About Silent Authentication

Silent Authentication uses a mobile phone's Subscriber Identity Module (SIM) to verify a user's identity, without any user input. It checks the user's phone number against their carrier's records to confirm that it is active and legitimate.

Once a request is verified, you can continuously authenticate the user until the request either expires or is canceled by the user.

Advantages

  • Minimal user input - Silent Authentication is very user friendly; once the user has entered their credentials, the authentication process happens in the background. There are no OTP codes to input, making the process as frictionless as possible.
  • No phishing - By moving authentication directly between the carrier and the mobile device, the threat of phishing via SMS is removed.

Requirements

  • The user must own a mobile device - Silent Authentication needs the user to authenticate from a mobile device.
  • A cellular network connection is required - Silent Authentication relies on a verified GSM response from the device to prove its credentials, which is not sent if the user is connected to Wi-Fi. The user must therefore trigger the authentication request using cellular data. You can use our mobile libraries to help force a mobile connection.

Tip: For the best user experience, consider checking that the device has an active mobile data connection before initiating Silent Authentication. If mobile data is unavailable, do not initiate Silent Authentication and proceed directly to your next workflow/channel. For details, see Silent Authentication - Best Practices.

Bypass WiFi for Silent Authentication

Vonage provides two Libraries that you can use in your applications to help you make a HTTP request over a cellular network, even when on WiFi. These are available through GitHub:

Click on each platform for more details, including installation instructions, compatibility information, and usage examples.

Implementation

Silent Authentication can work both synchronously and asynchronously (using webhooks). You will learn more about each implementation later in this course.

More Info

For detailed information on Coverage Check, Environments, Availability, and Regional Considerations, see the Silent Authentication conceptual guide.