This is a killer feature, I assure you that many merchants will love it.
On the GetVerifiedSatus API it is possible to get many good information about an user.
Most of them are useful to know if the user is legit or a hacked account.
By asking the Name, Surname, Email and phone number, it is possible to get many informations that are useful to know/check if the user is the real owner of the account.
But still, it is possible that a hacker is able to get access to the email of the user and also register a new temporary phone number.
A possible good solution is this, a new field: 2FADays
This field need to show how long does the account have enabled the two factor authentication (by SMS or pin card)
So, if by calling the GetVerifiedSatus api on an account, I will get something like this:
2fadays: 30
(between all other fields)
This means that this account has by 30 days the two factor enabled.
If the user change the two factor (even by changing phone number), the value will reset to zero.
If the 2FA is disabled, maybe the value can be -1
On this way, If I'll check the information of the user, and I'll get a number like 0 or 1, maybe there is a high probability that the account is hacked, and the legit user is still not aware of it.
If instead I'll get 7 or more, this gives a low probability that the legit user isn't aware of the activation of 2FA, so it is easy that it was activated by him and not by a random hacker.
So, if the account is verified, I can check that the user has full controll of his email (used on the paypal account), and the 2fadays field show a high number, than I'll be more secure on accepting money from them.
Please, please! Someone sent this idea to the paypal developers!
