Logo
  • Overview
  • Consent
  • Authenticate
  • Authorise
  • Consent Management
  • Notifications
Consumer Experience (CX) Guidelines

03. One Time Password

Checklist ref

2AU.03.08

Area
2AU. Authenticate
Wireframe ref

08

Type
Technical Standard
Requirement level
MUST
Participant
Data Holder
Statement

The provided OTP MUST be invalidated after a period of time at the discretion of the Data Holder. This expiry period SHOULD facilitate enough time for the customer to reasonably complete the authorisation process.

Reference

Security Profile: Authentication Flows | CX Research 12, 27

Example

Authenticate: Redirect with One Time Password

Version introduced
1.4.0 or earlier
Date introduced

12 August 2020 or earlier

Date modified

25 February 2022

Status
Active
Data Standards Body | CX Guidelines

CX Guidelines

Overview

Consent

Authenticate

Authorise

Consent Management

Notifications

Keep in touch

DSB Newsletter

Website use

Accessibility Statement

Copyright

Privacy

Disclaimer

In the spirit of reconciliation, the Data Standards Body acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their Elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples.