Didit's Email Verification provides a reliable method to verify user email addresses through one-time passcodes (OTP) and advanced risk assessment. This feature helps ensure valid, reachable contact information while protecting against high-risk and compromised emails.
How it works
Our Email Verification solution combines OTP verification with intelligence signals such as breach exposure, deliverability, and provider reputation.
The system securely collects:
- Email Address:
- If not provided during session creation, the user enters their email address
- If provided during session creation, the user must verify the pre-filled email
- Preferred Language: Used for localized communications when applicable
Our verification system:
- Generates a secure, time-limited one-time passcode
- Delivers the code via email to the provided address
- Implements deliverability best practices to maximize inbox placement
- Provides resend flows with safeguards to prevent abuse
The user completes verification by:
- Entering the received code into the verification interface
- Submitting within the configured timeframe (5 minutes)
- Requesting a new code if needed (with appropriate rate limiting)
Our system performs advanced checks:
- Breach Exposure: Looks up the email across known data breaches and lists exposed services
- Disposable Provider Detection: Flags emails from temporary/disposable providers
- Deliverability Checks: Detects undeliverable or syntactically invalid addresses
- Reputation Signals: Identifies potentially high-risk email patterns
- Duplicate Use: Cross-references with historical verification data
Access verification results through multiple channels:
- Real-time dashboard updates
- Webhook notifications
- RESTful API responses
- Comprehensive reports with detailed verification information
Verification Features
Our Email Verification service offers several key features to enhance your verification process:
OTP Verification
- Secure Code Generation: Random, time-bound one-time passcodes
- Email Delivery: Reliable and localized email delivery
- Configurable Timeouts: Set expiration times based on your security requirements
- Retry Options: Allow users to request new codes with appropriate limits
Email Analysis
- Syntax Validation: Ensure the email address follows RFC-compliant format
- Provider Checks: Identify disposable/temporary providers
- Deliverability Insight: Detect undeliverable addresses
- Breach Intelligence: Surface known breach records with details
Risk Assessment
- Exposure Detection: Identify if the email appears in known breaches
- Disposable Detection: Flag temporary or throwaway emails
- Activity Monitoring: Track suspicious patterns across attempts
- Blocklist Checking: Check against internal lists of previously misused emails