TLS port
27775 (TLS 1.2+, recommended)
Protocol version
SMPP 3.4
Access control
IP whitelist — up to 5 IPs per account
Max binds per account
10 concurrent sessions (configurable)
Default window size
10 outstanding PDUs (up to 100 on request)
Default client throughput
up to 100 SMS/sec
System-level capacity
10,000+ SMS/sec
enquire_link interval
30 s recommended; session dropped after 60 s silence
DLR
Supported via deliver_sm on transceiver / receiver bind
Sender ID
Supported where destination rules allow
Traffic review
Required for aggregators & regulated categories

Bind types

Bind type
Direction
Use case
bind_transmitter
TX only (outbound)
Submit messages; cannot receive DLR or MO
bind_receiver
RX only (inbound)
Receive DLRs and MO messages only
bind_transceiver
TX + RX (bidirectional)
Submit and receive on a single session — recommended
PDU reference

submit_sm parameters

Key fields for outbound message submission. All mandatory fields must be present even when set to default values.

Field
Type
Notes
source_addr_ton
1 octet
Type of Number for source address — see TON table below
source_addr_npi
1 octet
Numbering Plan Indicator for source address — see NPI table below
source_addr
C-Octet
Sender ID — numeric E.164 or alphanumeric (max 11 chars) depending on TON
dest_addr_ton
1 octet
TON for destination — use 0x01 (International) for E.164 numbers
dest_addr_npi
1 octet
NPI for destination — use 0x01 (ISDN/E.164)
destination_addr
C-Octet
MSISDN in E.164 format without leading + (e.g. 441234567890)
esm_class
1 octet
0x00 = default; 0x40 = UDH indicator (long SMS via UDH); 0x80 = reply path
priority_flag
1 octet
0 = lowest, 1 = normal, 2 = high, 3 = highest — OTP traffic should use 1+
validity_period
C-Octet
Relative: 000001000000000R (1 hour) or absolute UTC timestamp; empty = platform default (24 h)
registered_delivery
1 octet
Bits 0–1: DLR mode — see registered_delivery table below
data_coding
1 octet
Character encoding — see data_coding table below
sm_length
1 octet
Length of short_message in octets; 0 when using message_payload TLV
short_message
Octet
Message body up to 254 octets; use message_payload TLV (0x0424) for larger payloads
message_payload
TLV 0x0424
Optional TLV for messages >254 octets; mutually exclusive with short_message

TON values

Value
Meaning
0x00
Unknown
0x01
International (E.164)
0x02
National
0x03
Network Specific
0x04
Subscriber Number
0x05
Alphanumeric (source only)

NPI values

Value
Meaning
0x00
Unknown
0x01
ISDN / E.164 (use for MSISDN)
0x03
Data / X.121
0x05
Land Mobile / E.212
0x06
National
0x08
WAP Client ID

data_coding values

Hex
Encoding
Max chars / part
0x00
GSM-7
160 (single) / 153 (concat)
0x04
Binary (8-bit)
140 octets / 134 (concat)
0x08
UCS-2 Unicode
70 (single) / 67 (concat)
0xF5
GSM-7 Flash
160 — class 0 (display only, not stored)

registered_delivery bits 0–1

Bits
Behaviour
00
No DLR requested
01
DLR on final delivery and failure
10
DLR on failure only
11
DLR on successful delivery only

Bits 2–3 control intermediate notifications; bits 4–5 control MO delivery. Set to 0 unless required.

Concatenation

Long SMS — UDH vs SAR TLV

Messages exceeding one segment must be split and concatenated. Two methods are supported; SAR TLV is preferred for aggregator connections.

Method 1 — UDH (User Data Header)
  • Set esm_class = 0x40 to signal UDH present
  • Prepend 6-byte UDH to each short_message
  • UDH header: 05 00 03 <ref> <total> <seq>
  • Max payload per part: 153 GSM-7 chars / 67 UCS-2 chars
  • Max 6 parts (255 with 16-bit reference — IEI 0x08)
esm_class   = 0x40
data_coding = 0x00   ; GSM-7
short_message = \x05\x00\x03\xAB\x02\x01 + part1_text
                                ; ref=0xAB total=2 seq=1
Method 2 — SAR TLV (recommended)
  • Set esm_class = 0x00 (no UDH in body)
  • Add three optional TLVs to each submit_sm PDU
  • Cleaner separation: concatenation info outside message body
  • Preferred by Alaris / PowerSMPP style SMSC platforms
sar_msg_ref_num    (0x020C) = 0x00AB  ; 16-bit ref
sar_total_segments (0x020E) = 0x02    ; 2 parts
sar_segment_seqnum (0x020F) = 0x01    ; this is part 1
Onboarding
01Submit company and traffic details.
02Provide target countries and estimated volume.
03Complete traffic and sender ID review where required.
04Configure IP whitelist and SMPP credentials.
05Test message submission and delivery receipts.
06Move approved traffic to production.
Benefits
Persistent protocol-level connectivity
Delivery receipt support
Account-based throughput management
Secure access with TLS and IP whitelist
Suitable for aggregators and high-volume traffic
Commercial terms based on destination, route and traffic review
SMPP 3.4 Protocol

Supported PDUs & delivery receipt format

Supported PDUs
bind_transmitter bind_receiver bind_transceiver submit_sm submit_sm_multi deliver_sm query_sm enquire_link unbind generic_nack

Each request PDU is acknowledged by its matching *_resp — submit_sm ↔ submit_sm_resp, deliver_sm ↔ deliver_sm_resp.

Delivery Receipt Format
id:1a2b3c4d sub:001 dlvrd:001
submit date:2406291402 done date:2406291403
stat:DELIVRD err:000 text:Your verification...
All DLR stat values
DELIVRD EXPIRED UNDELIV REJECTD ENROUTE DELETED ACCEPTD UNKNOWN
Session management

Window size & keep-alive

Window size (outstanding PDUs)

The window size defines how many submit_sm PDUs you may send without waiting for corresponding submit_sm_resp. Larger windows improve throughput at the cost of buffering.

