Why It Matters Friction Reduction amp User expectation Feedb People Against Passwords #ask-a-descoper

Why It Matters: - [Friction Reduction & User e...

thousands-alarm-31103

06/05/2023, 3:42 PM

Why It Matters: • [Friction Reduction & User expectation] Feedback in early UX testing of our members app shows that there is an expectation that the OTP code will inject when it arrives

thousands-alarm-31103

06/05/2023, 3:44 PM

Here is an example from American Express

faint-musician-4508

06/05/2023, 3:45 PM

@great-diamond-35515 Can you please help?

thousands-alarm-31103

06/05/2023, 3:46 PM

We are using your flows rather than building our own and calling the APIs, so I am not sure how this impacts our ability to do this.

faint-musician-4508

06/05/2023, 3:48 PM

I get it now. Let me chat internally... I am not sure how this plays with flows.

thousands-alarm-31103

06/05/2023, 3:48 PM

Thanks Rishi

great-diamond-35515

06/05/2023, 4:03 PM

Hi Laura, I may lack some knowledge so apologies if the questions are trivial 😄 by OTP Security code injection from text message, do you mean the phone auto-filling the code from text in this case? or something else perhaps?

thousands-alarm-31103

06/05/2023, 4:04 PM

That’s correct

thousands-alarm-31103

06/05/2023, 4:04 PM

Currently we have the descope flows presented in a next.js web app.

great-diamond-35515

06/05/2023, 4:08 PM

gotcha, the auto-fill /autocomplete for SMS is a browser feature, and can be applied regardless the metaf-ramework (next/react/angular/vanilla/etc) it should work also in Descope flows one small note is that unfortunately - it is not working well in Safari browser there is an open issue in Apple developer forum that we are tracking to solve this https://developer.apple.com/forums/thread/724620 if there are any more gaps - I would love to hear 🙂

thousands-alarm-31103

06/05/2023, 4:11 PM

interesting.

thousands-alarm-31103

06/05/2023, 4:11 PM

The video I provided is in safari, showing this working for Amex yesterday.

thousands-alarm-31103

06/05/2023, 4:11 PM

Is there something we need to be doing in our add code to trigger the autofill

thousands-alarm-31103

06/05/2023, 4:12 PM

Because in tests with chrome we are not seeing the auto fill behavior.

faint-musician-4508

06/05/2023, 4:12 PM

@thousands-alarm-31103 Let us get back to you. I think this might be how we handle flows inside browser.

thousands-alarm-31103

06/05/2023, 4:12 PM

That works. Thank you 🙂

thousands-alarm-31103

06/08/2023, 5:05 PM

Following up —

thousands-alarm-31103

06/08/2023, 5:20 PM

It looks like the flow widget would need to have a parameter for autocomplete and then the flows dashboard would need to make that a config option. Solution looking something like: • Enable autofill: Web developers can enable autofill functionality by setting the

autocomplete

attribute of the input field to “one-time-code” or “one-time-password”. • Code autofill: When the input field has the “autocomplete” attribute set to “one-time-code” or “one-time-password”, modern browsers (such as Chrome, Firefox, Safari) may offer to autofill the code from the received SMS. The autofill feature typically triggers when the input field’s

name

id

, or

label

matches certain patterns or keywords. • JavaScript validation: To ensure the security and integrity of the code, web developers should implement JavaScript validation on the entered code. This validation can include length checks, format verification, and server-side verification to confirm the correctness of the code.

thousands-alarm-31103

06/08/2023, 5:21 PM

I’m happy to file a feature request focused on the functionality (not solution) if we need me to.

Open in Slack

Previous Next