Member Insights
LotusFlare CCO Eric Morhenn explains why Number Verify is safer than OTP via SMS and how CSPs can monetize the capability via APIs.

With Number Verify CSPs can replace OTP and reclaim the identity layer
For nearly a decade, the one-time password (OTP) via SMS has served as the “necessary evil” of our digital lives. We have all dealt with the friction: the wait for a text that never arrives, the awkward app-switching to copy a code, and the growing threat of SIM-swap fraud. For communications service providers (CSPs), this has been a double-edged sword – they provide a critical utility while third-party aggregators capture the high-value relationship with the end user.
But now the tide is finally turning. The industry’s shift toward Number Verify, a key component of the GSMA Open Gateway initiative, represents a significant opportunity for CSPs to move beyond being “bit pipes” to become the “identity layer” of the internet.
Number Verify is a network-based authentication API that works silently in the background. Unlike SMS OTP, it checks a device’s MSISDN directly against real-time network information. If a user is on a mobile data connection, authentication happens in milliseconds without a single manual tap. It is, quite simply, the ultimate frictionless experience.
In the digital economy, friction is a billion-dollar problem. High percentages of users drop off during sign-up processes because of the “OTP tax”. By providing silent authentication, CSPs help enterprise clients, such as banks and e-commerce platforms, increase conversion rates. When a CSP makes an enterprise’s app work better, they become an indispensable partner rather than a replaceable utility.
Beyond user experience, there is a looming security mandate. SMS OTP is increasingly vulnerable to social engineering and SIM-swap fraud.
Number Verify is inherently more secure because it is tied to the physical SIM and the network session. It cannot be intercepted by fraudulent web overlays or forwarded to a secondary device.
By offering a trusted, network-grade solution, CSPs can position themselves as the ultimate guardians of digital identity.
To capitalize on this, operators must rethink their monetization models. Traditionally, operators earn a fraction of a cent for delivering an SMS. With Number Verify, the product shifts from a volume-based message to a value-based verification event. Enterprises are proving willing to pay a premium for a 100% successful, fraud-proof silent login compared to a “flaky” text message.
The growth of 5G Standalone (SA) infrastructure has created the technical capacity for this shift, but the business models are still catching up. CSPs require sophisticated orchestration and monetization layers to expose these APIs through standardized, machine-readable interfaces – aligned with projects like the Linux Foundation’s CAMARA Project – to ensure security and manage micro-billing at scale.
The era of high-friction SMS authentication is reaching its expiration date. As the industry moves toward standardized network APIs, CSPs have a once-in-a-generation chance to reclaim their place at the center of digital transactions.
By simplifying the exposure and monetization of Number Verify, operators can finally turn the network-as-a-service (NaaS) vision into a high-margin reality. A new revenue stream is waiting for those ready to lead the charge into the identity layer.