Verify Push is in Public Beta.
Verify Push helps you verify users by adding a low-friction, secure, cost-effective, "push" authentication factor into your own mobile application. This fully managed API service allows you to seamlessly verify users in-app via a secure channel, without the risks, hassles or costs of One-Time Passcodes (OTPs).
See how Transferwise added the Verify Push experience into their mobile app, securing over 8 million user accounts:
How does Verify Push work?
Verify Push consists of an API and client SDKs. These components work together to turn your user's Android/iOS devices into a secure key via a well-known method called public-key cryptography. To learn more about this method, check out this talk by @PhilippeDeRyck starting at 1:28:00.
How will my users experience Verify Push?
With Verify Push, you still have the flexibility of completely customizing your own UI and user experience. To get inspired, watch how Transferwise customized their UI on top of Verify Push. For a third-party example, check out Google Prompt.
Which verification use cases can Verify Push replace SMS/Voice OTP?
Verify Push SDK can replace SMS/Voice OTP for all Authentication use cases, but not all Account Creation & Recovery use cases. How much each use case contributes to your overall verification volume varies widely depending on your product’s design and usage patterns.
What if my product doesn't have a mobile app?
Based on popular demand, we started with the SDK version of Verify Push for adding push verification to a customer's own mobile app. In the near future, we'll release an SDK for web client apps that doesn't require the user to install any mobile/desktop app. We'll also integrate Verify Push into the Twilio Authy apps, including the desktop app for users who don't have a smartphone. If you're interested in these options, complete the interest form and we'll follow-up with details.
What’s the difference between Verify Push and Authy Push (OneTouch)?
In general, Verify Push is our newer, better version of Authy "OneTouch" push authentication.
We named Twilio Verify Push SDK to reflect how this new feature fits into the overall Twilio product taxonomy below. Twilio Authy is shown for comparison.
- Verify - API platform
- Push - verification factor/channel name
- SDK - client SDK option for integration into 3rd-party app
- for Authy app - integration into Twilio Authy app (available in future)
- Authy - API platform
- OneTouch - existing push verification factor/channel into Authy App
- Authy app - free consumer mobile/desktop authenticator app
The new version enables a similar end-user experience, but we've dramatically improved privacy, security, control, and ease-of-implementation. We’ve taken all the learnings from customers using Authy in the real world and re-imagined the product from the ground-up. It's under the Verify name to indicate that the new version is built on the Verify platform, our single, omnichannel API for developers to add user verification across SMS, Voice, Email, and now Push channels going forward.
Note: Verify Push is not replacing the Twilio Authy authenticator apps, and will integrate with them in the future.
Here is a non-exhaustive list of improvements included in Verify Push:
- No PII required. Authy requires the user’s phone # and email. Some customers were not comfortable asking for / providing this PII data.
- More control of user identity. With Authy, the end user controlled their own user identity (Authy ID), which was shared across Authy API customers. This meant that a customer couldn’t update their user’s phone number if it changed - the user had to go through Authy’s phone change process themselves. With Verify Push, customers create and control their users identities.
- More control of registered devices. Verify Push lets customers remove a registered device or send a Challenge to a specific registered device. This is not possible with the current version of the Authy API.
- Improved developer experience. Verify Push SDKs are smaller than their Authy predecessor and are available as inspectable code libraries.
Are you going to deprecate Twilio Authy OneTouch?
Authy OneTouch will continue to be available for new implementations and be supported for the forseeable future.
We understand that some customers will still prefer Authy OneTouch to Verify Push for the Authy App for its built-in account recovery features and seamless device registration with phone number matching. Not sure which implementation is right for you? Get in touch, we're happy to talk through your options.
How is customer support handled?
As Verify Push is in Beta, support tickets are directly handled by the engineering team. See the Twilio Beta Product Support policy to learn more.