Challenge Overview

Users often share OTPs with fraudsters due to social engineering. Static warning messages have become ineffective because users ignore them.

Challenge Objective

Design a dynamic OTP warning system that adjusts alert intensity based on risk context.

Problem Scope

Focus specifically on OTP warning experience during authentication.

Key Issues

• OTP warnings are static across scenarios.
• Users become habituated to repetitive warnings.
• Fraudsters exploit predictable authentication flows.

Guiding Questions

• When should stronger OTP warnings appear?
• How can warnings adapt to risky authentication scenarios?
• How can warnings remain effective without overwhelming users?

What Teams Should Design and Build

A system that:

• detects risky authentication contexts
• triggers contextual OTP warnings

Solutions May Include

• risk-based warning UI