SMS/Email Identity Verification
Prerequisites
- End-Users that have not yet setup their mobile app, and/or will use the Email and SMS messages for verification, should be configured as per this Article
- ***Important*** Quickpass WebApp Users must allow SMS from Quickpass. (If a user has replied STOP to the original setup SMS, they will need to reach out to their support team to get it reactivated)
- Administrators should be familiar with the How to Use Customer Identity Verification Article
Scenario 1 - End User reaches out to Support Team
In this scenario the End User is trying to reach their Technical Support Team. The Support Team wants to confirm that the person reaching them is indeed the user that they are purporting to be.
Image and Text Description
The Support Technician is reached by an End User.
To confirm they are the correct person, The Support Technician sends a User Identity Verification request to the user. (Note with this method a code is ALWAYS sent as a verification method)
The user sees an SMS and Email Message come in to their mobile and email account
![]() |
Email Message in Inbox | ![]() |
Text Message incoming |
![]() |
Content of Email | ![]() |
Body of Text Message |
The user taps on either the SMS Notification or opens their email message.
The user advises the Support Team Member of the code that arrived via either method. (Note they are identical codes via either delivery method)
The Support Team member knows that only the employee with access to the SMS number and/or logged into the email account would receive this code. This must really be the user requesting support.
Scenario 2 - Support Team reaches out to End User
In this scenario the Technical Support Team is reaching out to the End User. The End User wants to confirm that it is indeed their support team reaching out to them.
Image and Text Description
The End User receives a request from the Technical Support team.
The End User wants to confirm that it is indeed their support team reaching out to them.
The End User requests that the Technical Support team member sends them an Identity Verification.
The Support Technician sends a User Identity Verification request to the user.
The user sees an SMS and Email Message come in to their mobile and email account
![]() |
Email Message in Inbox | ![]() |
Text Message incoming |
![]() |
Content of Email | ![]() |
Body of Text Message |
The user taps on either the SMS Notification or opens their email message.
The user advises the Support Team Member of the code that arrived via either method. (Note they are identical codes via either delivery method)
The End User knows that only the Support Team with access to their system can send these verification codes to them and therefore this must be someone who works with their Support Team.
Scenario 3 - Someone reaches the Support Team pretending to be an End User
In this scenario someone who is pretending to be an End User reaches out to the Technical Support Team. The Technical Support Team sends an Identity Verification request but because the End User has no knowledge of the support request they receive a code that they did not request. The impersonator does not have access to the mobile or email and therefore cannot provide the code to the Support Team.
Image and Text Description
The Support Technician is reached by someone claiming to be an End User.
The Support Technician sends a User Identity Verification request to the user.
The real user sees an SMS and Email Message come in to their mobile and email account - however because the end user is not aware of the request with the Technical Support Team they have no one to give the code to.
![]() |
Email Message in Inbox | ![]() |
Text Message incoming |
![]() |
Content of Email | ![]() |
Body of Text Message |
The Support Team member knows that only the real employee in possession of the mobile device or email account will receive the code. Since the person on the phone does not have the code, this must not be the real user requesting support.
End User Customer Identity Verification - Mobile
Prerequisites
- End-Users must have the mobile application installed and configured as per this Article
- ***Important*** Quickpass mobile app users MUST have notifications enabled for the Quickpass mobile app to receive the push notifications to verify their identity.
- Administrators should be familiar with the How to Use Customer Identity Verification Article
Scenario 1 - End User reaches out to Support Team
In this scenario the End User is trying to reach their Technical Support Team. The Support Team wants to confirm that the person reaching them is indeed the user that they are purporting to be.
Video Link
Text Description
The Support Technician is reached by an End User.
To confirm they are the correct person, The Support Technician sends a User Identity Verification request to the user.
The user sees a prompt on their mobile device to verify their identity.
The user taps on the notification and authenticates via biometrics the login to the app.
The user is presented with a prompt within the app to verify it is indeed them.
The Support Team member knows that only the employee in possession of the mobile device and with the proper biometrics can authenticate and approve the request. This must really be the user requesting support.
Scenario 2 - Support Team reaches out to End User
In this scenario the Technical Support Team is reaching out to the End User. The End User wants to confirm that it is indeed their support team out to reaching them.
Video Link
Text Description
The End User receives a request from the Technical Support team.
The End User wants to confirm that it is indeed their support team reaching out to them.
The End User requests that the Technical Support team member sends them an Identity Verification.
The Support Technician sends a User Identity Verification request to the user.
The user sees a prompt on their mobile device to verify their identity.
The user taps on the notification and authenticates via biometrics the login to the app.
The user is presented with a prompt within the app to verify it is indeed them.
The End User knows that only the Support Team with access to their system can send these verifications to them and therefore this must be someone who works with their Support Team.
Scenario 3 - Someone reaches the Support Team pretending to be an End User
In this scenario someone who is pretending to be an End User reaches out to the Technical Support Team. The Technical Support Team sends an Identity Verification request but because the End User has no knowledge of the support request they decline the request.
Video Link
Text Description
The Support Technician is reached by someone claiming to be an End User.
The Support Technician sends a User Identity Verification request to the user.
The user sees a prompt on their mobile device to verify their identity.
The user taps on the notification and authenticates via biometrics the login to the app.
The user is presented with a prompt within the app to verify it is indeed them.
Because the real end user is not aware of the request with the Technical Support Team they tap Deny.
The Support Team member knows that only the employee in possession of the mobile device and with the proper biometrics can authenticate and approve the request. This must not be the real user requesting support.
Comments
0 comments
Please sign in to leave a comment.