In theory, I quite like the idea of having every credit card transaction authenticated with a one time password (OTP). RBI requiring this for all transactions in India is something I really quite like. However, in practice, OTPs are a bit of a nightmare. They rely on being able to receive an SMS quickly, and there in lies the problem.

Of late, there have been a lot of instances when I’ve been trying to make a credit card transaction online, only to find that my OTP SMS never got to me (or got to me several minutes later than it should have). I don’t know if this is a problem with my credit card provider, or my cell service provider 1, but it is definitely a problem.

It sure would be great if this system could be transitioned to something more akin to Google’s two-factor auth system. That is, you can generate a code via:

  • A locally installed app that has no network connectivity requirements
  • OTP sent via SMS
  • OTP sent via email
  • 10 pre-determined OTPs that can be printed out and used once for emergencies
  1. If I had to bet, I’d bet on it being my cell service provider, Airtel - they’ve been absolutely abysmal, lately.

Gopal Sharma

gps gopalkri