Subscribe
Share
Share
Embed
The Data Verification Podcast is a practical show for marketers, founders, and growth teams who want cleaner data and better results.
We cover email validation, phone number verification, lead enrichment, deliverability, GDPR compliance, and real-world use cases for APIs and automation.
Hosted by the team behind VerificarEmails.com, each episode focuses on actionable insights to help you reduce bounce rates, improve outreach performance, and build reliable data pipelines at scale.
For more information visit: https://www.verificaremails.com/en/
I want you to picture a scenario. It's late at night, you're on your phone and you're signing up for something. Maybe it's a new streaming service you've been dying to watch or maybe you're trying to snag a discount code for some sneakers before the timer runs out. You're typing fast, you hit submit and then you wait .
Speaker 2:The dreaded loading spinner.
Speaker 1:Exactly, you're just sitting there staring at screen waiting for that little vibration, that confirmation text code but it never arrives because in your haste your thumb slipped, you hit a five instead of a six.
Speaker 2:The classic fat finger problem. It's, the bane of modern existence.
Speaker 1:It feels like such a minor personal annoyance, you know, in the moment. You curse, you re type it, you move on. But I was looking at the stack of research we have for today and it turns out my clumsy thumb is actually a multi million dollar nightmare for businesses.
Speaker 2:Oh, it's huge. It is absolutely huge. To you, it's a typo. To a business, it's pollution. It's bad data entering the bloodstream of their company.
Speaker 1:The numbers in these reports are actually staggering. One source we looked at mentioned that 94% of B2B companies suspect their customer databases are inaccurate. That is nearly everyone. But here's the statistic that really blew my mind. Apparently, around 55% of people change their mobile number within a two year period.
Speaker 2:That is a remarkably high turnover rate when you really stop and think about it.
Speaker 1:Right. It implies that more than half the phone numbers a business collected just two years ago might belong to a complete stranger today or just be floating in the void.
Speaker 2:Which kind of sets the stage for our mission today. We aren't just talking about fixing typos. We're going to uncover the invisible technology that keeps our digital identities connected. We're talking about HLR lookups and, well, phone number hygiene.
Speaker 1:Essentially, we're answering the question. How does a business know your number is real, active, and reachable without ever actually calling you?
Speaker 2:It's a fascinating layer of the telecom world that most people don't even know exists, and we have a really solid stack of sources today. Technical guides on HLR architecture, comparisons of different validation methods, and even the API documentation for how developers automate this stuff to keep their data clean.
Speaker 1:So let's start at the very top. We keep using this acronym HLR. What exactly is the Home Location Register?
Speaker 2:Okay. So if you want to visualize it, think of the HLR as the master list. It's a massive central database that sits deep inside a mobile telephone network. Every time you turn on your phone, it shakes hands with the network and the HLR is the system that says, yes, this user is allowed to be here, they've paid their bill, and crucially, here's exactly where they are so we can route calls and texts to them.
Speaker 1:So to use an analogy, is it kinda like the receptionist at a massive hotel who knows exactly which room every single guest is in in real time?
Speaker 2:That is a perfect way to visualize it. The HLR is the receptionist with the master logbook. And just like a good receptionist, you can ask them a question about a guest without actually disturbing the guest in their room.
Speaker 1:And that's the core concept of what we're discussing today. Right? The silent ping.
Speaker 2:Precisely. That is what an HLR look up is. It's a query that's performed against this master database to check the status of a number without alerting the user. When a business runs this check, your phone doesn't ring, the screen doesn't light up, you don't get a ghost text or anything like that.
Speaker 1:But the system comes back with answers.
Speaker 2:Vital answers. It tells you, is the number valid? Is it currently active? And which network does it actually belong to right now?
Speaker 1:Okay, I want to get into the plumbing of this. Yeah. Because the sources we have get pretty technical about how that signal travels. We aren't just sending a standard SMS here. This isn't just one phone texting another.
Speaker 2:No, no. We're operating a layer deeper than that. We're getting into the bedrock of the global telecommunications network, specifically something called the network.
Speaker 1:SS seven. Signaling system no seven. It always sounds to me like a protocol from a spy movie or maybe a boy band from the nineties.
Speaker 2:It acts a bit more like the spy movie version. It's an older protocol, but it essentially runs the world's telecom infrastructure. When a lookup request happens, it goes through a specific journey. First, there's a basic validation at the gate. Does the number look right?
Speaker 2:We check the syntax, the country code, the length.
Speaker 1:Just some basic housekeeping.
