Getting Started with Mobile Data Plan Sharing
Stay organized with collections
Save and categorize content based on your preferences.
Terminology
- GTAF: Google Traffic Application Function. A Google service that
implements the Data Plan Sharing API and interacts with DPAs on behalf of
Google applications. Google applications can query GTAF for the user's data
plan information. Alternatively, if the Google applications register with
GTAF, GTAF can send updates about the user's data plan.
- MSISDN: Mobile Station International Subscriber Directory Number, a
number uniquely identifying a subscription in a mobile network. More
commonly known as phone number.
- CPID Endpoint: A service implemented by mobile network operators that
generates a carrier plan identifier (CPID) that can be used to look up the
user's data plan information. CPID allows an application to query for
details of a user's data plan without accessing the user's MSISDN. We
describe the procedure for generating CPIDs below.
- User Key: User key is a string that can be used to identify a user's
data plan. This can be either the CPID or MSISDN for applications which have
access to the MSISDN.
- DPA: Data Plan Agent, a service implemented by mobile network operators
that shares user data plan information with GTAF. The DPA can share
information with GTAF by using a combination of sending data using Google
Mobile Data Plan Sharing API and implementing the Data Plan Agent API. The
DPA can optionally act as the CPID endpoint as well.
- UE: User Equipment, device used by the user.
Requirements Language
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD",
"SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in these guides are to be
interpreted as described in RFC 2119.
Mobile Data Plan Sharing
At a high level, the Mobile Data Plan Sharing comprises three parts:
- Mechanism to establish and update a carrier plan identifier (CPID) which can
be used as user key. Applications that have access to MSISDN, MSISDN can
use it as user key.
- A Google Mobile Data Plan Sharing API which allows the DPA to send
information about a user's data plan to Google. For example, if the DPA
wants to notify the user of an offer, it can notify GTAF which in turn
notifies the user.
- A Data Plan Agent API implemented by the DPA which allows GTAF to query the
DPA for information about the user's data plan. For example, if an
application wants to display current data plan balance to the user, it can
query GTAF which in turn queries the DPA.
The rest of this page introduces data plan terminology and details how to
establish a CPID. Google Mobile Data Plan Sharing API and the Data Plan Agent
API Specification follow next.
Security Requirements
The operator SHALL take all necessary precautions to protect the private
information of their subscribers. Specifically, to minimize exposure of the
subscribers’ phone numbers the CPID endpoint SHOULD be inside your security
perimeter. Moreover, for cases where the operator employs DPI, the operator
SHOULD encrypt the MSISDN before injecting it to the HTTP request.
If the CPID endpoint is not your security perimeter (e.g., when the CPID
endpoint is deployed on a public cloud) the operator SHOULD not transmit the
MSISDN over the public Internet in the clear. The operator can establish a VPN
between the DPI and the CPID endpoint (see Figure 1) or encrypt the MSISDN
before injecting it in the header. The latter approach assumes that the CPID
endpoint can decrypt the injected header to recover the MSISDN before generating
the CPID. Furthermore, the operator SHALL guard the secret key used to generate
the CPID and rotate this key according to operator security policies.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2023-10-03 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2023-10-03 UTC."],[[["\u003cp\u003eMobile Data Plan Sharing allows Google applications to access user data plan information like balance and offers through secure communication with Data Plan Agents (DPAs).\u003c/p\u003e\n"],["\u003cp\u003eCarrier Plan Identifiers (CPIDs) or MSISDNs act as unique user keys to identify and access data plan details, enhancing user privacy.\u003c/p\u003e\n"],["\u003cp\u003eDPAs, implemented by mobile network operators, share user data plan information with Google Traffic Application Function (GTAF) via Google Mobile Data Plan Sharing API and Data Plan Agent API.