How Does Magento 2 Mobile OTP Login Works?

The extension allows customers to register, log in, or checkout by verifying a one-time password sent to a valid mobile number or email address.

Magento 2 OTP login provides strong authentication and prevents identity scams in your store. It lets users register, log in, or checkout only after verifying the One-Time Password (OTP) sent to their registered mobile number/email address. You can set the OTP expiry time, draft the email text, and exclude customers from specific countries. 

          The conventional way of user authentication in which users enter their username and a saved password to enter into the system is prone to security breaches. Online identity theft using phishing and other practices is common. In OTP, the username stays the same while the password changes with each login. This technique makes sure that a username and password pair can be used only once, providing much better protection.

  • Apply OTP on user registration
  • Enable mobile and/or email OTP on the login
  • OTP validation for cash on delivery
  • Send OTP on number update
  • Apply to all or specific countries
  • Powered by Firebase gateway
  • Set OTP expiry time
  • Create a custom email template
  • Customize the OTP button


Verification of OTP on registration is required

It is convenient to verify customers using conventional methods, but it is not secure. Two-factor authentication provides greater security. An account creation code is sent to a user's mobile phone when he or she creates an account on your store. The account must be verified by the user.

Magento 2 OTP authentication provides an additional layer of security to your store by ensuring only genuine customers can create accounts and access your store.

Sign in with your mobile phone number or email address

With the Magento 2 mobile login extension, store owners are able to send the login code via e-mail or mobile device to their registered customers. The user may then log into their account following verification of the login code. A mobile or email address must be provided at the time of account registration.

Make sure the OTP is valid for cash on delivery

The only customers who should be allowed to proceed with the checkout are verified customers in order to prevent failed deliveries. For Cash on Delivery (COD) payment methods, you can enable mobile OTP in order to verify the mobile number and contact the customer in order to arrange what to do with the delivery.

Enable OTP when updating a number

In order to gain access to the system, customers have to verify their new mobile number in order to update their registered mobile number. In this way, the extension keeps users from engaging in any fraudulent activity.

OTP Authentication by Country

Only customers from specific countries can be offered to specific countries to enable phone authentication for countries where you fear receiving fake registrations or orders while excluding other countries. Just select the countries you want to include in the verification list.

Powerful SMS gateway powered by Firebase

For customers to update their registered mobile number, they must verify their new mobile number before gaining access to the system. You can choose details such as the API Key, the Authentication Domain, the Project ID, etc.

Set the expiration time for OTPs

The time-based one-time password requires that customers use the code within a specified period of time. You may choose to set a specific expiration period. After the expiration time has elapsed, the code will no longer work, and the user will need to request a new OTP. In the event that the first code has not been used within a specified period, Firebase will send the same code. Once the first OTP has expired, a new code will be sent.