Account verification: Care / VR

Customer Care and Virtual Retail use these steps to verify individual & business/government account types.

Guidelines

  • Atlas and Samson require 2-Factor Authentication (2FA) during account verification, such as account PIN, One-time PIN (OTP), and network verification (ANI verified).
    • If the customer verified the PIN in the IVR, it provides verification in Atlas.
    • If a customer forgets their PIN, tell the PAH to change the PIN in self-service.
    • If the customer can only verify one factor (such as the PIN), the account cannot be verified. If a customer cannot fully verify the account, see Unauthorized or unable to verify below.
    • Verification with the last 4 of SSN is no longer available, as of October 2024.
  • Atlas & ScreenPop:
    • ANI (Automatic Number Identification) authentication
      • Customers calling from their device on the T-Mobile network can be ANI verified or "network verified" as the first authentication factor. It verifies customers the majority of the time.
      • This is possible when a customer calls from their line on the T-Mobile network.
      • If ANI verified, the customer only needs a second authentication factor, such as account PIN or OTP.
      • Atlas displays "Calling from Handset" and "OTP not required."
        • If this does not display, ANI could not be used for verification.
        • In TEA, some customers may show as calling from their MSISDN without ANI. This happens if our network could not validate the call (such as if roaming, calling from DIGITS, transferred).
        • If not ANI verified, verify with PIN + OTP instead. Atlas displays "OTP required," and Forgot PIN is unavailable.
    • Forgot PIN
      • If a customer forgets their PIN, tell the PAH to change the PIN in self-service.
      • In Atlas, "Forgot PIN" is available only when the customer is ANI verified on the network, and it sends an OTP to verify the account.
      • If a customer cannot fully verify the account, see Unauthorized or unable to verify below.
  • Samson verification: Both PIN and OTP are required to verify the account.
    • It is recommended to verify the account in Atlas instead.
    • ANI and Forgot PIN are not available in Samson.
  • Review the Atlas Verification screen:
Atlas Verification Method verbiage Action

"IVR verified customer is calling from their device on our network."
  • ANI verified: The network verified the customer as the first authentication factor.
  • Customer verified the account PIN in the IVR as the second factor.
  • No further OTP or PIN verification are required.
"The customer is calling from their device. OTP not required."

 
  • ANI verified: The network verified the customer as the first authentication factor.
  • Customer did not verify the account PIN in the IVR.
  1. Verify the account PIN as the second factor.
  2. If you cannot verify the account PIN, tap Forgot PIN to send an OTP instead.

"The customer is not calling from their device."
  • Not ANI verified
  1. Verify the account PIN as the first authentication factor.
  2. Verify the OTP as the second factor.
IVR Verification complete

If the customer reaches out through the T-Life using 'Contact Us' or while logged in, they’re already verified. No need to ask for account verification.

When a customer isn’t using the T-Life app, they’ll get a push notification from IVR to verify their account in T-Life. 
  • Ask for the caller's first and last name. If the caller is listed as a BRP/PAH or Authorized User, select the caller's name.
    • You need both names to verify.
    • When a caller's full name doesn't appear on the account, treat them as Unauthorized or unable to verify.
    • Power of attorney:
      • If the caller’s name is listed on the account, which you can verify, they must still verify with 2FA.
      • If POA is a company, legal guardianship, or court ordered conservatorship, the company name is added to the account as an Authorized User noted as POA. Ask caller to provide the company name they are associated with; it must match the company name captured as Authorized User.
      • Check that the POA name is listed as an Authorized User. The account would also have memos to support this.
      • Some POA expire. If the POA has an expiration, it is listed in the Authorized User field after the name. Ifexpired, the caller must send new POA documents.
      • If the customer needs to file for a POA, see Power of Attorney: Add, remove or updateDeceased BRP account requests, or Deceased BRP requests: Spanish/Puerto Rico and TFB
      •  If the customer’s name is on the account but they cannot be verified, see Unauthorized or unable to verify below. If a company name (Debt settlement, legal guardianship, or court ordered conservatorship) follow engagement of Verification Team to attempt verification. Use Exception process only for customers unable to visit Retail toggle below.
  • Never skip PIN/passcode verification without using all options to verify the PIN/passcode.
    • PIN/passcode verification is required, even if Atlas verified the customer as calling from their device.
    • Exception: If the customer is network verified (Atlas shows "OTP Not Required"), the "Forgot PIN" flow allows you to send an OTP instead.
  • Retail Mobile Expert verification: Follow Mobile Expert verification. (Exception: If the Mobile Expert says they do not know their Dealer Code or have not provided one before, do not bypass. Follow Fraud call scenarios.)    
  • Transfer business/government accounts to Business Care if they require assistance you can't provide. The Authorized User is treated as the BRP for Business/Government account unless Special Instructions say otherwise.
  • If a token is not accepted by the receiving system, check System issues. If no issue exists, re-verify the account.

