Overview

Silent verification is a feature that allows you to verify your users without sending a message and requiring them to manually enter a code. We have updated our SDKs to support this feature and we recommend using the latest versions of our SDKs to take advantage of it.

This feature is available for both the iOS and Android platforms. It is designed to improve the user experience by reducing friction during the onboarding process.

It requires both back-end and front-end integration.

This verification method is only available in France for Orange phone numbers.

The silent verification process occurs between the Prelude front-end SDK, Prelude’s back-end APIs and the user’s carrier APIs. It requires an active cellular connection.

Integration steps

The general process is as follows:

  1. The client application requests to start a verification from your back-end API as usual, providing the user’s phone number and the optional signals dispatch identifier.
  2. Your back-end API sends the verification request to Prelude. If the phone number supports it, the Prelude API may return a new silent verification method along with a request_url that your back-end should return to the client application in the response to the verify call.
  3. If the verification method is silent, the client application will use the new silent verification method in the front-end SDK, passing the given request_url.
  4. The front-end SDK will perform a series of HTTP queries towards the end-user’s carrier and Prelude’s APIs to automatically retrieve the verification code upon successful verification.
  5. The client application will then send the verification code to your back-end API, which will verify it with Prelude.
  6. If the verification is successful, the user is considered verified and can proceed with the rest of the onboarding steps.

By following this process, you can leverage the silent verification feature to enhance your onboarding flow’s user experience, since the final verification code is retrieved directly by Prelude’s front-end SDK without being sent as a message to the end-user’s phone.

Please be aware that this feature is only available to certain phone numbers and carriers and may not be supported in all regions. Keeping the regular onboarding flow in place is still needed in case the silent verification is not available or when performing a retry.

Example

Your mobile application needs to integrate a client for your back-end API. This client will be responsible for starting the verification process and handling the response from your back-end API.

In this example we imagine that your back-end API exposes a /verify endpoint that accepts a POST request with the following body:

{
  "phone_number": "+XX999999999",
  "signals_dispatch_id": "the-dispatch-id-given-by-prelude-client-sdk"
}

In response to that request it returns the following body:

{
  "method": "silent",
  "request_url": "https://carrier-api/forwarded-url"
}

To check the verification code it exposes a /check endpoint that accepts a POST request with the following body:

{
  "phone_number": "+XX999999999",
  "verification_code": "123456"
}

For the sake of this example, we assume having an API client for your back-end called backendClient that exposes both verify and check endpoints as functions.

It is recommended to integrate the signals dispatching at the beginning of the onboarding flow and provide the dispatch identifier along with the verification request. Not doing so will make the system fall back to a regular message-based verification even if the phone number is known to support silent verification, as cellular connectivity may not be available.

Find your SDK key in the Prelude Dashboard. Please, refer to your platform’s front-end SDK documentation for further details.

// The Prelude iOS SDK defines scopes when dispatching the signals. It is recommended to use the
// .full scope (the default as shown here) during the onboarding process.

// Initialise the Prelude client SDK and submit the signals
let configuration = Configuration(sdkKey: "sdk_XXXXXXXXXXXX")
let prelude = Prelude(configuration)
let dispatchID = try? await prelude.dispatchSignals()

if let dispatchID {
    // Pass the phone number and dispatch id to your back-end API
    let verifyResponse = try await backendClient.verify(phoneNumber: phoneNumber, dispatchId: dispatchID)
    if verifyResponse.method == "silent" {
        // If supported, start the silent verification
        let verificationCode = try await prelude.verifySilent(url: URL(string: verifyResponse.requestUrl)!)
        // Call your back-end with the verification code
        let checkResponse = try await backendClient.check(phoneNumber: phoneNumber, verificationCode: verificationCode)
        // TODO Handle the check response to update your UI accordingly and continue the onboarding flow.
    } else {
        // If silent is not supported,
        // fallback to the default verification method
    }
}