Setting
Value
Default window
10
Maximum window
100 (on request)
Throttle response
ESME_RTHROTTLED (0x33)

Keep-alive & reconnect

  • Send enquire_link every 30 seconds; expect enquire_link_resp within 5 s
  • Platform drops sessions silent for >60 s — implement auto-reconnect in your client
  • Re-bind using same credentials after TCP reconnect; no session token is required
  • Use exponential back-off: 1 s, 2 s, 4 s, 8 s, 30 s max before alerting ops
  • Outstanding window PDUs sent before a disconnect may receive delayed submit_sm_resp on the new session — track by sequence number
Tip

Use a dedicated bind_transceiver per logical traffic lane (e.g. OTP, promotional) to isolate window contention and simplify DLR correlation.

Error codes

Standard SMPP command status

Code (hex)
Name
Description
0x00000000
ESME_ROK
No error
0x00000001
ESME_RINVMSGLEN
Invalid message length
0x00000002
ESME_RINVCMDLEN
Invalid command length
0x00000003
ESME_RINVCMDID
Invalid command ID
0x00000004
ESME_RINVBNDSTS
Incorrect bind status for given command
0x00000005
ESME_RALYBND
Already bound
0x00000006
ESME_RINVPRTFLG
Invalid priority flag
0x00000007
ESME_RINVREGDLVFLG
Invalid registered delivery flag
0x00000008
ESME_RSYSERR
System error
0x0000000A
ESME_RINVSRCADR
Invalid source address
0x0000000B
ESME_RINVDSTADR
Invalid destination address
0x0000000D
ESME_RINVDSTTON
Invalid destination TON
0x0000000E
ESME_RINVDSTNPI
Invalid destination NPI
0x00000033
ESME_RTHROTTLED
Throttling error — throughput exceeded
0x00000061
ESME_RINVNUMDESTS
Invalid number of destinations
0x000000FF
ESME_RUNKNOWNERR
Unknown error

Connect high-volume traffic through SMPP

Request SMPP Access →
Home / Products / OTP / 2FA

OTP and 2FA SMS Delivery Through API

Send verification codes for login, signup, payment confirmation and account security flows.

Discuss OTP Traffic →
OTP message delivery through SMS API

OTP and 2FA messages are time-sensitive. Roha & Copita Telecom helps businesses deliver verification codes through SMS API with delivery visibility, sender ID support and compliant routing.

Use cases
Signup verification
Login confirmation
Password reset
Payment confirmation
Transaction approval
Account recovery
Device verification
Risk-based authentication
Example OTP message
BrandName · now

Your BrandName verification code is 482913. Do not share this code with anyone.

How it works
01Your application generates a one-time code.
02The code is submitted through SMS API.
03Processed through approved routes.
04The user receives the verification code.
05Your system validates the code.
06Delivery reports help monitor failures and completion issues.

Compliance note. OTP traffic may still require sender ID review and destination-specific checks depending on target country and message format.

Delivery requirements

Speed and reliability matter most for OTP

Verification codes have short validity windows — typically 3 to 10 minutes. A delayed or undelivered message blocks the user flow and increases support burden. The platform routes OTP traffic at elevated priority to minimise queuing time.

Metric
Typical
API to carrier
< 500 ms
Handset delivery (median)
< 2 s
DLR available
Yes — webhook or polling
Priority routing
Set priority: "high"

Use validity_period: 5 (minutes) and priority: "high" on every OTP request. Set a callback_url to detect failures instantly instead of polling.

cURL — OTP with priority & short validity
curl -X POST https://api.rocotele.com/v1/messages \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -H "Idempotency-Key: $(uuidgen)" \
  -d '{
    "to": "+447700900000",
    "from": "BrandName",
    "text": "Your code is 482913. Valid 5 min.",
    "priority": "high",
    "validity_period": 5,
    "callback_url": "https://example.com/dlr",
    "client_reference": "otp-user-29181"
  }'

// 202 response
{
  "message_id": "msg_01J5KQ7N",
  "status": "accepted"
}
Troubleshooting

Common OTP delivery issues

status: expired

Validity window too short

If validity_period is set below the typical delivery latency for that destination, the carrier discards the message. Use at least 5 minutes for most routes.

status: rejected

Sender ID blocked

Some destinations require pre-registered alphanumeric sender IDs for OTP traffic. If the sender ID is not approved in that country, the message is rejected at carrier level.

no DLR received

No callback URL set

Without a callback_url, delivery receipts are not pushed. Poll GET /v1/messages/{id} or set a webhook endpoint to receive status events automatically.

FAQ

OTP delivery questions

What is the minimum recommended validity period?

We recommend a minimum of 5 minutes. Setting it below 2 minutes risks expiry before delivery on congested networks. Use validity_period: 5 (in minutes) on every OTP request.

Can I use an alphanumeric sender ID for OTP?

Yes, where the destination country allows it. Alphanumeric sender IDs are supported across most of Europe. Some countries require pre-registration. Numeric long numbers are used as fallback where alphanumeric is blocked.

Is OTP traffic treated differently from promotional SMS?

Yes. OTP and transactional messages route at elevated priority and are subject to faster traffic approval (typically under 24 hours). They also route through separate paths from promotional traffic to avoid queuing delays.

Do I need to use the SMS API, or can I use SMPP for OTP?

Both are supported. The REST SMS API is easier to integrate and recommended for most OTP use cases. SMPP is available for high-throughput environments where persistent connections and lower-level control are required.

What throughput can I expect for OTP traffic?

Via the REST API, standard throughput limits apply per account. OTP accounts are typically provisioned at 100–500 msg/sec depending on destination and volume. SMPP accounts support higher throughput for approved aggregators. Contact your account manager to discuss limits.

