Menu

Expand
Rate this page:

Verifying Transactions for PSD2

What is PSD2?

PSD2 is the short name for Payment Service Directive 2, a set of regulations introduced by the European Banking Authority aimed at combating the rising costs of fraud by requiring Strong Customer Authentication (SCA) for online transactions of greater than 30 euros. To learn more about PSD2, SCA, and dynamic linking check out this post.

Getting started with Verify for PSD2

Twilio Verify can already enable you to quickly verify phone number ownership with one-time passwords (OTP) over SMS. In a few easy steps, we can extend these capabilities to help us comply with PSD2 by verifying transactions using dynamic linking and Strong Customer Authentication (SCA).

Create a Service with PSD2 Enabled

Before using Twilio Verify for transaction verification, we need to need to create a new Service with PSD2 mode enabled. When PSD2 mode is enabled requests to start and complete verifications will require that the Payee and Amount parameters. Enabling PSD2 mode for Service can be done through the Verify API.

        
        
        

        Create a PSD2 Enabled Verify Service

        Start a transaction verification

        To verify a transaction, you will start by requesting to send a verification code to the user. Each verification code is dynamically-linked to the Amount and Payee of each transaction. This means that the verification code is unique to the phone number, amount and payee combination. This ensures that if the verification code is intercepted or the transaction is mutated the verification will fail.

        Each verification code is valid for 10 minutes. Subsequent calls to the API before the code has expired will send the same verification code.

              
              
              

              Start a PSD2 Verification

              Please note: For some regions, we are unable to return carrier and cellphone data by default. You need to contact our support team to switch on those regions. More information on our support site.

              Complete a transaction verification

              To check if a verification code is correct, pass the code along with the phone number, amount and payee to the API.

                    
                    
                    

                    Complete a PSD2 Verification

                    Cancel a transaction verification

                    In some instances, the details of a transaction may change before it can be completed. When that occurs, you can cancel an in-progress transaction verification by updating the status. This will prevent a user from verifying an out-of-date transaction. Note that transactions that have been successfully verified cannot be canceled.

                          
                          
                          

                          Cancel a Transaction Verification

                          Rate this page:

                          Need some help?

                          We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd by visiting Twilio's Stack Overflow Collective or browsing the Twilio tag on Stack Overflow.

                                
                                
                                

                                Thank you for your feedback!

                                Please select the reason(s) for your feedback. The additional information you provide helps us improve our documentation:

                                Sending your feedback...
                                🎉 Thank you for your feedback!
                                Something went wrong. Please try again.

                                Thanks for your feedback!

                                thanks-feedback-gif