10 Ways to Improve OTP Usability



First things first! The jargon used in this article is in the context of Indian product design. However the solutions apply for global products as well.
 

OTP (One time password) mechanism has become a standard authentication method for digital products and services to provide an added security to users.


Some products use the OTP mechanism voluntarily, while some are forced to implement this mechanism in their workflow to comply with government regulations, security protocols and common industry practices.


We must first appreciate that OTP codes have become critical in various facets of product design, from conversions, registrations, onboarding to payments and upgrades. Its critical for product designers to understand how this mechanism could impact user flows, product performance and overall user experience.


Most products take a lackadaisical approach when it comes to this piece of the design and tax users with additional effort, upsetting an otherwise seamless experience of the product or service. Planning this at a system level, could greatly improve the overall user experience, increase your revenue and reduce costs.

Listed below are some usability guidelines (hacks for the uninitiated) that could measurably improve the user experience.

 

Suggested best practices

  1. Chunk 6 or 8 digit numbers in an easy to read/type/share format. Here is an example. An OTP 456787 reads better when it is 45 67 87. A OTP which is sent as 78788676 is difficult for the user to read, remember and use it other devices to complete a task. It is easier to comprehend and recall for a few seconds when displayed as 7878  8678 or 78  78  86  78.  Best formats are - xxx xxx / xx xx xx  /  xxxx xxxx  /  x x x x x x ( x is a number)
  2. Increase OTP validity time within the regulatory framework and in compliance with  local laws. Longer OTP validity times helps the user to complete other parallel tasks and also reduces the burden on systems. (India's Co-Win app's - OTP issue in 2021 was a good example of why we need to have longer validity times) OTP codes and interface session times should be ideally designed and developed to suit the business context. Some critical transactions demand shorter validity times and its understood.
  3. Map the user interface & OTP SMS format. High probability for errors, when the interface shows XX XX XX and the OTP received is in a different format, say XXX XXX.
  4. Avoid alphanumeric codes, unless its form the Pentagon, NASA or ISRO. Avoid three digit codes as users might mix this up with CVV codes in payment based interactions.
  5. Start your SMS text with OTP. These upfront codes can be read via previews when phone is locked or in previews of notifications on desktop or tablets. (Potential privacy and theft issues could be the downside)
  6. Avoid placing any other numeric codes / information right next to the OTP. For example, if you're sending an OTP code and an Order number, side-by-side placement is disturbing for message readers, leading to more entry errors, confusion with users and repeated entries for validation, taxing both users and your infrastructure.
  7. Avoid doubles & triple series in OTPs. Looks fancy, however high probability of errors when users type in the same number in a series.
  8. When codes are delivered via automated voice calls. Use the Recency Effect to your advantage and end with the OTP number on the phone. Talk before! Repeat the code without customer prompts for the second time. There is already a heavy tax on user in terms of cognition and recall.
  9. Email based OTPs could be placed in subject line for faster access without opening the email (Potential theft issues, if this code is seen by others in notifications on phones, tablets and desktops)
  10. Use the SMS / Email opportunity for subtle branding or promotions, occasionally. They are perpetual forms of communication, until erased on devices and can be retrieved in searches.

Business benefits

  1. Lower human errors due to easier cognitive & memory processing of chunked numbers. Excessive errors could tax both the system and user. This could lead to exits and bad experience, leading to lower engagement and user spends.
  2. Reduced load on SMS systems, validation services and other tech stuff that is enabling this experience. Even a single second matters when you're building products at scale for millions of users.
  3. Right syntax will help user to finish the task faster in turn reducing drop offs / exits on registration, checkouts and payment transactions and contributing to the revenue.
  4. Faster task completion times lead to better user experience and brand connect.
  5. Effortless task completion could help people with disabilities and elderly people to choose your product, engage more frequently and become the go-to choice when there is competition in the picture.

Hope these best practices help you design a cool experience, both on screen and off screen.