Discuss your OTP traffic profile

Discuss OTP Traffic →
Home / Products / Bulk SMS

Bulk SMS for Approved Business Campaigns

Send customer updates, operational notifications and approved campaigns through dashboard and SMPP.

Plan Bulk SMS Traffic →

Roha & Copita Telecom supports bulk SMS for legitimate business communication at virtually any scale. Whether you send a few thousand transactional alerts a day or push multi-million message campaigns across dozens of destinations, the same infrastructure routes every message through carrier-grade SMPP connections built for sustained high throughput.

Over a single SMPP 3.4 bind you can stream very large volumes in a continuous flow — tens of thousands of messages per second per session, with multiple binds running in parallel for even higher aggregate capacity. A campaign of half a million recipients is accepted, queued and dispatched in minutes rather than hours, while adaptive routing keeps delivery rates high and latency low across every leg of the journey.

Persistent connections, window-based concurrency, automatic retries and real-time delivery receipts mean your traffic moves fast and stays fully observable — from the first message to the last. You watch throughput, delivery quality and per-destination status update live, so large sends never turn into a black box.

10k+/s
SMS per second per bind
500k
Campaign dispatched in minutes
99.4%
Average delivery rate
<2s
Median delivery latency
Use cases
Customer notifications
Delivery updates
Appointment reminders
Payment reminders
Operational alerts
Approved marketing campaigns
Licensed gaming communication
Enterprise announcements
A

Dashboard-based sending

For managed campaigns, customer notifications and operational messaging.

B

SMPP-based sending

For high-volume platforms, aggregators and telecom-grade traffic.

Compliance note

Marketing SMS is allowed only when compliant. Licensed gaming traffic is accepted only from official licensed operators and after traffic review.

Prohibited use
Spam Phishing Fraud Misleading sender identity Illegal products or services Unlicensed gambling Deceptive campaigns Bypassing destination rules
Inside the console

From half a million numbers to delivered — in three screens

Upload your audience, write your message and hit send. The dashboard streams the whole campaign over SMPP in real time and hands you a delivery report the moment it finishes.

01

Build the broadcast

Drop in a CSV of 512,408 numbers, pick the sender ID and compose the text — duplicates and invalid entries are cleaned automatically.

app.rohacopita.example/campaigns/new
Campaigns / New broadcast
New broadcast
Save draft
Send campaign →
Campaign name
Spring promo · EU batch
Sender ID
RohaCopita
Recipients
CSV
recipients_eu.csv ✓ validated
512,408 valid numbers · 3,612 duplicates removed · 0 invalid
Message
142 chars · 1 segment · GSM-7
Hi {first_name}! Spring sale is live — up to 40% off your favourites this week only. Shop now: rcpt.example/sp24 — reply STOP to opt out.
Summary
Recipients512,408
Segments512,408
Est. throughput9,800 / s
Est. send time~1 min 04s
Est. cost€7,686
Send campaign →
02

Watch it send — fast

Messages stream out over SMPP at close to 10,000 per second. Throughput, sent volume and failures update live as the queue drains.

app.rohacopita.example/campaigns/sp24/live
Spring promo · EU batch
Sending
started 14:02:11 UTC
Sending… 63%322,540 / 512,408 sent
ETA 00:19elapsed 00:33
Throughput
9,840 /s
Delivered
319,802
Pending
2,738
Failed
412
Throughput · last 60s
Delivery feed
14:02:44 · +49DELIVERED
14:02:44 · +33DELIVERED
14:02:44 · +48DELIVERED
14:02:43 · +44SUBMITTED
14:02:43 · +34DELIVERED
14:02:43 · +39DELIVERED
03

Get a clean delivery report

The whole batch lands in just over a minute with a 99.4% delivery rate and full per-destination breakdown — exportable for your records.

app.rohacopita.example/campaigns/sp24/report
Campaigns / Spring promo · EU batch
Campaign report
Completed
Export CSV
99.4%
delivered
DeliveredFailed
Delivered
509,331
Failed
1,157
Total time
1m 06s
Avg latency
1.6s
Delivery by destination
Germany
99.6%
France
99.3%
Spain
99.1%
Poland
99.5%
Italy
98.9%

Plan your bulk SMS traffic

Plan Bulk SMS Traffic →
Home / Pricing / Coverage

SMS Pricing and Europe-First Coverage

Destination-based SMS pricing for enterprises, aggregators and high-volume A2P traffic.

Request Pricing →

SMS rates depend on destination, route quality, traffic type, sender ID requirements and monthly volume. Current rates are available on request after traffic and destination review.

Aggregators
Postpaid
Enterprise
Prepaid
Minimum start
€500
Currencies
EUR · USDT
After review
Custom rate
Coverage

Europe-first destinations

Indicative availability · final rate on request
Destination
Region
Traffic type
Sender ID
Status
Final rate
{{ row.dest }}
{{ row.region }}
{{ row.type }}
{{ row.sender }}
{{ row.status }}
{{ row.rate }}

Indicative availability only. Current rates are provided on request after traffic, destination and volume review.

Pricing model

What affects the rate

01

Destination

Each country has its own rate driven by carrier termination costs and regulatory requirements. UK and Nordics are typically priced higher than Eastern Europe.

02

Traffic type

OTP and transactional traffic often routes on different paths than promotional. Some destinations require separate sender ID registration per traffic category.

03

Monthly volume

Volume commitments lower the per-message rate. Aggregators with steady monthly volumes typically negotiate destination-specific CPM rates reviewed quarterly.

Account type
Settlement
Minimum deposit
Accepted currencies
Enterprise
Prepaid top-up
€500
EUR · USDT
Aggregator
Postpaid monthly
On request
EUR · USDT · Wire
FAQ

Pricing questions

Are per-message rates published?

