One Time Passcode
Checker Category: Possession
Used In Steps: SMS Link
Used In Workflows: Identity Verification, Continuous Re-Authentication, and all MobileMatch-based workflows
Overview
OTP checkers deliver a one-time passcode to the user's phone or email and verify that the user entered the correct code or tapped the link. They confirm possession of the registered contact method — not identity. Pair with PII and risk checkers for full layered verification.
Five variants are available covering different delivery channels and infrastructure providers. The variant configured for your workflow is determined at deployment time.
End User Requirements
Access to the registered phone number (SMS/Voice) or email address. Ability to receive and enter the code or tap the link within the expiry window.
Role in Layered Verification
Possession confirmation only. OTP proves the user has access to the registered device or inbox at the moment of verification. Does not corroborate identity — pair with an Authoritative Database or Phone Registration checker for identity assurance.
Variants
Delivery: SMS
Infrastructure: ID Dataweb native
Sends a one-time passcode via SMS using ID Dataweb's own delivery infrastructure. User enters the 6-digit code to confirm possession of the registered mobile number.
Assertions
| Assertion | Key | Description |
|---|---|---|
| Phone OTP Possession Check | test.device | Confirms that the provided phone number has passed a one-time password (OTP) check, confirming possession. Passes if OTP verification succeeds; fails if it does not. |
Notes
Additional attributes and configuration options coming soon.
Testing & Expected Results
Testing follows SMS Link step procedures. See SMS Link for test credentials and step-by-step instructions.
Related Resources
→ SMS Link | → Phone Registration + Risk | → Identity Verification | → Continuous Re-Authentication
Updated 2 days ago