Data validation quick start
Protect account opening and the integrity of user profile data by validating the identity data of your customers, such as their names, addresses, phone numbers and more. This describes how to quickly integrate data validation into your application. To use dynamic knowledge-based authentication, see Identity validation (KBA) quick start.
Note
This service is currently preview only, and only available for customers upon request.
Step 1: Create your app
To integrate with Transmit, you'll need to create an application in the Admin Portal (if you don’t have one yet).
- From Applications , click Add application .
- Add the friendly application name to display in the Admin Portal.
-
Add a client display name, and your website URL as a redirect URI (e.g.,
https://your-domain.com). Although these fields are required for Transmit apps, they won’t be used for the data validation process. - Click Add to create your application. This will automatically generate your client credentials.
Step 2: Get access token
You’ll need an OAuth2 bearer access token to authorize the backend API requests. Using the client ID and client secret of your Transmit application from Step 1, send this request from your backend to generate an access token:
curl -i -X POST \
https://api.userid.security/oidc/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'client_secret=[CLIENT_SECRET]' \
-d grant_type=client_credentials \
-d 'client_id=[CLIENT_ID]'Step 3: Enable providers
Transmit offers a built-in integration to various third-party data validation providers. Configure your validation preferences by enabling the providers you'd like Transmit to use for processing any future validation requests. By default, all providers are disabled.
You can enable providers from the Identity data validation page of the Admin Portal, or via API using a PUT request to /v1/validation-preferences. Set enabled to true for the providers that you want to use. The request is authorized using the access token generated in Step 2.
Here's an example of a request that enables email address validation using Email Hippo and Melissa as the providers, and phone number validation using Telesign.
curl -i -X PUT \
https://dv.identity.security/v1/validation-preferences \
-H 'Authorization: Bearer [ACCESS_TOKEN]' \
-H 'Content-Type: application/json' \
-d '{
"email_providers": [
{
"provider_name": "EMAILHIPPO_E1",
"enabled": true
},
{
"provider_name": "MELISSA",
"enabled": true
}
],
"phone_number_providers": [
{
"provider_name": "TELESIGN",
"enabled": true
}
]
}'Note
You can also enable providers by first sending a GET request to /v1/validation-preferences, updating the enabled flag as needed, and sending a PUT request with the updated configuration object.
Step 4: Initiate data validation
When needed, you can initiate a data validation process by sending a POST request to /v1/api/validate-data with the data you want to validate using the providers you've enabled. The request is authorized using the access token generated in Step 2. The response will contain the result data returned by each provider that was used.
For example, here's a request to validate the user's phone number and email address:
curl -i -X POST \
https://dv.identity.security/v1/api/validate-data \
-H 'Authorization: Bearer [ACCESS_TOKEN]' \
-H 'Content-Type: application/json' \
-d '{
"email": "user@gmail.com",
"phone_number": "12125556677"
}'Here's an example of a validation response:
Note
By default, the response only contains mock data for the purpose of simulating a validation response. This is the default for all tenants.
{
"mock_data": true, // Indicates response only includes mock data for simulating data validation
"email": {
"value": "user@gmail.com",
"result_data": [
{
"raw_data": {
"result": "Ok",
"reason": "Success",
"role": false,
"free": true,
"disposable": false,
"email": "user@gmail.com",
"domain": "gmail.com",
"user": "user",
"mailServerLocation": "US",
"duration": 76
},
"provider_name": "EMAILHIPPO_E1"
},
{
"raw_data": {
{
"Version": "4.2.1.4228",
"TransmissionReference": "",
"TransmissionResults": "",
"TotalRecords": "1",
"Records": [
{
"RecordID": "1",
"DeliverabilityConfidenceScore": "64",
"Results": "ES01,ES21",
"EmailAddress": "user@gmail.com",
"MailboxName": "user",
"DomainName": "gmail",
"DomainAuthenticationStatus": "SPF,DMARC",
"TopLevelDomain": "com",
"TopLevelDomainName": "Commercial",
"DateChecked": "9/3/2019 5:40:59 AM",
"EmailAgeEstimated": "1765",
"DomainAgeEstimated": "10027",
"DomainExpirationDate": "2023-08-12T00:00:00",
"DomainCreatedDate": "1995-08-13T07:00:00",
"DomainUpdatedDate": "2022-07-11T09:25:59",
"DomainEmail": "",
"DomainOrganization": "Google LLC",
"DomainAddress1": "",
"DomainLocality": "",
"DomainAdministrativeArea": "CA",
"DomainPostalCode": "",
"DomainCountry": "UNITED STATES",
"DomainAvailability": "UNAVAILABLE",
"DomainCountryCode": "US",
"DomainPrivateProxy": "",
"PrivacyFlag": "N",
"MXServer": "",
"DomainTypeIndicator": "Personal",
"BreachCount": ""
}
]
}
},
"provider_name": "MELISSA"
}
]
},
"phone_number": {
"value": "12125556677",
"result_data": [
{
"raw_data": {
"reference_id": "3615373C565SKJDBASDKHSA1F22CJHSAG38",
"external_id": null,
"status": {
"updated_on": "2022-12-26T09:41:35.625420Z",
"code": 300,
"description": "Transaction successfully completed"
},
"numbering": {
"original": {
"complete_phone_number": "12125556677",
"country_code": "1",
"phone_number": "2125556677"
},
"cleansing": {
"call": {
"country_code": "1",
"phone_number": "2125556677",
"cleansed_code": 100,
"min_length": 10,
"max_length": 10
},
"sms": {
"country_code": "1",
"phone_number": "2125556677",
"cleansed_code": 100,
"min_length": 10,
"max_length": 10
}
}
},
"risk_insights": {
"status": 800,
"category": [
10032
],
"a2p": [
22001,
20008,
20101
],
"p2p": [
30201,
30201
],
"number_type": [
40002,
40010
],
"ip": [],
"email": []
},
"phone_type": {
"code": "5",
"description": "VOIP"
},
"location": {
"city": "Washington",
"state": "DC",
"zip": "20019",
"metro_code": "8840",
"county": "District of Columbia",
"country": {
"name": "United States",
"iso2": "US",
"iso3": "USA"
},
"coordinates": {
"latitude": 38.8724,
"longitude": -76.97023
},
"time_zone": {
"name": "America/New_York",
"utc_offset_min": "-5",
"utc_offset_max": "-5"
}
},
"carrier": {
"name": "Google (Grand Central) - SVR"
},
"blocklisting": {
"blocked": false,
"block_code": 0,
"block_description": "Not blocked"
},
"risk": {
"level": "very-high",
"recommendation": "block",
"score": 880
}
},
"provider_name": "TELESIGN"
}
]
}
}Step 5: Handle data validation
Process the data validation response to determine the integrity of the data, and to evaluate the risk. Based on your assessment, you can decide how to proceed. For example, if the data validation occurs in the context of a new account registration and you deem the data to be reliable, then you can securely proceed with your onboarding process.