Atlas restrictions

  • In Atlas some customer information and tools will be restricted or masked until the customer’s account is verified or bypassed. Some customer information/CPNI will remain masked even with verification. See the details below.
  • Memo restrictions:
    • In Atlas and Samson, all memos are hidden when using unverified/unauthorized access until the account is verified or bypassed.
    • Exception: Only the Change of Responsibility scripts (COR) or Verification Tokens (TOKN) memo types are visible for the next person to access these memos.
Restriction Type Information/Tool 

Masked for all users even with verification/bypass

 

Payment & Refund and Atlas Lite tools will have the IMEI & Plan ID masked to the last 4 digits and the BAN masked to the last 3 digits 
Masked/disabled for all users until the account is verified/bypassed
  • Order Lookup and Trade-In Lookup tools require account verification or bypass for access.
  • Links to some tools are disabled with no account in focus and until an account is verified/bypassed.
  • For the SIM/eSIM Support tool, the IMEI is masked up to the last 4 digits, and the SIM number is masked up to the last 6 digits.
  • In Device Dashboard, the IMEI is masked up to the last 4 digits.
  • In Device Dashboard, the Trade-in Lookup link and links in Order History.
  • In the Atlas Toolbox, call forwarding, tower information, and coverage map data are not available from the HLR (in the Troubleshooting tool from Atlas.
  • If an account has not been verified, Atlas Toolbox > Check Coverage will not pre-populate address, IMEI, or location pin on the map results.
  • Sensitive details such as Rate Plan, SOC name, & Equipment Protection will be masked in Account Overview and Manage Profile Pages (Lines & Devices, and Line Details).

Verification by caller type

T-Mobile takes customer security very seriously. Because security is so important, T-Mobile only makes account changes for verified callers with permissions on the account.

  1. Determine how the caller is identified on the account. Follow the section below for where they appear on the account:

Atlas (Care) & Tapestry (Retail) include T-Mobile ID roles and customer names, which you can use to verify the customer.

  • The "Verification by T-Mobile ID" screen shows the Primary account holder and each Authorized user (if applicable).
  • If the caller does not have a T-Mobile ID role, use the Assisted Channel Caller information section to verify the customer.
  • If a customer's role is incorrect, see Atlas steps for Edit PAH/PI.
  • For more details on BRP and PAH permission, see: Billing Responsible Party & Authorized Users.

Verification in Atlas permissions

  1. On the "Verification by T-Mobile ID" screen, open the Assisted Channel Caller information section.
  2. If the Primary account holder (PAH) name is the same as the Assisted channel billing name (BRP):
    • Names match: The PAH has the same permission level as the BRP.
      • The PAH can manage the account and all lines on the account.
      • The PAH can set permissions for other users on the account and approve Full Access requests from Standard permission users.
      • Follow CPNI & PII information for what information can be disclosed.
    • Names are different: Treat the PAH as an Authorized User. The BRP must call in for any actions reserved for the BRP.

Note: After making a change to an existing T-Mobile ID PAH role, in some circumstances, account verification may briefly reflect both original and new PAH roles, see Primary Account Holder setup for more information

 

T Life / T-Mobile app / My T-Mobile permissions

  1. Ask for the caller's first and last name.
    • If the caller's first and last name match the Billing Responsible Party (BRP) on the account, click the BRP checkbox.
    • If the caller's first and last name match the Authorized User (AU):
      • If there is only one AU listed in the AU1 or AU2 field, click the corresponding checkbox
      • If there are multiple AUs listed in the AU1 or AU2 field (for example, AU1 shows "John Doe, Jane Doe, James Smith"), do not select these fields. Enter the first and last name of the AU in the Other field. This field should not be used for BRP's or End Users.
  2. Review the "Verification Method" at the bottom of the Verification screen pop:
    • "IVR verified customer is calling from their device. No OTP required" - Do not ask for the PIN/passcode. It was already verified in the IVR.
    • "The customer is calling from their device. OTP not required" -  Ask for the PIN/passcode. It has not been verified in the IVR. If it's alpha-numeric, ask for the spelling. (If the customer is ANI verified and Atlas shows OTP not required, then "Forgot PIN" is available to send an OTP instead.
  3. If the Account PIN has not been verified in the IVR, enter the Account PIN in the Verification PIN/passcode field, and click Verify.

