Skip to content

Validation

1. Validating the Service

To generate a token to test and validate it, click the Validation menu. The Validation page is displayed (The PIN Validation tab is displayed as the default):

intro_9

This is where you can test out various messaging scenarios and phone numbers to make sure your authentication messages, or URL validation messages are working like you would like them to.

There are three tabs:

  • PIN Validation
  • URL Validation
  • 2-Step URL Validation

intro_10

Simply click the type of validation that you would like to test.

Pin Validation

To generate a PIN validation token, the following fields are available:

  1. Select (or provide) your Account ID in the Account ID field. If you have multiple accounts such as a parent account plus multiple child (or sub-accounts), they will appear in a drop-down list. (Mandatory)
  2. Enter your test MSISDN (E.164 phone number) number without a pre-pended + in the Mobile number to receive SMS tokens field. (NOTE: either this field or the email field is required)
  3. Enter a secondary identifier key in the Secondary Key field (optional). Note: the secondary key can be used in situations where you may have multiple end-users sharing a device or for some secondary identifier beyond the phone number (MSISDN).
  4. Enter your email address in the Email address field. (NOTE: either this field or the MSISDN field is required)
  5. Enter any text (such as “Your pin code is...“) in the Message Text field. (Note: Your default text will be used, if left blank). You may substitute “[token]” to be replaced with the generated token.
  6. Select either the Numeric or Alphanumeric token type by selecting the corresponding radio button.
  7. The default Token length is 4 - but you can choose to increase this if you wish.
  8. The Timeout is 30 seconds by default, but again you can increase this if you want a little longer to enter your received pin in the validation section. Enter the number of minutes and seconds.
  9. Two-Part Token Generation (Yes or No). Set the toggle to Yes, if you want to generate a 2-part token.

    Background: This is an optional feature that will provide the ability to generate a TWO-PART token. This feature provides extra security. For this feature, the regular PIN or Verification code and a special alphanumeric code (4 random characters) are generated.

    This 4-character alphanumeric code will be returned to the application in the API, meaning the customer’s application could display that code on their website AND in the SMS message along with the regular PIN code. That way, the user can visually match the code in their SMS with the code displayed on the website. Only the regular PIN code is validated as is the normal method.

    The options include ability to generate and insert both codes into the SMS message and have the 4-character code returned in the API. If users generate multiple codes, they can use the currently displayed 4-character code on the website to match the PIN code they received in the SMS message as the proper one to be validated.

    This can also help users validate that the incoming SMS message is, in fact, from their bank or financial institution. They will expect to receive an SMS message with the appropriate 4-character code along with their PIN code.

    Note: Only the 2nd part of the 2-part validation code generated is used for validation. The first part (the 4-character alphanumeric code), is not part of the validation. It is mainly used as a visual reference for the end user.

  10. Send an SMS message with a validation token, click Generate. A status message and an OrderID (refers to the delivery SMS or email message) are displayed at the top of the screen. For example:

intro_11

If you provided a live telephone number (or alternatively, an email address), you should see a message on your phone, like the example shown.

If an error occurs refer to the Error Messages or the error description on the screen for more information and troubleshooting.

Pin Validation 2-Part Token

To generate a 2-part token, all fields are the same as described in 3.2.1; however, for the Message Body, you may substitute “[token]” to be replaced with the generated 2-part token. The first part is a random 4-character alphanumeric string (e.g. WXYZ) and the 2nd part is the normal generated token as you have configured. “[token]” will be replaced with WXYZ-123456 – the full 2-part token.

You may also split up the first and second parts by substituting [token-part1] for the first part and [token-part2] for the second part.

Here’s an example Message Body: Hi there: Your validation code is: [token-part2]. Match with [token-part1].

Make sure you set Two-Part Token Generation to YES.

Select Generate

A two-part token received on a mobile device will be like the example:

intro_12

Validation the Token

To validate a token, enter the validation PIN (or token) you received when you generated the token in the Token Received field on the right-hand side of the screen:

intro_13

If you sent a 2-part token, you’ll see Part-1 pre-populated in the Token Received field. You can reference that 4-character code in the message received.

intro_14

For either case, simply type in the token that you received.

Click Validate.

If the token is valid, a message is displayed informing you that your token has been successfully validated:

intro_15

If an error occurs refer to the displayed message and/or Error Messages section for troubleshooting.

