The traditional sign in flow where user enters the phone number in the input field after which an OTP is sent to user in the form of SMS. This SMS is sent on their default messaging app, so user has to either quickly read and memorize the OTP when the message is displayed on the message popup and then manually enters that OTP in the input box or switch to messaging app to read and memorize the OTP and then switching back again to enter the OTP. This switching to other app and memorizing the OTP leads to login drops.
Her, we will talk about how we implemented the autoread sms.
Few things to be kept in mind while implementing the autoread sms
- The Web OTP API requires HTTPS origin, that is on HTTP website this functionality will not work.
- This functionality will work only on the chrome 84 or later on an Android device.
A special format of message is required to use this feature. The message should satisfy the following conditions:
- The message can begin with an optional human readable text which can be few words. For example: Don’t Share your OTP or Never share your OTP or any other relevant text.
- The Last line of the message plays an important role which consists of two parts. One is the host part and other is the OTP. The host part of the URL of the website that invoked the API must be preceded by ‘@’ sign. The next part is the OTP which should preceded by ‘#’ pound sign. For example: @www.smsalert.co.in #2334
Complete message template:
Do not share this with anyone.
OTP:1234
@www.smsalert.co.in #1234