  • Follow and support normal account actions based on the caller type and account status.
  • Follow CPNI & PII information for what information can be disclosed.
  • Reminder to use only verification methods such as PIN, OTP, or network/biometric authentication which do not involve the customer sharing sensitive information.
  • When a customer forgets their PIN, instruct the PAH to change the PIN in self-service.

  • Calling from a verified T-Mobile phone - ATLAS only
  • Atlas displays "No OTP required, IVR verified customer is calling from their device." This confirms the caller is on a verified T-Mobile phone.
  • Tap Forgot PIN to send an OTP for verification instead
    1. Select the MSISDN to receive the OTP from the drop-down.
    2. Select the delivery method, SMS or email, if available. (The email goes to the T-Mobile ID or Paperless billing email.)
    3. Click Send.
  • Not calling from a verified T-Mobile phone
    • If not calling from their T-Mobile phone (not ANI verified), then both account PIN and One-time PIN (OTP) are required, including HSI accounts where the device is capable of receiving a OTP.
      • Exception: Cancelled accounts and non-voice accounts that do not contain a device which can receive an OTP (HSI, wearable, tablet, etc.) only need to verify account PIN or OTP. Sensitive account changes still require both PIN + OTP.
      • For canceled accounts and non-voice accounts (HSI-only), OTP verification in Atlas can be sent to the paperless billing email address.
    • If a customer forgets their PIN, tell the PAH to change the PIN in self-service. Otherwise, see Unauthorized or unable to verify below for additional options. Forgot PIN is not available when not ANI verified.
    • If the account status is Inactive / Canceled / Full Suspended:
      • In Atlas when OTP is available for suspended accounts, send an OTP for verification.
        • OTP is available for some accounts in Atlas with a suspended status, including military, seasonal, and non-payment reasons.
        • Lost/stolen and fraud suspended accounts are ineligible to receive an OTP.
        • OTP for suspended accounts is not available in other systems, such as Samson.
      • Otherwise, send the one time PIN to the selected email on file (if available) and wait for confirmation of delivery. If no email address is on file, advise the customer to go to a T-Mobile store to change the PIN/passcode or see Unauthorized or unable to verify below.
    • Enter the OTP.
    • Select Verify to validate the account. If the customer cannot receive the OTP and cannot verify the PIN/passcode, see Account PIN/passcode support.
  • Does not know: Magenta Complete: Sprint only
    • The PIN/passcode customers used in Sprint billing systems will carry over to T-Mobile billing systems.
    • Magenta Complete: Sprint customers may be used to using only the Security Question & Answer from the Sprint billing system to authenticate, however, this will no longer be available. Let them know you can help them using existing policies and procedures to validate.
    • Customers in T-Mobile billing systems must be able to verify that they are the PAH or Authorized User and verify their PIN/passcode to make account changes. To add an Authorized User, see Billing Responsible Party and Authorized Users.

Accounts with less than 30 days of tenure may not be able to use a One-Time PIN (OTP). If the customer is not ANI verified and needs to verify the PIN + OTP for account access follow these steps:

  1. Verify the account PIN.
  2. If the OTP fields are greyed out, check the BAN tenure.
    • If the BAN tenure is 30 days or more, follow Unauthorized or unable to verify. Do not continue here.
    • If the BAN tenure is less than 30 days, OTP is not available in Atlas. Go to the next step.
  3. To continue, engage your leader for a bypass. OTP is not required.
  4. Leaders: Use bypass reason type "Other." Paste the above steps into the reason text field for documentation.
  5. Perform any transactions that Atlas & Samson allow for the verified caller (PAH, BRP, AU).
    • The account does not require an OTP or visit to Retail for any requests. This includes SIM changes.
    • Exception: To create a manual Temporary Port Out PIN (TPOP), it requires an OTP or a visit to a Retail location, regardless of tenure on account. Bypass does not work for this one transaction type.
  6. Memo the account for any changes.

If a caller is not listed on the account, but they claim to have the account PIN/passcode and claim to be:

  • A user who the BRP approved to access the account
  • A third party service (ex: BillShark, BillFixers, TrueBill, Trim, or other bill reduction or credit management services)
  • Someone acting on behalf of the BRP (ex: power of attorney, conservator)

Follow these steps:

  1. Inform the caller:
    • They are not authorized on the account.
    • The BRP must contact T-Mobile to make changes or add an Authorized User (AU).
  2. Do not attempt verification.
    • Do not verify the account PIN/passcode.
    • Do not contact the BRP for the caller.
    • Do not verify with a conference call to the BRP.
  3. Offer to provide limited support for unauthorized callers.
  1. If anything is unusual during verification:
    • Read Special Instructions for additional security requirements.
    • If the call is not verified or if the OTP cannot be confirmed, go to Unauthorized or unable to verify below.
    • If the caller has trouble verifying, seems suspicious, or shows red flags during verification, then do not make account changes or share information. See Fraud call scenarios > You notice suspicious activity for:
      • Asks to access account with SSN
      • Refuses or has trouble verifying
      • Phishing for account details
  2. Once the caller is verified, provide support based on the caller type and account status:
    • Active: Provide full support.
    • Inactive / Cancelled / Suspended: Once verified, follow Delinquent account changes for any other account changes.

