.wpb_animate_when_almost_visible { opacity: 1; }

CAMARA - SIM SWAP - Spain (es) 0.2

Obtener información sobre la última actualización de la SIM del Usuario.

Contact us
Download

SIM Swap
 0.5.0-wip 
OAS 3.0

https://developer.orange.com/ope-contents/channels/87afd7365baec589/offers/W7mOjI3mqT74Zo1N/products/ain7JuCwbxxVykn2/contents/swagger/MF8cCN2ebRFI0mOY/sim_swap.yaml

The SIM swap API provides a programmable interface for developers and other users (capabilities consumers) to request the last date of a SIM swap performed on the mobile line, or, to check whether a SIM swap has been performed during a past period.

Introduction

The SIM Swap API performs real-time checks on the last SIM Swap event.

The SIM Swap API is useful to prevent fraud by reducing the risk of account takeover fraud by strengthening SIM based authentication processes such as SMS One-time passwords. Fraudsters are using SIM swap techniques to intercept SMS messages and reset passwords or receive verification codes that allow them to access protected accounts.

The SIM Swap API can also be used to protect non-automated actions. For example, when a call center expect contacts a user to clarify or confirm a sensitive operation.

This API is used by an application to get information about a mobile line latest SIM swap date. It can be easily integrated and used through this secured API and allows SPs (Service Provider) to get this information an easy & secured way. The API provides management of 2 endpoints answering 2 distinct questions:

  • When did the last SIM swap occur?
  • Has a SIM swap occurred during last n hours?

Depending on the network provider implementation, legal enforcement, etc... either one or both endpoints could be implemented.

Relevant terms and definitions

SIM swap: A SIM swap is a process in which a user's mobile phone number (MSISDN) is associated with a new SIM card (IMSI). This is typically done by contacting the user's mobile service provider and requesting a new SIM card for various reasons, such as a lost or damaged SIM card or upgrading to a new phone.

SimSwap also happens during other actions like changing user's phone number, changing mobile service provider keeping user's mobile phone number or when activating a new SIM associated to the same phone number, known as multisim service.

API functionality

The API provides 2 operations:

  • POST retrieve-date : Provides timestamp of latest SIM swap, if any, for a given phone number.

  • POST check: Checks if SIM swap has been performed during a past period (defined in the request with 'maxAge' attribute) for a given phone number.

Further info and support

GSMA Mobile Connect Account Takeover Protection specification was used as source of input for this API. For more about Mobile Connect, please see Mobile Connect website.

(FAQs will be added in a later version of the documentation)

Terms of service
Contact the developer
Apache 2.0
Product documentation at Camara
Servers
Computed URL:http://localhost:9091/sim-swap/v0

Server variables

apiRoot
basePath

    • HTTP status codereasonresponse model
      400List of supported error codes:
      - 20: Invalid URL parameter value
      - 21: Missing body
      - 22: Invalid body
      - 23: Missing body field
      - 24: Invalid body field
      - 25: Missing header
      - 26: Invalid header value
      - 27: Missing query-string parameter
      - 28: Invalid query-string parameter value
      {
  "code": 28,
  "message": "Invalid query-string parameter value",
  "description": "One or more query-string parameters contain invalid values."
}
      401List of supported error codes:
      - 40: Missing credentials
      - 41: Invalid credentials
      - 42: Expired credentials
      {
  "code": 42,
  "message": "Expired credentials",
  "description": "The requested service needs credentials, and the ones provided were out-of-date."
}
      403List of supported error codes:
      - 50: Access denied
      - 51: Forbidden requester
      - 52: Forbidden user
      - 53: Too many requests
      {
  "code": 53,
  "message": "Too many requests",
  "description": "The application has made too many calls and has exceeded the rate limit for this service."
}
      404List of supported error codes:
      - 60: Resource not found
      {
  "code": 60,
  "message": "Resource not found",
  "description": "The requested URI or the requested resource does not exist."
}
      405List of supported error codes:
      - 61: Method not allowed
      {
  "code": 61,
  "message": "Method not allowed",
  "description": "The URI does not support the requested method. The available methods should be set in the response header 'Allow'"
}
      406List of supported error codes:
      - 62: Not acceptable
      {
  "code": 62,
  "message": "Not acceptable",
  "description": "The Accept incoming header does not match any available content-type."
}
      408List of supported error codes:
      - 63: Request time-out
      {
  "code": 63,
  "message": "Request time-out",
  "description": "The server timed out waiting for the incoming request."
}
      409List of supported error codes:
      - 69: Conflict
      {
  "code": 69,
  "message": "Conflict",
  "description": "The request could not be completed due to a conflict with the current state of the resource."
}
      411List of supported error codes:
      - 64: Length required
      {
  "code": 64,
  "message": "Length required",
  "description": "The request did not specify a Content-Length header, which is required by the requested resource."
}
      412List of supported error codes:
      - 65: Precondition failed
      {
  "code": 65,
  "message": "Precondition failed",
  "description": "One of the precondition request headers (aka. 'If-None-Match', 'If-Match', 'If-Modified-Since', and 'If-Unmodified-Since') failed to match."
}
      413List of supported error codes:
      - 66: Request entity too large
      {
  "code": 66,
  "message": "Request entity too large",
  "description": "The body of the request/response (PATCH, POST and PUT methods) is larger than the server is willing or able to process."
}
      414List of supported error codes:
      - 67: Request-URI too long
      {
  "code": 67,
  "message": "Request-URI too long",
  "description": "The URI provided was too long for the server to process."
}
      415List of supported error codes:
      - 68: Unsupported Media Type
      {
  "code": 68,
  "message": "Unsupported Media Type",
  "description": "The format of the posted body is not supported by the endpoint."
}
      429List of supported error codes:
      - 53: Too many requests
      {
  "code": 53,
  "message": "Too many requests",
  "description": "The application has made too many calls and has exceeded the rate limit for this service."
}
      500List of supported error codes:
      - 1: Internal error
      {
  "code": 1,
  "message": "Internal error",
  "description": "Generic failure message, used if no more precise code can be provided."
}
      502List of supported error codes:
      - 1: Internal error
      - 3: Bad gateway
      {
  "code": 1,
  "message": "Bad gateway",
  "description": "A runtime execution error occurs (RaiseFault)."
}
      503List of supported error codes:
      - 5: The service is temporarily unavailable
      - 6: Orange API is over capacity, retry later !
      {
  "code": 6,
  "message": "Orange API is over capacity, retry later !",
  "description": "The service faces too much requests and can not handle the call."
}
      504List of supported error codes:
      - 6: Gateway timeout
      {
  "code": 6,
  "message": "Gateway timeout",
  "description": "No response was received in time from a backend server acting as gateway or proxy."
}