The only phishing-resistant mobile device binding solution. Confirm that the SIM card in a device belongs to the phone number you expect, before you bind the corresponding identity to an app install.
tru.ID APIs use the same technology as mobile networks to definitively confirm an active SIM card and the associated mobile phone number, in real time.
Users don't have to send or receive any messages, or perform any other action besides providing their phone number, which is verified in a few seconds.
Unlike SMS-based device binding which relies on shared credentials, tru.ID filters out virtual or burner numbers so only real mobile users can sign up — no bots or spamsters.
Device binding through fingerprinting either the browser or the device is just guesswork. When you need to be certain, tru.ID gives you a yes/no result and zero false positives.
Shared credentials are susceptible to MITM and social engineering, while authenticators are disconnected from identity.
Whether it's the Reserve Bank of India, the UK's FCA guidelines for SCA, or the EU's PSD2 rules, officials are focusing on mobile security.
Implementing strong customer authentication with legacy MFA methods leads to drop-offs in conversion.
The strong cryptographic security of a SIM card affords the same Level of Assurance as dedicated USB keys.
Users can either receive a push notification to approve login requests through an authenticator app, or scan a QR code with their phone.
Unlike card readers or USB keys, SIM-based verification requires no investment into hardware for your users.
Your users already have their SIM possession factor. All you need is tru.ID magic — with or without an authenticator app.