SSN & ITIN

Review below to understand Social Security numbers (SSN) and Individual Taxpayer Identification Numbers (ITIN).

  • Avoid using the account owners' SSN unless directed to by policy. 
  • Do not remove the SSN from the account if a customer wishes to stop using their SSN for verification.

  • A Social Security number (SSN) is a 9-digit number issued to US citizens, permanent residents, and temporary working residents.
  • The Social Security Administration issues the numbers for identification.
  • If customers have not provided an SSN or had it removed, the default SSN in our records is 111-11-1111.
  • To change or remove the SSN on an account, see Social Security number changes.
  • If customers applying for service cannot provide a valid SSN, see No Social Security number (SSN).
  • SSNs are invalid if:
    • The first three digits are 000, 666, or in the range 900-999.
    • The second group of two digits are 00.
    • The third group of four digits are 0000.

  • Never use an ITIN in place of an SSN or to run credit.
  • An ITIN is a 9-digit number issued to US citizens and immigrants upon request.
  • The Internal Revenue Service (IRS) issues numbers for tax processing.
  • The number begins with the number 9, and the fourth digit follows one of these patterns:
    • 9XX-7X-XXXX
    • 9XX-8X-XXXX (Except for 9XX-89-XXXX which is not an ITIN)
    • 9XX-9X-XXXX (Except for 9XX-93-XXXX which is not an ITIN)

Unauthorized or unable to verify

Use the below support steps when unable to verify a customer, such as an unauthorized caller (their name is not on account) or a caller who had trouble verifying the account PIN or OTP.

  • Refer the BRP or PAH to self-service steps to reset the PIN on the T-Life app or My T-Mobile. You can send an SMS link from Atlas Messenger "Account PIN/Passcode Reset." 
  • If the customer’s name is not on the account and not listed as an Authorized User (AU), refer the customer to the Primary Account Holder (PAH) or Billing Responsible Party (BRP). The PAH and BRP can add them as an AU.
  • Explain why it is important to remember the PIN and make customers aware of the steps to reset PIN in self-service. 

  • When a customer is authorized and has difficulty verifying account PIN + OTP:
    • ID Verify: The PAH and AU can use ID Verify as an alternative to OTPs. Customers can authenticate in T-Life, on the web, and on one of their other active lines to transact in T-Life and web.
      • Set up: Refer to Set up T-Mobile ID: Self-Service for customer steps and supported ID types.
      • Authenticate: If the customer already completed a digital or Retail ID Verify and provided ongoing biometric consent, they can verify with just a selfie.
    • OTP to alternate line: If the customer cannot receive an OTP, attempt to send the OTP to another line or an email following One Time PINs (OTP) policy.
    • Refer the customer to Retail. Retail Teams support customers by verifying them with their acceptable ID.
    • As a last resort if the customer says they are unable to visit a Retail store (such as for a physical disability or extreme distance to a store), see Exception process only for customers unable to visit Retail (Verification Team) below.
  • Use unverified access only for general support. Information and sensitive details are masked with limited access to the account when unverified. See Providing limited support for unauthorized access below.

When customers with a single voice line are having difficulty verifying their account over the phone, Experts must exhaust all available options first, such as sending to Retail.

  • Leveraging the Verification Team is a last resort, only for Managers and above.
  • Global Care: Coaches engage a site Team Manager/Operations Manager or above. 
  • Submit to the team only when necessary.
  • If you make unnecessary requests to this team or do not set proper callback expectations, it leads custoemrs to have delays, repeat callbacks, and poor customer experience.

Follow Exception process only for customers to visit Retail (Verification Team) below.

