NOV 4, 2019
By Drewe Apps

Why Use One-Time Passwords (OTP)?

Firstly, what is a one-time password.

A one-time password (OTP) is a system-generated string of characters that can be used to grant a user access to a system or to perform an action, as another layer of security over and above the usual username/password requirement.

Why use a one-time-password?

As previously mentioned, one-time passwords add an additional layer of security, and are extremely important when allowing someone to access or update personal information, or to updated service-critical details. In the case of a MVNO, a one-time password is absolutely critical when allowing someone to port in or port out a service, or to update the owner of a service.

How does it work?

Put simply, your website or application sends the user an SMS or email containing a random password, which they then have to confirm with your website or app in order to continue with what they intend to do.

The process in more detail:

  1. Your website or application requests a one-time password from a system
  2. The system sends a one-time password to the user via SMS or email
  3. Your website or application requests the one-time password from the user
  4. The user enters the one-time password on your website or application, which validates the entered password with the system that generated it. If the entered password is correct, your website or application allows the user to continue with what they intend to do

When should I use a one-time password?

It is recommended that a one-time password be used when a user wishes to:

  • Login to their account
  • Update their personal details
  • Update their payment details
  • Port a service
  • Change the plan of a service
  • Disconnect a service

While all of this may sound complicated, the good news for Telecommunication, Utilities, and IoT providers is that EAP's web service now includes the ability to easily create & send and validate one-time passwords!


Drewe Apps
Chief Commercial Officer