RDX Specification

Issuer Managed OTP Authentication

In this use case, the issuer has full control over the OTP creation, delivery, and validation experience. This allows issuers to leverage their own current aggregator for consistent OTP experience, and implement additional validation logic to control the number of cardholder OTP attempts, OTP resends, fallback authentication options, and more.

ProsConsRDX Calls
Full control over OTP creation, delivery, and validationThree API calls will be needed compared to one or two calls with VCAS managed or co-managed use casesStepup
Additional logic can be implemented for various use casesIssuer will need to implement additional logic to manage the validation use casesInitiate Action
Validate

Flow Diagram

Required RDX Calls

  • Stepup
  • Initiate Action
  • Validate