Phone number verification with twilio

July 30, 2019

Author: Prakash Bokati 

Every developer knows the nightmare that would ensue from allowing anyone or anything to create account for the app they are developing. Bots, spammers, frauds, etc. can easily get into the system and therefore pollute the app. 

Few years back email-verification was popular. An email with a link is sent to the user just signing up. User clicks on the link and they are verified as a user. But there are a lot of disadvantages to it since the user may create an email account just for the purpose of verification and on the other hand an email is hardly an accurate one-to-one representation of a person. Furthermore, an email account which was legitimate at some point may have been hacked or have become a part of the bot network. Developers defend such bad sign-ups implementing captchas which prevents bots to sign up but still cannot stop humans with bad intentions. Another piece of information that’s a much better indication of a real person is a phone number. A phone number is harder to fake and more expensive for a hacker to scale an attack. And it’s now very common to see sign-up forms ask for phone number so users are familiar with providing their phone number already. Twilio offers phone number verification so we don’t need to build the system from scratch and focus on the main goal of our app. Twilio is competitive too in terms of pricing. Twilio takes care of the regulatory, security issues, carrier rules and language barriers. 

For developers it is just two API calls that do the magic. And the process is too simple. Just sign up for a twilio account and head over to verify option and create a new app. Integrate the twilio app with your app and you are good to go. The documentation is excellent. I used node.js to test twilio in my app. The first API call sends the verification code to the phone number either by voice or sms. Once the user of your app enters the code the second API call verifies with twilio if that code is the correct one. I used expressjs framework for node. I created two middlewares one for sending code and other for verification. The code snippet for the two are below. 

Keep up to date with the latest updates by reading our other blogs. Contact us today for a no-obligation consultation on 01296 328 689. Or email us at info@dogmagroup.co.uk