No. Rates depend on destination, route quality, traffic type and committed monthly volume. Current rates are shared after a short traffic and destination review.

Is billing per SMS or per segment?

Billing is per segment (message part). A single-part GSM-7 message is one segment. A 200-character GSM-7 message splits into two segments and is billed as two. The API returns the expected part count in the status response.

Are undelivered messages charged?

Messages are charged on submission to the carrier, not on delivery confirmation. Some destinations allow failed-message credits — this is discussed individually based on destination and route.

Can I use USDT for top-up?

Yes. Enterprise prepaid accounts accept EUR bank transfer and USDT (TRC-20 or ERC-20). Aggregator postpaid accounts are settled in EUR by default; USDT settlements are available on request.

Request a destination-based quote

Request Pricing →
Home / API Documentation

SMS API Documentation

REST JSON API for A2P SMS delivery. Bearer Token authentication, async delivery reports, webhook callbacks and full message lifecycle tracking.

https://api.rocotele.com/v1
v1.0 · production
TLS 1.2+
Authentication Send SMS Bulk Delivery reports Webhooks Encoding Rate limits Error codes
Quickstart

Send your first message in 60 seconds

Replace YOUR_API_TOKEN with your production Bearer Token. Tokens are issued after traffic approval.

cURL — OTP / 2FA
shell
curl -X POST https://api.rocotele.com/v1/messages \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -H "Idempotency-Key: $(uuidgen)" \
  -d '{
    "to": "+447700900000",
    "from": "BrandName",
    "text": "Your verification code is 482913. Valid for 5 minutes. Do not share it.",
    "priority": "high",
    "validity_period": 5,
    "callback_url": "https://example.com/webhooks/dlr",
    "client_reference": "otp-user-58291"
  }'
Python — Transactional notification
python
import requests, uuid

response = requests.post(
    "https://api.rocotele.com/v1/messages",
    headers={
        "Authorization": "Bearer YOUR_API_TOKEN",
        "Content-Type": "application/json",
        "Idempotency-Key": str(uuid.uuid4()),
    },
    json={
        "to": "+447700900000",
        "from": "MyBrand",
        "text": "Your order #58291 has been dispatched. Track: example.com/track/58291",
        "callback_url": "https://example.com/webhooks/dlr",
        "client_reference": "order-58291",
    }
)
data = response.json()
print(data["message_id"], data["status"])
Node.js — Bulk campaign
javascript
const response = await fetch('https://api.rocotele.com/v1/bulk/messages', {
  method: 'POST',
  headers: {
    'Authorization': 'Bearer YOUR_API_TOKEN',
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    messages: [
      { to: '+447700900001', from: 'MyBrand', text: 'Flash sale ends tonight!', client_reference: 'c001' },
      { to: '+447700900002', from: 'MyBrand', text: 'Flash sale ends tonight!', client_reference: 'c002' },
    ],
    campaign_id: 'flash-sale-june',
    callback_url: 'https://example.com/webhooks/dlr',
  }),
});
const { batch_id, total } = await response.json();
console.log(`Batch ${batch_id} · ${total} messages accepted`);
PHP — Check delivery status
php
$ch = curl_init('https://api.rocotele.com/v1/messages/msg_01J5KQ7N2P4RX8BVGW3T');
curl_setopt_array($ch, [
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER     => [
        'Authorization: Bearer YOUR_API_TOKEN',
        'Accept: application/json',
    ],
]);
$body   = curl_exec($ch);
$status = json_decode($body, true)['status']; // "delivered"
curl_close($ch);
Authentication

Bearer Token

Every request must include a Bearer token in the Authorization header. All requests must be made over HTTPS — plain HTTP connections are rejected.

Tokens are scoped to your account and bound to approved sender IDs and destinations. A token never grants access to traffic types or destinations not reviewed during onboarding.

Token format
rct_live_ prefix — production token
rct_test_ prefix — sandbox token (no real delivery)
Tokens are rotated on request. Contact your account manager.

Never expose your Bearer Token in client-side code or public repositories. Store it as an environment variable and rotate it if compromised.

Authorized request
POST /v1/messages HTTP/1.1
Host: api.rocotele.com
Authorization: Bearer rct_live_xxxxxxxxxxxx
Content-Type: application/json
Idempotency-Key: 550e8400-e29b-41d4-a716-446655440000
401 · missing or invalid token
{
  "error": "invalid_token",
  "message": "Bearer token is missing or invalid.",
  "request_id": "req_01J5KQ7N2P4RX8BVGW3T"
}
Endpoints

API Reference

Bearer Token required on all endpoints

{{ ep.desc }}

Request
{{ ep.req }}
Response · {{ ep.code }}
{{ ep.res }}
Reference

POST /v1/messages — parameters

Content-Type: application/json
Parameter
Type
Req
Description
{{ p.name }}
{{ p.type }}
{{ p.reqLabel }}
{{ p.desc }}
Delivery reports

Message status lifecycle & webhooks

accepted queued submitted delivered
Status
Meaning
Terminal?
accepted
Message received by the API and validated. Awaiting submission to the network.
No
queued
Message is in the outbound queue waiting for a free routing slot.
No
submitted
Message has been delivered to the upstream carrier. Awaiting handset acknowledgement.
No
delivered
Carrier has confirmed delivery to the recipient handset.
Yes ✓
failed
Carrier rejected or could not deliver the message. Check error_code in the DLR payload.
Yes ✓
expired
Message was not delivered within the validity_period. Carrier stopped retrying.
Yes ✓
rejected
Carrier rejected the message before attempting delivery (e.g. invalid sender ID for this destination).
Yes ✓
unknown
No DLR received from carrier within 48 hours. Common for some network types.
Yes ✓

Webhook delivery

Set callback_url on the message request to receive status events via HTTP POST. The platform retries failed deliveries up to 5 times with exponential backoff (30s, 2m, 10m, 1h, 6h).

