Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
Shush Inc’s Shush Sherlock / Shush Network Authentication is a silent authentication service based on SIM data and mobile operator network attributes. Its core goal is to give banks, brands, and enterprise mobile services an alternative to SMS OTP for verifying devices and phone numbers, reducing mobile fraud risk during logins or high-value transactions. The materials highlight its use of authoritative signals held by mobile network operators, such as device IP, unique mobile identifiers, how long a SIM has been associated with a device, network location, the relationship between a phone number and SIM, and whether a device has gone offline or reconnected.
In terms of protection coverage, Shush focuses on mobile identity authentication, device verification, proof of phone number possession, and SIM swap attack protection. Its key feature is that it is “silent”: users do not need to enter a verification code or switch to email or an authenticator app, making it suitable for improving mobile user experience. For deployment, Shush provides a cloud-based supply-side solution for mobile network operators. It says its capabilities reside within trusted, high-security carrier networks and are then exposed to demand-side partners, banks, and enterprises through carrier-grade authentication APIs. The materials also state that network authentication can be provided without mobile app-level integration or updates, which is attractive for enterprises with existing apps.
The publicly available content does not disclose pricing models, plans, per-call fees, or contract terms, nor does it specify supported payment methods. No information is provided about compliance certifications such as SOC 2, ISO 27001, GDPR, or PCI DSS. Given that the service involves sensitive signals such as phone numbers, SIM data, and network location, enterprises should carefully verify data processing boundaries, user consent mechanisms, audit trails, and regional compliance before procurement. Management and alerting capabilities are also not disclosed, including whether there is a console, risk control rules, real-time alerts, log export, SLA, and related features; these should be confirmed directly with the vendor.
The main advantages are that it uses carrier-side network data, making it harder to intercept or redirect than SMS OTP, while also reducing user friction. Its positioning is also clear for mobile operators and large enterprise use cases. The drawbacks are that it depends on carrier partnership coverage, public information is limited, and real-world effectiveness depends on available countries, MNO access scope, and API stability. It is better suited to banks, fintech companies, mobile wallets, e-commerce platforms, telecom operators, and high-risk mobile transaction scenarios. For a small website login flow, the integration threshold and commercial cost may be relatively high.
The materials do not provide information about access from mainland China, coverage by domestic carriers, or RMB payments, so china_access can only be assessed as unknown. For deployment in China, it would be important to confirm whether it connects with China Mobile, China Unicom, and China Telecom, as well as local compliance requirements. Alternatives include SMS OTP, email OTP, authenticator apps, device fingerprinting, risk engines, and other carrier number verification or network authentication services.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on shush.pw official site.
shush.pw is an Unknown Security provider. TG4G tracks its product information, an overall rating of 8.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach shush.pw directly.