Twilio has a collection of account security APIs, SDKs and pre-built mobile and desktop apps that allow you to address three important steps in the lifecycle of user accounts in your application:
Not sure which product to implement? We've written up the most important best practices to follow and things to consider in our Choosing Your Account Security Implementation guide.
With our RESTful APIs, you are able to integrate account security features deeply into your application. You'll keep control over branding, flow and user experience while avoiding the hassle of building the security logic and scaling the platform. The APIs are:
For authentication, while SMS and voice is widely available for most users, it's advisable to go with the more secure options of app-generated soft tokens or push authentication. We've written up the main differences between Authy and Verify here. To save developer time, we've already built an authentication app for iOS, Android, Windows and MacOS. The app, called Authy, is an essential link between your users and their trusted devices, allowing them to self-serve account recovery when locked out.
The free Authy app is great if you'd like to avoid building your own apps. If you do choose to build your own mobile app, you can also elect to integrate the account security SDKs. These SDKs can also be used simultaneously with the Authy app if you choose.
Account Security consists of a number of shared APIs that expose activity and data from across both the Verify and Authy APIs.