The Phone Number Lookup feature is a great alternative to traditional methods of identifying a person. Instead of logging in or providing personal information, all the person needs to do is enter their mobile phone number and confirm they’re in possession of the device with that number. Overview To start, the person enters their mobile phone number in the screen pictured below. After clicking Lookup, the person will receive a text message with a verification code. They’ll need to copy or type that code into the next screen pictured below. This confirms they are in possession of the device with that phone number. If the person didn’t receive the text, or needs to re-enter their number, they can tap the Resend button pictured above to try again. After providing the confirmation code and clicking Next in the screen above, the person will be returned to the area where they started the process. For instance, if this is being used with Mobile Check-In then the person would be automatically directed to the next steps for checking in. Phone Number Matching Behind the scenes, Rock will check the provided phone number against records in the system. If only one person has that phone number, then Rock’s job is pretty easy. But, sometimes more than one person has the same phone number in Rock. Or the person’s phone number might not be in Rock at all. Rock can still handle either scenario. If more than one person has the phone number, Rock will ask the person with the device to indicate who they are. Remember, this happens after the confirmation code is entered in the prior screen above. After tapping their name, the person will then proceed with next steps for the process they originally started (like Mobile Check-In). If Rock can’t find the provided phone number in the system, then the person will see the screen shown below. Again, this only happens after they’ve provided the confirmation code. In the next section we’ll show you how to configure the instructions that appear on this screen. TipNot Just MobileDon’t forget that this block can be placed anywhere on your site. It can be accessed from a computer, laptop or other types of devices. Phone Number Lookup Block Settings Now that you’re more familiar with the process, let’s look at some of the configuration options you have. These settings let you tailor the experience to your needs. NameThe name of the block appears on each screen.Text Message TemplateThis is where you can configure the confirmation code text message that gets sent to the person. In this example we’ve used Lava to provide the organization’s name and the confirmation code itself. We strongly advise against adding any personal information here (like "Hello, Ted!") because we don’t know for sure who has the device until they submit the confirmation code.TitleThe title you put here will show on each screen. This helps indicate we’re looking for an individual and not a family.Authentication LevelThis setting is very important. It decides what access the person has after they have submitted the confirmation code (and after selecting themselves, if necessary). You can choose from one of two settings:Trusted Login - This setting will formally log the person into your Rock website if they have a login account. If they don’t have a login, they’ll be able to do most (but not all) of the functions a logged-in person could do.Identified - This is the safer setting of the two, but it’s also more restrictive. In this case the person will be identified for specific areas of your site, like Attendance Self Entry or Mobile Check-in, but most secured areas will still require them to log in. More details on this setting are provided below. Initial Instructions - The instructions provided here will appear on the first screen of the block, where the person enters their phone number.Verification Instructions - Here you can change the instructions that are shown when the person enters their confirmation code.Individual Selection Instructions - These are the instructions that will show on the screen for selecting which person is in possession of the device. This screen only appears if more than one person in Rock has the provided phone number.Phone Number Not Found Message - If the provided phone number can’t be found in Rock, then these instructions will appear. You might use this area to request that the person create a profile so they can be identified in the future.Verification Time Limit - This is the amount of time, in minutes, before the verification code expires. If the code expires, the person will need to resubmit their phone number and get a new code.IP Throttle Limit - This is the maximum number of times, per day, that a single IP address can submit a phone number for verification. In many cases, this is helpful to help keep SMS messaging costs down. An exception will be written to the Exception Log if the limit is reached.SMS Number - This is the SMS Number that will be used to send the confirmation code text message to the person. Authentication Level - Identified or Trusted? Just like a bank, your external website has certain areas that are open to the public and other areas that are restricted to known people. Anyone can walk into a bank's lobby, claiming to be a customer of that bank, but the bank (hopefully) won't just take their word for it when they ask to make a withdrawal. This is why Rock has different Authentication Levels. Sometimes it's enough that the person has simply Identified themselves, but in other cases we want to fully Trust that they are who they say they are. In other words, these levels decide who stays in the lobby for a nice chat, and who gets to make a withdrawal from the vault. Identified If a person is only Identified, it means they're claiming to be someone and we're pretty much taking their word for it. This is the safer of the two Authentication Levels described above in the Phone Number Lookup block. This means they can do certain things like check in or report attendance in a service, but not much else. In other words, you recognize they might not be who they claim to be, but their access is restricted so they really can't do much damage. Trusted Login The next level of authentication is Trusted Login. This opens the vault, and means you truly trust that the person is who they claim to be. A Trusted person has access to their profile, giving and other potentially sensitive areas of your site. The appropriate Authentication Level will vary depending on your organization and your community. If a person really wanted to impersonate someone else in your external site there might be ways to do it, but those risks can be minimized with certain data policies and practices. If you're not sure which Authentication Level is right for you, play it safe and use Identified. The person can still log in like normal if there are secured areas of the site they need to access.