MMS messaging is a store and forward protocolsimilar toSMS. Native MMS protocols leverage both HTTP and SMTP to exchange messages and therefore supports the same set of encryptionstandards (for example,TLS) for data in transit. MMS delivered to and from a mobile device will always use the carrier access point ratherthan aWiFinetwork to retrieve the content from the network. This limits the ability for bad actors to intercept message content at the edge.
Unlike OTT messaging apps which apply end-2-end encryption, MMS messages are stored encrypted but are then decrypted at each hop as they traverse through the networkin order toapply business rules, routing, transcode the content, normalize the syntax, apply filters and convert between protocols. Behind firewalls, these message routing systems are not accessible to the public internet. Service Providers have created APIs to make it simpler for businesses to send and receive MMS and connect into these message routing networks. The security of these Service Provider API endpoints is implementation based.