Speaker 2:Right. But then, system checks if the mobile network operator, the MNO, is in routing.
Speaker 1:In routing. That just means can we reach the carrier?
Speaker 2:Exactly. Is the bridge up or down? If it's up, the system sends a very specific signaling request called SRA4SM.
Speaker 1:SRA four SM. I saw that in the developer docs. Break that down for us.
Speaker 2:It stands for send routing information for short message. It's a technical request that effectively knocks on the door of the network and asks, hypothetically, if I were to send a text to this number, where would it go?
Speaker 1:But the text isn't actually sent.
Speaker 2:Correct. We're just asking for the directions. We want the map, not the journey. Now, to get that request to the right place, the system uses a signaling partner and a process called global title translation.
Speaker 1:Global title translation. That sounds incredibly complicated.
Speaker 2:It sounds fancy, but it's really just a game of digital hopscotch. The signal hops from one point to another in the network. One router looks the number and says, do I handle this? No. Try the next guy.
Speaker 2:It routes through the SS7 network until it hits the correct mobile network operator.
Speaker 1:That seems straightforward enough until you consider the chaos of modern phone usage. I mean, I've kept my phone number for years but I've switched carriers three times. I went from AT and T to Verizon to T Mobile. How does the HLR know where to look if I've taken my number with me?
Speaker 2:That is a great question. Number portability makes this incredibly complex behind the scenes. When you port a number, the original network, the one that first issued that number to you, it keeps a routing exception on file.
Speaker 1:A routing exception. So like a forwarding address at the post office.
Speaker 2:Exactly like that. When the signal hits the original network, that network says, oh, they don't live here anymore. They move to T Mobile. And it forwards the request to the new network. But it does something clever.
Speaker 2:It prepends a special prefix to the number.
Speaker 1:A prefix. So it changes the number effectively.
Speaker 2:Just for the routers, it adds a few extra digits that tell the SS seven routers, hey, don't look at the area code, look at this prefix, redirect this to the new carrier.
Speaker 1:It's like sticking a yellow post it note on the envelope that says actually at t mobile now.
Speaker 2:And all of this, the hopscotch, the database query, the routing exception, the forwarding, it all happens in milliseconds.
Speaker 1:It's incredible to think about how much activity is happening in the background just to verify a string of 10 digits. But let me play devil's advocate here. Why go through all this trouble? Why not just send a text? Or use simpler methods?
Speaker 2:Well, let's look at the hierarchy of validation because businesses do try simpler methods, but the sources are pretty clear that they all have major flaws.
Speaker 1:Right. The sources mention rejects or format validation.
Speaker 2:Rejects is, well, it's the bottom of the barrel. It's just checking the syntax. It's like spell check.
Speaker 1:Yeah.
Speaker 2:It ensures you didn't type a b c instead of one two three or that you didn't type a 15 digit number for a US country code.
Speaker 1:So it's a shape sorter. Make sure the block is square, but it doesn't check what's inside the block.
Speaker 2:Exactly. It's great for front end input catching those immediate fat finger mistakes we talked about earlier, but it is useless for knowing if a number is real. I could type 555800000000 If it's the shape, it's not a phone
Speaker 1:Okay. So Regex is just checking the container. What about carrier lookup?
Speaker 2:That's one step up. That tells you the carrier like Vodafone or AT and T in the line type, whether it's mobile or VoIP. But again, the flaw is distinct. Yeah. It doesn't tell you if the number is in service.
Speaker 2:A number can be assigned to Verizon but be completely dead because the user stopped paying the bill six months
Speaker 1:So carrier lookup is like looking at the phone book cover, seeing Verizon, but not checking if the person is actually home.
Speaker 2:Right. Now the gold standard for proof of ownership is the OTP, the one time password. You know, enter the four digit code we just texted you.
Speaker 1:I do that all the time. It works.
Speaker 2:It works perfectly for verifying the user. But think about the friction. It's annoying. It's expensive. You're paying for every single SMS sent, and it's intrusive.
Speaker 2:You can't just send an OTP to a list of 10,000 marketing leads to see if they're valid. You'd annoy 10,000 people instantly.
Speaker 1:That makes sense. You can't audit your existing database with OTPs. So the HLR lookup is the middle ground.
Speaker 2:It's the sweet spot. It confirms the number is active and reachable before you spend money sending an SMS or make a call? You aren't verifying the human yet, but you are verifying the line.
