OTP/MPA for security

Question

question

NewUser-08f21af4-cd4c-424c-80a1-099e5c0be9cd asked · May 05, 2019 at 04:55 AM

OTP/MPA for security

Hello,

I wanted to ask whether there is a way to have some sort of additional layer of security for some skills? Lets say there is such a scenario:

We are authenticated and our information is stored in DB
To access some of it, we need to once again validate user
Generate a code that user has to match
Send an email/SMS with the said code
User says the code and gets to the information for a period of time the code is valid or until next session

Would something like that be possible? I would try implementing something similar in .NET Core as I have seen SES .NET commands, perhaps that is the correct way to proceed.

Many thanks

alexa skills kit alexa alexa prize

0

10 |2000 characters needed characters left characters exceeded

Attachments: Up to 2 attachments (including images) can be used with a maximum of 524.3 kB each and 1.0 MB total.

2 Answers

Answer 1 · 2020-10-07T06:30:40Z

Vipul answered · Oct 07, 2020 at 06:30 AM

I do have a similar situation, where the skill sends an OTP to a user's email/phone and then user enters it in his/her next command to Alexa. The skill verifies the OTP and then provides the information. This process is working fine but I am stuck in the skill certification process. The Alexa certification team needs a way to test this functionality but since they are not registered in the backend system, the skill doesn't have a email/phone number to send the OTP to. How can I handle this scenario? any suggestion is much appreciated. Thanks.

0 · Show 1 · Share

10 |2000 characters needed characters left characters exceeded

Attachments: Up to 2 attachments (including images) can be used with a maximum of 524.3 kB each and 1.0 MB total.

Anand@Amazon ♦ · Oct 08, 2020 at 07:44 AM

Hi @Vipul

Is it possible for you to generate static OTP which you can share with certification team to test out skill functionality?

0 · Share ·

Answer 2 · 2019-05-20T10:21:40Z

Anand@Amazon answered · May 20, 2019 at 10:21 AM

Hi there,

Sorry for late response.

Once user validated with account linking there is no way to re-validate user again. Alexa session open only for 8 seconds and not enough to send OTP to users.

0 · Share

10 |2000 characters needed characters left characters exceeded

Attachments: Up to 2 attachments (including images) can be used with a maximum of 524.3 kB each and 1.0 MB total.

OTP/MPA for security

question details

Related Questions