Check Risk Before Verification (Optional)

This use case focuses on Vonage Verify Silent Authentication and demonstrates how it can enhance both security and user experience.

SIM swapping, a method where an attacker transfers a user’s phone number to a new SIM card to intercept OTPs (One-Time Passwords) and gain access to accounts, highlights the risks of relying solely on OTPs. Vonage Identity Insights API addresses this issue by assessing risk factors, such as the recency of a SIM swap, prior to verification. Low-risk users can proceed with Silent Authentication, while higher-risk cases are escalated to OTP or additional checks.

Note: SIM swap checks are provided by the Vonage Identity Insights API (a separate product from Verify Silent Authentication). Using Identity Insights before Silent Authentication is recommended but optional.

Below is a brief explanation and sample implementation of Vonage Identity Insights API. For more information, see the Vonage Identity Insights Technical Details and Vonage Identity Insights Getting Started pages.

When using the Vonage Identity Insights API, users can retrieve any combination of different datasets, known as insights, in a single API call. This cURL request will return the SIM Swap insights:

curl -X POST https://api-eu.vonage.com/v0.1/identity-insights \
  -H "Authorization: Bearer $JWT" \
  -H "Content-Type: application/json" \
  -d '{
    "phone_number": "3932462384260",
    "purpose": "FraudPreventionAndDetection",
    "insights": {
      "sim_swap": {
         "period": 240
      }
     }
    }'