Rate this page:

Two-factor authorization

Two-factor authentication (also known as two-step authentication) combines something the user knows (password) with something the user possesses (mobile device) to dramatically strengthen online security. After the user enters their password, a one-time passcode (OTP) that is sent to their mobile device should be entered before they can access their account.

Two-factor authentication solutions leverage real-time communications channels to send passcodes to mobile devices, making the user experience as smooth as possible. They use internet and telephony channels and many implementations offer users their choice of channels for convenience.

With Voximplant, you get:

  • SMS delivery in 78 countries and character sets for almost any language and voice delivery in practically any country

  • High delivery rates to rapidly reach users on voice and SMS channels

  • Voice synthesis available in 40 languages using leading TTS platforms

  • Over 250 speech synthesis voice types to differentiate your brand

  • Serverless architecture scales effortlessly

There are two ways of sending a 2FA security code to your customer: a call and an SMS message. Let us learn how to do both.

Delivering passcodes via calls

Copy URL

To make a call and speak the code to your customer, you need to do the following:

  1. Create an application.
  2. Purchase a phone number to use as a caller ID for the outgoing call.
  3. Create a scenario.

In the scenario, we need to do the following:

  • Accept the phone number and the security code for the customer via the custom data feature.

  • Make a call to the customer via the callPSTN method.

  • Synthesize speech via the createTTSPlayer and dictate the security code to the customer.

We need to launch the call remotely from our backend, providing the phone number to call and the security code to read. We can do it via the Management API method called StartScenarios, providing data to the scenario in JSON format:

{
  "phone": "79521578686",
  "code": "1234"
}

The full scenario looks like this:

Security code call

Security code call

  1. Create a routing rule for the scenario.

Our application is ready. Launch the scenario via Management API:

Launch the application

Launch the application

Delivering passcodes via SMS

Copy URL

Alternatively to a call, you can send an SMS message with the security code for the two-factor authorization. To do it, you need to:

  1. Purchase a phone number that supports sending SMS.
  2. Enable SMS functionality as it is explained in the guide.

After that, you can send an SMS with the verification code via Management API methods. There are two ways of sending SMS from the platform: one-way SMS and two-way SMS.

We recommend using the one-way SMS method for all the notifications. To send a one-way SMS, you need to:

  • Register a sender ID. Please contact support to receive a sender ID.

  • Use the A2PSendSms method to send message from your backend:

Send SMS with code

Send SMS with code

Alternatively, you can send a two-way SMS with the verification code. You can find the instructions in the Sending SMS article.