Services
Mobile Identity is a set of services. Currently, Infobip offers three services:
- Silent Mobile Verification
- Number Intelligence
- SIM Swap Detection
To enable these, contact your dedicated account manager.
Silent Mobile Verification
This verification service is an integral part of Mobile Identity. It works by matching the end-user’s phone number with the mobile network operator’s data.
This is a seamless process and requires no additional effort from end users (aside from consent). It represents a new, more elegant way to achieve two-factor authentication (2FA) (opens in a new tab) without one-time PIN (OTP) (opens in a new tab). There are no OTPs, end users are not involved, using mobile identity prevents social engineering and manipulation.
Silent Mobile Verification, triggered at any time, can also be used to check if the SIM card is still in the mobile device. It is used during steps such as registration, onboarding or checkout. However, it can also be used during the entire user journey as an additional security check for each action the end user performs. This is especially useful for long sessions, as it significantly reduces the risk of fraudulent activities such as account takeover.
This type of verification eliminates the complicated and often time-consuming verification process. It improves user experience by removing the need for traditional OTP verification or tokens, using real-time mobile network signaling to confirm that the request came from the authorized device.
Number Intelligence
Number Intelligence enables businesses to get more information about phone numbers and subscriber attributes by leveraging global Infobip connectivity to access to this valuable information.
Available attributes:
- National identity number match - Verify if the provided phone number and National Identity number match carrier records.
- SIM Swap check - check when the last mobile phone number (MSISDN) and IMEI were paired.
Number Intelligence can be used at different stages of the user journey, from onboarding to authentication. For example, when onboarding a new user, you can verify if the data that a user provides (i.e. their phone number and national identity number) matches carrier records.
When there is a risk flagged that an account may be compromised, SIM Swap check can prevent an account takeover attack, so before sending OTP to the subscriber’s phone number, you can verify if there was a SIM Swap event in the recent period.
Infobip will only charge for successful number intelligence executions where attribute results are provided in a response.
How it works
Number Intelligence starts with the client application invoking the Number Intelligence API (opens in a new tab), posting the MSISDN that the client has for the end user accessing the client services, a callbackURL
where query results are sent, and any other attributes requested (like a national identity number).
Once the request has been received, Infobip will verify and validate the request and perform a query to the relevant network operator or other data source.
When the carrier returns the response, Infobip will parse the information and create a response that is sent as a post request in the callbackURL
defined during the initial request.
SIM Swap Detection
SIM swap is commonly known as a change of MSISDN/IMSI pairing in the network. This allows subscribers to legitimately move their mobile number (MSISDN (opens in a new tab)) from one SIM card to another.
For example, if the end user either loses, damages their existing SIM card, or upgrades to a new device with a different SIM card form factor. After a SIM swap is actioned on the network, the customer MSISDN will be associated with the new International Mobile Subscriber Identity (IMSI (opens in a new tab)) of the new SIM card.
SIM swap can be a form of account takeover fraud. This means exploiting a mobile network operator’s ability to port a telephone number to a new SIM seamlessly. The fraudster, now in possession of the mobile number, can use it to access the customer’s applications.
SIM Swap Detection Service
SIM Swap Detection service might indicate if there has been a case of an account takeover fraud. The detection is based on checking the IMSI list for changes to the SIM activation date. This information helps flag any suspicious activity and keep customers protected.
SIM Swap Detection via API
Mobile Identity is driven by a powerful API to handle your SIM swap detection needs. Take a look at Mobile Identity API (opens in a new tab) to request SIM swap detection.
SIM Swap Detection via Web Interface
If you do not want to use the Mobile Identity API (opens in a new tab) to request a SIM swap, you can now use the web interface.
SIM Swap Detection via the web interface is largely the same as checking for a SIM swap via API. You first need to prepare a file for upload that contains the numbers for import and the time in hours to be checked and then upload the file to the system.
Prepare the import file
To ensure a successful SIM swap detection, you need to spend some time preparing the file you want to upload.
There are a few important rules to follow to ensure that the file is correct so that the import does not fail:
- Supported file format is .csv or .txt
- Maximum file upload size is 2MB or 50,000 MSISDNs
- The file must only include phone numbers (international format, i.e., +44 and without spaces) and the period you want to check (in hours). See file format example below.
- The user has to specify the period in hours that should be checked for a SIM swap. Each country has different time periods available for SIM Swap detection but most MNOs offer checks over 24 hours. Contact your account manager if you are unsure which countries and corresponding time periods are available.
File format example
Your .csv or .txt file should be structured in the following way. Add each entry to a separate line in the file, and separate the phone number and time period the data using ; with no spaces. For example:
+447911802149;24
+31777100001;24
Upload SIM Swap File
When you have prepared your file you can import it by following these steps:
- Navigate to Channels and Numbers → SIM Swap Detection → Detect SIM Swaps.
- Select the file you wish to upload from your system and click Next.
- Provide an email to receive an optional email notification once upload is complete.
- When you are done, click Check File to start processing the file.
The processing time of a file varies depending on the size of the file uploaded. Refer to the Prepare the import file section above to learn more.
If you chose to be notified by email when processing is complete, you will receive an email with a download link that is valid for 72 hours. Alternatively, files that have been processed will be visible in the SIM Swap Detection area on the web interface. From here, you can download the file or delete it.
There is a 60 day request expiration limit on files. You will see the 'Expired' status against files.