|
|
|
|
|
|
by alifakh
1401 days ago
|
|
|
One thing that it wasn't clear to me is, the check only verifies that there is an active SIM card, but how is that tie to a person? With one-time-password via SMS, we are not only verifying that the phone number is active but also a specific person (with the registered phone number in their account) have access to the phone. In the first case it is enough to use any phone number as long as it is active. |
|
|
The mobile device makes the GET request to that check url over a cellular data request. The MNO verifies the phone number assigned to that sim card making that data request matches phone number used in the creation of that check url.