ACR HTTP enrichment

Operators can provide an ID to portals using a unique identifier, without exposing the user's secure information (for example, the MSISDN). For this purpose, AA supports header enrichment with Anonymous Customer Record (ACR) of two types: static ACR and dynamic ACR.

A static ACR is always the same for a user. The content provider is not able to retrieve the user's MSISDN, but can track the number of times the same user has connected. To make the encryption result deterministic for the static ACR, the encryption must have padding with null ASCI characters. This ensures the same sequence of bytes is produced every time.

A dynamic ACR is created during session establishment and remains the same while the session is active. A new dynamic ACR is generated when the user reconnects. With a dynamic ACR, the operator cannot track the user's MSISDN or the number of times the user accessed the portal.

Table: ACR formats describes how an ACR is constructed.

Note: The exceptions mentioned in HTTP enrichment exceptions, also apply in ACR HTTP enrichment.
Table: ACR formats
Code Description Format Length Notes

CC

Country Code

NUM

3 digits

Example: 234 (UK)

NC

Network Code

NUM

3 digits

Example: 015

T

ACR Type

CHAR

4 characters

"STAT" or "DYNM"

RC

Date and time of transactions

"RSV" ||

CCYYMMD

DT

hh:mm:ssZ

23 characters

The string "RSV" followed by the date time (ISO8601 date), followed by the character "Z" with no spaces

Example: RSV2009-07-09T15:51:15Z

Encrypted

Encryption of the MSISDN and timestamp

344 characters

STAT = encrypted MSISDN

DYNM = encrypted [ISO8601 date + MSISDN]

The timestamp defines the creation time of the ACR

The format of MSISDN is without '+' and leading '0