20.5k unique visitors in the last 3 days

All UK Mobile Operators Offer Anti-Fraud API That Confirms If Phone Numbers Belong to Users

The Number Verify product checks if a phone number submitted via a web form matches the number of the device being used.

The GSMA has announced that all four UK mobile network operators are offering a product designed to reduce fraud by verifying if phone numbers submitted via online registration forms belong to the phones being used at the time. Called ‘Number Verify’, the intention is to reduce reliance on one time passwords by offering an API that can be accessed by businesses like banks and social networks.

Number Verify is compliant with the PSD2 Strong Customer Authentication rules which have been adopted across the European Union as well as the UK. These rules have recently prompted laggard banks to start implementing enhanced controls to verify a customer’s identity, and have resulted in a marked increase in the use of SMS for multi-factor authentication. The increased reliance on SMS has occurred despite the known weaknesses of relying on messages which are vulnerable to interception and SIM swapping.

The GSMA’s press release is somewhat misleading in that it states Number Verify is a ‘new’ product. O2 started offering Number Verify to enterprise customers in 2019 and Vodafone promoted the same product earlier this year. It is likely that the GSMA’s announcement reflects the recent implementation of Number Verify by those UK mobile networks which are still not advertising it yet.

The recent RAFM survey from the Risk & Assurance Group found that subscription and identity fraud was the most common category of fraud experienced by communications providers. Binding apps to mobile phone numbers will make it harder for criminals to impersonate others by simply obtaining their personal data.

Number Verify will reduce fraud but it will likely be promoted as a way to reduce the time and effort that customers spend on registering for a new service. This is highlighted by the following marketing video produced by O2.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email