Overview of MobileMatch

Summary

MobileMatch is one of ID Datawebs core best practice workflows that ID DataWeb offers. MobileMatch utilizes a two-step process to 1) verify a person's identity based on mobile carrier data attached to a provided phone number and 2) verify possession of that phone number via a one-time link challenge. Additionally, it screens each verification session for indicators of risk and nefarious behavior.

MobileMatch General User Flow

The standard MobileMatch flow includes the following steps. Please note that this verification method requires the user to have a mobile phone line, and be in possession of the phone associated with that line.

• 0 - Country Selection. The user is asked to select the country which they live in.
  • Depending on the country they select, they'll be routed to one of the three variations of MobileMatch, as outlined in the MobileMatch Template Variations section below.
  • Passive risk analysis is also performed at this step - if the user is deemed high risk (TOR browser, bot behavior, blacklisted IP address, and more) - they will be immediately denied and prevented from proceeding, or you can configure your workflow to step them up to a higher friction method such as BioGovID.
• 1a - PII validation. The user will complete the PII form, which in most countries includes Full name, Home Address, and Personal Phone Number (additional User Attributes are required in several countries, as noted here). Upon completion, the system will analyze the correlation between the PII and the phone number provided, and the PII and phone number on record with authoritative sources. If a link is established, they will proceed to step 1b. If a link is not established, the user will be denied and prevented from proceeding, or you can configure your workflow to step them up to a higher friction method such as BioGovID.
• 1b - MobileMatch Verification. If the user's PII is associated with their phone number according to authoritative sources, the last step is to confirm possession of the device registered to who they are claiming to be with a one time passcode.

📘

MobileMatch Template Variations

There are three variations of the core MobileMatch template to account for differences in coverage and risk tolerance.

MobileMatch Standard

Low-friction, telco-based identity verification.

Best for: Friction-sensitive identity verification, MFA enrollment.

MobileMatch Advanced

MobileMatch for more countries, with all available phone risk checks.

Best for: Low friction, high assurance identity verification.

MobileMatch Lite

MobileMatch for more countries, without phone risk checks.

Best for: International identity verification with a lower risk, focus on PII validation. Recommended when MobileMatch Advanced is not supported.

📘

MobileMatch User Attributes

• Full Name - always required
• Address - always required
• Phone - always required
• DOB - sometimes required, otherwise optional
• SSN (last 4 or 9 digits) or NationalID - sometimes required, otherwise optional

Integration and Testing

• If your workflow is set to use test data, please follow the instructions here to test this workflow.
• Standalone testing - If this is a pilot, use the link sent to you in the Pilot kick off email. To signup for a pilot, click here.
• If you've created a workflow yourself, you can use the "Copy Link" feature to get a test link.
• If you are looking to do a OpenID connect integration with your application, add your workflow's client id, secret, and scopes to your OpenID connect client, OR follow the process outlined here. Note, you'll need to register your application's redirect URL on your workflow.
• If you are looking to do an API integration, review the steps outlined here: MobileMatch
• If you are looking to hook a verification workflow into one of your existing IAM tools, we more than likely have an integration or package waiting for you! Reach out to your Solutions Architect or account rep for more details.