Implementing Prove Bot Detection

Complete Step 2: Authentication

Begin by implementing Step 2: Authentication to authenticate the user’s device. This step is crucial as it establishes a trusted connection between the user and their phone number, which is the foundation for the Bot Detection solution.

This step must be complete before proceeding with Bot Detection.

Gather Required Inputs

Collect the phone number from your CRM or database.

Call the Verify Endpoint

Make a request to the /v3/verify endpoint including the Authorization header. Generate a bearer token as outlined on the Authentication page. Include the following required parameters:

phoneNumber: the phone number of the customer.
verificationType: the type of verification to be performed. Set this value to bot.
clientRequestId: client-generated unique ID for a specific session. This can be used to identify specific requests.

Always provide unique clientRequestId values for each request to enable proper tracking and troubleshooting.

The optional parameters:

emailAddress: the email address of the customer.
ipAddress: the IP address of the customer’s device.
userAgent: the user agent of the customer.
clientCustomerId: the client-generated unique ID for a specific customer. This can be used by clients to link calls related to the same customer, across different requests or sessions.
clientHumanId: a client-generated unique ID for a consumer across business lines.
proveId: the Prove ID associated with the customer, if known.

cURL

curl -X POST "https://platform.uat.proveapis.com/v3/verify" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{
    "verificationType": "bot",
    "phoneNumber": "2001004051",
    "clientRequestId": "test-request-001",
    "clientCustomerId": "test-customer-001"
}'

You will test this example in the Sandbox environment using the test users provided in the Sandbox Testing guide.

Process the Response

The response includes comprehensive identity information and verification results:

success: the result of the verification.
correlationId: the unique ID that Prove generates for the flow.
clientRequestId: the client-generated unique ID for a specific session, provided in the request.
phoneNumber: the phone number provided in the request.
assuranceLevel: the confidence level (AL-1, AL0, AL1, AL2, AL3).
clientCustomerId: the client-generated unique ID for a specific customer, provided in the request.
proveId: the unique Prove-assigned ID tied to the consumer.
provePhoneAlias: the unique Prove-assigned ID tied to the phone number.
evaluation: object containing the results of the authentication and risk evaluations. Refer to the Global Fraud Policy for more details.

Example Response

{
    "success": "true",
    "correlationId": "e4f4e229-ce65-4b43-bdb4-551556b3b68a",
    "clientRequestId": "e4f4e229-ce65-4b43-bdb4-551556b3b68a",
    "phoneNumber": "2001004051",
    "assuranceLevel": "AL1",
    "clientCustomerId": "test-customer-001",
    "proveId": "b7e54823-0068-4e23-9e07-60d382518bcf",
    "provePhoneAlias": "4B2C41FC4VKDEO100F960011D0AD4A8050MEK19P4SF9PD23EFE27CD2C76A6FAA8375E60AC0550604F6G32D9ED60E06262CCC570F3C15F2D16900184E",
    "identity": {},
    "evaluation": {
        "authentication": {
            "result": "pass"
        },
        "risk": {
            "result": "pass"
        }
    }
}

Best Practices

Check the success field to handle different verification outcomes appropriately.
Save the proveId and correlationId for future reference and to enable cross-domain linking if needed.
Use assurance levels to implement adaptive security policies based on transaction risk.

Sandbox testing

Test users

The following test users are available for testing Bot Detection using the /v3/verify endpoint in the Sandbox environment. Use these test users to simulate different verification scenarios and outcomes.

Phone Number	First Name	Last Name	Verification Type	Expected Outcome
`2001004051`	Ewen	Brimilcome	`bot`	Success
`2001004052`	Hilary	Kumaar	`bot`	Failed

Use these test phone numbers exactly as shown. The sandbox environment doesn’t validate real customer information.

Testing steps

Ewen
Hilary

Use test user Ewen Brimilcome to verify a successful verification:

cURL

curl -X POST "https://platform.uat.proveapis.com/v3/verify" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "verificationType": "bot",
    "phoneNumber": "2001004051",
    "clientRequestId": "test-request-001",
    "clientCustomerId": "test-customer-001"
  }'

Expected response:

{
    "success": "true",
    "correlationId": "e4f4e229-ce65-4b43-bdb4-551556b3b68a",
    "clientRequestId": "e4f4e229-ce65-4b43-bdb4-551556b3b68a",
    "phoneNumber": "2001004051",
    "assuranceLevel": "AL1",
    "clientCustomerId": "test-customer-001",
    "proveId": "b7e54823-0068-4e23-9e07-60d382518bcf",
    "provePhoneAlias": "4B2C41FC4VKDEO100F960011D0AD4A8050MEK19P4SF9PD23EFE27CD2C76A6FAA8375E60AC0550604F6G32D9ED60E06262CCC570F3C15F2D16900184E",
    "identity": {},
    "evaluation": {
        "authentication": {
            "result": "pass"
        },
        "risk": {
            "result": "pass"
        }
    }
}

Get Started

Welcome

Know

Grow

Pre-Fill

Identity

Resources

Implementing Prove Bot Detection

Sandbox testing

Test users

Testing steps

Get Started

Welcome

Know

Grow

Pre-Fill

Identity

Resources

​Sandbox testing

​Test users

​Testing steps

Sandbox testing

Test users

Testing steps