The following use case is where one-time passwords (OTPs) can be utilized within an eCommerce website.
|
Step 1: Customer of an eCommerce site logs brings up the 'Login' screen. The customer enters their username into the Login screen, and requests one-time password.
Step 2: The eCommerce website utilizes the Authenticator API to generate a one-time password, sending it back through the Authenticator server (AT&T GSMS). Note: if you require an Authenticator server within your environment for added security please contact the Sales team.
Step 3: The Authenticator server (AT&T GSMS) interfaces the worldwide SMS Network.
Step 4: The world-wide SMS network delivers the one-time password to the customer's phone.
Step 5: The customer enters the one-time password into the second stage 'Login' page.
Step x: Based on triggers within the eCommerce website, such as at point of sale (retail) or upon large money transfers (banking), additional one-time password triggers may be established repeating the flow (Authenticator API > Authenticator Server > Operator SMSC > Customer handset).