​OTP: Security past its expiration date

​OTP: Security past its expiration date

The decline of one-time passwords

One-time passwords have been used for online banking security for more than 25 years, but technological developments have rendered these one-off strings of digits obsolete, both in terms of security and convenience. This paper tracks the decline of one-time passwords and describes alternative technology for banks serious about fraud and ambitious about market share. 

This white paper outlines:

  • OTPs –​ A decade of failure​
  • Inherent flaws in all OTP systems
  • Why SMS is an extremely vulnerable channel
  • OTP technology doesn't come cheap 
  • Atrocious user experience
  • Who pays the price for outdated technology? 
  • If OTPs are the past, what’s the future?



logo entersekt

Entersekt is an international software development company based just outside of Cape Town, South Africa.

We are leaders in authentication, app security, and payments enablement technology, offering a highly scalable solution set with a track record of success across multiple continents.