← Back to Conversation Design

Level 2 Authentication (OTP)

A dynamic Multi-Factor Authentication (MFA) flow leveraging one piece of static knowledge and a real-time, system-generated One-Time Password (OTP). Below is the blueprint for handling the unpredictable variables of network latency and SMS delivery.

User Experience & Consent

Consent First

Ensure the user is ready to receive and read a message before triggering the API call.

The Gentle Nudge

Offer alternative, limited-access paths if the user does not have their phone handy.

Consistent Persona

Project competence and patience while the user navigates between the call and their messaging app.

Resilience & Analytics

OTP Friction Handling

Anticipate delivery delays. Reassure users that network latency is normal before blindly resending the code, as every SMS transaction carries a financial cost.

Retry Logic

Provide a clear, controlled mechanism to request a new OTP if the original expires or fails to arrive.

Exit Point Mapping

Clearly distinguish between users who abandoned the flow due to an incorrect ID versus those who failed at the OTP step.

High-level design Level 2 (OTP) Auth
Level 2 OTP Auth High Level Design
Example implementation: Employee ID & OTP Employee Validation

Verifying the user's ID before dispatching a dynamic passcode to their registered mobile device.

Level 2 OTP Auth Voiceflow Canvas