Prove replaces SMS OTPs with persistent recognition
Prove
This shifts Prove from being a code delivery vendor to being a behind the scenes identity layer. SMS OTP works by sending a one time code to a phone number, so whoever controls that number at that moment can often receive the code. Unified Authentication replaces that weak possession check with persistent device recognition, cryptographic keys, and telecom risk signals, so trust follows the verified user across sessions instead of resetting every time a code is texted.
-
The concrete risk with SMS OTP is SIM swap. A fraudster convinces a carrier to move a victim's number to a new SIM, then intercepts login codes. Prove and other identity vendors now position passive device checks, SIM change detection, and key based authentication as the direct fix for that attack path.
-
Prove is building this on top of phone and carrier data it already owns. The company describes itself as a mobile phone data identity platform, and Unified Authentication adds persistent recognition across sessions, devices, and lifecycle changes. That turns one off authentication events into an always on recognition system, which is a much broader product surface.
-
The commercial upside is not just lower fraud. OTP creates failed logins, delayed texts, and user drop off. In Prove's NatWest case study, removing OTPs improved conversion and reduced social engineering losses. That makes this kind of product easier to sell to banks and fintechs because it ties security spend to measurable onboarding and login performance.
Authentication is moving toward silent checks first, then step up only when risk rises. If Prove can make persistent recognition reliable across carriers and devices in 190 plus countries, it becomes more embedded in account opening, login, and recovery flows, and competes less on message delivery and more on owning the trust decision itself.