September 12, 2011

One-Time-Password (OTP) for IVR Transactions

A one-time password (OTP) is a password that is valid for only one login session or transaction. OTPs avoid a number of shortcomings that are associated with traditional (static) passwords. The most important shortcoming that is addressed by OTPs is that, in contrast to static passwords, they are not vulnerable to replay attacks. This means that, if a potential intruder manages to record an OTP that was already used to log into a service or to conduct a payment or any other secure transaction, he or she will not be able to abuse it since it will be no longer valid. Manage a OTP service with an IVR powered by VoiceXML like VXI* is really easier, allowing a dynamic programing to connect any backoffice system. What is an IVR transaction with OTP? IVR + OTP (interactive voice response) transactions are […]