Customer identity has become the new perimeter that organizations need to defend from compromise and breaches. The 2024 Verizon DBIR cites that stolen credentials were the most common cause associated with breaches and were responsible as the entry point for 50% of web application attacks. With consumers around the world increasingly using their phone number as a preferred identifier when interacting with applications online, organizations must ensure these phone numbers are verified and legitimate without adding friction to the user journey.
Descope’s two connectors with Telesign help customers to add trusted phone verification and deep risk signals to their authentication and user journey flows. Organizations using the connectors can eliminate bot traffic and fake accounts, stop account takeover attempts, and add adaptive MFA for a more seamless user experience.
About Telesign
Telesign is a digital identity verification and communications company that offers comprehensive SDKs and APIs for user verification, data insights, and communication. Telesign helps its customers prevent the transmission of 30+ million fraudulent messages each month and protects 1+ billion accounts from takeovers every year. Their risk signals are backed by billions of consumer data points, identity signals, and traffic patterns.
Overview of connectors
Descope has connectors with Telesign Messaging and Telesign Intelligence. The connectors helps customers:
Seamlessly send SMS messages to end users at any point of the customer journey.
Get granular information about a phone number (carrier, geolocation, etc.) within Descope Flows for user verification and fraud prevention.
Leverage Telesign phone intelligence risk scores to implement adaptive MFA with branching user paths.
Orchestrate user journeys in a no-code workflow combining Telesign signals alongside data from other risk protection tools such as reCAPTCHA Enterprise and AbuseIPDB.
You can learn more by visiting our documentation on the Telesign Intelligence connector.
Use case: Adaptive MFA to balance security and UX
Implementing MFA to be “too strict” (e.g. enforcing MFA for every user every time) often leads to undue user friction and harms the customer experience. Using Descope and Telesign Intelligence, developers can employ an adaptive MFA approach that asks for a second factor only if the login attempt is deemed suspicious or fraudulent by Telesign ML and risk analysis models. This approach enables customers to implement MFA at the right time for the right logins without affecting the experience of frequent, legitimate end users.
The Flow above defines a process where a phone risk score provided by Telesign Intelligence is checked during sign-in and branching user paths are created based on the severity of the score (between 0 to 100) provided.
The login attempt is blocked if the score is greater than 80.
A magic link MFA flow is initiated if the score is between 30 and 80.
The login attempt goes through successfully if the score is less than 30.
This way, legitimate users have a seamless experience, suspicious logins are treated with the right level of caution, and verified risky logins are escalated. This is just one of many branching configurations customers can create by combining Telesign Intelligence and Descope Flows.
Future-proof MFA
Using Descope Flows to insert Telesign risk signals in the user journey not only reduces implementation time, but also helps organizations easily modify their MFA flows in the future without touching their application or codebase. For example, if customers want to…
Change the risk values associated with “high”, “medium”, and “low” risk
Modify the “high risk” branch to initiate a passkeys flow rather than blocking the account
Add an extra user-facing screen requesting more information before initiating the MFA
…all of the initiatives above can be completed directly in Descope Flows, helping organizations adapt to changing market or business needs without sapping engineering time.
Use case: User phone verification
Phone numbers being such a ubiquitous user identifier has resulted in the rise of phone-based cyberattacks, bypass attempts, and bad actors. With organizations facing attacks like SIM swapping, man-in-the-middle, and account takeover, adding robust identity verification and KYC to the user journey becomes paramount.
By using the Get Phone Number Info connector action, customers can validate whether details entered by the user during onboarding match with the data on record. Results can be used as a query parameter to take branching paths based on the validity of the check, as shown in the diagram below.
Conclusion
The Descope connectors with Telesign help customers stop bot attacks and bad actors, reliably deliver SMS messages to verified phone numbers, and provide users with a delightful and frictionless digital experience.
Interested to learn more about the connector? Check out our docs. If you haven’t yet started your Descope journey, sign up for a Free Forever account and set up your own Telesign connector. To explore other connectors, visit our integrations page.
