For example, if the authentication message delivery takes longer than normal — and the customer requests a resend — the OTP stays the same no matter which message/call arrives first. Through our 2FA API, you are able to define how long an OTP stays active (five minutes by default, though you can extend it to 10 minutes). You also have the option to choose a different delivery channel for the retry attempt, e.g. text-to-speech.
View our Technical Documentation to learn more.