General Description
OTP which means one time password is one of the available methods used to validate or sign a mandate in SPS Signature. The principle is that the customer enters this code into SPS signature page to prove his identity and to authenticate transactions, and if the OTP code entered is correct, the customer will be granted access.This code provides an extra layer of online security
beyond a simple username and password authentication.
The OTP is sent to the debtor by SPS notification module, using an SMS or EMAIL. When the OTP is generated, it is stored in the signature session. The OTP is a numeric 4 digit code contained in a default or customized message (see personalization further in this document). The code generated is only valid for a short period of time (i.e. 5 minutes).
Process tracker - step 2
This section of the page offers the user a view of the signature process.
Each part is highlighted during the presence of the user on that step.
Figure 9: Signature process tracker - step 2
SEPA Mandate Warning Message
igure 10: SEPA Mandate Warning Message - step 2
This section gives the end client the warning to correct the bank details information and also to verify your mandate.
PDF of the mandate
This section will contain the customer information in the pdf format such as debtor name, postal code, country, city, email/phone number. Bank account Information such as BIC, IBAN. Creditor information such as name and location.
Figure 11: PDF of mandate – step 2
Email Agreement - Code, Legal Checkbox
Figure 12: Expression of consent - step 2
This section provides the customer with the 4-digit OTP Code that they will
receive via Email.
By clicking on the checkbox they will acknowledge by signing the mandate and
validating the certificate.
OTU certificate Validation
In the case of OTU signature (refer to Introduction for more words about OTU) during the second step of the signature, the page section below is displayed. It displays the details of the certificate that will be used to sign the pdf mandate.
It is a onetime use certificate generated by the AC OTU service of Worldline. It contains the signer and creditor information (in the DN part) and fulfills the role of legal proof. This section also contains a link to explanations about this certificate.
Figure 6: OTU Certificate info
FAQ section
Figure 13: FAQ - step 2
This section covers frequently asked questions and gives advice to the end client for what he has to do in both cases.
In the first case if you have not received email then the customer needs to check junk folder.
In the second case if you have not received email within 1 or 2 mins the customer needs to request for another OTP by clicking on
Actions
There are various actions performed for signing the mandate form.
Modify Information
This section will let the customer modify the changes required to do in Step1 such as changing of fields like name, phone number, email, street number, street name, postal code, city, country and IBAN. After you click on
Figure 14: Modified Information - step 2
The customer will see the modified Debtor Information and Bank Account Information.
Download Mandate
Download mandate will download the mandate in pdf format. This pdf will contain the debtor information, bank account information and mandate information along with the signature.
Cancel
This button will actually ask the customer if they want to abort the process of signing the mandate. They will receive 2 options, if they click on yes, they will be redirected to the home page. If they click on No, they will stay on the same page and continue their process of signing the mandate.
Send a new confirmation code
This section is used when the maximum chances of entering correct OTP are used or when the OTP has been expired.
Sign the SEPA Mandate
This section makes you sign the mandate and by acknowledging it with correct debtor information, bank account information and mandate information.
Validations
OTP Code
Figure 15: OTP Checkbox unchecked for Signing the mandate - step 2
Figure 16: OTP entered doesn’t match the format for Signing the mandate - step 2
Send a new confirmation code
Figure 17: OTP entered is incorrect for Signing the mandate - step 2
The maximum number of chances to enter correct OTP is 3. If all the attempts of entering correct OTP are used they will get the message below.
Figure 18: OTP attempts utilized for signing the mandate - step 2
Figure 19: OTP expired after 5 mins for signing the mandate - step 2
The OTP is valid for 5mins, after which it will expire and they will have to request for a new OTP by clicking on