When integrated with Twilio or similar SMS/Voice API providers included out-of-the-box with Advanced Authentication, to leverage higher volumes of outgoing SMS texts.

Typically, for lower volume usage you lease "long code" phone numbers to have the 3rd party services like Twilio and others to send out your company text. These "long code" phone numbers are generally rate limited by carriers.

To be able to send out a higher volume of texts (for larger employee population customers such as ourselves), you should apply for "short code" numbers to send out your texts. But those come with FTC Compliance attestations that you will provide support for deregistration of unwanted texts via the users replying back to the SMS number with messages like "STOP" or "CANCEL"

While 3rd party providers like Twilio and others support that bi-directional communication from the end-user via SMS, and their system supports rolling that information back to your call-back URL's, I do not see any such support inside of Advanced Authentication to delete the phone number enrollment off of the user.

AA needs to support SMS and Voice OTP de-enrollment from these STOP/CANCEL replies. Obviously, a delete for SMS should only deregister the SMS enrollment in AA -- not Voice OTP. And similarly a STOP/CANCEL for Voice OTP should only delete the Voice OTP enrollment and not the SMS OTP enrollment.

by: Stefan E. | over a year ago | Integrations