Set up an additional layer of protection through OTP authentication for your customers’ transactions in the bot builder. You can configure OTP as a service that can authenticate users and will act as a validation mechanism for certain actions in the bot flow. 


For example, in a typical e-commerce company, customers will contact support for checking the status of their order, cancel an order, etc. An OTP authentication can be set up in the bot flow to make sure these transactions are done securely.


A quick guide to setting up OTP in the bot builder:

  • Login to your Freshchat account and go to Bots

  • Click on the chatbot for which you want to set up OTP

  • Go to the Settings tab, and click on ‘Authentication’

  • Toggle ‘OTP’ ON, and you will see a list of configuration options

  • Choose the OTP channel as SMS or Email

  • Set the Retry and Resend limits (Maximum is 5)

    • Retry limit - The maximum no. of times a user can try to re-enter the OTP

    • Resend limit - The maximum no. of times a user can request an OTP

  • Choose a Fallback option for the user to go to in case the authentication fails 

    • For eg, you can take the user to the ‘My Orders’ page if the OTP fails while they are trying to cancel an order 

  • Set your Business name - this is the name that will be displayed when the user receives an OTP via SMS or Email

  • Click Save



You can now start using the configured OTP authentication in your bot flows.


Setting up OTP in bot flows

Refer to this article to understand how to create bot flows based on conditions.


Once you have configured OTP under Settings, it will be available as an option when you’re setting up your bot flows. You can simply choose OTP from the ‘Get Response’ dropdown to trigger it when your customers interact with that flow.



Let’s say you want to trigger an OTP when the customer says ‘I want to cancel my order’. Before displaying the order details, you can have the bot trigger an OTP to confirm the customer's identity. 


Note:
1. A default system generated dialog will be sent to the customer to fetch their email ID/phone number when they try to generate OTP for the first time with the bot

2. The Response Type for OTP dialog cannot be made Private

3. Conditions cannot be added to the dialog that has OTP as Response Type

4. The country code drop down is not available in the Freshchat widget, so customers have to enter the country code when they input their phone number to receive OTP