Account Takeover Detection Overview


Fraudsters are increasingly using social engineering and techniques such as SIM Swap and SIM jacking to take over phone numbers belonging to legitimate customers. When successful this enables fraudsters to intercept SMS and other mobile channels, enabling them to access One Time PIN codes and other messages sent to customers.

Enterprises can protect themselves and their customers by using Account Takeover Detection and other Syniverse services such as Multi-Factor Authentication, Phone Number Verification and Right Party Verification.

Service Overview

Account Takeover Detection enables Enterprises to reduce fraud and increase security when communicating with their customers.  Common scenarios where Enterprises use ATO Detection are when authenticating end users using a SMS One Time PIN code, or sending fraud alerts via SMS.

It also protects other channels / methods that use a mobile number, such as voice, WhatsApp and Rich Communication Services

The ATO Detection API is a REST-like server-to-server API and requires Enterprises to host the end-user-facing user interface and obtain end-user consent.

Enterprises call this API to find out if an end-user’s mobile channel may be compromised before deciding to either let the end-user continue in the regular flow or to step up authentication using another channel (e.g. knowledge or inherence factors). This is made possible by Syniverse  analyzing phone signals around the end-user’s SIM and giving the Enterprise an indicator whether the mobile channel has any recent changes that violate a Enterprise’s pre-defined risk tolerance.


API Call



This API call is used to determine if the mobile channel of an end-user has had recent SIM changes (or call forwarding enabled) indicating possible risk of an account takeover.