Two-Factor Authentication

Verify users by reaching their mobile device with SMS or voice codes

Try It FreeContact Sales


Easily add a layer of security

  • A single API provides the full 2FA solution, from authentication management to message automation, spanning SMS and Voice.
  • Just give us a phone number and we’ll take care of the rest. We generate the codes, localize, use the fastest channel available, even fall back from SMS to voice when needed.
  • Unlike other 2FA methods that may require special hardware or an authenticator app, our solution works with any phone number.
  • Pay only for successful conversions or a flat monthly fee for frequent logins.
How it works
Validate the user’s number
Intercept the login
A user logging into an account first confirms their username and password, but to be certain that the user is who they say they are, Nexmo Verify gets involved.
Nexmo Verify reaches out
Nexmo sends a one-time code — via SMS, voice, or push notification — to the phone associated with that username and password.
The account owner confirms
When the code arrives on the phone belonging to the user associated with the account, the owner keys in the short verification code into the input box presented by the app.
Allow account access
Your app verifies that the entered code matches the code that was sent, confirming that the person attempting to access the account has the phone linked to that account. Your app can then give full access to the user.


Programmable elements used in this solution


Step-by-step guide to building 2FA


It sounds easy, but...

Application complexity
  • Building a 2FA mechanism from the ground up is hard. There’s much more to 2FA than sending messages. You have to generate, store, and expire secure codes, as well as design and build a system to relate user identities to devices.
One channel is not enough
  • Once you’ve obtained a user’s phone number, you want to be able to verify them, no matter the line type. This means you have to first detect the line type (mobile or landline), and then deliver a message via either SMS or voice, depending on the type of device.
Deliverability is critical
  • Because the user is in the process of logging in, timeliness of message delivery is critical. Your 2FA solution falls apart if you can’t get the required code to the user within a few seconds.
Development cost
  • To bring 2FA to your mobile app, you may also have to design and build the UI for each device, increasing development time and expense.


We would not be able to achieve virality without a reliable, scalable phone number authentication solution, and we would not have been able to do that without Nexmo and the Verify API.
Alexis Bonillo
Co-Founder & COO, Zenly
Quality, Support, Scalability