  • Respond 200 within 10 seconds to acknowledge
  • Process the event asynchronously to avoid timeouts
  • Validate the X-RCT-Signature header (HMAC-SHA256 of body)
  • Deduplicate using message_id — retries send identical payloads
POSTyour callback_urlDLR event
{
  "event": "message.delivered",
  "message_id": "msg_01J5KQ7N2P4RX8BVGW3T",
  "client_reference": "order-58291",
  "status": "delivered",
  "to": "+447700900000",
  "from": "BrandName",
  "parts": 1,
  "encoding": "gsm7",
  "error_code": null,
  "submitted_at": "2026-06-30T10:30:00.890Z",
  "delivered_at": "2026-06-30T10:30:02.114Z"
}
Encoding

Character encoding & message parts

GSM-7
160
chars / single part
153
chars / part in concat message

Standard Latin alphabet and common symbols. Automatically detected when all characters are in the GSM-7 character set.

Unicode (UCS-2)
70
chars / single part
67
chars / part in concat message

Emoji, Arabic, Cyrillic, CJK and any non-GSM-7 character triggers Unicode encoding. Use encoding: "unicode" to force it.

Concatenation
6
parts max by default
918
GSM-7 chars max (6 parts)

Long messages are split automatically. Each part is billed individually. Adjust limit with max_parts. Parts are reassembled on modern handsets.

Characters such as [, ], {, }, ^, ~, and \ are in the GSM-7 extension table and count as 2 characters each. Use encoding: "auto" (default) to let the API choose the optimal encoding based on message content.

Rate limits

Throughput & retry guidance

100
SMS/sec default
10k+
SMS/sec on approval

Throughput is enforced per account. Exceeding the limit returns 429 Too Many Requests with a Retry-After header containing the number of seconds to wait.

Implement exponential backoff with jitter for retries. A starting interval of 1 second, doubling up to 60 seconds with ±20% random jitter, is recommended.

429 response headers
HTTP/1.1 429 Too Many Requests
Retry-After: 3
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1751285403

{
  "error": "rate_limited",
  "message": "Throughput limit exceeded.",
  "retry_after": 3
}
Python retry with backoff
import time, random

def send_with_retry(payload, max_retries=5):
    delay = 1
    for attempt in range(max_retries):
        r = requests.post(URL, headers=HEADERS, json=payload)
        if r.status_code == 429:
            wait = int(r.headers.get("Retry-After", delay))
            jitter = random.uniform(0.8, 1.2)
            time.sleep(wait * jitter)
            delay = min(delay * 2, 60)
        else:
            return r
    raise Exception("Max retries exceeded")
Errors

Error codes reference

All errors return a JSON body with error, message and request_id fields. Log the request_id for support escalation.

error
HTTP
Description & action
{{ e.code }}
{{ e.http }}
{{ e.desc }}
Idempotency

Safe retries with Idempotency-Key

Send a unique Idempotency-Key header with every POST request to guarantee exactly-once delivery. If a network error prevents you from reading the response, resend the identical request with the same key — the platform will return the original result without submitting a duplicate message.

  • Keys must be unique per message — use UUIDs
  • Keys are valid for 24 hours
  • Reusing a key with a different body returns 409 idempotency_conflict
  • Your client_reference is echoed on every status event for your own reconciliation
Node.js — safe retry pattern
import { randomUUID } from 'crypto';

// Generate once per message, before the first attempt
const idempotencyKey = randomUUID();

async function sendOtp(to, code) {
  const res = await fetch(`https://api.rocotele.com/v1/messages`, {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${TOKEN}`,
      'Content-Type': 'application/json',
      'Idempotency-Key': idempotencyKey, // same key on retry
    },
    body: JSON.stringify({ to, from: 'MyBrand',
      text: `Your code is ${code}`, priority: 'high' }),
  });
  return res.json();
}
Ready to integrate?

Get production credentials

Production API tokens are issued after account and traffic approval. OTP and transactional traffic is typically approved within 24 hours. Contact us with your destination countries, monthly volume and integration requirements.

401 · missing production token
{
  "error": "invalid_token",
  "message": "Bearer token is missing or invalid.",
  "request_id": "req_01J5KQ7N2P4RX8BVGW3T"
}
Home / Compliance

SMS Compliance and Traffic Approval

A2P SMS traffic must follow sender ID, consent, destination and acceptable use requirements.

Submit Traffic for Review →

Roha & Copita Telecom supports legitimate A2P messaging. Production access may require traffic review, especially for aggregators, licensed gaming, regulated industries and high-volume destinations.

Acceptable traffic
OTP 2FA Transactional alerts Customer notifications Operational alerts Approved campaigns Licensed gaming (official operators) Enterprise messaging Aggregator traffic after review
Prohibited traffic
Phishing Fraud Scams Impersonation Malware Illegal products or services Unlicensed gambling High-risk financial offers Deceptive campaigns Bypassing local rules Spam / unsolicited mass messaging
Traffic review process

What to expect

Production credentials are issued after a brief traffic and company review. OTP and transactional traffic is typically approved within 24 hours. Aggregator and gaming traffic requires a more detailed review, usually completed within 2–3 business days.

01Submit company name, website, registered country and contact details.
02Describe traffic type, target destinations and expected monthly volume.
03Provide sample message text and intended sender ID for each destination.
04For licensed gaming: provide active gambling licence number and jurisdiction.
05For aggregators: provide list of downstream clients and traffic categories.
06Receive sandbox credentials, test delivery, then move to production.
Review timelines
Traffic category
Typical time
OTP / 2FA
< 24 h
Transactional
< 24 h
Promotional
1–2 business days
Aggregator
2–3 business days
Licensed gaming
2–5 business days

Send your traffic details through the contact form or directly to your account manager. We will confirm the required documents and turn around approval as fast as possible.

