Help centre
Answers to the most-asked questions about XyloTrust, Freshdesk integration, security, pricing and our other products. Can't find what you're looking for? Get in touch.
XyloTrust is a Freshdesk add-on that lets agents verify the identity of ticket requesters via SMS. The requester gets an SMS with a verification link from our external identity provider and completes the flow (passport + selfie where needed). The result — passed or failed — automatically lands as a private note on the ticket.
The add-on is built for MSPs and helpdesks that want to handle NIS2 and GDPR compliance without breaking their existing Freshdesk workflow.
The three most common scenarios are:
Our included Agent SOP contains a full decision tree with more scenarios.
No. Biometric data (selfie + passport image) is processed and stored exclusively by our external identity provider — we never receive it. We only get the verification result: name, phone number, country, masked IP, and a passed/failed flag. The specific sub-processor is named in our privacy policy.
Currently XyloTrust is a native Freshdesk add-on. We're working on Zendesk and Intercom integrations (planned for 2027), but for now you need an active Freshdesk environment.
Following Freshdesk's best-practice recommendation, we suggest creating a dedicated agent in your Freshdesk and naming it admin user. If you log in with that agent when you install the app, all verification private notes on tickets will be posted under "admin user" — not under your personal name.
XyloTrust supports SMS verification out of the box for these countries:
+32+31+33+49+352+44Other countries we activate on request — contact support@xylosnap.com with the dial codes you need.
The verification SMS your end customer receives shows your company name as the sender, not "XyloSnap" or our identity provider's name. Your customer only sees your brand. Available from the Pro plan.
Default is annual upfront with a Belgian VAT invoice in EUR. For Enterprise customers, monthly or quarterly invoices are available on request. Payment by credit card.
Yes, at any time. Upgrades take effect immediately, downgrades from the next billing period.
Yes. NIS2 requires strong authentication of users when accessing critical systems and during sensitive actions like password resets. XyloTrust provides that layer and logs every verification in an audit trail you can present to regulators.
We're not accountants or lawyers — full NIS2 compliance depends on your overall policy. But for the specific identity-verification requirement at support tickets, XyloTrust is a direct, documented solution.
Our application and database are hosted on AWS in eu-central-1 (Frankfurt, Germany). Our identity provider processes verification data within the EU. We do not routinely transfer personal data outside the EEA.
Verification results are kept in our database for 3 months for billing and reporting purposes, then deleted. The private note in Freshdesk can be auto-deleted 1 to 24 hours after creation (per-environment setting).
Yes. Every paying account receives a signed DPA per Art. 28 GDPR, based on the EU Commission's Standard Contractual Clauses. Our sub-processors (identity provider, AWS) are listed in Annex III and can be requested via privacy@xylosnap.com. View the DPA.
Via support@xylosnap.com or by phone on +32 3 376 33 37, Mon–Fri 09:00 to 17:30 (CET). Standard reply time: one working day. Pro and Enterprise customers get priority chat via the portal.
Our live status page shows real-time uptime for XyloSnap and our underlying services (AWS, identity provider, Freshdesk), including an incident overview for the last 30 days.
Yes. Annual plans run until the end of the current period; monthly plans cancel from the next billing cycle. No questions asked.
Ready for €500 extra margin? Claim your 10 free verifications + rollout kit.
Start free now