Security

Verification infrastructure should be boring in the best way.

OTPilot is scoped as a verification delivery layer. It confirms channel ownership and sends signed results back to your product without becoming your auth authority.

OTP hash only

Codes are stored as hashes and should never appear in normal logs.

API key hash only

Customer API keys are authenticated without storing raw tokens.

Signed webhooks

Webhook receivers can verify event authenticity before trusting the payload.

Rate limits

Requests are bounded to reduce abuse and brute-force verification attempts.

Append-only events

Delivery attempts and verification events create a reliable audit trail.

Policy routing

Channel choice respects country, segment and client constraints before optimization.

OTPilot does not decide login.

The customer product owns authentication and authorization. OTPilot only returns whether the verification challenge was approved, failed or expired.

Boundary
OTPilot owns
Customer owns
Verification
Challenge creation, delivery, check and event delivery.
What an approved verification permits inside the product.
Channels
Routing among allowed delivery channels and providers.
Segment policy, legal review and user-facing consent flows.
Data
Minimum required verification data and retention boundaries.
Full user profile, auth sessions and business permissions.

Need enterprise review?

Use the security model as the start of a DPA, data retention and channel legality discussion before production rollout.

Discuss pilot