Skip to content

Verify caller

The Onegini Customer Service user, e.g. a support employee, can verify the authenticity of the person that contacts customer support.

The verify caller feature uses the Onegini Token Server's Mobile Authentication to trigger a notification message which type (e.g. push message requiring pin authentication) depends on the provided configuration. The feature is available from the Devices section that is shown in the user details view available after looking up a specific person by other means (e.g. email address).

Prerequisites

The verify caller feature requires:

  • the device management API to be enabled
  • the Mobile Authentication configuration name to be configured, its value must correspond with the Onegini Token Server configuration. In the Onegini Token Server you can configure:
    • the time out of the verification in the Onegini Token Server
    • the requirement of a pin, biometric authentication or other means of authentication to confirm the notification
  • the Onegini Token Server API configuration properties to be set
  • the end-user has installed a mobile app and has enabled Mobile authentication via Push messaging

When all the above properties are present and set correctly the user device verification feature will be available.

The flow

The Onegini Customer Service's user initiates the caller verification via the "Verify caller" button that is shown for devices that are capable of handling push notifications.

Table of mobile devices

After triggering the caller verification, the Onegini Customer Service shows a popup informing about the current status of the operation. When the push notification has been successfully sent to the device, a count down timer is shown to indicate how much time the end-user has left for the verification.

Dialog for caller verification with count down timer

The end-user receives a push notification and opens the mobile app to accept or deny the verification.

Push notification

The result is shown on the screen of Onegini Customer Service:

Dialog with successful verification

When the user has rejected the verification, or when the verification has timed out, the verification can be restarted.

Customizing the verification message

Refer to the internationalization guide to customize the verification message.