Features Channels Pricing Integrations Security Customers Documentation
Security

Verification infrastructure should be boring.

OTPilot is a delivery and verification layer. It confirms channel ownership and returns a signed result without becoming your auth server.

#

Hash-only OTP

Codes are stored as hashes and never appear in regular platform logs.

🔑

Hash-only API keys

Clients are authenticated without raw tokens stored on the server.

Signed webhooks

Receivers verify the HMAC signature and timestamp before trusting the payload.

Rate limits

Requests are bounded against abuse and code brute force.

Append-only events

Delivery attempts and verification events form a reliable audit trail.

Routing that respects settings

The route considers channel availability, client settings, and user choice.

Boundaries

OTPilot does not decide who gets into the account.

Authentication and authorization are yours. OTPilot only returns the challenge result: approved, failed, or expired.

Boundary
OTPilot owns
Your product owns
Verification
Challenge creation, delivery, check, and event delivery.
What an approved verification permits inside the product.
Channels
Routing among available channels and providers.
Segment policy and user-facing consent flows.
Data
Minimal verification data and retention boundaries.
Full user profile, auth sessions, and business permissions.
Data

Minimal data, verifiable results.

OTPilot stores only what a code check needs, limits the challenge lifetime, signs events, and separates the verification result from your auth decisions.

Data minimization

Only what the challenge and the audit need is stored.

Retention

Event and delivery-log retention follows the client policy.

Signed results

Results and webhooks are verifiable by signature.

Access boundaries

OTPilot confirms the challenge, the access decision stays in your product.

Production

We prepare a security review before production.

For a pilot and a production launch we agree on the boundaries in advance:

  • Data map: what data passes through OTPilot.
  • Retention: how long events, attempts, and delivery logs are stored.
  • Access model: who sees keys, logs, and settings.
  • Webhook signatures: how event origin is verified.
  • Rate limits: how the challenge is protected from brute force.
  • Incident contact: where to write when something goes wrong.
  • Deletion and export: how client data is removed or exported.

Discuss a safe launch.

We will walk through the data model, webhook signatures, retention, rate limits, and responsibility boundaries before production.

Discuss a safe launch