Speaker 1:Now speaking of verifying lines, the sources mentioned some. Let's call them detective methods. Yeah. These are the scrappy ways people check numbers without paying for a service. I found these hilarious, largely because they feel a bit like stalking.
Speaker 2:The DIY validation methods. Yes. These are fascinating, though totally unscalable for a business.
Speaker 1:The first one was the WhatsApp trick.
Speaker 2:Right. This is a classic manual check. You type a pi.whatsapp.com/send.phone followed by the number into your browser. If a chat window opens with a profile picture, bingo, the number is registered on WhatsApp.
Speaker 1:Which usually means it's a real active mobile number.
Speaker 2:Usually. Though it doesn't tell you if they still have the SIM card in the phone, just that they have the account. Then there's the social media approach. Checking Facebook Messenger. If you sync contacts and see a green dot, they're active.
Speaker 1:And Telegram too. I noticed the source material got very specific about Telegram.
Speaker 2:Telegram is actually surprisingly detailed. Detailed. It gives you status messages like last seen recently, which means anywhere from seconds to three days ago, versus last seen a long time ago, which is over a month. So you can actually gauge how active the human attached to the number is.
Speaker 1:It's bit creepy when you put it that way. Last seen recently, it feels very surveillance heavy.
Speaker 2:It is. And obviously, if you're a company with 50,000 customers, you cannot have an intern sitting there typing numbers into WhatsApp URLs all day long.
Speaker 1:No. Definitely not. So let's pivot to the business side. Why does this matter? We talked about the fat finger issue, but is it just about correcting typos?
Speaker 2:It's about efficiency and it's about fraud. Let's follow the money. If you are running an SMS marketing campaign, you're paying per message segment. If 20% of your database consists of dead numbers, you are literally setting 20% of your budget on fire.
Speaker 1:That adds up really fast.
Speaker 2:It does. But then there's fraud. The sources highlighted stage and screen numbers.
Speaker 1:You mean like 5550199, the fake numbers you see in movies?
Speaker 2:Exactly. People actually use those to sign up for services when they don't want to be contacted, Or they use disposable numbers. HLR lookups can flag risky numbers, premium rate numbers, pagers, or temporary numbers that are often associated with fraud.
Speaker 1:And reputation matters too, right?
Speaker 2:Okay.
Speaker 1:I imagine carriers don't like it if you're just spamming dead numbers.
Speaker 2:It's huge. If you send thousands of texts to dead numbers, the carriers start to look at you suspiciously. High bounce rates look like spamming behavior. You could get your legitimate messages blocked or your sender ID blacklisted.
Speaker 1:The sources broke down the specific statuses in HLR lookup returns. Active is obvious, dead is obvious. But what about absent? That one seemed nuanced.
Speaker 2:Absent is a critical distinction. Dead means the number is not assigned to a subscriber, it's gone, it's a disconnect. Means it is a valid subscriber, but the device is off, out of battery, or out of range.
Speaker 1:So if I'm a marketer, I might want to try an absent number again later, but a dead number I should just delete.
Speaker 2:Exactly. Knowing the difference saves you a lead that might a dead battery or be on a flight.
Speaker 1:So how does a company actually implement this? Do they have a dashboard? Do they have someone sitting there pressing a button for each number?
Speaker 2:They can use a dashboard for sure, but usually this is automated via APIs. We looked at examples from Verificare mails and hlrlookups.com.
Speaker 1:Right. The developer's corner of our reading list.
Speaker 2:It's a pretty standard API workflow. You get a token or digital key, you send a request, usually via something like Car URL or PHP, and get back response. It's basically instant.
Speaker 1:And the sources really emphasize standardization. They kept mentioning E point one six four.
Speaker 2:Yes. If you take nothing else away from the technical side, remember E point one six four. It's the international standard for phone number formatting. Plus sign, country code, number, no spaces, no dashes, no parentheses.
Speaker 1:So plus 44 for The UK, plus one for The US. Why is the format so critical?
Speaker 2:Because computers are dumb. If you don't standardize to e point one six four before you store data, you can't deduplicate. You might have one record as 077 and another as old plus four 477, and the computer thinks they're two different
Speaker 1:That sounds like a data nightmare. You'd be double messaging people.
Speaker 2:It is a nightmare. Now for the non coders in the audience, there was a really cool mention of N8N.
Speaker 1:Yes. The low code automation tool. I love seeing this kind of stuff because it makes the text so much more accessible.
Speaker 2:It does. The source described a workflow where you capture a lead from a web form, pass it through an HLR verification node in N8N, and then use lodging branches.
Speaker 1:Can you walk us through that flow?
