Overview
To align with the nationwide security mandate issued by the Infocomm Media Development Authority (IMDA) of Singapore, 8x8 is enforcing a minimum encryption standard of TLS 1.3 for all connections transmitting SMS traffic into the Singapore region.
This requirement applies to both HTTP API and SMPP integrations and became effective as of April 1, 2026.
Technical Specifications by Connection Type
1. For HTTP API Customers
Connections attempting to utilize legacy encryption protocols (TLS 1.2 or lower) will be rejected at the gateway with the following response:
HTTP Status Code:
426 Upgrade RequiredError Code:
1014Description:
TLS 1.3+ is required for Singapore-bound messages.
2. For SMPP Customers
To remain compliant, SMPP clients must transition away from unencrypted ports and legacy TLS versions.
Required Protocol: TLS 1.3
Required Port:
2776(TLS Encrypted)Note: Connections to the unencrypted port
2775or connections using TLS 1.2 on port2776will be terminated for Singapore-bound traffic.
Required Actions
Step 1: Technical Review
Coordinate with your DevOps or Engineering team to audit your current integration settings:
HTTP Users: Verify that your API client is configured to negotiate TLS 1.3.
SMPP Users: Check your SMPP server settings to confirm the destination port and encryption protocol.
Step 2: Protocol Upgrade & Re-routing
HTTP Users: Promptly switch your connection protocol to TLS 1.3.
SMPP Users: Update your configuration to use Port 2776 with TLS 1.3 encryption enabled.
Step 3: Validation
After updating your settings, we recommend performing a test submission to a Singapore destination to verify successful connectivity.
HTTP: Confirm receipt of a standard
200 OKorAcceptedresponse.SMPP: Ensure a successful
BIND_TRANSMITTERorBIND_TRANSCEIVERPDU is established over the encrypted port.
Frequently Asked Questions (FAQ)
Why is this mandatory? This is a nationwide mandate by the Singapore government (IMDA) to protect the mobile ecosystem from cybersecurity threats. All service providers must enforce these standards to terminate traffic into the country.
What happens if I don't upgrade?
All non-compliant traffic (Unencrypted or TLS 1.2) toward Singapore will be blocked. This is a hard-stop requirement to meet IMDA regulatory standards.
Does this affect traffic to other countries?
While 8x8 recommends TLS 1.3 for all global traffic to ensure maximum security, this specific "hard-block" currently applies only to the Singapore route.
Support and Assistance
If your team requires specific technical documentation regarding 8x8’s TLS 1.3 endpoints for HTTP or SMPP, please contact our support team:
-
Email: cpaas-support@8x8.com