Verify SMS Overview

SMS is the most popular channel for phone number verification and two-factor authentication (2FA) because most people can receive text messages and onboarding is seamless.

SMS 2FA is effective. Studies show it blocks the majority of automated attacks, bulk phishing attempts, and targeted attacks.

Learn how to send one-time passcodes (OTPs) via SMS with Twilio Verify SMS. Before you send your first OTP, obtain and document recipient consent following the Twilio Messaging Policy. To learn more and stay compliant, see the Consent and Opt-in Policy.

The following example shows how to start a verification with SMS:

Start a Verification with SMS

1// Download the helper library from https://www.twilio.com/docs/node/install
2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";
3
4// Find your Account SID and Auth Token at twilio.com/console
5// and set the environment variables. See http://twil.io/secure
6const accountSid = process.env.TWILIO_ACCOUNT_SID;
7const authToken = process.env.TWILIO_AUTH_TOKEN;
8const client = twilio(accountSid, authToken);
9
10async function createVerification() {
11  const verification = await client.verify.v2
12    .services("VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")
13    .verifications.create({
14      channel: "sms",
15      to: "+15017122661",
16    });
17
18  console.log(verification.sid);
19}
20
21createVerification();

Response

1{
2  "sid": "VEaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
3  "service_sid": "VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
4  "account_sid": "ACaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
5  "to": "+15017122661",
6  "channel": "sms",
7  "status": "pending",
8  "valid": false,
9  "date_created": "2015-07-30T20:00:00Z",
10  "date_updated": "2015-07-30T20:00:00Z",
11  "lookup": {},
12  "amount": null,
13  "payee": null,
14  "send_code_attempts": [
15    {
16      "time": "2015-07-30T20:00:00Z",
17      "channel": "SMS",
18      "attempt_sid": "VLaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
19    }
20  ],
21  "sna": null,
22  "url": "https://verify.twilio.com/v2/Services/VAaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/Verifications/VEaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
23}

After you start a verification with SMS, use the Verification Check API to confirm the code the user provides.

Start building

The following resources will help you get started with SMS verification:

Demo

Additional resources

The following resources provide more information about SMS verification and security:

SMS Verification: What It Is & How It Works
Five reasons SMS 2FA isn't going away
What is SMS pumping?
Verify Fraud Guard: A feature that prevents SMS-related fraud on Verify by blocking the prefix of the destination of suspected fraud