\u003c/p\u003e\n"],["\u003cp\u003eSecurity measures, such as encrypting MSISDNs and securing CPID endpoints, are crucial for protecting user privacy in data plan sharing.\u003c/p\u003e\n"],["\u003cp\u003eOperators are responsible for safeguarding user data and adhering to security best practices outlined in the requirements language section, especially concerning private information like MSISDNs.\u003c/p\u003e\n"]]],[],null,["# Getting Started with Mobile Data Plan Sharing\n\nTerminology\n-----------\n\n- **GTAF**: Google Traffic Application Function. A Google service that implements the Data Plan Sharing API and interacts with DPAs on behalf of Google applications. Google applications can query GTAF for the user's data plan information. Alternatively, if the Google applications register with GTAF, GTAF can send updates about the user's data plan.\n- **MSISDN**: Mobile Station International Subscriber Directory Number, a number uniquely identifying a subscription in a mobile network. More commonly known as phone number.\n- **CPID Endpoint** : A service implemented by mobile network operators that generates a *carrier plan identifier* (CPID) that can be used to look up the user's data plan information. CPID allows an application to query for details of a user's data plan without accessing the user's MSISDN. We describe the procedure for generating CPIDs below.\n- **User Key** : *User key* is a string that can be used to identify a user's data plan. This can be either the CPID or MSISDN for applications which have access to the MSISDN.\n- **DPA**: Data Plan Agent, a service implemented by mobile network operators that shares user data plan information with GTAF. The DPA can share information with GTAF by using a combination of sending data using Google Mobile Data Plan Sharing API and implementing the Data Plan Agent API. The DPA can optionally act as the CPID endpoint as well.\n- **UE**: User Equipment, device used by the user.\n\nRequirements Language\n---------------------\n\nThe keywords \"MUST\", \"MUST NOT\", \"REQUIRED\", \"SHALL\", \"SHALL NOT\", \"SHOULD\",\n\"SHOULD NOT\", \"RECOMMENDED\", \"MAY\", and \"OPTIONAL\" in these guides are to be\ninterpreted as described in [RFC 2119](https://www.ietf.org/rfc/rfc2119.txt).\n\nMobile Data Plan Sharing\n------------------------\n\nAt a high level, the Mobile Data Plan Sharing comprises three parts:\n\n1. Mechanism to establish and update a carrier plan identifier (CPID) which can be used as *user key* . Applications that have access to MSISDN, MSISDN can use it as *user key*.\n2. A Google Mobile Data Plan Sharing API which allows the DPA to send information about a user's data plan to Google. For example, if the DPA wants to notify the user of an offer, it can notify GTAF which in turn notifies the user.\n3. A Data Plan Agent API implemented by the DPA which allows GTAF to query the DPA for information about the user's data plan. For example, if an application wants to display current data plan balance to the user, it can query GTAF which in turn queries the DPA.\n\nThe rest of this page introduces data plan terminology and details how to\nestablish a *CPID*. Google Mobile Data Plan Sharing API and the Data Plan Agent\nAPI Specification follow next.\n\nSecurity Requirements\n=====================\n\nThe operator SHALL take all necessary precautions to protect the private\ninformation of their subscribers. Specifically, to minimize exposure of the\nsubscribers' phone numbers the CPID endpoint SHOULD be inside your security\nperimeter. Moreover, for cases where the operator employs DPI, the operator\nSHOULD encrypt the MSISDN before injecting it to the HTTP request.\nIf the CPID endpoint is not your security perimeter (e.g., when the CPID\nendpoint is deployed on a public cloud) the operator SHOULD not transmit the\nMSISDN over the public Internet in the clear. The operator can establish a VPN\nbetween the DPI and the CPID endpoint (see Figure 1) or encrypt the MSISDN\nbefore injecting it in the header. The latter approach assumes that the CPID\nendpoint can decrypt the injected header to recover the MSISDN before generating\nthe CPID. Furthermore, the operator SHALL guard the secret key used to generate\nthe CPID and rotate this key according to operator security policies."]]