The iMessage auth problem is the right thing to be paranoid about. A channel that proves delivery doesn't prove identity someone texting through the same number or session could theoretically trigger approvals. Curious if you're thinking cryptographic verification or just out-of-band confirmation (like a PIN sent separately).