 

  • This process is only to be used a last resort for single-line voice accounts with no alternative means of verification (lost/stolen phone, cannot receive OTP, etc.).
  • This process is not available for multiline accounts as customers can use T-Life or another user on the account for verification purposes. 
  • Only a manager-level can submit to the Verification Team mailbox, as of April 6, 2026.
    • Domestic Care: Associate Managers and above.
    • Global Care: Team Manager/Operations Manager and above
    • Associate Coaches/Coaches: Work with your direct site manager, as submissions from titles below manager such as Associate Coach or Coach in Global Care will be denied.
  • Referrals to Retail should always happen first as the Verification Team process is inconvenient to customers and requires them to upload an image of their photo ID and a selfie. Visiting a store is a much easier experience for customers.
  • Do not escalate for AUs to complete transactions that require the BRP. Instead, refer the AU to contact the BRP.
  • Do not use this process as a workaround for BANs with less than 30 days of tenure or for tentative BANs.
  • Do not use this process for prepaid accounts. Follow Account verification: Prepaid.
  • Submissions to the Verification Team mailbox are monitored for quality and to ensure customers were referred to Retail. Invalid submissions are declined and may be reported to your leadership.

 

Only use these steps if the customer has difficulty verifying account PIN + OTP and cannot go to Retail due to a physical disability or distance issue.
This process is to be used for single line voice accounts only. Multiline accounts can have another user get an OTP or use T-Life for verification. 

  1. 🔒 Attempt all alternative verification options.
    • Verify the customer only has 1 voice line on the account and is unable to receive an OTP.
    • More than 1 voice line on the account:  Send the OTP (and SMS for SIM changes) to another voice line on the account, the Verification Team process is reserved to single line accounts that cannot be verified.
      • Follow steps above and on One-time PINs.
      • The customer may need time to contact the other user and to retrieve the OTP from the alternate MSISDN.
    • ID Verify & selfie verification: Eligible customers can use the selfie verification process in self-service if they have difficulty with an OTP.
    • Forgot PIN: The Primary Account Holder (PAH) can log in to T-Life from another device on the account to update the PIN if they are not able to recall the PIN during verification. Otherwise, they must do this in Retail.
  2. 🏬 Refer the customer to the nearest Retail store.
    • Use the T-Mobile Store Locator, and tell the customer to visit the nearest store.
    • The customer must bring their photo ID to be verified at the store. Refer to Acceptable forms of ID.
    • Do not use the Verification Team process. The Verification Team is a manual and lengthy process. Visiting a store is a much easier experience for customers.
  3. ✅ If the customer attempted all verification & OTP options, AND they are unable to visit the nearest store due to:
    • Physical disability and cannot travel: Continue to the next step.
    • 📍 Distance (over 25 miles): Use the T-Mobile Store Locator to check the distance from the customer's current location to the nearest T-Mobile store. If the nearest store is:
      • 25 miles away or closer, the customer must go to the store for ID verification. Do not continue to the Verification Team.
      • Over 25 miles, continue to the next step.
    • ⛔ Do not use the Verification Team process below for any other situations. Customers must visit a store.
  4. Set expectations, because this is a manual process:
    • Advise customers they will receive a call back from our Customer Verification Team with a typical turnaround time of 60-90 minutes.
    • Verification Team hours of support: 6 a.m. - 10 p.m. PT, 7 days a week.
    • Verification Team will contact the customer at the number provided and guide the customer through further steps to validate the customer's identity.
    • Customers are required to upload an image of their photo ID and a selfie when contacted by the Verification Team. The customer's device must be able to take pictures in portrait mode and have working Internet. Refer to Acceptable forms of ID.
    • The Verification Team cannot complete some transactions, and they may contact Care or transfer the call to Care. (See list of transactions below.)
  5. Provide the required details below to Manager
    • Global Care sites: Team Manager+/Operations Manager and above
    • Domestic Care: Associate Managers and above.
    • Submissions from titles below manager such as Associate Coach or Coach in Global Care will be denied. Submissions are only accepted from Coaches and above.
  6. Required details:
    • Reason customer is unable to visit a Retail store: 
    • If reason is due to distance, provide:
      • Customer's location and distance to nearest store: 
      • Store name & address that was nearest to the customer:  
    • Customer name:
      • Mobile number and BAN, with alternative callback information.
      • Important: If customer’s T-Mobile phone line is out of service, an alternative phone number to reach the customer is required.
    • Set expections  the customer will be called by the Verification Team to verify their identity.
    • Customer email address (alternative if phone numbers are not reachable):
    • New SIM number if available:
    • Did customer contact via TTY services?
    • Reason for escalation (see Account Actions table below:
  7. Managers and above:
    1. Validate the scenario is valid and that the customer was offered an alternative solution and referred to Retail.
    2. Follow escalation steps and find the Verification Team mailbox on Account verification and bypass. Email escalations must come from a T-Mobile.com email address.

