Why Whatsapp OTP? 


Businesses use one time passwords (OTPs) to verify user identity at the time of logins, online purchases  and to authenticate other transactions.


Many businesses are adopting WhatsApp for OTP verifications & 2FA due to the added security it provides. The traditional SMS OTP implementation may be susceptible to some security flaws


Whatsapp OTP is the ideal alternative because of the following factors:


  • End-to-end encrypted; encrypted between business endpoint and the user’s device.

  • High delivery rates.

  • Lower cost than SMS OTP ( ILDO / International SMS

  • Ability to track and be notified when identity/ownership  changes for  phone numbers on Whatsapp. 

  • Easy integration with a chatbot  for helping users with authentication.



Steps to send  OTP messages via WhatsApp business API 


Prerequisites 


  1. You have a phone number enabled with Whatsapp Business API at Exotel.

  2. You have access to the META Business manager dashboard for template whitelisting.

  3. You already have a mechanism to generate & detect OTPs.


Step 1: Whitelist a OTP message template in your WABA using the META Business manager dashboard.


In your Whatsapp business account (WABA) dashboard , navigate to the “Message templates” section and click on “create message templates”.


  • Select the “one-time password” template category

  • Enter a Name for the template . 

  • Select the language(s) you want to use for the OTP message.


Click on continue.


Construct your message template as per your liking by utilizing Header,Footer, Body  options available. More details on template creation here.




Submit the template for approval.


Step 2 : Sending the OTP template message via Whatsapp API





For tracking the delivery status of messages follow the steps mentioned here.