メニュー

Rate this page:

Thanks for rating this page!

We are always striving to improve our documentation quality, and your feedback is valuable to us. How could this documentation serve you better?

Verifying Transactions for PSD2

Twilio's new Verify API is currently available as a Public Beta product. Some features are not yet implemented and others may be changed before the product is declared as Generally Available. Public Beta products are not covered by a Twilio SLA.

What is PSD2?

PSD2 is the short name for Payment Service Directive 2, a set of regulations introduced by the European Banking Authority aimed at combating the rising costs of fraud by requiring Strong Customer Authentication (SCA) for online transactions of greater than 30 euros. To learn more about PSD2, SCA, and dynamic linking check out this post.

Getting started with Verify for PSD2

Twilio Verify can already enable you to quickly verify phone number ownership with one-time passwords (OTP) over SMS or Voice. In a few easy steps, we can extend these capabilities to help us comply with PSD2 by verifying transactions using dynamic linking and Strong Customer Authentication (SCA).

Create a Service with PSD2 Enabled

Before using Twilio Verify for transaction verification, we need to need to create a new Service with PSD2 mode enabled. When PSD2 mode is enabled requests to start and complete verifications will require that the Payee and Amount parameters. Enabling PSD2 mode for Service can be done through the Verify API.

Names in PHP format
friendlyName
必須
post 文字列 Not PII

A descriptive string that you create to describe the verification service. It can be up to 64 characters long.

codeLength
オプション
post integer Not PII

The length of the verification code to generate. Must be an integer value between 4 and 10, inclusive.

lookupEnabled
オプション
post boolean Not PII

Whether to perform a lookup with each verification started and return info about the phone number.

skipSmsToLandlines
オプション
post boolean Not PII

Whether to skip sending SMS verifications to landlines. Requires lookup_enabled.

dtmfInputRequired
オプション
post boolean Not PII

Whether to ask the user to press a number before delivering the verify code in a phone call.

ttsName
オプション
post 文字列 Not PII

The name of an alternative text-to-speech service to use in phone calls. Applies only to TTS languages.

psd2Enabled
オプション
post boolean Not PII

Whether to pass PSD2 transaction parameters when starting a verification.

        
        
        
        

        Start a transaction verification

        To verify a transaction, you will start by requesting to send a verification code to the user. Each verification code is dynamically-linked to the Amount and Payee of each transaction. This means that the verification code is unique to the phone number, amount and payee combination. This ensures that if the verification code is intercepted or the transaction is mutated the verification will fail.

        Each verification code is valid for 10 minutes. Subsequent calls to the API before the code has expired will send the same verification code.

        Names in PHP format
        serviceSid
        必須
        post sid<VA> Not PII

        The SID of the verification Service to create the resource under.

        to
        必須
        post 文字列 Not PII

        The phone number to verify.

        channel
        必須
        post 文字列 Not PII

        The verification method to use. Can be: sms or call.

        customMessage
        オプション
        post 文字列 Not PII

        The text of a custom message to use for the verification.

        sendDigits
        オプション
        post 文字列 Not PII

        The digits to send after a phone call is answered, for example, to dial an extension. For more information, see the Programmable Voice documentation of sendDigits.

        locale
        オプション
        post 文字列 Not PII

        The locale to use for the verification SMS or call. Can be: af, ar, ca, cs, da, de, el, en, es, fi, fr, he, hi, hr, hu, id, it, ja, ko, ms, nb, nl, pl, pt, pr-BR, ro, ru, sv, th, tl, tr, vi, zh, zh-CN, or zh-HK.

        customCode
        オプション
        post 文字列 Not PII

        A pre-generated code to use for verification. The code can be between 4 and 10 characters, inclusive.

        amount
        オプション
        post 文字列 Not PII

        The amount of the associated PSD2 compliant transaction. Requires the PSD2 Service flag enabled.

        payee
        オプション
        post 文字列 Not PII

        The payee of the associated PSD2 compliant transaction. Requires the PSD2 Service flag enabled.

              
              
              
              

              Please note: For some regions, we are unable to return carrier and cellphone data by default. You need to contact our support team to switch on those regions. More information on our support site.

              Complete a transaction verification

              To check if a verification code is correct, pass the code along with the phone number, amount and payee to the API.

              Names in PHP format
              serviceSid
              必須
              post sid<VA> Not PII

              The SID of the verification Service to create the resource under.

              code
              必須
              post 文字列 Not PII

              The 4-10 character string being verified.

              to
              オプション
              post 文字列 Not PII

              The phone number to verify. Either this parameter or the verification_sid must be specified

              verificationSid
              オプション
              post sid<VE> Not PII

              A SID that uniquely identifies the Verification Check. Either this parameter or the to phone number must be specified.

              amount
              オプション
              post 文字列 Not PII

              The amount of the associated PSD2 compliant transaction. Requires the PSD2 Service flag enabled.

              payee
              オプション
              post 文字列 Not PII

              The payee of the associated PSD2 compliant transaction. Requires the PSD2 Service flag enabled.

                    
                    
                    
                    

                    Cancel a transaction verification

                    In some instances, the details of a transaction may change before it can be completed. When that occurs, you can cancel an in-progress transaction verification by updating the status. This will prevent a user from verifying an out-of-date transaction. Note that transactions that have been successfully verified cannot be canceled.

                          
                          
                          
                          
                          Rate this page:

                          ヘルプが必要ですか?

                          We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd browsing the Twilio tag on Stack Overflow.