What happens next:

  • Denial of invalid escalations: Requests that do not follow policy will be denied (such as referring to the Verification Team without using all verification options or without referring to Retail).
  • After the Verification Team verifies the customer, they may need to transfer to Care for some transactions (see table below).
  • If receiving a warm transfer from the Verification Team, use the Retrieve Verification link in the Atlas Verification screen to retrieve a token.
  • Transactions supported and not supported directly by the Verification Team:

 

Account Actions Can Verification Team handle it?

General Troubleshooting

No

Rate Plan/Feature Change

No

Provide Account Details/Ban

Yes

Upgrade

No

Add a new line

No

Sim Swap

Yes

Change call forwarding

Yes

Voicemail password reset

Yes

BOPIS

No

Accessory EIP

No

Change Authorized User

Yes

Update Pin Passcode

Yes

Change Billing Name

Yes

Change Billing Address

Yes

Paperless Billing Email Change

Yes

TPOP

Yes

For callers whose first and last name are not listed / end users or BRP / PAH / Authorized Users who can't verify, select "Unauthorized" in the verification window by system for ATLAS or Samson and advise the caller of the following:

  1. Always follow CPNI & PII disclosure on what details you can/cannot share with an unauthorized caller.
  2. Offer to provide limited support:
    • Answer questions about plans, services, equipment, and costs that are not specific to the account.
    • Troubleshooting for unauthorized callers is allowed. Use Unable to verify account troubleshooting.
    • Direct any payments to self-service: Use Pay your bill: Self-Service. (All accounts must be verified for a payment in Care/VR. Unauthorized callers cannot consent to the payment support fee.)
    • Inform of self-service options, like shortcodes, My T-Mobile, and T-Life app.
  3. Refer to self service using My T-Mobile or the T-Life app.
    • The IVR does not allow self-service for unverified callers.
    • For Business/Government accounts, transfer to Business Support.
  4. Refer the caller to contact the BRP if they want to make changes.
    • If the caller claims to be the BRP, refer them to My T-Mobile, the T-Life app, or a T-Mobile retail store with government-issued photo ID for assistance. The BRP can set up an account PIN in self-service or a store.
    • Refer to Billing name, SSN, & birth date changes if other account changes are needed.
  5. Explain that to protect our customer's privacy and comply with FCC regulations, T-Mobile only allows the person financially responsible for the account or the Authorized Users to gain access to account information.
    • If the caller would like to be added as an Authorized User, they should ask the Billing Responsible Party contact us.
    • Visit Primary Account Holder & Authorized User setup for details on how to claim PAH/request PAH in self-service.

Payment arrangements: Self-Service

Verification exceptions & Special Account Care

Use these scenarios to understand the exceptions to the above verification processes:

  • Military accounts:
    • Escalate customer's request to your Coach or Sr. Rep for resolution.
    • Coaches and Sr. Reps, follow Military end users.
  • Home Internet only accounts:
  • New customer verification in DASH:
    1. Use Order Search to find the customer's order, then confirm Billing Name.
    2. Verify the full billing address and customer name prior to providing any order info.
  • New customer verification for New Activation orders or accessory only placed on t-mobile.com:
    • This exception is only to be used when a BAN is not yet active or when there will be no active BAN (accessory only order). When the BAN is active follow standard verification procedures.
    1. Use Order Lookup to find customer's order.
    2. Verify full shipping address and customer name prior to providing any order info.

  • Retail Store Representatives don't need to be Authorized Users to request account changes.
  • For requests received from a store representative's corporate email address, verify the email address in GAL, then complete the request.
  • Only Retail Sales Managers and Associate Managers can add or remove Authorized Users.

VIP accounts don't appear in Samson and aren't accessible in Care. They're serviced by Special Account Care and Executive Customer Responses. To ensure that the account is not pre-paid, query ATLAS by selecting the box above the search field. If no account is found, follow the steps below:

  1. Inform the customer that for their account security, a special team is available to assist them.
  2. If the account pulls up as Special-VIP, email Special Account Care. The SLA for VIP is 48 business hours.
  3. If the account doesn't pull up and the customer says they're a VIP customer, transfer them to VIP-ECR.

This policy exception is only for Virtual Retail to support a new account (less than 30 days old) that cannot receive an OTP on their device, and it needs eSIM support for problems that impact the activation of a line(s) on an account.

Note: Other channels do not transfer an existing customer to Virtual Retail for authentication issues.

  1. Confirm Account PIN with your customer.
  2. Engage your Coach for OTP (One-Time-PIN) second factor authentication bypass to access the account and generate an authentication token, so you can access the account.
  3. If required to complete the eSIM/pSIM change to complete activation, ask your coach to bypass the secondary OTP.

