In an earlier post, I had mentioned about an RBI guideline about enforcing an additional password validation step for Credit-Card Transactions, done over Mobile/IVR Systems. This is now being called as IVR 3D Secure OTP (One Time Password). Here are the other relevant details regarding IVR 3D Secure OTP (One Time Password), which helps you secure your Mobile/IVR Transactions.
Q : What is OTP ?
Ans : An OTP (One Time Password) is a 6-digit numeric key to make your IVR/Mobile payments more secure.
Q : Is the OTP mandatory ??
Ans : Yes, RBI has made OTP mandatory for the successful completion of any credit-card transaction, done over Tele-Shopping/Mobile/IVR.
Q : How do I generate the OTP ??
Ans : You need to send a specific SMS to a bank’s designated number. Here are the numbers and message, that you need to be in SMS, for some of the popular banks.
- ICICI SMS ‘IOTP XXXX XXXX XXXX XXXX’ to 5676766, where XXXX XXXX XXXX XXXX is your 16 digit card number.
- HDFC SMS ‘PWD XXXX’ to 9717465555, where XXXX are the last 4 digits of your credit card.
- Citibank SMS ‘OTP XXXX’ to 52484 or 9880752484, where XXXX are the last 4 digits of your credit card.
- SBI SMS ‘OTP XXXX’ to 5676791, where XXXX are the last 4 digits of your credit card.
- AXIS Every time you initiate an IVR-based transaction, the bank will automatically send you a one time password.
Q : I had generated the OTP, but forgot my mobile at home, how do I get my OTP ??
Ans : Apart from your mobile number, OTP is also sent to the registered email address. So if you can get hold of your email account, you can get your OTP.
Q : I forgot to generate an OTP, but I have to complete an urgent transaction, I am half way through, how do I get my OTP and complete my transaction ??
Ans : You can immediately call up customer service to request for your IVR OTP and an OTP will be triggered to your registered mobile number and email ID, while the transaction is in process.
Q: Is there any validity period for the IVR 3D Secure OTP?
Ans : IVR 3D Secure OTP is valid only for a period of 2 hours from the time of its generation(Some banks are allowing 12 hours limit, check with your bank, how much they offer). If not used within this period, it would get expired and a new IVR 3D Secure OTP has to be generated.
Q : Can I use the same OTP for performing more than one transactions?
Ans : No, You can’t. Each OTP can be used only once.
Q : Will this affect my online password and transactions?
Ans : No, it won’t. This OTP is only for IVR or mobile based payments – the payments made through a call center. Online transactions will continue to function as they currently do.
Update : As lot of banks were not yet ready, Implementation of additional password for Tele-Shopping/ Mobile/IVR(Interactive Voice Response) Transactions has now been revised to 1st Feb 2011. So existing process will continue till 31st Jan 2011.