Getting the Most Out of Your Twilio User Authentication & Identity Project
Time to read: 5 minutes
Twilio's User Authentication & Identity suite of products helps your business optimize conversions with customizable verification solutions. Our Verify and Lookup APIs validate user identities with possession factors and authoritative mobile carrier signals to accelerate verification throughout the customer journey. Whether you're building user verification from scratch or adding two-factor authentication (2FA), our solutions offer seamless multichannel consumer authentication to ensure account security.
And you can trust Twilio with your user verification—we already send over 4.8 billion verifications annually.
We created this guide to walk you through the most common questions you might have while integrating User Authentication & Identity into your application. And it's a work in progress – we'll update this guide over time.
In this post, you'll find information on:
Use cases and how to build
Depending on what you want to build, you can get started with our API documentation for Lookup and Verify to turn your vision into a reality. Because account security is usually a supporting function to your business goals, most use cases will require integrating with an existing application and development resources.
Common use cases include:
- Secure onboarding and activation with less friction
- Secure logins and authentication
- Identify compromised mobile numbers
- Secure transactions
- Account management (e.g. account changes and password resets)
- Fraud mitigation
The following sections will help you find the proper technical support for your use case.
Finding development help
We designed the Lookup and Verify APIs to integrate into your existing applications and code bases seamlessly. While you’ll likely need a developer to help implement our APIs, they don’t need special expertise in security or authentication.
Additionally, we have quickstart guides and dozens of tutorials in multiple programming languages to suit your needs.
Working with a Consulting Partner
Twilio has a group of vetted consultants who can help you with your project if you don't have an in-house development team or want additional expertise. These partners have experience building solutions with Twilio's Lookup and Verify APIs.
Find a Consulting Partner who can support your implementation from start to finish, or learn more about the partner program here.
Contracting with or hiring a developer
User verification and activation – whether at sign-up, login, or transaction time – is an important part of your overall application. If you already work with developers, they can help add a phone number lookup or user verification using the programming languages and tools you already have. And if you hire a developer specifically for this job, they should be comfortable with web application programming but don’t need special expertise in security or authentication.
Our documentation is extensive, and hundreds of customers have quickly implemented one-time passcode (OTP) verification via SMS, WhatsApp, and Email.
However, if you're considering solutions like Push Authentication (Push) or Silent Network Authentication (SNA), you’ll need a developer comfortable with mobile development (e.g., Android, iOS, or React Native). These solutions are best for companies with a strong mobile application user base, so talk to your mobile development partner about whether they can help add Push or SNA.
Architecting your account security application
Designing user verification involves more than just picking the right verification channel, and Twilio has supported thousands of customers rolling out verification and 2FA implementations. Our documentation provides recommendations for each step of the user verification process, from collecting phone numbers to account recovery.
Use Lookup and Verify together at sign-up to learn more about the end user before creating an account and verifying their phone number.
Whether you build your account security journey, work with one of Twilio's partners, or hire a consultant, Twilio’s Professional Services team can help guide you through every step.
From the planning stage to implementation and onboarding (and even after you launch), we can offer technical guidance, best practices, advice, and optimization help. Additionally, Professional Services can assist with account setup, sender ID management, trust and compliance, and other aspects of building and scaling your account security application when you need further help.
Sign-ups, upgrades, and how to fund your account
To start, you’ll need to sign up for a free trial account. While you’ll be able to see everything we have to offer in the Twilio Console, some trial limitations will apply until you upgrade. Upgrading your account (follow our step-by-step guide) is straightforward, and will require you to add a payment method and deposit a minimum balance of $20.
Doing so allows you to enable an automated recharge to prevent an interruption in your messages sending or access your current balance and add additional funds through the billing overview page.
After you sign up for an account, create a Verify Service in the Console to start sending verifications.
Geographic differences
The Lookup and Verify APIs work globally in most cases. And unlike with some Twilio products, you don’t always need to acquire country-specific sender numbers to send SMS verifications, as multiple-geography support comes with the API.
Verify
Verify software channels like WhatsApp or Email OTPs, Push, and TOTP aren’t subject to geographic restrictions or differences.
Geographic differences apply to SMS and Voice OTP use cases in the following situations:
- Preregistration may be necessary for sender IDs in certain countries.
- Verify uses special sender IDs for sending messages to Singapore.
- Message translations may result in additional message segments — learn how to limit message segments in our best practices.
- Geo-permissions are available for Verify — note this is separate from geo-permissions set for Messaging.
Learn more about Verify countries and regions deliverability.
Lookup
Lookup package availability depends on the region — see coverage and availability in the documentation.
The following packages are available worldwide:
- Formatting and validation: Basic lookup for validating phone numbers and converting between E.164 and national format.
- Line Type Intelligence (LTI): Line type (e.g., mobile, toll-free, VoIP) and carrier information. Canada requires special approval for LTI — please read this support article to learn more.
Pricing information
Verify
Verify OTP requests include a two-part billing:
- Verify software fee for completed verifications ("approved" status from the Verification Check end point)
- Standard channel rates for underlying communication (e.g., SMS, WhatsApp, email, and voice call)
See Verify pricing for up-to-date rates and information.
Lookup
The Lookup API supports a free basic lookup. However, rates for other Lookup API requests require per-request billing depending on the package requested. See Lookup pricing for updated information.
Fraud prevention
SMS pumping and toll fraud schemes commonly target phone verification forms. If you use SMS or voice verification, follow our best practices for preventing fraud.
To help fight these forms of fraud and deter this type of attack automatically, we built Verify Fraud Guard. Enable Fraud Guard in your Verify Service in the Console.
Compliance and regulatory considerations
Certain channels and packages will require additional approvals to use, including the following:
Building on Twilio
Hopefully, this post helped you determine how to add User Authentication & Identity with Twilio.
If you need help along the way, head over to the Console Support page to explore additional Support options.
Related Posts
Related Resources
Twilio Docs
From APIs to SDKs to sample apps
API reference documentation, SDKs, helper libraries, quickstarts, and tutorials for your language and platform.
Resource Center
The latest ebooks, industry reports, and webinars
Learn from customer engagement experts to improve your own communication.
Ahoy
Twilio's developer community hub
Best practices, code samples, and inspiration to build communications and digital engagement experiences.