Skip to content
oHallo Help

When verification fails -- what callers hear

When the AI cannot grant a caller access to a gated tool, it reads (or sends) a rejection that explains the situation in plain language without leaking sensitive details. There are five canonical rejection scenarios; each one has a default message that you can override per workspace.

The five scenarios

Section titled “The five scenarios”

Lockout. The caller has reached the per-call or per-24-hour limit on verification attempts. The AI explains the lockout, suggests they try again later or use the email link, and offers a hand-off to a human if your channel supports it.

“I’m not able to verify your identity right now. For your account’s safety, we lock automated verification after several failed attempts. If you received an email about this, please follow the link there; otherwise please try again later or reach out through your usual support contact.”

Scope mismatch. The caller is verified but they’re asking about a different account than the one they’re contacting from. The AI refuses to share information about the other account.

“I can help with your own account, but I’m not able to share information about another account. If you need help with a different account, the account owner can contact us directly.”

Verification not configured. The workspace operator has gated a tool at identified or above but hasn’t attached any lookup tools, so the verification specialist has nothing to ask about. The AI explains and offers a hand-off.

“I’d like to help with that, but identity verification isn’t currently set up for this workspace. I’ll pass you to someone on the team who can help directly.”

Ambiguous identity. The caller’s email or phone number matches more than one account in the platform. The AI asks the caller to disambiguate before proceeding.

“I have your details on more than one account here. To make sure I send the right information, could you share which one you’re contacting about — for instance, the company name?”

Cross-recipient. The caller is asking about another customer’s data (e.g. on behalf of someone else). The AI declines on privacy grounds.

“For privacy, I can only confirm details for the account you contacted us from. If you’d like information about a different account, the person on that account would need to reach out directly.”

What the caller does NOT hear

Section titled “What the caller does NOT hear”

The AI never says, in any rejection:

  • The names of the specific tools that were blocked.
  • The contact ID or account ID of the matched record.
  • Whether or not a contact exists with the credentials they presented.
  • The specific data category the failed question came from.

This is by design. The rejection-language is information-poor so an attacker probing for valid identifiers cannot use it as a side-channel.

Overriding the templates

Section titled “Overriding the templates”

Each rejection scenario can be overridden per workspace via the agent_definitions.config.rejection_templates field on the system_verification agent definition. Today this is exposed only to platform admins; tenant-side overrides will land in a future release.

Looking for the product? Visit ohallo.eu  ·  Developer documentation  ·  Contact

Copyright 2026 oHallo ApS. All rights reserved.