URL Validation

To test and validate the URL Validation capabilities, click the URL Validation tab. Your screen will show the following:

intro_16

To generate a URL validation, the following fields are available:

  1. Select (or provide) your Account ID in the Account ID field. If you have multiple accounts such as a parent account plus multiple child (or sub-accounts), they will appear in a drop-down list. (Mandatory)
  2. Enter your test MSISDN (E.164 phone number) number without a pre-pended + in the Mobile number to receive SMS tokens field. (NOTE: either this field or the email field is required)
  3. Enter a secondary identifier key in the Secondary Key field (optional). Note: the secondary key can be used in situations where you may have multiple end-users sharing a device or for some secondary identifier beyond the phone number (MSISDN).
  4. Enter your email address in the Email address field. (NOTE: either this field or the MSISDN field is required)
  5. Enter any text (such as “Tap the link to validate...“) in the Message Text field. (Note: Your default text will be used, if left blank). You may substitute “[link]” to be replaced with the generated URL link. Otherwise, the generated, one-time URL will be appended to the end of the message.
  6. The Success Message for URL Authorization field (optional) provides a custom message to be displayed on the landing page when the URL validation has completed successfully. If nothing is specified here, the default value that you set for this account will be used.
  7. The Timeout is 30 seconds by default, but again you can increase this if you want a little longer to enter your received pin in the validation section. Enter the number of minutes and seconds.
  8. The Headline is the text that will be displayed at the top of the URL landing page, once the URL is tapped on the destination device. If nothing is specified here, the default value that you set for this account will be used.
  9. The Sub Headline is the text that will be displayed below the Headline at the top of the URL landing page, once the URL is tapped on the destination device. If nothing is specified here, the default value that you set for this account will be used.
  10. Send an SMS message with a validation URL, click URL Authentication. A status message and an OrderID (refers to the delivery SMS or email message) are displayed at the top of the screen.

For example:

intro_17

Once the URL is tapped on the device, the validation is completed, and the URL landing page is displayed on the device.

Any subsequent taps on the URL in the message will have no effects but will show an error on the landing page similar: The entered PIN has expired.

2-Step URL Validation

To test and validate with the 2-Step URL Validation option, click the 2-Step Validation tab. Your screen will show the following:

intro_18

To generate a URL validation, the following fields are available:

  1. Select (or provide) your Account ID in the Account ID If you have multiple accounts such as a parent account plus multiple child (or sub-accounts), they will appear in a drop-down list. (Mandatory)
  2. Enter your test MSISDN (E.164 phone number) number without a pre-pended + in the Mobile number to receive SMS tokens field. (Mandatory)
  3. Enter a secondary identifier key in the Secondary Key field (optional). Note: the secondary key can be used in situations where you may have multiple end-users sharing a device or for some secondary identifier beyond the phone number (MSISDN).
  4. The Email Address field is unavailable for 2-step URL validation. This is only designed for an SMS delivery.
  5. Enter any text (such as “Tap the link to validate...“) in the Message Text (Note: Your default text will be used, if left blank). You may substitute “[link]” to be replaced with the generated URL link.  Otherwise, the generated, one-time URL will be appended to the end of the message.
  6. The Timeout is 30 seconds by default, but again you can increase this if you want a little longer to enter your received pin in the validation section. Enter the number of minutes and seconds.
  7. The Headline is the text that will be displayed at the top of the URL landing page, once the URL is tapped on the destination device. If nothing is specified here, the default value that you set for this account will be used.
  8. The Sub Headline is the text that will be displayed below the Headline at the top of the URL landing page, once the URL is tapped on the destination device. If nothing is specified here, the default value that you set for this account will be used.
  9. The Main Text field may contain a paragraph of text that you want to be displayed under your branding logo on the URL landing page. If nothing is entered, the default text will be used from your Account setup.
  10. The Affirmative Button Text is the label of the Affirmative button that will be displayed on the URL Landing page. If nothing is entered, the default text will be used from your Account Info setup.
  11. The Accept Message is the text that will be displayed if the Affirmative button is tapped on the URL Landing page. If nothing is entered, the default text will be used from your Account Info setup.
  12. The Decline Button Text is the label of the Decline button that will be displayed on the URL Landing page. If nothing is entered, the default text will be used from your Account Info setup.
  13. The Decline Message is the text will be displayed if the Decline button is tapped on the URL Landing page. If nothing is entered, the default text will be used from your Account Info setup.
  14. Button Color – click the little down-arrow to select the color of your Accept and Decline buttons that will be displayed on the URL Landing page. If you do not change the color, the default color that you set on your Account Info page will be used.  We suggest using a lighter color, as black button text is used.

For a diagram of the customizations available for the URL Landing page, please see Section 3.1, Viewing & Modifying Account Information.

  1. To send the SMS message with a validation URL, click 2-Step URL Authentication. A status message and an OrderID (refers to the delivery SMS or email message) are displayed at the top of the screen.

For example:

intro_19

Once you tap the “Accept” or “Decline” buttons on the mobile device, the appropriate message will appear on the URL Landing page as outlined, above.

A message similar to the following will appear on the screen, once one of the buttons is tapped on the mobile device:

intro_20