Thursday, February 16, 2006

4 Steps to Telephone Authentication

This article explains how you can use the telephone to authenticate users, using the TeleAuth web-service.

TeleAuth provides an API that allows you to call a user and request a numeric secret in real-time. It can be used within web-based applications, console apps, or for network services.

It can also be used with online shopping sites to do things like collecting credit-card information, or delivering pass-codes.

Step 1. Sign Up

Visit and sign up for a beta account.

Step 2. Create an API Key

Log into your account, and click the "Add New Key" link. A new API key will be generated for you to use in your SOAP or XML-RPC requests.

Step 3. Test It

Expand the "Test Call" tab, and select an API Key. Then, enter a North American phone number, and select a prompt. The prompts are what the receiver hears when he/she receives a call (e.g., "Enter PIN code", or "Enter your credit-card number").

Click "Place Call" to initiate the phone call. The call status is updated in real-time on the page.

The phone should receive a call in a matter of seconds. Answer it, and enter some digits on the dial-pad. As soon as you hit the "#" key, you should see the result on the page.

Step 3. Try Some Code

Here's a simple Ruby program that calls a phone number and requests a PIN code:

#!/usr/bin/env ruby

require 'soap/wsdlDriver'
require 'cgi'

soap_client =

# Log SOAP request and response
soap_client.wiredump_file_base = "soap-log.txt"

# Place the phone call
response = soap_client.getSecret( "SKJDekqQ4wUBiJEGFpkgA8Ph0bkkAXb",
"15556673323", "pin")

# Display reponse
puts response.result, " / ", response.secret, " / ", response.message

Above, we use the SOAP WSDL-schema from, and call the "GetSecret" method. The parameters we provide are: the API key, a phone number, and a voice-prompt.

The return values are:

result: The result code. Usually "OK", or "ERROR".
secret: The digits dialed on the key-pad (PIN code, credit-card number).
message: An error message, if the result was "ERROR".

Step 4. Use It

And there we have it. TeleAuth supports both SOAP and XML-RPC. Use it with Rails. Use it with Java. Use it with Z80 Assembler if you wish.

The service is currently in beta, and is currently looking for testers.


No comments:

Post a Comment