 

Verifying with biometrics (Face ID, fingerprint)

Biometric verification allows customers to verify using their T-Mobile ID and biometric credentials (such as Face ID or fingerprint) when they call into Care.

Why set up biometric verification?

  • Customers do not have to memorize their account PIN.
  • The Billing Responsible Party (BRP) does not have to share their account PIN with a PAH or Full Access user on the account.
  • Completing biometric verification is faster than verifying when a caller has forgotten their account PIN.
  • Biometric verification is more secure than using One-Time PIN (OTP) through text or email.

Every one of us is born with unique features to us as individuals. For example, your fingerprints are unique, and no other person has the same fingerprints. Also, your eye is unique, and no other person has the same patterns as your iris. They are unique to each person. T-Mobile defines biometrics as: "Data generated by automatic measurements of an individual's biological characteristics like fingerprint, voiceprint, eye retinas, irises."

Biometrics does not include a photograph, but data generated from that photo is biometric information.

Why use biometrics?

There are lots of reasons companies and the government use biometric information, including: 

  • Public safety (fight crime, secure your facilities, screening people at the borders)
  • Wearable devices for health and fitness (responding to the owner's voice)
  • Identification and authentication (Determining someone's identity – who are you?) Authentication – (are you who you say you are)? This is the reason T-Mobile uses biometrics.
  • Workplace (safety and attendance)

What is T-Mobile doing with biometric information?

T-Mobile is collecting biometric identifiers to identify and authenticate our customers. We do this by comparing the facial geometry on a driver's license or state ID card against a fraud database so that we can reduce fraud. The way we do this is determine the customer's identity and confirm they are actually who they say.

In retail stores, customers can use a fake ID or stolen ID to open a T-Mobile account. By doing this, they are able to purchase products and services based on the stolen party's information. We are trying to stop that and protect our customers

Customers must meet all requirements:

  • Device eligibility:
    • The device must have biometric capability (Face ID or fingerprint), and those settings must be turned on. See Devices.
    • App notifications must be enabled for the T-Mobile  / T Life app.
    • iOS: OS 16 & newer
    • Android: Android 11 & newer
  • T-Mobile ID:
    • The customer must have registered a T-Mobile ID.
    • The T-Mobile ID must have PAH or Full Access on a postpaid consumer account or micro TFB accounts (Business with SSN (I/S), Sole Proprietor).
  • T Life / T-Mobile app:
  • Calling requirements:
    • Call using the T Life / T-Mobile app from the line with PAH or Full access user permissions. Customers follow steps on Set up biometric verification  to call in.
    • This requires an active data connection (mobile data or Wi-Fi) for the T Life / T-Mobile app.

Note: If the customer is not eligible for biometric verification or is not currently registered, the T Life /  T-Mobile app requests the account PIN to verify the account.

In Atlas, the option to send a biometric push notification shows on the Account Lookup Verification screen if your customer is eligible to verify with biometric verification.

  1. Ask for the caller's first and last name.
  2. Verify the name matches PAH or Full access on the Account Lookup Verification screen in Atlas.
    • Name matches PAH: Follow the steps for biometric verification. (They do not need to be listed as the BRP or AU to have access to the account if they are fully verified using biometric verification.)
    • Name does not match PAH: Determine if they are a BRP, AU, or unauthorized caller. Continue to the corresponding section to complete account verification.
  3. Select Billing name or Authorized user(s) radio button to bypass biometric verification and verify the caller with the account PIN instead.

When ID scanning at Retail locations, customers may consent to the creation of a "biometric identifier" from the image on the accepted ID.

  • This biometric information verifies the ID is real and helps prevent fraud.
  • Customers who previously provided consent to this capture may revoke consent if they no longer want T-Mobile to use the saved biometric identifier.

Everyone has the ability to opt out of this program. They can opt out at the retail store when applying for service, or they can revoke consent later through Care. 

  • Remind the customer if they opt out, they do not receive the benefits of this form of fraud protection.
  • To revoke consent for storing their biometric information or photo ID, file a Revoke Biometric Consent form. See Complaints, forms, & tickets.

Verification issues

Use these scenarios for the special issues below.

BTP steps

  1. Verify the customer's contact number.
  2. Ask them to fax copies of their birth certificate and government-issued photo ID with a cover letter (include mobile or account number and fax reason) to Fraud Management at 1-813-353-6262.
  3. Inform them that Fraud Management will contact them once the documents are received.
  4. Memo the account saying that the customer claims to be underage.

