Multi-Factor Authentication Overview
Syniverse Multi-Factor Authentication API (MFA) Service is available globally.
With identity theft being the fastest growing crime worldwide, companies need a way to protect their customers and safeguard their businesses from fraud. Syniverse Multi-Factor Authentication Service (MFA) provides companies with a set of APIs that enable a user’s identity to be verified by using multiple information sources. This REST-based authentication service generates and verifies a one-time password to authenticate a user’s identity via their mobile device. Additionally, the service enables customers to integrate their application with Syniverse’s API to trigger the delivery of a customized token and verify the authenticity of their end-users via SMS, voice or push notification. The Multi-Factor Authentication service supports a unique set of functionalities that allows Developers or Enterprise customers to easily initiate an authentication or verification flow for via their own UI application.
MFA service supports a wide range of features that provide customers with flexibility in developing a compelling authentication and verification solution:
- Delivery of token to end-users via SMS, push or voice
- Configuration and storage of multiple applications that drives MFA behavior
- Association, validation and storage of end-user mobile numbers with an application
- Generation and validation of MFA tokens
- Customizable token length and format ( e.g. numeric, alpha, alphanumeric, complex)
- Customizable token validity duration
- Message templates for easy customization of SMS and voice token delivery message
- Optional public channel for quick and easy SMS delivery of token to end-user
Multi-Factor Authentication requires a subscription to SMS, push or voice API services for token delivery. Additional charges apply for delivery services. Customers are encouraged to familiarize themselves with the Messaging Quickstart Guide.
- Enterprise/Developer: Utilize MFA APIs to perform Multi-Factor Authentication login flows
- End-User: Receives SMS, push messages or voice calls from the MFA service with authentication tokens
Supported Use Cases:
- Password resets
- 2-factor authentication
- Mobile number association and validation
- Number verification
- User verification
- Enterprise/developer uses MFA API to initiate an associate flow
- MFA generates a token using the application configuration and sends this token via SMS, push or voice to the end-user.
- The end-user enters the authentication token in the enterprise/developer application or UI
- The enterprise uses the MFA APIs to validate the token and complete association of the mobile number
- Subsequent authentication flow: The enterprise application can submit a login to start to generate and deliver a token to the end-user
- MFA delivers a token via the enterprise choice of service to end-user
- Repeats steps 3 and 4
For access to MFA API resources, please visit the MFA API resource page
- SMS API Service: Supports personalizing messages, sending and receiving messages with different content types, recognizing and tracking threads of conversations and conversion events, and providing a higher level of analytical information on communication events
- Voice API Service: Provides a set of calling features and functionalities that allow customers to trigger outbound calling to one or more recipients.
- Push API Service: Offers an optional push notification mobile SDK that supports iOS and Android applications and interacts with our REST-based APIs.