Speaker 2:Okay. So imagine a flowchart. A customer hits submit on your website. Before that name even hits your database, NAN grabs the number. It pings the HLR API.
Speaker 2:If the API returns active, the data goes to the CRM. If it returns dead, the workflow automatically discards it or flags it for review.
Speaker 1:So clean data enters the system from day one. You aren't scrubbing it later, you're filtering it at the door.
Speaker 2:Exactly. It's preventative hygiene.
Speaker 1:Now I have to play devil's advocate here again. We're pinging phones, checking if people are active, seeing what network they're on. Woah. We need to talk about privacy. Is this invasive?
Speaker 1:Is it GDPR compliant?
Speaker 2:It's a very valid concern. But here is the key distinction. HLR checks the status of the number, not the identity of the
Speaker 1:So it doesn't say this is John Smith's phone?
Speaker 2:No. It says this number is active on Vodafone. It doesn't provide the name. Unlike those caller ID apps that crowdsource names from people's address books, HLR is strictly technical network data.
Speaker 1:The source mentioned MSI security. What is that?
Speaker 2:The IMSI is the unique ID of your actual SIM card. It used to be that networks would share this freely in lookups, but that represents a security risk If I have your MSI, I can potentially track your location across towers. Now, most networks scramble or withhold the MSI in these public lookups, so the security has tightened up significantly.
Speaker 1:And regarding GDPR, the General Data Protection Regulation in Europe, doesn't this violate that?
Speaker 2:Counter intuitively, cleaning your data is actually good for GDPR compliance.
Speaker 1:How so? I would have thought the less processing the better.
Speaker 2:Well, have to look at the principles of data quality and data minimization. GDPR says you shouldn't hold inaccurate data on people, and you shouldn't hold data you don't need. If you have a database of 10,000 numbers and 3,000 are dead, you are holding inaccurate data. Scrubbing it actually brings you to compliance.
Speaker 1:That's a really interesting angle. Yeah. You're deleting the data you shouldn't have in the first place.
Speaker 2:Exactly. However, and this is a big however, you still need a legal basis to run the check. You can't just run HLR lookups on random numbers you You need consent or legitimate interest. And you absolutely need to check do not call lists, like the Robinson list or the TPS in The UK.
Speaker 1:Right, because just because a number is active doesn't mean they want to hear from you.
Speaker 2:Precisely. The HLR tells you if you can call, the Robinson list tells you if you should.
Speaker 1:Okay, let's bring this home. We've covered a lot of ground, from the simple fat finger mistake to the complex routing of the SS7 signaling network. If you had to summarize the key takeaways for someone listening who manages a customer database, what would they be?
Speaker 2:I'd boil it down to three steps. First, capture correctly. Validate at the point of entry so bad data never gets in. Second, standardize. Use e point one six four formatting so your database is clean and searchable.
Speaker 2:And third, scrub regularly.
Speaker 1:Because of that statistic we started with, Nevitt, fifty five percent of people change their numbers in two years.
Speaker 2:Exactly. Phone numbers get recycled. If you don't scrub, you might be texting a stranger thinking it's a loyal customer from three years ago.
Speaker 1:That leads to my moment from reading these sources. We tend to think of our phone number as part of our identity. It's my number. I've had it for ten years. But in reality, from the network's perspective, a phone number is just a temporary lease.
Speaker 2:It is. You are renting a routing address on a network. And when you stop paying or move on, that address gets wiped and handed to the next person. It's not a permanent identifier, even though we treat it like one.
Speaker 1:It really changes how you think about your contact list. It's a living, decaying thing, not a static file.
Speaker 2:That's the perfect way to describe it. It has a half life.
Speaker 1:So we've learned how the sausage is made or rather how the signal is routed. Any final thoughts to leave us with?
Speaker 2:I think the most provocative thing here is the concept of digital exhaust. We talked about the silent ping. It's amazing technology, but it's also a reminder. If a simple computer script can ping a global database and instantly know if your phone is on, what country you are in, and what network you are using, private is off the grid really?
Speaker 1:That is unsettling.
Speaker 2:You might have your GPS off, but if your phone is connected to a tower, the HLR knows where you are.
Speaker 1:Well, on that slightly paranoid note, I think I'm gonna go turn my phone on airplane mode for a bit. Thanks for walking us through this invisible world.
Speaker 2:My pleasure.
Speaker 1:And thanks to you for listening to the deep dive. We'll catch you next time with another stack of sources and another hidden layer of the world to uncover.