Tighten your bot transactions with an additional layer of security with OTP authentication. Configure bot flows to trigger OTPs to your customers’ email addresses or phone numbers and steer clear of identity thefts and access breaches.
Learn how you can secure all your sensitive transactions with ease here.
A one-time password hashed using BCrypt password encoder is stored in one time password, and otp request_time stores the time at which the OTP is generated, so the expiration date can be checked.
@Entity
@Table(name = "customers")
public class Customer {
private static final long OTP_VALID_DURATION = 5 * 60 * 1000; // 5 minutes
@Column(name = "one_time_password")
private String oneTimePassword;
@Column(name = "otp_requested_time")
private Date otpRequestedTime;
public boolean isOTPRequired() {
if (this.getOneTimePassword() == null) {
return false;
}
long currentTimeInMillis = System.currentTimeMillis();
long otpRequestedTimeInMillis = this.otpRequestedTime.getTime();
if (otpRequestedTimeInMillis + OTP_VALID_DURATION < currentTimeInMillis) {
// OTP expires
return false;
}
return true;
}
// other fields, getters and setters are not shown
}
In this case, we declare a constant for the OTP expiration time in milliseconds and two fields matching the newly added columns (the one-time password and the OTP Requested Time). We can also check whether the OTP SMS expires by using the ist required() method.
Hey! Can OTP be used or triggered outside of bot flows such as inside the web widget?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
