Unibeam Technical FAQ for Enterprise IT Teams

Understand how Unibeam’s SIM-based authentication works – and how it fits into your environment.

Do you support standard identity protocols like OAuth 2.0 or OpenID Connect?
Yes. Unibeam integrates easily with systems that support OAuth 2.0. Our APIs are designed to fit modern identity architectures.
Is your API documentation publicly available?
We provide complete API documentation—including Swagger/OpenAPI specs—during onboarding or upon request.

Does authentication work over Wi-Fi?
No. Unibeam requires a cellular connection to communicate with the SIM. If there’s no cellular signal, authentication won’t proceed.

This use of the cellular network helps protect against local Wi-Fi-based man-in-the-middle attacks.
Do you support dual SIM devices?
Yes. Unibeam works with dual SIM and eSIM devices. The service can be activated on either SIM slot—or both—or on an eSIM.
What about MVNOs and virtual carriers?
Our solution is carrier-agnostic. It works with both traditional carriers (MNOs) and virtual carriers (MVNOs), as long as the carrier provisions the Unibeam applet on their SIM profile.
Are IoT and wearable devices supported?
Yes. Any device with a SIM or eSIM and cellular connectivity can be authenticated with Unibeam—including smartwatches, connected cars, and IoT sensors.

How do you protect against SIM swap, cloning, or emulation?
Each SIM and device generates a unique identifier. If a SIM is moved to a different phone—or a device is replaced—we detect it.

Even if a SIM is maliciously ported to another phone, Unibeam detects the change and can block the authentication.
Is the data between the SIM and your server encrypted?
Yes. All communication is encrypted end-to-end. Each SIM is provisioned with unique AES keys that protect the payload:
- Between the SIM and Unibeam servers
- Between Unibeam and the enterprise system requesting authentication
Do you minimize what data is sent?
Yes. Only essential, anonymized data is transmitted. Payloads are designed to be compact—both to fit SIM constraints and to minimize data exposure.

What happens if a user changes phones or replaces their SIM?
Device and SIM changes are automatically detected. Enterprises can choose whether to treat them as normal lifecycle events or as anomalies requiring further verification.
Do you provide fallback options (e.g., email or SMS OTP)?
Yes. Unibeam informs the enterprise—via silent API—whether a user’s phone supports SIM-based authentication.

If the user doesn’t yet have a configured Unibeam SIM or if the phone is off, the enterprise is notified and can trigger a fallback authentication method of its choice (e.g., SMS OTP, email, etc.).