OTP (One Time Password) is a commodity service used by enterprises for various purposes. Traditional usages of OTP include authenticating users, verifying ownership of a mobile phone number or an email address, and verifying transactions and sensitive operations. OTPs can be delivered in multiple ways such as over SMS, email, callbacks, push notification, and more. Having each application implement its own OTP service is costly and complex. With Transmit you can easily create an OTP service on-premise or in the cloud that all your applications could employ using a single and simple interface.
Connect your Applications
Instead of embedding OTP solutions into each one of your applications, use a simple interface to call a centralized OTP service running as part of your Transmit platform. Your applications don’t need to manage OTP delivery or verification anymore and have a clear and static interface for requesting various OTP services.
Connect Existing Providers
If you already have one or more providers that you’d like to keep such as an SMS gateway or hardware OTP provider, you can easily connect them to the platform. Instead of plugging them into each of your applications, you plug them centrally into the platform and they immediately become available to all your applications using a single and static interface.
Add OTP options
As part of the Transmit platform you will find ready-to-go OTP options including:
- SMS: OTP is sent to the user’s mobile device over SMS. The user needs to re-enter that code back into the application.
- Email: OTP is sent to the user’s email address. The user needs to re-enter that code back into the application.
- Callback: a phone call is generated to the user’s phone number. OTP code is delivered to the user over voice. User needs to re-enter that code back into the application.
- Push notification: OTP is sent to the user’s mobile phone using push notification. The user needs to re-enter that code back into the application.
- Soft token: OTP is generated inside the mobile app. The user needs to re-enter that code back into the application.
Program the System
Now that you have your application connected to the system, all that is left to do is to decide whether and how you want to leverage context and behaviors to make smarter OTP decisions. We call this step “programming the system” and you do that using an intuitive interface or APIs. For example, you can decide which kind of OTP to send to the user based on the type of devices the user has registered, the location of the user, and the risk profile of the user. You easily program the system centrally without the need to touch each one of your applications.
Deploying new authenticators or even new versions of existing authenticators could be challenging. Authentication is right in the face of your users and if it doesn’t work properly the impact on the user-experience, brand, and business could be significant. No matter how much testing you do, you can never simulate all the different device configurations, environmental and human factors. The final test will always be in the field. Transmit provides mechanisms to do gradual deployment of any change you make. You can deploy to specific users, specific number of users, specific geo-locations, etc. You can then gradually increase the deployment phase and more importantly you can rollback immediately in less than 5 seconds if something is not working properly.
Interested in understanding how many OTPs were delivered in each channel? Interested in understanding the success rate per OTP? Or perhaps the average time it takes a user to complete an OTP process? Transmit collects detailed information on all the different aspects of OTP delivery. Using our analytics capabilities, you can understand what works and what doesn’t, where the problems are, what’s the impact of changes you’ve made on your customer-base, and much more.