Masterclass eleven – A guide to integrating 2-factor authentication (2FA) phone number validation

Welcome to lesson eleven of our omnichannel masterclass. Data is everywhere, and, these days, easy to obtain. But it’s never been more essential to your business and to your customers that you ensure your data is accurate and secure. From identity confirmation and two-factor authentication, to cost efficiency and accelerated open rates, using (and maintaining) high quality data for your customer phone numbers can be the make or break of your business.

Verification at point of capture

Verifications APIs can be used to allow businesses to verify a user’s mobile number at the point of capture. Not only does this ensure your company records are accurate for crucial sends, it also protects the user from a typing error, or identity fraud.

For example, a bank could use a verification API to ensure customers can be contacted in the event of payment failure. Doctors or dentists who use patient numbers to send alerts, reminders and notifications about patients’ appointments user verification APIs to reduce missed appointments, saving time and money. Whilst in retail, verification APIs ensure data compliance for sending marketing and promotional material by making sure they have consent from the owner of the number.

Your message provider would send a one-time passcode (OTP) to the number entered on your company’s website (or other data capture methods such as forms inside your app) which the user can then enter back into the site. This is known as two-factor authentication and confirms that:

  • the number is in use
  • the user’s number has been typed correctly
  • the user is not attempting to use a dummy number, or a number that does not belong to them
  • the number is formatted correctly (including the regional code) for your database and will therefore be correct for any API sends, or sends within a CPaaS system.

For your customers, they are reassured by efforts to ensure their data is accurate and their identities safe (especially important for health or financial industries, but no doubt a consideration for every company). For your business, you can be certain that numbers you are sending to are accurate and relevant, increasing delivery, open and click-through rates as a result. Comapi recommends that all mobile numbers are verified at the point of contact for these reasons. Your provider should also be able to offer more detailed intelligent reporting that you can use to drive further action within the business.

Your provider should be able to offer this as a bulk service for you, incorporating the verification straight into the capture page of your site or app.

Database validation

So you employ a verification API to make sure any new data is clean, organised and compliant but what about existing data? There are also database validation services available that enable you to cleanse your data and ensure you are sending to valid numbers. For example companies may cleanse their database and find that their campaign sends are significantly less, without comprising the amount of click through they were receiving, and that the delivery rate of their campaigns has significantly improved. Large, evolving databases such as those of students and potential students applying to higher education programmes regularly use validation services as their database has users with mobile numbers all over the world, or users who typically change their numbers shortly after the point of capture due to moving out of the country.

Other advantages of validation services include:

  • ensuring your message sends are cost-efficient and effective, by eliminating the cost of sending to dead numbers
  • helping to ensure you are adhering to data compliance rules (especially since we can determine if a mobile user is currently roaming, or if a number is dead as keeping this number until it is recycled could result in an unauthorised message being sent)
  • refreshing old data, maintaining its relevance for business use
  • optimising your open and click-through rates by only sending to valid numbers
  • receiving data and reporting from the validation services to learn more about the users in your database (such as whether the number is dead, out of signal, or roaming) which you can then act accordingly on.

dotdigital is now ISO 27701 certified

We’re extremely proud to announce that dotdigital has been awarded ISO 27701 certification; demonstrating our ongoing commitment to privacy and trust. So, what is ISO 27701? The International Organization for Standardization (ISO) is an independent organization that…

How to prepare for the 2021 holiday season

Holiday marketing is a priority for brands across the globe. The months leading up to the end of the year are some of the busiest sales periods in the marketing calendar. Regardless of whether you’re an ecommerce…

What is customer-centric email marketing?

If you want to drive the marketing results you want, you need to be thinking about the experience you’re delivering. What are the benefits for the subscriber?  It’s important to remember that email is an inbound marketing…