This content originally appeared on Twilio Blog and was authored by Kelley Robinson
Silent Network Authentication (SNA) is a new way of verifying users with their mobile carriers without requiring any user input. This authentication method uses GSM authentication under the hood to provide strong security assurance without the added friction of entering a one-time passcode or downloading a special authentication app.
The basic user experience looks like this: the user enters their phone number, the application performs the authentication in the background and verifies the user without any additional passcodes or other input.
Learn more about how SNA works on the blog or start using the API by following the tutorial below.
Prerequisites for building with Silent Network Authentication
To follow along with this tutorial you will need to:
- Sign up for or sign in to your Twilio account.
- Request access to the API and Live Test Number feature (24 hour turnaround).
- Add your personal phone number in the console for testing (see supported carriers).
- Create a Verify Service in the Twilio Console.
For production usage, carriers require additional approval. Start the 2-4 week process by submitting this form.
How to verify users with SNA
There are 3 main steps to verifying users with SNA:
- Start the verification process
- Invoke the
sna.url
on a mobile device. This is the key feature of SNA that activates the background verification by talking directly to the mobile carrier. - Check the verification status
Step 1: start the verification process to get the sna.url
Replace the phone number in the To
parameter with your personal phone number for testing (see supported carriers). This is the same API you would use to send an SMS, WhatsApp, or email verification.
curl -X POST https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/Verifications \
--data-urlencode "Channel=sna" \
--data-urlencode "To=$MY_PHONE_NUMBER" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN
Grab the nested sna.url
from the response:
{
"sid": "VEXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"service_sid": "VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"account_sid": "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"to": "+15017122661",
"channel": "sna",
"status": "pending",
"valid": false,
"date_created": "2015-07-30T20:00:00Z",
"date_updated": "2015-07-30T20:00:00Z",
"send_code_attempts": [
{
"time": "2015-07-30T20:00:00Z",
"channel": "sna",
"attempt_sid": "VLXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
],
"sna": {
"url": "https://mi.dnlsrv.com/m/id/ANBByzx7?data=AAAglRRdNn02iTFWfDWwdTjOzM8o%2F6JB86fH%2Bt%2FFftUPj0pFA0u8%2FibWuYwzmMeMOtdTwYlsO8V%2FXF%2BJmngMhbeGKYhHeTOF2H9VrGEYKcEEklPxHgb5GgL3XtYa33j3lIU%2By6InvoV%2FowWHBzA0QeFPBh6vmJ8LoUPJqGE7q0PRz618Z4ym1AGq%2BaomSq9PlP4rCduv9Cmtxu%2FrvPSBwocs0GCWDE8seK8t9epmPQW7gwODxkAiKr9UxhJd9KvmBVuAQPf%2BoFQVo86USXkhXqTvUzB2bNUYY9FCy3CWgZFTOa1D3H1CVxf1eHzYIswNA7SmOzP%2FBX8g6%2B0hkzwMRkcit3gBNs4evAVJiqAgYvUlrtGwwv9bFx4X7jWSHY4%3D&cipherSalt=yANeDq09bwM38SJs"
},
"url": "https://verify.twilio.com/v2/Services/VAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/Verifications/VEXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
Step 2: invoke the sna.url
from a mobile device
Because SNA uses network authentication, disconnect from Wi-Fi before invoking the URL from a mobile browser.
For testing purposes, send yourself the sna.url
via email or something like AirDrop then click on the link from your mobile device. You should see ErrorCode=0
in the browser.
If you embed SNA in your mobile application, you can force the request to use mobile data without needing to turn Wi-Fi off. Learn more.
Step 3: check the verification
Finally, check the status of the verification with the following command. If the network authentication was successful, the status will be "approved".
curl -X POST https://verify.twilio.com/v2/Services/$VERIFY_SERVICE_SID/VerificationCheck \
--data-urlencode "To=$MY_PHONE_NUMBER" \
-u $TWILIO_ACCOUNT_SID:$TWILIO_AUTH_TOKEN
This API request will generate a response that looks like the following. Note the approved status
. If the status is still pending the verification was unsuccessful.
{
"status": "approved",
"payee": null,
"date_updated": "2022-10-26T17:11:53Z",
"account_sid": "ACxxx",
"to": "+14151234567",
"amount": null,
"valid": true,
"sid": "VExxx",
"date_created": "2022-10-26T17:08:24Z",
"service_sid": "VAxxx",
"sna_attempts_error_codes": [],
"channel": "sna"
}
If the verification status
is approved, you can proceed to log in the user, validate a transaction, or complete whatever other trusted process you were gating with the verification process.
SNA error handling
Always check the error code on the API response at each step. SNA errors begin with 605xx and will be available at the check verification step. Check out the documentation for more error handling guidance. In general, you can failover to SMS OTP for all error codes except 60540.
How to take SNA into production
Once you've tested SNA you'll want to start the carrier approval process in order to make requests on customer data - this is required by carriers in order to query the real-time connectivity information that powers SNA behind the scenes. Reach out to our sales team if you have any questions about this process.
Then, check out the best practices for SNA guide for more information on how to handle implementation details, do error handling, manage edge cases, and scale the solution globally.
Like any verification solution, you will want to consider backup channels. The multi-channel Verify API has you covered with SMS, WhatsApp, Email, Push, and more. I can't wait to see what you build and secure!
This content originally appeared on Twilio Blog and was authored by Kelley Robinson
Kelley Robinson | Sciencx (2022-10-27T18:18:05+00:00) How to add Silent Network Authentication to your application. Retrieved from https://www.scien.cx/2022/10/27/how-to-add-silent-network-authentication-to-your-application/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.