Skip to main content
Before accessing sensitive account information or taking actions on a player’s behalf, Cevro needs to verify who they are. This page explains the authentication options available.

Two Ways Players Get Authenticated

Help Desk Integration

Seamless & AutomaticWhen a player is logged into your website and starts a chat, their identity is passed automatically from your help desk (LiveChat, Intercom, Zendesk, etc.).No extra steps for the player.

AI Verification

ConversationalWhen session data isn’t available, the AI asks the player for verification info (email, date of birth, player ID, etc.) and validates it against your back-office.Secure fallback option.
This is the preferred method when available. Players don’t need to re-enter information they’ve already provided when logging into your site.

How It Works

  1. Player logs into your website
  2. Your front-end passes their player ID via the Cevro Messenger SDK
  3. Player starts a support chat
  4. Cevro reads the player ID from the session
  5. Player is authenticated automatically
npm install cevro-messenger-sdk

import { CevroMessenger } from 'cevro-messenger-sdk';

// After player logs in
CevroMessenger.init({
  metadata: {
    player_id: user.playerId,
    email: user.email
  }
});
This provides the best player experience - instant authentication with zero friction.

Supported Help Desks

Help DeskSession Field Location
LiveChatsession_fields
Intercomcustom_attributes or external_id
Zendeskconversation.metadata
Respond.ioContact fields
Your Customer Success Manager will help configure the exact field mapping during onboarding.

AI Verification

When help desk integration isn’t available (e.g., player isn’t logged in, or using the web widget), the AI can verify identity conversationally.

How It Works

  1. AI asks the player for required information (configured per workspace)
  2. Player provides details (email, date of birth, etc.)
  3. Cevro validates against your back-office API
  4. If the information matches, the player is authenticated

Common Verification Fields

  • Email address - Most common identifier
  • Date of birth - Secondary verification
  • Player ID - If the player knows it
  • Phone number - Alternative identifier

Setting Up Verification Questions

When you add a verification question, you pick which player field the answer maps to:
1

Choose the field type

Select the type of information you’re asking for — email, phone, date, number, or text. When you pick a type, the system auto-suggests a matching player field if one is available.
2

Select a player field

The Player Field dropdown shows existing fields on the player profile (like email, phone, first name, etc.). Pick the field where the player’s answer should be stored.
3

Need a new field?

If the field you need doesn’t exist yet, click ”+ Create new field” to add a new player attribute on the fly. The system suggests an appropriate field name automatically.
When you select a common type like “email” or “phone”, the matching player field is pre-selected for you — no extra steps needed in most cases.
Once a verification question is saved, the player field it maps to cannot be changed. If you need to use a different field, delete the question and create a new one.
Your Customer Success Manager will configure which fields are required based on your back-office capabilities and security requirements.

Verification Modes

When players provide their details for AI Verification, Cevro compares what they typed against your back-office records. There are two modes for how this comparison works:

Strict Mode

Default — Exact MatchValues must match after formatting cleanup — including case, whitespace, diacritics (Rădulescu = Radulescu), hyphens (Jean-Pierre = Jean Pierre), and locale-aware date parsing. The system automatically detects your player’s language to parse dates correctly (e.g., DD/MM/YYYY for European players).Best for most workspaces. Handles the majority of formatting variations automatically.

Intelligent Mode

AI-Assisted — Handles Edge CasesWhen the deterministic check fails, an AI comparator evaluates whether the difference is a legitimate variation (phone country codes, middle name omissions, alternative transliterations) or a genuine mismatch.Best for workspaces where players frequently omit country codes, use partial names, or have other variations that go beyond formatting cleanup.

What Each Mode Handles

VariationPlayer TypesBack-Office HasStrict ModeIntelligent Mode
Case differencesjohn doeJohn DoeHandledHandled
DiacriticsRadulescuRădulescuHandledHandled
Hyphenated namesJean PierreJean-PierreHandledHandled
Date formats04/09/19941994-09-04Handled (locale-aware)Handled
Date day/month swap1994-09-021994-02-09Not matchedMatched (when ambiguous)
Phone country code0257451572+40257451572Not matchedMatched
Middle name omittedMaria PopescuMaria Elena PopescuNot matchedMatched
Different personJohn SmithJane DoeRejectedRejected
Intelligent Mode is security-first. When the AI isn’t confident that two values represent the same person, it rejects the match. A false rejection (asking the player to try again) is always preferred over a false acceptance.

