Are One-Time-Passwords Safe for Financial Services in Nigeria?

Traditional passwords no matter how secure, strong, or carefully generated may be susceptible to attacks. For many who use similar passwords on numerous sites for easy remembrance, the existence of OTPs (One-Time Passwords) has been quite the saving grace. 

Essentially, if you use similar passwords for multiple applications or websites, there is a high risk that your password can be easily intercepted by a calculated attack and unauthorized transactions can be carried out on your behalf. Sounds like something from a horror movie, right? That’s why OTPs or dynamic passwords exist.

What is an OTP? It is a password for a one-time use sent to your registered mobile number. OTPs are usually made up of numbers and can range from four to six digits, they are often valid for a limited period and cannot be reused for subsequent transactions. 

Much ado about passwords?

Even where they are not directly associated with managing our funds, passwords not only help protect the personal information we do not want to be shared but they also help add needed extra layers of security. In the absence of innovation like the OTP, to protect your account from possible attacks, you would need to change passwords regularly and that can be quite an inconvenient task to undertake. 

Sometimes, even the most careful persons can get targeted in cyberattacks and end up losing data to the wrong hands. This is why for financial services, the OTP is a logical safeguard for customer protection. 

How does an OTP work and is it safe for transactions?

Simply put, your OTP is an extra layer of verification, an identifier of some sort, required by your financial institution for you to complete or authorize a transaction. In instances where unauthorized access is gained to your account, an OTP sent to your device can serve as a warning sign that someone is trying to complete a transaction you did not initiate.

OTPs sent via SMS are safe and convenient- where financial services in Nigeria are concerned, they have proven to be the difference in instances where customers could have lost funds to unauthorized purchases and online hacks. 

Now that we have established that OTPs are a non-negotiable security feature any financial institution should offer their customers, let’s launch into the pros and possible cons of OTPs.

Pros

• We would all hate for our funds to enter into the wrong hands. In this sense, traditional passwords are sometimes unable to safeguard you from the common pitfalls set by online hackers or fraudsters. OTPs on the other hand do not have any bearing on whether your password choice is weak, changed regularly, or uses a combination of symbols and numbers. Its task is to add an extra layer of security/confirmation regardless of your main password.
• OTPs become obsolete in a specified timeframe usually ranging from a 5–20-minute period. This severely limits its potential to fall into fraudulent hands.
• Many Nigerians who need OTPs have mobile devices with basic SMS functions hence it is an ideal and convenient option. 
• To Nigerian financial service providers, OTPs are beneficial as they can help reduce operational costs, offer the option of extra security and convenience while also improving the consumer experience because a huge number of the end-users of the OTP option have a basic understanding of their mobile devices and do not need other devices to enjoy its advantages.

Cons

• One major disadvantage of OTPs is that they could get out of sync. Sometimes, with time-sensitive transactions, OTPs do not deliver on time and leave legitimate users stranded. However, if you are sending your OTPs using HollaTags’ SMS APIs and platforms, we can assure you of instant deliveries. 

Ultimately, dynamic passwords are not only free from the cumbersome password-composition rules, but they also offer a safe and convenient way to complete transactions in the least complicated way possible.