Hi there, Ravi! Full disclosure: I used to work for Twilio.

User experience and developer experience are the primary reasons I'd recommend Twilio. Starting with user experience:

• Simplicity: There's a reason companies with great engineering talent (like Stripe and Shopify) hand off the implementation of scalable 2FA infrastructure to Twilio - it's because they see improved user conversions and experience, by leaning on the dedicated Verification team at Twilio.

• Reliability: Twilio has been building out even more regionalized infrastructure the past two years for improved service reliability. The Verify service also optimizes the telecommunications providers + sending phone numbers that are used if they ever detect lower-than-usual 2FA conversion rates (if they measure that users aren't entering 2FA codes at normal rates, they automatically route traffic differently to improve and ensure messages are getting delivered).

On the topic of developer experience:

• Ease of integration: I worked with customers who had MFA proofs of concept running in one afternoon. Twilio has easy-to-understand documentation and code examples to get started in a variety of languages: https://www.twilio.com/docs/verify

• Extensibility: As you mentioned in your post, you're considering SMS and Email channels for MFA today, but want to keep your options open for improving security and UX. Twilio already offers additional verification channels, like Voice, in-app Push Notifications, and TOTP integrations with authenticator apps like Authy and Google Authenticator. For additional security considerations, Twilio's Lookup API v2 provides a useful database of information about users' phones, to complement your MFA implementation.

• Maintainability: Twilio has a solid track record for improving its Verification & security solutions since they've launched them, and last I knew while working there, planned to continue to invest strategically in these offerings.