Data & security

GDPR and platform security

GDPR roles

Roha & Copita Telecom acts as a data processor for message recipient data and as a data controller for client account and billing data. Data Processing Agreements are available on request.

Data residency

Platform infrastructure is hosted on OVH and Google Cloud in EU data centers. Message logs and delivery receipts are retained for 90 days. Billing records are kept for 7 years per legal requirements.

Transport security

All API connections require HTTPS/TLS 1.2+. SMPP Gateway connections use TLS on port 27775. Bearer tokens are issued per account and can be rotated at any time through your account manager.

Breach notification

In the event of a personal data breach, we notify the relevant supervisory authority within 72 hours and affected clients without undue delay, in line with GDPR Article 33 and 34 obligations.

Sub-processors

Infrastructure sub-processors include OVH (primary EU hosting), Google Cloud (EU regions) and AWS (auxiliary services, EU preferred). All are bound by GDPR-compliant data processing agreements.

DPA requests

Need a Data Processing Agreement or have a GDPR enquiry? Contact our compliance team at privacy@rocotele.com or via the contact form.

Data Protection policy →
Policy documents

Platform policies

Policy
Acceptable Use Policy
Defines permitted and prohibited use cases. Required reading before requesting production access.
Read policy →
Policy
Anti-Spam Policy
Consent requirements, opt-out obligations and prohibited messaging practices.
Read policy →
Policy
Sender ID Rules
Country-by-country sender ID availability, registration requirements and format rules.
Read policy →
Policy
Traffic Approval
Traffic categories that require review before production access and what the process involves.
Read policy →
Policy
Data Protection
GDPR roles, data retention periods, sub-processors and data subject rights.
Read policy →
Questions?
Talk to our compliance team
For traffic approval, gaming review or GDPR data processing agreements, contact your account manager.
Contact us →
Home / Solutions & Industries

Messaging Solutions for High-Volume and Regulated Businesses

SMS infrastructure for enterprise, telecom, aggregator and regulated messaging use cases.

Contact Sales →
Solutions
SMS API · SMPP

Enterprise SMS

Scalable A2P delivery for customer alerts, internal notifications and high-volume operational messaging.

  • REST API and SMPP 3.4 integration options
  • Delivery receipts (DLR) with webhook or SMPP
  • Custom sender IDs where destination allows
  • Commercial pricing based on destination and volume
SMPP · Traffic review

Telecom Aggregators

SMPP connectivity and A2P routing for aggregators that need scalable delivery, DLRs and structured traffic approval.

  • SMPP 3.4 with TLS on port 27775
  • Window-based throughput up to 10,000 SMS/sec
  • Traffic and route review before production
  • Postpaid billing available for approved aggregators
Regulated · Reviewed

Licensed Gaming

SMS delivery for licensed gaming and regulated betting operators. Traffic review, sender ID approval and destination compliance required.

  • Verified operator licensing required at onboarding
  • Country-specific sender ID and content rules enforced
  • OTP, account notifications and deposit alerts
  • Review timeline: 2–5 business days
SMS API · Low latency

Transactional Notifications

Payment alerts, delivery updates, account changes, booking confirmations and customer service notifications with priority routing.

  • API-to-carrier submission under 500 ms
  • Priority routing flag (priority: "high")
  • DLR webhook with HMAC-SHA256 signature
  • Idempotency key support for safe retries
OTP · 2FA · Alerts

OTP & Authentication

One-time password and two-factor authentication delivery with short validity periods, priority routing and accurate DLR feedback.

  • Median handset delivery under 2 seconds
  • Configurable validity period (1–60 min)
  • Numeric and alphanumeric sender IDs
  • Real-time delivery status via webhook
Europe-first · Global

Global Reach

Europe-first coverage with global expansion for approved A2P use cases.

  • Direct and premium A2P routes for EU destinations
  • Coverage for 190+ countries via wholesale routing
  • Sender ID rules applied per destination
  • Rates and coverage on request
Industries

Built for regulated and high-volume messaging

{{ i.no }}

{{ i.name }}

{{ i.desc }}
Platform

What every account includes

Routing

Direct A2P routes to major EU destinations with configurable sender IDs where permitted.

DLR accuracy

Real delivery receipts from carrier networks — not estimated statuses — via webhook or SMPP deliver_sm.

Compliance support

Traffic review, sender ID guidance and per-country rule enforcement across all approved accounts.

Integration choice

REST API (JSON, TLS) or SMPP 3.4 gateway — choose based on your stack and throughput requirements.

Account management

A dedicated contact for onboarding, traffic review and ongoing commercial questions.

Billing flexibility

Prepaid and postpaid options; invoiced in EUR or USDT — wire transfer and crypto accepted.

Find the right messaging solution

Contact Sales →
Home / Contact

Contact Roha & Copita Telecom

Tell us about your traffic, destinations and integration requirements.

Request received

Your email client should open with the request details. If it does not, email sales@rocotele.com directly.
Send a request
Quick requests
The static contact form opens a prepared email to sales@rocotele.com. For privacy enquiries use privacy@rocotele.com; for abuse reports use compliance@rocotele.com.
RCT

Client Portal

Access is available for approved Roha & Copita Telecom clients.

Invalid email or password.

If you are an approved client and cannot access the portal, contact your account manager.
Home / Acceptable Use Policy

Acceptable Use Policy

Effective date: 1 January 2025. This policy governs all traffic sent through Roha & Copita Telecom infrastructure.

1. Purpose

Roha & Copita Telecom provides A2P SMS infrastructure — including SMS API and SMPP Gateway — for legitimate business messaging. This Acceptable Use Policy ("AUP") defines the conditions under which clients may access and use the platform. All clients must agree to this policy before receiving production credentials.

