Hello HN,<p>Is there any standard design practice/pattern for mobile phone verification using One Time Pass-code (OTP) ?<p>Practical efforts to understand existing systems indicate that most of them use similar design.
( Oddly enough, I've not been able to find any such standards specifying the same)<p>Just to mention a few cases
1. Is there any standard specifying the exponential/sequential increase in time delay for handling resend requests ?
2. What is the recommended expiry time for a newly generated OTP ?<p>Do pull in any resources that you think might point to the same. Thanks!