Skip to main content

Sim Swap1.1.1

  • DE
  • ES
  • GR
  • NL
  • UK

Sandbox

Sim Swap Overview

Fraudsters can use social engineering techniques to get users to give them control of a mobile number. Sim Swap fraud is also known as Unauthorised Account Takeover. 

The SIM Swap API enables you to act before fraudsters have the chance to change passwords or withdraw funds from your customers' accounts.

Partners can use the API to verify that the SIM card has not recently been swapped (and potentially under the control of a fraudster).

Benefits

sim swap detection

  • Verify your users in the background via a sensitive feature to ensure that the SIM card has not changed.

Secure

  • It secures the SMS OTP (one-time pins).

Technical Information

Changelog

Beta version for sandbox publication.

Protocol

HTTPS

URLs for Sandbox and Production environments

Sandbox:

https://api-sandbox.vf-dmp.engineering.vodafone.com

Production:

https://api.vf-dmp.engineering.vodafone.com

Key Features

Sim Swap provides information (a timestamp) of the last time the SIM was swapped or ported.

How it works

  1. A customer tried to re-activate their banking app.
  2. The website (or app) sends a SIM Swap request to Vodafone.
  3. Vodafone responds with information (a timestamp) on the last time the SIM was changed, e.g. "sim_change": "2010-05-08T13:30:04Z".
  4. The website (or app) can allow or deny the user's actions based on the timestamp information provided by the API.

Use Case Examples

Customers typically call the SIM Swap API when their end customers:

  • Initiate password reset via mobile,
  • Install a mobile banking app,
  • Set up a new payee, or
  • Make any mobile-originated transaction where there’s a transfer of funds

Vodafone Developer Portal

Discover, try, and purchase our APIs to start building your own apps