2. Permitted use cases

The platform may be used exclusively for the following categories of traffic:

One-time passwords (OTP) and two-factor authentication (2FA)
Transactional alerts — payment confirmations, booking updates, delivery notifications
Customer service notifications initiated by an existing business relationship
Operational alerts and system notifications for internal or B2B communication
Promotional and marketing campaigns where recipients have provided explicit prior consent
Licensed gaming operator communications, subject to traffic review and sender ID approval
Aggregator traffic that has completed route and traffic review
Enterprise messaging for internal communication, HR, IT operations and workforce alerts

3. Prohibited content and traffic

The following types of content and traffic are strictly prohibited on the platform:

Prohibited categories
Phishing, fraud, and scam messages
Impersonation of banks, government bodies or emergency services
Malware distribution and malicious URLs
Illegal products, services or substances
Unsolicited bulk messaging (spam)
Unlicensed gambling or deceptive gaming offers
High-risk or predatory financial offers
Content that promotes violence, hate or discrimination
Traffic designed to bypass local carrier or regulatory rules
Grey-route or SIM-farm-originated traffic
Adult content where delivery to minors cannot be excluded
Traffic that misrepresents the sender identity

4. Client responsibilities

Clients are solely responsible for:

  • Obtaining and maintaining valid recipient consent in accordance with applicable law
  • Ensuring message content complies with all destination-country regulations
  • Providing accurate traffic descriptions during onboarding and review
  • Maintaining suppression lists and honoring opt-out requests promptly
  • Keeping sender ID registrations current in applicable countries
  • Notifying Roha & Copita Telecom of any material change to traffic type, volume or destination

5. Enforcement

Violations of this policy may result in immediate traffic suspension, account termination and reporting to relevant authorities. Roha & Copita Telecom reserves the right to inspect traffic samples and request supporting documentation at any time.

6. Policy updates

This policy may be updated to reflect changes in applicable law, industry standards or platform capabilities. Continued use of the platform constitutes acceptance of the current version.

Questions about this policy?
Contact our compliance team before sending traffic.
Contact Compliance →
Home / Anti-Spam Policy

Anti-Spam Policy

Roha & Copita Telecom operates a zero-tolerance policy toward unsolicited, deceptive and abusive messaging.

1. Definition of spam

For the purposes of this policy, "spam" means any unsolicited, bulk or deceptive commercial message sent without the prior express consent of the recipient, or sent in violation of the recipient's opt-out request. Spam includes, but is not limited to, messages sent to purchased lists, harvested numbers, or recipients who have not engaged with the sender in a legitimate commercial context.

2. Consent requirements

Clients sending marketing or promotional messages must hold documented evidence of consent for each recipient. Acceptable consent mechanisms include:

  • Opt-in at point of sale or registration — explicit checkbox or affirmative action where the recipient specifically agreed to receive SMS marketing
  • Double opt-in — recipient confirmed consent via a reply SMS or link click after the initial sign-up
  • Written or electronic consent forms — signed documentation stating the sender's brand and the type of messages to be received
  • Existing customer relationship — for transactional messages related to a product or service the recipient purchased, where a reasonable expectation of communication exists

3. Opt-out and suppression

Every marketing or promotional message must include a clear and functional opt-out mechanism. Clients must:

01Include an opt-out instruction in every marketing message (e.g., "Reply STOP to unsubscribe")
02Process opt-out requests within 24 hours and permanently suppress the number from future sends
03Maintain a suppression list and apply it before every campaign send
04Never re-add a suppressed number to a mailing list without fresh, documented consent

4. Message content standards

All messages must meet the following content standards regardless of traffic type:

  • The sender must be clearly identifiable from the sender ID or message body
  • Messages must not contain deceptive, misleading or false information
  • URLs embedded in messages must resolve to the sender's legitimate domain
  • Messages must not impersonate another organization, brand, or government entity
  • Message frequency must be proportionate to the nature of the consent given

5. Destination-specific rules

Many destinations impose additional anti-spam requirements beyond this policy. These may include time-of-day sending restrictions, mandatory sender ID registration, template pre-approval and local consent law requirements. Clients are responsible for compliance with all destination-specific rules. Roha & Copita Telecom may impose additional requirements on a per-destination basis.

6. Reporting spam

If you believe that Roha & Copita Telecom infrastructure is being misused to send you unsolicited messages, please contact us at compliance@rocotele.com with the message content, sender ID, timestamp and your phone number. We take abuse reports seriously and investigate every complaint.

Report spam or abuse
We investigate every complaint within one business day.
Contact Us →
Home / Sender ID Rules

Sender ID Rules

Sender ID availability and format depend on destination country rules. Some countries require registration or pre-approval before delivery is possible.

1. What is a Sender ID?

A Sender ID is the name or number that appears as the originator of an SMS message on the recipient's handset. Roha & Copita Telecom supports alphanumeric sender IDs (e.g., "MyBrand"), numeric long numbers and, where applicable, short codes. The type of sender ID that can be used depends on the destination country's mobile network operators and regulatory framework.

2. Sender ID formats

Alphanumeric
e.g. "Roha&Copita"

Up to 11 characters. Supported in most of Europe. Cannot be replied to. Registration may be required.

Numeric long
e.g. +447911123456

Required in some countries where alphanumeric is blocked. Can be replied to. Leased from Roha & Copita Telecom.

Short code
e.g. 12345

Available in selected markets on request. Requires dedicated registration with the local operator. Higher throughput capacity.

3. Registration requirements by region

Sender ID registration requirements vary significantly by country. The table below summarises the general requirements for key markets:

Country
Alphanumeric allowed
Registration required
Germany
Yes
Yes — pre-registration with operators
France
Yes
Recommended for branded IDs
United Kingdom
Yes
No mandatory registration currently
Italy
Yes
Yes — AGCOM registration
Spain
Yes
Recommended; some operators may block
Poland
Yes
Yes — mandatory registration
Netherlands
Yes
Recommended
Belgium
Yes
Pre-registration may apply per operator

Registration requirements change frequently. The table above reflects general guidelines only. Confirm destination-specific requirements with your account manager before sending.

