Home
Product documentation
Support homeSupport requestsSystem statusTrust centerTry for free

Phone fraud: risk evaluation

Suggest Edits

Phone fraud risk evaluation helps prevent bad actors from creating accounts by detecting risky phone numbers or compromised phone accounts.

This feature is currently only available in the US and Canada.

Phone fraud: risk evaluation

Phone fraud risk evaluation allows you to choose which phone number types to allow when performing identity verification. You can prevent the use of certain phone number types, such as non-fixed VoIP numbers, which are disposable and may indicate the person signing up is not genuine. In this case, you can choose to fail the process to prevent risky phone information from being used to affirm an identity.

Phone risk evaluation detects the line types of a phone number and SIM card's change status. The feature allows you to select which of these signals to distrust during identity verification. Decide what actions a customer can take after the risk signals are evaluated.

  1. Open an identity verification policy.

  2. Go to Phone fraud: risk evaluation in the policy.

  3. Click the + sign to configure the step.

Phone number risk evaluation step configuration

Phone fraud risk evaluation step configuration

Phone fraud risk evaluation will open for editing.

  1. Inside the step, set up a native claim at Phone number availability.

🚧

Select a native claim that's mapped to an account attribute that collects phone numbers from customers.

📘

Phone fraud risk evaluation will analyze the customer information that goes into the account attribute mapped to the selected native claim.

  1. Set up the Failure rules.
Phone risk evaluation failure rules

Phone risk evaluation failure rules

Select the risk signals that will fail the phone fraud risk evaluation:

  • Mobile signal (not recommended)
  • Landline signal
  • Fixed VoIP signal
  • Non-fixed VoIP signal
  • Any other types of phone signals
  • SIM card and subscriber phone number pairing has recently changed

🚧

If selected, the signals are classified as potential threats. If any of the selected signals are detected, risk evaluation will bring the verification step to a failure, directing the customer to a Failure action.

If none of the selected signals are detected, then customers can continue with identity verification through a Success action.

Actions

  1. Decide how the identity verification flow should move forward from either outcome.
  • Success action: the customer can either go to a 'Next verification step' or can be allowed to log in by selecting Exit verification flow.

📘

In case of a Success action, the Exit verification flow logs the customer into their account.

  • Failure action: the customer can either
    • go to a Next verification step OR
    • can be removed from the flow either by
      • displaying a Failure message OR
      • directing the customer to the Exit verification flow

📘

In case of a Failure action, the Exit verification flow leads to a session timeout.

Updated 1 day ago