We'd like to understand what % of users prefer to use phone number OTP for login & what % of users would straight up bounce / refuse to login if phone number was the only option.<p>Are there any particular resources you'd recommend for researching such consumer preferences?
There are very few sites I would even remotely trust to give my number to. For starters, sites get hacked all the time and sim-swappers use this information to decide what numbers to steal assuming the site has something that converts to real currency or provides some additional information that can be used to access financial data or providers the attacker with a way to anonymize further crimes. This is partially the fault of the passive-aggressive lazy wireless industry and legislation around portable numbers.<p>If it's a brick and mortar business that is local to me and I can walk in if there is an issue with my phone then I might consider it. Even then I disable web access to anything financial if it's an option with that business. The local grocery store for example has my Skype-In number and that forwards to my cell. There are a limited number of businesses that will send SMS to Skype however since it is VoIP and is rife with abuse. I am less concerned with attackers learning my Skype number.<p>So if your business officially supported sending SMS to a VoIP number and officially stated that so I did not have to be worried some day your business would cut me off when it decided to not support Skype-In then I would probably use it. If an actual cell is required I would not likely participate but I am a bit jaded after seeing everything that can and will go wrong on the internet. I will not install a websites application on my phone.
Depends on your level of service. Government? No problem, they've got it a dozen times already. Private industry....your pushing it. My security > your need for my number. If you require it for signup and your product/service isn't directly related to phones/calling/using that number for something then my alarm bells be ringing. 11/10 assume your just going to sell it or lose it in some data breach to spam calling tele marketers.
You'll need to be more explicit about what you think "Phone OTP" is and what you think "refuse" means.<p>Phone as in, "the OTP requires a cell phone with yet another buggy authenticatoin app"? Or phone as in "can support SMS"? Or phone as in "phone must support touch-tone"? Phone as in "the user must be able to hear and speak?"<p>"Refuse" as in, "I'm in the unpopulated area of Washington state and I have no phone signal"? Or refuse as in "I'm not using my personal device for work"? Or rfuse as in "I don't use smart phones because I want to live in the moment"?
I think you'll find wildly different answers, but the audience here might tend to be a bit distrustful of providing phone numbers to companies they've never heard of on the first date.<p>That said, if you want some type of one time "verification" of some identity, why not offer both phone and email options for login? Send either a 6 character code to phone or email: the user's choice.