The Termii Blog

Secure your authentication with the Termii Email Token

Rédigé par Cecille Abegunde | 26 oct. 2022 11:26:19

Termii's Token Service (transaction authorization messages), in addition to SMS, Voice and WhatsApp, now supports integrating Email Token for businesses to send and verify one-time passwords (soft tokens) directly.

Take, for example, when a user who is already logged into your application wants to perform a transaction, for 2FA, you want to trigger an added security functionality to authenticate the user, and for this, you want to send Email-OTP to that specific user's mailbox thereby verifying the transaction is done by the same person who uses the application - preventing fraud and the safety of your users. 

At Termii, we've made verifying customers' transactions more seamless, faster, and more accessible with the introduction of the Termii Email-OTP REST API endpoints. Businesses can now directly send and verify one-time passwords (soft tokens) across multiple channels -Email, SMS, Voice and WhatsApp.

The new Email Token allows verification of each transaction, and responses are returned based on the token's validity.

Why Use Email Token?

From time immemorial, customer behaviour has varied from one person to the other, and this disparity also impacts how businesses conduct their operations and satisfy all their customers. Some customers prefer Email OTP to SMS token, to ensure customer satisfaction, it is key for businesses to give their users access to multiple channels.  Termii helps meet this need, businesses can send and authorize tokens using alternate channels Email, SMS, Voice, and WhatsApp.

Above is a sample Email Token Message that can be adopted and customized for your business.

Critical capabilities of Email OTP:

  • Ease of use: The email OTP delivery method is easy to use and convenient because users don't have to download and configure a separate app. OTPs are sent in real-time, and the user typically waits just a few moments to receive them.
  • Low Cost: By leveraging a user's existing email account, OTP delivery methods offer significant cost savings over other options.
  • Highly Secure: The email OTP is more secure than traditional passwords because they are not reusable and, therefore, are not vulnerable to replay attacks.

Email accounts also have different built-in authentication methods to prevent unauthorized access, including Face ID, Touch ID, and login credentials, providing an added security layer. Additionally, because OTP delivery is real-time, unexpected OTP messages can alert users of hacking attempts, allowing them to investigate and take necessary action before it's too late.

Setup Requirements:

The Email token does not impact the existing token service in terms of changes or adjustments; instead, it is an additional tool to aid token delivery via email, as opposed to only SMS, which was available in the past.

For Businesses to use the email token, the following actions must be performed:

  • User Sign Up / Login to Termii account.
  • The user opens the TOKEN section of the dashboard.
  • The user selects Email Setup to configure how OTPs should be sent via email.
  • On the Email OTP configuration pop-up, the user provides the Company name (From name), Company reply email address (the address replies will be sent to), and Company logo.
  • The user submits for approval and, upon approval, can start sending email tokens.

When to use the Termii Email Token:

You probably already know the different use cases for this type of user authentication, but below are the most common use cases where the Email OTP is used:

  • Multi-factor authentication. In addition to asking the customer for their email and password — some systems send a temporary code, making a second verification, to improve security.
  • Passwordless forms. A way of access designed to reduce friction, preventing the customer from having to remember the password. It checks that the user is registered and automatically sends a code to log in.
  • Lead qualification. Email OTPs can also be used to verify users' data outside login processes, for example, to verify the contact details you are storing from users in your database and to check their validity.
  • Coupon campaigns. Temporary codes can also prevent fraud when launching this campaign to ensure that the same person cannot use different accounts to benefit from the same discount.

Termii Email Token is the one-click solution for consumers' fast-paced authentication needs. It helps businesses improve their security posture while providing a better consumer experience. Get started .

Need further help? Schedule a free demo with us today, or send us a direct email to support@termii.com.