Live Verification for Users

Super Administrators and Help Desk Administrators can verify user identities during calls using any registered multi-factor authentication (MFA) method. This ensures security and convenience without exposing sensitive credentials. For example, when a user contacts a Help Desk Administrator to update their email address or register a new device, they can verify their identity using a registered MFA method, preventing unauthorized access and reducing fraud risk.

To further improve security, use the Live Verification feature with Risk AI and Mobile Lock. Mobile Lock prevents attackers from remotely accessing a compromised device during verification. Risk AI uses Identity Confidence to detect suspicious activity and block unauthorized verification attempts, even if an attacker has access to the user’s authenticator. Using these features together strengthens authentication and minimizes the risk of account compromise.

The Live Verify feature is included by default in select ID Plus plans and offered as an add-on in others. For availability details, refer to the ID Plus Plans.

Start Live Verification for a User

This section outlines how to initiate the Live Verification process, which helps ensure secure authentication and prevent unauthorized access before making profile changes. Use this process when you receive a call and need to verify the user's identity.

The Live Verification section appears on the User Management page only when the Live Verification Policy is enabled.

Note:   Only one administrator can verify a user's identity at a time, preventing simultaneous verification attempts by multiple administrators.

Before you begin 

• You must be a Super Administrator or Help Desk Administrator to perform Live Verification.

• A Super Administrator need to enable the Live Verification Policy under Access > Policies for the feature to be available. For configuration steps and security best practices, see Live Verification Policy.

Procedure 

1. In the Cloud Administration Console, click Users > Management.

2. In the Search field, enter the user's User ID, which is also the user's email address. Select the user from the list to display their details.

3. In the Live Verification section, click Start Verification.

4. Provide the user with the designated Verify URL and wait for them to authenticate using the available methods based on the configured policy. Once authenticated, the user will receive a verification code to share with you.

5. In the User Live Verification dialog, enter the Verification Code provided by the user, and then click Verify to complete the process.

If the verification code is valid, the live verification process succeeds, and the user's status updates to "Verified."

Important Notes:

• If the verification session times out, refresh the session to restart verification.

• If you navigate away from the User Management page before completing the profile updates, the user's status will reset to "Unverified", even if you have completed verification.

• Live verification attempts are logged in both the Admin Event Monitor and the User Event Monitor. The Admin Event Monitor logs actions by Super Administrators and Help Desk Administrators, while the User Event Monitor tracks the user authentication process during the Live Verification session.

Note:  The Live Verification feature is currently patent pending.