2FA API

Stronger protection, less coding

As strong consumer protection is fast becoming a mandate  (not a good-to-have), integrating two-factor authentication into user and transaction verification requires a new approach.

tyntec’s simple, robust two-factor authentication (2FA) API – backed by direct connections to mobile operators for assured delivery – brings a comprehensive set of security features that are user friendly for both enterprise developers and their end users.


tyntec Distinction:

Direct Connection

Assured delivery through direct connections to mobile operators and quality routes – built into the API.

easy to integrate

Powerful, easy-to-integrate features, including Configure 2FA Settings, Customize Message Templates, and more.

Plug and Play

Easy to test and integrate – to get you up and running quickly.

 

Key features

  • Assured, fastest delivery: 2FA codes are sent over the fastest routes worldwide.
  • Mobile and fixed line number verification: 2FA API automatically detects the phone number type and selects the appropriate channel: SMS or voice (text-to-speech).
  • Multiple-language support: Language templates and voice accents adapt to the recipient country to increase verification success.
  • Branding: Customized senderIDs are used for supporting destinations; for non-supporting destinations, dynamic senderIDs provide basic brand recognition.
  • Customization: A wide range of configurable features is provided, including password generation (use of tyntec’s password generator), customizable multi-language message templates, PIN length, and validity time (for resend requests), and more. 
  • Simple connectivity: The entire telecom back-end (including operator relationships and country-specific regulations) is taken care of by tyntec.

How it works

(using transaction verification as a basis)

2FA APi - How it works
  1. User attempts to verify transaction online (User’s phone number has already been verified).
  2. Enterprise submits the request to tyntec; tyntec creates a PIN and sends it via the most appropriate channel (SMS or voice).
  3. User receives the PIN and enters the code to verify the transaction.
  4. tyntec matches the entered PIN against the passcode sent to the user.
  5. Enterprise authorizes/denies the transaction.

Benefits

  • Stop fake users from registering: Enable user verification in your account registration process to prevent fraudulent signups.
  • Strengthen account protection: Implement continuous 2FA to increase security for existing accounts, ultimately protecting them from account takeovers.
  • Authenticate transactions: Add 2FA to payment authorizations and credit card transactions.
  • Improve UX for password resets: Make it easy for users to recover their accounts by automating the request by using 2FA API – and reduce customer complaints.

Sample code

Create your 2fa application:

curl
-X POST "https://api.tyntec.com/2fa/v1/application/"
-H  "accept: application/json"
-H  "apiKey: <YOUR_API_KEY>"
-H  "content-type: application/json" -d "{  \"alphanumeric\": false,  \"attempts\": 3,  \"expire\": 1500,  \"name\": \"My app 2fa verification\",  \"pinLength\": 4,  \"sender\": \"VERIFY\"}"


Send an otp with minimum mandatory values:

curl
-X POST "https://api.tyntec.com/2fa/v1/otp?applicationId=<APPLICATION_ID>&number=<TEL_NUMBER>"
-H  "accept: application/json"
-H  "apiKey: <YOUR_API_KEY>"


Check an OTP code:

curl
-X POST "https://api.tyntec.com/2fa/v1/otp/<OTP_ID>/check?otpCode=<OTP_CODE>"
-H  "accept: application/json"
-H  "apiKey: <YOUR_API_KEY>"

Related Products