Do you know what SMS OTP is used for? Although you may not have realised it, we are sure you have used it before to validate a transaction. In short, it is used to verify a user securely by means of a single-use code sent to their mobile phone.
In this article we will deepen about this functionality, its legal validity and how you can make the most of Viafirma’s SMS OTP signature in your processes.
What does OTP SMS mean?
The One Time Password (OTP) is an additional authentication factor for confidential transactions often used in online banking.
It is a secure authorisation method in which a numeric or alphanumeric code is sent by SMS in real time to the user’s mobile phone to validate a transaction.
This password acts as an additional layer of security to verify the identity of a user accessing an online platform, application or website.
Sign documents using SMS OTP? Yes, it is possible
SMS OTP is often used to add a second layer of security to any type of transaction, be it a banking transaction or when digitally signing a document.
Viafirma offers a signature solution so that your clients can validate documents through the OTP SMS in a simple and intuitive way. We detail the steps to follow to configure its use:
- From Viafirma’s software, we specify the type of signature we want to use, in this case the biometric signature together with the SMS OTP.
- We send the document to the signatory’s email address for electronic signature.
- The signatory will open the URL and access our signature page.
- Once you have read the document, you will enter your telephone number and receive a SMS with the OTP code valid for 5 minutes.
- Enter the password and click on verify code
- Finally, in the last step, it will send the signed document to the sender of the signature request.
IMPORTANT: For remote signatures, when we do not know the device from where the signature is going to be made or when the signatory does not have a digital certificate or does not know how to use it, we recommend the use of our SMS OTP signature, which can be combined with any other electronic evidence.
Legal certainty, the main differentiating factor of the SMS OTP
There are many countries where a SIM card cannot be obtained without a prior authentication process by the user. Identification by the operator and the card holder is required, as well as the signing of a contract. A mobile phone line is therefore necessarily linked to a natural or legal person.
Therefore, according to the eIDAS regulation, the principles established for an electronic signature to be considered advanced are met. According to this regulation, there are four requirements that must be met in order to be considered an advanced electronic signature. We will analyse them in the case of the SMS OTP signature:
- Linked to the signatory in a unique way. The signatory has a unique mobile phone number.
- It allows the signatory to be identified. The telephone number is personal and belongs exclusively to the signatory.
- The signature must have been created using signature creation tools that the user can use with a high level of confidence and under their exclusive control. Both access to the signature request (sent to the signatory’s email) and the OTP are under the signatory’s exclusive control.
- It is linked to the signed data so that any subsequent alteration can be detected. The document is linked to other electronic evidence, if any, so that any subsequent change to the document can be verified.
The OTP SMS signature: An optimal solution that can be accessed from anywhere
There is no doubt that the COVID-19 crisis has pushed most companies to go digital in order to remain competitive in the sector. Procedures that were traditionally done in person can now be done online with the same level of security.
The OTP SMS electronic signature allows your business to conclude agreements wherever and whenever you want. Hundreds of companies and sectors already use this signature model in their processes, a solution that is committed to optimisation and mobility.