By Sagar Shankaran, Founder of CallSphere
Voice AI agents need to verify the human on the other end before reading PHI or charging a card. We map Twilio Verify channels, the new A2H protocol, and how CallSphere's Healthcare agent does step-up auth in 12 seconds.
Key takeaways
TL;DR — Verify supports SMS, Voice, Email, WhatsApp, TOTP, and Passkeys via one API. For voice AI, the right pattern is "speak the OTP" via SMS while the agent waits, or use the new A2H protocol for cryptographic, auditable agent-to-human auth.
Twilio Verify is the OTP and identity API. In 2026 Twilio also shipped A2H (Agent-to-Human) — an open spec that gives AI agents a channel-agnostic, signed, auditable way to authenticate to their human principal (Passkeys / WebAuthn). For HIPAA-grade voice AI, you want both: Verify for the customer, A2H for the agent acting on the customer's behalf.
flowchart TD
CALL[Caller dials AI] --> AI[AI agent answers]
AI -->|sensitive intent| START[Verify Start]
START --> SMS[OTP via SMS]
CALLER[Caller types code] --> AI
AI -->|/Check| VERIFY[Twilio Verify]
VERIFY -->|approved| TOOL[Read PHI / charge card]
VERIFY -->|denied| ESC[Escalate or end]
CallSphere's Healthcare agent (Twilio + FastAPI :8084 → OpenAI Realtime) requires Verify before reading any PHI. Flow:
Verify.create({ to, channel: 'sms' }).Verify.check({ to, code }).approved, the agent unlocks PHI tools.End-to-end median: ~12 s. Twilio across all products. 37 agents · 90+ tools · 115+ DB tables · 6 verticals · HIPAA + SOC 2 · $149 / $499 / $1499 · 14-day trial · 22% affiliate.
// AI tool: start_verify
const v = await twilio.verify.v2
.services(SERVICE_SID)
.verifications
.create({ to: e164, channel: "sms" });
// AI tool: check_verify
const r = await twilio.verify.v2
.services(SERVICE_SID)
.verificationChecks
.create({ to: e164, code });
if (r.status !== "approved") throw new Error("auth_failed");
// Tool schema exposed to OpenAI Realtime
{
"name": "start_verify",
"description": "Send a 6-digit OTP to the caller via SMS",
"parameters": { "type": "object", "properties": { "phone": { "type": "string" } } }
}
status and sid, never the OTP itself.Q: Can I use Voice channel for OTP? Yes — Verify can call and read the code aloud. Adds latency but works on landlines.
Hear it before you finish reading
Talk to a live CallSphere AI voice agent in your browser — 60 seconds, no signup.
Q: Passkeys for AI? Yes — A2H supports WebAuthn for the AI-agent-to-user binding.
Q: Email OTP cost? ~$0.05 per success in 2026 pricing. Cheaper than SMS for non-PSTN flows.
Q: TOTP for repeat callers? Yes — bind a TOTP factor on first verified call; subsequent calls only ask for the 6-digit code.
Q: Does Verify count as "reasonable assurance" for HIPAA? Combined with caller-ID match + DOB, yes — most BAAs treat Verify as a recognized step-up.
Twilio Verify for AI Agent Authentication: OTP, Passkeys, A2H (2026) usually starts as an architecture diagram, then collides with reality the first week of pilot. You discover that vector store choice (ChromaDB vs. Postgres pgvector vs. managed) is not really a vector store choice — it's a latency, freshness, and ops choice. Picking wrong forces a re-platform six months in, exactly when you have customers depending on it.
The big fork is managed (OpenAI Realtime, ElevenLabs Conversational AI) versus self-hosted on GPUs you operate. Managed wins on cold-start, model freshness, and zero-ops; self-hosted wins on unit economics past a certain conversation volume and on data residency for regulated verticals. CallSphere runs hybrid: Realtime for live calls, self-hosted Whisper + a hosted LLM for async, both routed through a Go gateway that enforces per-tenant rate limits.
Still reading? Stop comparing — try CallSphere live.
CallSphere ships complete AI voice agents per industry — 14 tools for healthcare, 10 agents for real estate, 4 specialists for salons. See how it actually handles a call before you book a demo.
Latency budgets are non-negotiable on voice. End-to-end target is sub-800ms ASR-to-first-token and sub-1.4s first-audio-out; anything beyond that and turn-taking feels stilted. GPU residency in the same region as your TURN servers matters more than choosing a slightly bigger model.
Observability is the unglamorous backbone — every conversation produces logs, traces, sentiment scoring, and cost attribution piped to a per-tenant dashboard. HIPAA + SOC 2 aligned isolation keeps healthcare traffic separated from salon traffic at the storage layer, not just the API.
Is this realistic for a small business, or is it enterprise-only?
The healthcare stack is a concrete example: FastAPI + OpenAI Realtime API + NestJS + Prisma + Postgres healthcare_voice schema + Twilio voice + AWS SES + JWT auth, all SOC 2 / HIPAA aligned. For a topic like "Twilio Verify for AI Agent Authentication: OTP, Passkeys, A2H (2026)", that means you're not starting from scratch — you're configuring an agent template that's already been hardened across thousands of conversations.
Which integrations have to be in place before launch? Day one is integration mapping (scheduler, CRM, messaging) and prompt tuning against your top 20 real call transcripts. Day two through five is shadow-mode running, where the agent transcribes and recommends but a human still answers, so you can compare side-by-side. Go-live is the moment your eval pass-rate clears your internal bar.
How do we measure whether it's actually working? The honest answer: it scales until your tool catalog gets stale. The agent is only as good as the integrations it can actually call, so the operational discipline is keeping schemas, webhooks, and fallback paths green. The platform handles the rest — observability, retries, multi-region routing — without your team owning the GPU layer.
Want to see how this maps to your stack? Book a live walkthrough at calendly.com/sagar-callsphere/new-meeting, or try the vertical-specific demo at realestate.callsphere.tech. 14-day trial, no credit card, pilot live in 3–5 business days.
Written by
Sagar Shankaran· Founder, CallSphere
Sagar Shankaran is the founder of CallSphere, where he builds production AI voice and chat agents deployed across healthcare, hospitality, real estate, and home services. He writes about agentic AI, LLM engineering, and shipping voice agents that handle real calls in production.
See how AI voice agents work for your industry. Live demo available -- no signup required.
Using GPT-Realtime-2 for healthcare voice agents. BAA scope, PHI handling, retention, logging, and why a managed platform usually wins this build.
The 2024 NPRM proposes mandatory penetration tests every 12 months and vulnerability scans every 6 months. Here is how an AI voice agent should be tested in 2026.
AI voice and chat logs are a treasure trove for analytics and a liability landmine for HIPAA. Here is how the two de-identification methods at 45 CFR 164.514 actually apply to multi-turn AI transcripts.
Dental practices have HIPAA-aligned obligations and a uniquely high-volume recall and insurance-verification workload. The AI agent that handles both is the highest-ROI build in 2026 — if it is wired correctly.
Healthcare Practice Use Case perspective on Harvey AI's enterprise rollout numbers show legal agents have moved past the pilot stage at AmLaw 100 firms.
Healthcare Practice Use Case perspective on Comet's general-availability launch put an agentic browser in front of millions of consumers, and it works better than the demos suggested.
© 2026 CallSphere LLC. All rights reserved.