Mobile Intelligence. Trusted Data.

Protect customers, accounts, and transactions without requiring users to wait or leave your app. SMS - less Friction - less Fraud - less Device authentication

Frictionless customer authentication. Corroborate your customer in seconds.

Mobile Authentication – TMT Authenticate is a frictionless ‘silent’ user authentication that uses a live mobile operator check to confirm that the device used by a customer is the same one that you expect it to be, with no requirement for an SMS One Time Password or user intervention – allowing customer verification using a mobile number.

Mobile customer verification by Authenticate securely links the mobile device that you are communicating with to the number that you expect it to be, without requiring any additional processing or credentials, reducing fraud and friction during a login or on-boarding process.

What does the authenticate user experience look like?

mobile authentication process for TMT authenticate

STEP ONE

At the start of the customer journey, the user logs in online or selects your app and provides the mobile number linked to their account.

STEP TWO

The device temporarily re-directs to the mobile network to authenticate it against the mobile customer account within seconds.

STEP THREE

The device is then authenticated using the customer's mobile phone number.

STEP FOUR

The customer continues within your website or app, The customer continues within your website or app, creating a frictionless customer journey.

This process requires no One Time Password and keeps the customer on your website or app.

How does the process of frictionless authentication work?

The process involves the customers mobile device, the website or app that wants to authenticate the customer, us at TMT Analysis and the Mobile Network Operator. The diagram below describes the 5 key stages in more detail and our experts are always on hand to discuss our frictionless authentication service.

5 Benefits of using TMT Authenticate

1. Reduces One Time Password friction

Passwordless authentication requires zero customer input. It also keeps customers on your website or app.

2. Reduce login or sign-up abandonment

Through providing frictionless customer login you can keep them on your website or app you increase the chance of gaining and retaining a customer. TMT Authenticate does not require a customer to remember a password, wait for an SMS OTP or download anything to verify themselves.

3. Increase the speed of login or sign-up

TMT Authenticate works faster than receiving an SMS OTP and having to input it. Your customer also does not have to visit another application like their SMS messages or retrieve a code from an email to proceed with the login.

4. Reduced fraud and phishing attempts

Despite being ubiquitous and easy to use SMS OTP can be phished and used by fraudsters to take control of a account. TMT Authenticate uses the mobile operators own network. Device identity cannot be cloned or faked. Because the device must call the URL directly, it is also not susceptible to any kind of man-in-the-middle attack.

5. Easily integrated into your current app or service.

TMT Authenticate provides a single interface to multiple network operators around the world, meaning you only need to integrate the service into your workflow once.

When a user opens a website or an app on their device and it performs the login process, the Enterprise will provide us with the mobile number that they expect the device to have.

By checking which operator owns the number, then performing the silent authentication process, TMT Authenticate will in real-time be able to definitively confirm the identity of the device removing the need for any additional checks and allowing seamless and fast user log-in, every time with zero user involvement and still allowing you to a risk based approach in order to identify fraud.

World Coverage Map

What Our Customers Are Saying

Our team has many years’ experience working across telecommunications, media and technology.

Authenticate Frequently Asked Questions

TMT Authenticate confirms the device connecting with your business has the same identity you expect (i.e.telephone number). It does this using data from the Mobile Network Operator that is encoded onto the SIM card contained within the phone. This cannot be copied or reproduced. Note that it is not authenticating the physical identity of the phone user, since it assumes that most modern smartphones will have other means (i.e. biometrics) to provide that function. Any fraudster attempting to copy attributes of the device to a new device that is under their control (i.e. cloning) will not be able to access the service.
On all Smartphones YES. Clearly the device needs to be internet enabled to make the authentication URL call.

The user obviously, but you don’t necessarily need to have them do that every time. When you detect a login request from a given account, you can always provide TMT Authenticate with the number that you are holding on file for that account to authenticate against.

YES, although you can’t force the handset off Wi-Fi if you are talking to the end user using a standard browser, only an APP.

No. There are multiple layers of protection built into the service and the data used by the operator to authenticate the device is not something that is publicly available or able to be cloned. Devices can still be potentially susceptible to SIM Swap fraud however because a SIM Swap is a social engineering type fraud and once executed the operator considers the new SIM to be correct. Therefore, where possible TMT still recommend performing regular SIM Swap checks.

No. When the number is authenticated a unique code is generated that logs the number that has been positively authenticated and the time that it was done. This is checked with both the operator and with TMT Analysis. If a handset tries to log in and presents what appears to be a positive token, it will only be allowed to proceed if the mobile operator has a record of that number being authenticated recently, otherwise it will still be declined.

You don’t need to. Through our core data platform, TMT Analysis know the correct network for any number in the World, even taking into account consumers moving (porting) between networks. The first thing we do with a number that requires authentication is check network ownership. This also allows you to instantly detect fake or incorrect numbers before incurring any further costs.

The answer depends heavily on the operator and what country they are in, but typically a full authentication flow takes between 2 and 5 seconds. Don’t forget that silent authentications require no user input so the total time taken will normally be much lower than SMS OTP.

Before you leave..

Take a look at our latest white paper, Tackling Mobile Identity Fraud in Financial Services. Our our product experts are always on hand to answer any questions!