Banks and Telecoms Move Beyond OTP with New Silent Authentication System to Curb Fraud
Private banks and telecom operators are testing a background verification mechanism that could replace OTPs for digital transactions, aiming to enhance security and prevent unauthorized access efficiently
The era of one-time passwords may soon be coming to an end as major private banks and telecom operators explore a new silent authentication system. Unlike traditional OTP methods, this system performs verification in the background, checking whether the mobile number linked to a banking app matches the active SIM on the device. Any mismatch can immediately flag or block a transaction, significantly reducing the risk of fraud.
Industry insiders suggest that this mechanism will also extend to eSIM environments, helping prevent threats such as SIM cloning and unauthorized eSIM swaps, which are commonly exploited to intercept OTPs. Acting as an additional security layer, silent authentication could make digital transactions much safer for consumers.
Alongside this, telecom companies are reviewing how OTPs are delivered, moving away from traditional SMS and exploring in-app OTP delivery. SMS-based authentication is considered more vulnerable to interception, making app-based methods a more secure alternative.
Banks, meanwhile, are adopting complementary verification techniques. These include Aadhaar-based facial recognition and in-app OTP generation within mobile banking applications. All these changes align with the Reserve Bank of Indiaβs two-factor authentication guidelines, which have been in effect since April 1.
The new framework emphasizes two separate verification factors for every digital payment. These can include something the user knows, like a password or PIN, something the user possesses, like an OTP or app token, or something inherent to the user, like biometrics. While SMS OTP is not being completely phased out, financial institutions are being encouraged to implement safer, modern alternatives.
Experts believe this evolution could also pave the way for third-party platforms like WhatsApp to handle transactional OTPs securely. Currently, nearly 10 billion OTP messages are sent every month, representing a significant share of the overall messaging ecosystem. This shift could redefine how digital security and verification are handled in India.
