The general idea of a One Time Password is to add a second layer of authentication in order to stay ahead of cybercrime and protect your organisation against catastrophic effects of fraud on your business. The risk of fraud is drastically reduced if the user doesn’t only have to fill in his user name and password (something he knows) but also needs something he "has” to complete the login. This ‘something’ can be the user’s phone. This means you’ll need the user’s mobile number, but also reliable messaging routes.
OTP is an SMS message
Originally, most OTP’s were sent as SMS messages. Once the user has begun his login attempt, filling in his username and the correct password, an SMS OTP is sent to the mobile number connected to his account. The user then enters this code shown on this phone in the login screen, completing the authentication process.
OTP is Voice Message
An alternative to a One Time Password via SMS is Voice. With Voice, the spoken password is received as a phone call on the user's mobile. The password will not be stored on the user's phone and Voice allows you to reach users with limited sight. You can also implement Voice as a back-up in case your SMS is not delivered.
OTP is a Push Notification
The Two-factor Authentication process using One Time Passwords via Push is similar to SMS OTP. In the login procedure to your online environment, an automated generated code is sent as a push notification to your App in the user’s phone. Then the user has to copy that code to the login screen to verify his identity. This does mean you’ll need a dedicated app.
How to Set Up Multi-Factor Authentication Today
Are you ready to get started with two-factor authentication? CM.com’s OTP API authenticates new users, secures account logins, and safeguards mobile transactions with one click. Our 2FA solution builds consumer trust and increases your conversion rates across multiple channels.
One-time passwords enhance application security and manage user verification via SMS and Voice calls. With a 98% open rate, SMS is known for its high visibility and reliability. By sending one-time passwords via SMS or Voice, you can reach your users wherever they are and reduce login frustrations. CM.com’s SMS Gateway API also allows you to facilitate one-time-passwords with customers worldwide.