SMS-OTP

SMS-OTP stands for Short Message Service One-Time Password, a security mechanism used for authentication.

Description

In the context of Non-Human Identities (NHIs), SMS-OTP is a method of verifying the identity of a user or system by sending a unique, time-sensitive code via SMS to a registered mobile number. This code, known as a One-Time Password (OTP), is typically used in two-factor authentication (2FA) scenarios where an additional layer of security is required beyond a username and password. SMS-OTPs are particularly useful for NHIs, such as automated bots or digital services, which may not have traditional human attributes but still require secure access to systems. The SMS-OTP process ensures that even if a password is compromised, unauthorized access is prevented without the corresponding OTP. However, it's important to note that while SMS-OTPs enhance security, they are also vulnerable to interception and social engineering attacks. Therefore, organizations using SMS-OTPs should implement additional security measures and consider the overall risk associated with relying solely on this method for authenticating NHIs.

Examples

A banking app sends an SMS-OTP to verify a user's identity during login.
A cloud service provider requires an SMS-OTP to confirm changes to account settings.

Additional Information

SMS-OTPs are commonly used in two-factor authentication (2FA) systems.
Alternatives to SMS-OTPs include authenticator apps and email-based OTPs.

SMS-OTP

Description

Examples

Additional Information

References