Setting up client verification via 1C-Bitrix flash call

Our company is engaged in the development, support and maintenance of Bitrix and Bitrix24 solutions of any complexity. From simple one-page sites to complex online stores, CRM systems with 1C and telephony integration. The experience of developers is confirmed by certificates from the vendor.
8+Years of work900+Completed projects100+In house employees19+Partners
Offered services
Showing 1 of 1 servicesAll 1626 services
Setting up client verification via 1C-Bitrix flash call
Simple
~1 business day
FAQ
Our competencies:
Development stages

Customer Verification Setup via Flash Call in 1C-Bitrix

Flash call differs from missed call verification in one detail that changes the entire scheme: on Android devices, the provider application or the browser itself intercepts an incoming call, automatically reads the number, and confirms verification without user participation. The user doesn't input anything. Verification conversion with flash call is 15–25% higher than SMS.

Technology and Requirements

Flash call operates in two modes:

Automatic (true flash call) — requires an installed mobile application with call reading permissions, or a browser API (Android Chrome + Web OTP API for some providers). The incoming call is intercepted programmatically, the last digits of the number are extracted, and sent to the server without user action.

Semi-automatic — the user is shown a screen with a mask, the system initiates a call, the user sees 4 digits and enters them. This is essentially the same "missed call" but positioned as flash call.

For a true automatic flash call in a Bitrix store without a mobile app, only the semi-automatic scheme is realistic. Fully automatic — through an SDK embedded in the store's mobile application.

Integration with Flash Call Providers

Specialized flash call providers for the RF/CIS market:

  • Exolve Flash Call API — supports auto-interception on Android via Web API
  • MGTS Flash Call — B2B service with SLA
  • Devino Telecom — REST API with code in the number

Example integration with Exolve:

class ExolveFlashCallProvider {
    private const API_URL = 'https://api.exolve.ru/call/v1/MakeCall';
    private string $apiKey;

    public function __construct(string $apiKey) {
        $this->apiKey = $apiKey;
    }

    public function initiate(string $targetPhone, string $code): array {
        // Caller number contains code in last 4 digits
        $callerNumber = $this->getCallerByCode($code);

        $response = (new \Bitrix\Main\Web\HttpClient())->post(
            self::API_URL,
            json_encode([
                'number' => $callerNumber,
                'destination' => $targetPhone,
                'call_duration' => 1, // Minimal duration — immediate hangup
            ]),
            ['Authorization' => 'Bearer ' . $this->apiKey,
             'Content-Type' => 'application/json']
        );

        return json_decode($response->getResult(), true);
    }
}

Web OTP API Support

On Android devices with Chrome 84+, semi-automatic processing via Web OTP API is possible. The browser intercepts an SMS with a code (not a call) if the message is formatted in a special way. This is a combination of SMS and flash mechanism.

SMS format for Web OTP:

Your verification code: 4821

@shop.ru #4821

JavaScript for auto-interception:

if ('OTPCredential' in window) {
    const ac = new AbortController();
    navigator.credentials.get({
        otp: { transport: ['sms'] },
        signal: ac.signal
    }).then(otp => {
        document.getElementById('verification-code').value = otp.code;
        submitVerificationForm();
    }).catch(err => {
        // Fallback: user enters manually
        console.log('OTP auto-read failed:', err);
    });
}

Server-side: Verification Controller

In Bitrix implemented as a D7 controller:

namespace Custom\Verification;

class FlashCallController extends \Bitrix\Main\Engine\Controller {

    public function initiateAction(string $phone): array {
        $phone = $this->normalizePhone($phone);

        if (!$this->checkRateLimit($phone)) {
            return $this->error('Too many requests. Wait a minute.');
        }

        $code = str_pad(random_int(1, 9999), 4, '0', STR_PAD_LEFT);

        try {
            $provider = new ExolveFlashCallProvider(EXOLVE_API_KEY);
            $provider->initiate($phone, $code);
        } catch (\Exception $e) {
            \Bitrix\Main\Diag\Logger::getLogger('flash_call')->error($e->getMessage());
            return $this->error('Send error. Try SMS verification.');
        }

        FlashCallTable::add([
            'PHONE' => $phone,
            'CODE' => $code,
            'CREATED_AT' => new \Bitrix\Main\Type\DateTime(),
            'EXPIRES_AT' => new \Bitrix\Main\Type\DateTime(date('Y-m-d H:i:s', time() + 120)),
        ]);

        return ['success' => true];
    }

    public function verifyAction(string $phone, string $code): array {
        $record = FlashCallTable::getList([
            'filter' => [
                '=PHONE' => $this->normalizePhone($phone),
                '=CODE' => $code,
                '=VERIFIED' => false,
                '>EXPIRES_AT' => new \Bitrix\Main\Type\DateTime(),
            ],
            'order' => ['CREATED_AT' => 'DESC'],
            'limit' => 1,
        ])->fetch();

        if (!$record) {
            return $this->error('Invalid code or time expired.');
        }

        FlashCallTable::update($record['ID'], ['VERIFIED' => true]);
        \Bitrix\Main\Application::getInstance()->getSession()->set('PHONE_VERIFIED', $phone);

        return ['success' => true];
    }
}

Execution Timeline

Scope Timeline
Basic provider integration 1 day
Controller + UI + rate limiting 2–3 days
Web OTP API + SMS fallback +1 day
Integration with registration and checkout +1 day

Flash call verification becomes a competitive advantage for mobile audience — less friction, higher conversion.

1C Bitrix presentation1C Bitrix24 presentation1C Enterprise presentation