Many time as a developer, you may want to verify your user’s mobile number before they can perform any action on your website or mobile app.
There are many ways to get it done. For example,
- Asking the user to give a missed call on a number.
- Send SMS to his mobile with a code (OTP).
- Install an app and link the unique installation id with the account.
However, the most popular way is to verify the mobile by sending a unique code through SMS and verify the same on the server.
OTP or One Time Password is a popular way for two-way authentication, where you can ensure that the number entered by the user is the same what they are using.
How OTP System Works?
OTPs are disposable passwords for only one-time use. The primary purpose of them is to authenticate the user either for
- Login to the system.
- To get the authorized person’s consent while making some transaction, e.g., in banking.
- Verify the authenticity of the mobile number provided by the user.
To make the OTP system works flawlessly, developers should ensure that apart from sending SMS as they are not always very reliable.
Developers should allow other means of authentication too; e.g.,
- Calling the users on their number via IVR and provide the code.
- Allowing them to give a missed call on a random number for authentication.
Before implementing an OTP system for your service you should consider it’s delivery method as well as the verification system.
For example, if you want to allow the users to verify the code via IVR then the OTP should always be a numeric one like 23459.
But if you are planning to authenticate the OTP on your website, then it could be either numeric or alpha-numeric. But you should always keep it under eight characters or digits.
Once, you generate the code, now you have to deliver it to the user. You can either send him via Phone Call or SMS (two most preferred way of sending the OTP).
With Ziffy SMS service ReST API, you can send the OTP in one single step from any programming language.
To send the SMS you can use Ziffy’s single SMS API and the OTP can be sent in any regional language and not just in English.
To send the OTP SMS, use the following API:
Here, apikey is provided by Ziffy and you can generate one for yourself from https://app.ziffy.in/register.php
There are two ways to push the load on the above URL.
- URL Query String
- JSON Body
URL Query String
To send the SMS as a query string, add the following parameters on the URL:
msgtype=TRANS or PROMO (for sending OTP it should be TRANS)
to= The mobile number of the recipient
msg= The OTP Message with the code
senderid=ZIFYIN (can be configured to your company name)
The final URL will look like;
https://app.ziffy.in/api/sms.php?apikey=apikey&msgtype=TRANS&to=9554443322&msg=Your one time password for web login is 87765&senderid=ZIFYIN
If you prefer to send message packed in JSON then you can use the following format (example is in PHP);
$postBody = [
"msg"=>"Your login OTP is 887598 for IVR login"
"msg"=>"Your login OTP is 9A8BVZ for website login"
Sending OTP SMS is very easy, and it would take only a few minutes to implement the system.
Feel free to contact us if you need any help in implementing the system.