How It Works

Intelligent Mode uses a two-step process:
1

Deterministic Check

Standard comparison with formatting cleanup — handles case, diacritics, hyphen/space equivalence, and locale-aware date parsing automatically. The system detects the player’s language to parse dates correctly (DD/MM/YYYY for European players, MM/DD/YYYY for US). Most verifications pass here without needing AI.
2

AI Comparison (only if Step 1 fails)

Fields that don’t match in Step 1 are evaluated by an AI model that understands name variations, phone formats, and locale-specific patterns. The AI must be confident the values represent the same person — uncertain matches are rejected.

Confidence & Guidelines

Each workspace can configure:
  • Confidence threshold — How certain the AI must be to accept a match (default: 90%). Higher values are stricter.
  • Field guidelines — Context about your player base that helps the AI make better decisions. Examples:
    • “Players are Romanian — diacritics are common in names”
    • “Phone numbers may omit +40 country code”
    • “Be flexible with day/month ordering on dates”
Your CSM will help configure these based on your player demographics and security requirements.
Intelligent Mode is an opt-in enhancement. Your workspace uses Strict Mode by default. Talk to your Customer Success Manager if you’re seeing players fail verification due to formatting differences.

Customizing Authentication Communication

Customize how your AI agent communicates during player authentication — the words it uses, its tone, and how it handles identification failures — without changing the underlying authentication procedure.
This controls communication only. The actual authentication method (security questions or platform login) is configured in the sections above.

How to Customize

1

Navigate to Ticket Lifecycle

Go to Settings → Agent Configuration → Ticket Lifecycle
2

Find the Authentication Communication section

Scroll to Authentication Communication Guidelines
3

Click Customize

The default view shows what the agent does automatically. Click Customize to open the editor.
4

Edit the guidelines

The editor is pre-filled with a structured template covering three areas:
  • Terminology — What words to use (e.g., “identify” instead of “verify”)
  • Tone & Style — How the agent sounds during authentication
  • When Identification Fails — What the agent says when it can’t confirm the player’s account

What You Can Customize

AreaExample
TerminologyChange “verify your identity” to “confirm your account” or “identify yourself”
ToneMake authentication feel more casual, more formal, or more reassuring
Failure messagingCustomize what the agent says when identification doesn’t succeed

What’s Always Built-In

These behaviors are always active regardless of your customization:
  • Identifies the player before handling gated requests
  • Uses your Knowledge Base to answer authentication questions
  • Escalates to a human agent when identification fails repeatedly
The specific identification method — whether that’s a website session, verification questions, or both — is determined by your workspace’s authentication setup.
Keep your guidelines concise. The agent follows short, clear instructions better than long paragraphs. Focus on what should be different from the defaults.

What Happens After Authentication?

Once authenticated, Cevro can:
  • Access the player’s account information
  • View transaction history, balances, and bonuses
  • Take actions on their behalf (if configured)
  • Provide personalized support based on their account status
Authentication is valid for the duration of the support conversation. When the ticket closes, the session ends.

Security Notes

  • All authentication requests are encrypted in transit
  • Player credentials are never stored - only the resulting player ID
  • Back-office API calls use secure tokens configured by your team
  • VIP players can be automatically escalated to human agents if desired

Configuration

Authentication settings are available directly on your Custom Integration page under the Authentication sidebar section. From there you can:
  • Enable or disable “Authenticate in chat”
  • Add, edit, or remove verification questions (the fields your AI asks players)
  • Configure masked fields — if your back-office masks data in API responses (e.g., p***[email protected]), enable this so the AI trusts any matching record without comparing values
  • Manage API credentials — bearer token for back-office authentication
1

Open your integration

Go to Settings → Integrations and click your custom integration.
2

Click Authentication

In the left sidebar, click Authentication.
3

Configure verification

Toggle “Authenticate in chat” on, then add your verification questions.
Your Customer Success Manager configures advanced settings (verification modes, back-office API connection, data mapping) during onboarding. Contact them if you need changes to those settings.