Skip to main content

SMS OTPs

One-time passwords (OTPs) delivered as text messages are the simplest way to add a second factor to your authentication flow.

Use SMS OTPs if you...

Compared to traditional username and password login scenarios, adding a second factor is a big step up in terms of security. Although SMS OTP cannot match the convenience or the security of more sophisticated methods, they have the advantage of relying on nothing but cell service on the user device.

We recommend SMS OTPs as an authentication method, if the following are true for your business:

  • You want to improve authentication security with minimal effort.
  • You do not want your users to install yet another app.
  • You do not want to rely on any user device capabilities.
  • You do not want to invest in major technical development.

The advantage of SMS OTPs is that even mobile devices with no Internet access, and with all of their biometric and push service capabilities disabled can act as second-factor authenticators. There is no need to download or install any applications, both the registration and transaction approval flows are purely text message based.

caution

SMS OTPs are more vulnerable to attacks than modern authentication methods. For this reason, we do not recommend SMS OTPs for sensitive transactions. Instead, consider implementing one or more of the following methods:

Registration and authentication flow

To get started, you need the following information available:

To implement and use SMS OTPs, see the instructions on the following pages:

  1. Enroll Your Phone Number
  2. Authenticate with SMS