4. What you need to provide for registration

To register a sender ID on your behalf, Roha & Copita Telecom typically requires:

  • Company legal name and registration documents
  • Proof of brand ownership (trademark, domain registration, or equivalent)
  • Company website URL
  • Sample message text and use case description
  • Target destination countries and estimated monthly volume
  • Contact person with authority to sign the registration declaration

5. Sender ID restrictions

Clients must not use sender IDs that impersonate another company, brand or government entity. Sender IDs must reflect the actual sender's identity. Use of a sender ID that does not belong to the client, or that was not approved during registration, may result in immediate traffic suspension.

Need to register a sender ID?
We handle registration on your behalf in supported markets.
Start Registration →
Home / Traffic Approval

Traffic Approval

Production access to Roha & Copita Telecom requires traffic review. This page explains what to expect and how to prepare.

Submit Traffic for Review →

1. Why traffic approval is required

Roha & Copita Telecom routes traffic exclusively through compliant, high-quality paths. To protect network integrity and comply with operator agreements, all clients undergo a traffic review before production credentials are issued. This allows us to verify the traffic type, sender identity, use case legitimacy and destination fit before any messages are sent.

2. Traffic categories requiring review

The following traffic types always require full review before production access:

Aggregator traffic

Any client routing traffic on behalf of multiple downstream senders must complete route and traffic review before onboarding.

Licensed gaming and betting

Operators must provide a valid gambling license for the target jurisdiction and pass sender ID and content review.

High-volume marketing campaigns

Campaigns with expected volume exceeding 100,000 messages per month require prior consent evidence and message sample review.

Regulated industries

Fintech, healthcare, insurance and other regulated verticals require documentation of regulatory status and applicable compliance frameworks.

Destinations with strict sender ID rules

Traffic to Germany, Italy, Poland and other markets with mandatory sender ID registration must include registration proof before routing.

New clients — all traffic types

All new clients are subject to initial traffic review regardless of message type. OTP and transactional traffic typically receives expedited review.

3. Approval process

01
Submit traffic details

Provide destination countries, monthly volume estimate, traffic type (OTP/transactional/marketing), integration method (API or SMPP) and sample message text.

02
Route and sender ID review

Our team reviews the traffic profile, verifies sender ID eligibility for requested destinations and checks for any compliance flags or documentation requirements.

03
Additional documentation (if required)

For aggregators, gaming operators or regulated verticals, we may request business registration, license documents, website URL or consent evidence.

04
Credentials issued

Once approved, you receive production API credentials or SMPP bind details along with your approved sender IDs, throughput limits and commercial terms.

05
Send and monitor

Go live and monitor delivery reports. Our team may conduct periodic spot-checks on live traffic to ensure continued compliance with approved parameters.

4. Review timelines

24h
OTP & Transactional
2–3d
Standard traffic review
5–7d
Aggregators & gaming

5. Ongoing compliance

Approval is granted for the traffic profile submitted at onboarding. Any material change to traffic type, destination, volume, sender ID or content must be reported to Roha & Copita Telecom before the change is made. Sending traffic outside the approved parameters may result in suspension.

Ready to submit traffic for review?
OTP and transactional traffic is typically approved within 24 hours.
Submit for Review →
Home / Data Protection

Data Protection

How Roha & Copita Telecom collects, processes, stores and protects personal data in connection with SMS delivery services.

1. Data controller

Roha & Copita Telecom acts as a data processor for the personal data of message recipients on behalf of its clients (data controllers). For the purpose of account management, billing and compliance, Roha & Copita Telecom also acts as a data controller for client contact information. This notice applies to both roles.

2. Data we process

Client data (controller)
  • Contact name and email address
  • Company name and billing address
  • API credentials and access logs
  • Payment and invoicing records
Message data (processor)
  • Recipient mobile phone numbers (MSISDN)
  • Message content submitted by clients
  • Delivery receipts and status codes
  • Timestamps and routing metadata

3. Legal basis for processing

Processing is based on the following legal grounds under GDPR Article 6:

  • Contract performance — processing client account data is necessary to deliver the agreed services
  • Legal obligation — retention of certain records is required under applicable law and operator agreements
  • Legitimate interest — traffic logging and delivery receipt processing are necessary for the technical operation of the SMS platform
  • Controller instruction — recipient data is processed exclusively on documented instructions from the client as data controller

4. Data retention

Data type
Retention period
Message logs and delivery receipts
90 days
API access logs
12 months
Billing and invoicing records
7 years (legal requirement)
Client account data
Duration of contract + 2 years

5. Infrastructure and sub-processors

Roha & Copita Telecom uses the following infrastructure providers as sub-processors. All sub-processors are bound by GDPR-compliant data processing agreements:

OVH
European cloud infrastructure. Primary data residency in EU data centers.
Google Cloud
Used for specific platform components with EU region configurations.
AWS
Used for auxiliary services where applicable. EU regions preferred.

6. Your rights

Under GDPR, data subjects have the following rights in relation to personal data we hold as a data controller:

  • Right of access — request a copy of the personal data we hold about you
  • Right to rectification — correct inaccurate or incomplete personal data
  • Right to erasure — request deletion of personal data, subject to legal retention obligations
  • Right to restriction — restrict processing in certain circumstances
  • Right to object — object to processing based on legitimate interests

To exercise any of these rights, contact us at privacy@rocotele.com. We will respond within 30 days.

7. Data breach notification

In the event of a personal data breach that poses a risk to the rights and freedoms of individuals, Roha & Copita Telecom will notify the relevant supervisory authority within 72 hours. Affected clients will be notified without undue delay. Clients who are data controllers are responsible for notifying their own supervisory authority and data subjects where required.

Data protection enquiries
Contact us at privacy@rocotele.com or via the form below.
Contact Privacy Team →