City of Hats - Exposure Intelligence Platform
πŸ“± Intelligence API

Phone & SIM Risk API

Telecom-Layer Fraud & Identity Risk Protection

Modern fraud increasingly exploits mobile identity β€” SIM-swaps, recycled numbers, spoofed registrations, and device takeovers. The Phone & SIM Risk API gives your platform direct risk signals from the carrier layer, combined with AI-driven risk scoring β€” so you can detect fraud earlier, before transactions complete.

"See attacker activity β€” before they ever touch your real systems."

Who Uses This API:
πŸ›‘οΈ Security Engineering 🎯 Threat Detection πŸ” Fraud Intelligence πŸ†” Identity Risk Teams
🌐

Trusted by mobile networks and enterprise security teams globally.

View API Documentation Request API Access
Value

Why It Matters

Most fraud controls operate after attackers reach your platform.

Telecom-layer risk signals detect upstream identity compromise β€” where fraud usually begins.

This API helps you:

βœ” Prevent SIM-swap–based account takeovers
βœ” Detect high-risk phone usage patterns
βœ” Block fraudulent onboarding & KYC abuse
βœ” Reduce OTP interception & MFA bypass
βœ” Confirm device ownership legitimacy
Signals

What the API Provides

Phone Risk Intelligence Signals β€” privacy-respecting, anonymized, and risk-oriented.

πŸ“

Number Validity & Active Status

Detect whether the number is live on the network

πŸ”„

SIM Change Risk Indicators

Identify recent SIM replacements β€” a top ATO precursor

πŸ‘€

Ownership / Device Continuity

Confirm whether the account holder is still the active user

⚠️

Fraud-Associated Anomalies

Spot suspicious behavior patterns observed in telecom infrastructure

πŸ“Ά

Network-Level Confidence

Routing stability, provisioning patterns, and carrier attributes

All signals are privacy-respecting, anonymized, and risk-oriented β€” never content.

AI Engine

AI-Driven Risk Correlation β€” Built In

Each request is processed through the City of Hats Risk Engine, combining multiple signal sources.

Signal Sources

πŸ“‘ Telecom telemetry
πŸ” Identity reputation
🌐 Exposure intelligence
πŸ€– Behavioral AI
β†’

Output: Real-World Risk Score

risk_score: 82 / 100
risk_level: HIGH
risk_reasons:
  • SIM swap detected in past 48 hours
  • Identity mismatch confidence: high
  • Number recently provisioned
recommendation: step-up authentication
Architecture

Phone Identity Risk Pipeline

From phone input to platform action β€” powered by AI correlation.

Phone Identity Risk Pipeline - User Phone β†’ Telecom Risk Signals β†’ AI Correlation β†’ Platform Action

User Phone β†’ Telecom Risk Signals β†’ AI Correlation β†’ Platform Action

πŸ”

Example: Privileged Account Defense

Detect when attackers probe credentials before escalation

β†’ Trigger: MFA / session isolation
Applications

Common Enterprise Use Cases

🏦

Banking & Fintech

  • Prevent account takeover
  • Reduce social-engineering losses
  • Protect OTP-based authentication
🏬

Marketplaces & Platforms

  • Stop fraudulent onboarding
  • Detect fake account farms
  • Prevent mule account creation
πŸ†”

Identity & KYC

  • Verify phone legitimacy
  • Protect identity flows
  • Strengthen MFA trust signals
Developer

Built for Developers

REST API β€” Simple & Secure

POST /api/v1/phone-risk
cURL 
curl -X POST "https://api.cityofhats.com/api/v1/phone-risk" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d '{
    "phone_number": "+66812345678"
  }'
Response 200 OK 
{
  "phone_number": "+66812345678",
  "risk_score": 67,
  "risk_level": "ELEVATED",
  "sim_swap_risk": "elevated",
  "sim_change_detected": true,
  "sim_change_window": "48h",
  "ownership_confidence": "low",
  "network_continuity": "unstable",
  "number_type": "mobile",
  "carrier_region": "TH",
  "risk_reasons": [
    "SIM swap detected within 48 hours",
    "Low ownership confidence",
    "Network routing instability"
  ],
  "recommendation": "step_up_auth"
}
Authentication OAuth2 + Secure Protocols
Latency Sub-second
Uptime Carrier-class (99.9%)

Response Field Reference

Field Type Description
risk_score integer 0–100 risk score (higher = more risky)
risk_level string LOW | ELEVATED | HIGH | CRITICAL
sim_swap_risk string none | low | elevated | high β€” SIM swap likelihood
sim_change_detected boolean Whether SIM was recently changed
sim_change_window string Time since last SIM change (e.g., "48h", "7d")
ownership_confidence string low | medium | high β€” device ownership certainty
network_continuity string stable | unstable β€” routing/provisioning stability
risk_reasons array Human-readable risk factors
recommendation string allow | step_up_auth | block | review
Reach

Global Coverage

We aggregate telecom-layer risk insights via multiple intelligence sources.

πŸ“‘ Mobile network intelligence
πŸ“± Device verification partners
πŸ”— Industry-standard APIs
🌐 Direct operator integrations
Compatible

Designed to Work With Your Stack

Plug Into:

SIEM SOAR IAM Fraud Platforms Identity Providers

Or Trigger Workflows:

🚨 Step-up authentication
πŸ›‘ Block high-risk sessions
πŸ“© Alert fraud teams
🎫 Auto-create investigations
Trust

Privacy & Compliance

Your customers' privacy is protected.

βœ” No message content
βœ” No personal data extraction
βœ” GDPR & telecom compliance
βœ” Risk-score only
βœ” Telco-layer trust, security-first
πŸ’‘

Why This API Is Different

Traditional phone checks tell you:

"The number exists"

β†’
Our API tells you:

"Is the person behind the number still who they say they are?"

Which is the critical layer attackers can't fake.

The Phone & SIM Risk API gives your platform telecom-layer fraud defense β€” detecting SIM-swap attacks, device takeovers, and identity fraud at the carrier level, before attackers reach your application.

Get Started

Ready to see telecom-layer fraud defense in action?

πŸ”Ή Simple onboarding πŸ”Ή Modern documentation πŸ”Ή Developer-first API πŸ”Ή Enterprise-grade security
Request API Access View API Docs
Telecom-Grade Carrier-Class Uptime Privacy-First Global Coverage