Verify Silent Network Auth (SNA) is currently in the public beta release stage, talk to an expert to request access to this feature.
Silent Network Auth (SNA) is the next generation SIM-based authentication method that confirms phone number possession in real-time without compromising security. Authenticate real, unique end-users without impacting the customer experience. Read What is Silent Network Authentication? on the Twilio Blog for more information on how it works under the hood.
SNA is now available natively through the Verify API.
2. Complete the carrier registration form to start the 2-4 week approval process.
- Verify Silent Network Auth is priced per country. The pricing consists of a Verify fee per successful verification and an SNA channel fee that is priced per country. Contact sales for the SNA country price list.
- For testing use, the first 1,000 SNA verification attempts are free per enabled Account SID. This usage limit is for the life of the Account SID. An Error 20429 will be returned when this limit is reached.
- For production use and to have the usage limit removed on the Account SID, a sales contract (order form) specifying per-country pricing needs to be executed with Twilio Sales.
Always check the error code on the API response at each step. SNA errors begin with 605xx. In general, you can failover to SMS OTP for all error codes except 60540. Comprehensive best practices for error handling can be found in the documentation.
Twilio Verify SNA is live in 10 countries, including the US, Canada, UK, Germany, France, Spain, India, Indonesia and more. Reach out to learn more about our coverage.
The main source of latency for SNA is invoking the
sna.url on the device. This step usually takes around 2-3 seconds but may take up to 4 seconds. This is where Twilio is making a request directly with the carrier to confirm the data session is live.
You may receive Error 60519 if you try to check the verification status before the carrier verification is complete.
The additional API requests to obtain the
sna.url and check the verification each take less than 100ms.
A billing event is triggered after you have invoked the
sna.url and the verification is approved or you receive an error code of 60500 (SNA Phone Number Mismatch) or 60540 (SNA Carrier Identified Invalid Phone Number). Other errors will not trigger a billing event. See Pricing for pricing structure details.
No. The request will fail with the service provider when they perform the underlying GSM authentication.
It depends on the user’s carrier and where they are roaming.
Google Fi uses the T-mobile network and the US Cellular network. When the device is on the T-mobile network SNA will work. When on the US cellular network SNA will fail as US cellular does not support the SNA service.
Yes. SNA uses the data session, whereas call forwarding is only for voice and text. If an SNA transaction is initiated on a device which has call forwarding enabled, the data session on the device will be used and the carrier will detect the number on that device. SNA does not detect if the phone number is enabled for call forwarding.
Yes! The SIM function doesn't change whether a physical or eSIM is used.
No. Once you've implemented SNA for authenticating user logins, consider making this information visible to your customer support team. This way, they do not erroneously issue credits to a user who claimed that their account was taken over due to "Authentication PIN stolen", since SNA does not provide a PIN.
Should I only request SNA verification for mobile numbers that match specific carriers or MNC-MCCs in a given country?
No. In a given country, carriers and their associated MNC-MCCs that support SNA can change over time. Therefore, we recommend requesting SNA verification for all mobile numbers. If the mobile number belongs to an unsupported carrier, you’ll get a non-billable error (like Error 60008) when you make the Verification call, and you can fall back to a different verification channel at that point.
- Access to your Twilio account is protected via IP whitelisting.
- All interactions between Twilio and your server application or the carrier APIs are over HTTPS TLS 1.2+.
- All interactions between the end user’s phone and Twilio or the carrier do not include the phone number.
- While different carriers use different methods to achieve SNA, including the use of encrypted tokens, in all cases the phone number is never inserted in plain text and the token is always dynamic per-session.
- Our database only stores encrypted phone numbers using AES 256 encryption and has strict access requirements and limitations.