Authorized User steps

  1. Verify the customer's contact number.
  2. Ask them to fax copies of their birth certificate and government-issued photo ID with a cover letter (include mobile or account number and fax reason) to Fraud Management at 1-813-353-6262.
  3. If the Authorized User declines to send documentation, call the BRP at the Can Be Reached number.
  4. Let the BRP know that a minor can't be listed as an Authorized User, then gain agreement to remove the Authorized User.
  5. Let the BRP and previous Authorized User (minor) know how Care can assist an Unauthorized User.

  • Some postpaid accounts do not have SSNs associated with the account or a default SSN of 1111.
    • If there is no valid SSN on the account, ATLAS will not require an SSN and the account should be verified by OTP.  If using Samson, attempt to verify the account using an OTP and enter 1111 as the last 4 of the SSN.
    • Follow Billing Responsible Party (BRP) to provide assistance.
  • If the customer can't verify an OTP, follow Unauthorized or unable to verify for account support.
    • If a SSN update is needed, advise to bring the SSN card (front & back) and proof of address (utility bill, bank statement) to a T-Mobile store.

If the BRP is unable to go to a T-Mobile retail store, or otherwise tend to their account for reasons including medical/health issues or incarceration, advise the caller that the Power of Attorney process may be completed, and refer the customer to our external site for support: https://www.t-mobile.com/support/account/power-of-attorney-requests.

A "Verification Attempts" error message appears after five failed verification attempts. This may indicate a customer who can't remember their password or there may be a pattern of a caller trying to gain unauthorized access. Follow these steps if the customer reports this message.

  1. Click Close on the message.
  2. Attempt to verify the customer:
    • If it matches:
      • Provide support based on the caller type.
      • BRP ONLY: Offer to change the PIN/Passcode to a new, 6-15 digit secured standard.
    • If it does not match

  • Customers who are located on the U.S. Naval base in Guantanamo Bay, Cuba may have billing addresses from anywhere in the United States.
  • Follow standard verification for these customers and support their requests just as they would for all callers
  • See Billing disputes for specific scenarios to help these customers.

  1. If receiving a transfer and customer was incorrectly verified (ex. Authorized User verified SSN and skipped PIN/Passcode), explain to customer that the previous rep did not fully verify the account.
  2. If customer declines to re-verify, explain the importance of account security. After the customer fully verifies the account, provide full support.
  3. If customer refuses to re-verify or can't verify the account, follow Unauthorized or unable to verify and file an incident report:
    1. Memo customer behavior, rep actions, and your actions in the account.
    2. Notify your Coach, then file an incident report using category Unauthorized Account Access and include details from the account memo.

  1. Click the BAN window > Subs List.
  2. Select the mobile number needing assistance, then return to the "Verification" screen.
  3. If the correct number populates, click Verified next to "Mobile Number"

  1. Ask for the caller's first and last name. If the caller's name does not match the BRP or AU, see Unauthorized or unable to verify for further support.
  2. Ask for the PIN/Passcode. If it's alpha-numeric, ask for the spelling.
  3. Compare the PIN/Passcode provided to the PIN/Passcode in the Special Instructions and complete one of the following based on the answer:
    • Matches
      1. Once the customer verifies the PIN/Passcode, enter Fail in the PIN/Passcode field, then click Verify.
      2. If speaking with the BRP, offer to change the PIN/Passcode to a new, 6-15 digit secured standard.
      3. If they refuse and the PIN/Passcode located in Special Instructions is already 6-15 digits offer to move the password using the following steps:
        1. Send the customer a One Time PIN. If the caller can verify the OTP, offer to update the PIN/Passcode.
        2. Copy the exact PIN/Passcode from Special Instructions and enter into the Samson Pass field and click Save.
        3. Delete the PIN/Passcode from Special Instructions and document in account memos.
      4. Provide full support based on the caller type.
    • Doesn't match
      1. If the customer cannot verify the PIN/passcode or it was not correct, help the customer update the PIN if they can be fully verified or direct the BRP/PAH to self-service to update.
      2. If the caller is unable to receive or cannot provide the one-time PIN, advise the customer to go to a T-Mobile store with photo ID to be able to verify the account.

  1. Refer the caller to contact the BRP.
    • The BRP can help the caller by providing them with the account PIN, if they were an Authorized User.
    • The BRP/PAH can also update the account PIN in T-Life.
  2. If the caller was not an Authorized User, tell them the BRP/PAH can call us on their behalf for assistance.
    • The BRP/PAH can call in on their behalf, and they may add a new Authorized User.
    • If the BRP is not available and the account cannot be verified, the BRP or caller will have to call back later to complete any changes. No changes can be made without verification.