VCAS Managed OTP Authentication
In this use case, VCAS will receive the cardholder’s available credentials from the issuer's card management system and then manage the cardholder authentication experience using OTP as the authentication method.
For SMS, VCAS uses a shared code program where the OTP will primarily be delivered with alpha code “SMSAUTH”. If alpha codes are not available in the country where the OTP is to be delivered, a dedicated short code or long code will be used. For email, a global aggregator will be used to deliver the OTP on the issuer's behalf.
| Pros | Cons | RDX Calls |
|---|---|---|
| Minimal technical requirements because solution only requires a single API | Local SMS aggregators may have better performance depending on issuer's location | Stepup |
| VCAS can provide the global SMS aggregator to deliver the OTP if issuer does not have an SMS aggregator | No code customization; Reliance on VCAS support for cardholder inquiries |
Flow Diagram
Required RDX Calls:
Updated 11 months ago