As a verification channel, WhatsApp shares the same advantages as SMS and is not affected by local carrier infrastructure. This means that WhatsApp messages can be received in areas where Wi-Fi is available but cellular signals are weak or non-existent. Additionally, WhatsApp is generally faster than SMS and provides extra security with end-to-end encryption.
1. Cost Reduction
In many countries, WhatsApp is cheaper than SMS and does not charge for undelivered messages. Therefore, in countries and regions with high WhatsApp coverage, such as India, Indonesia, and South America, we recommend using WhatsApp as the preferred verification channel. It can increase your overall verification conversion rate while being more cost-effective.
2. Secure and Reliable
WhatsApp also offers additional security benefits: every WhatsApp user can be identified by the unique phone number provided when creating their account. At the same time, WhatsApp uses its own set of powerful anti-fraud tools to verify these phone numbers. This means that you are partially outsourcing identity verification to WhatsApp, directly benefiting from a robust security system.
Click below to view the detailed guidance.
Create a WhatsApp Business API Account | Help Center
WhatsApp provides fixed templates for authentication messages:
Preset fixed text for authentication message templates:
Validity period: Customize the actual validity period of this code. If the message is not delivered within this period, it will be withdrawn, and you will not be charged, nor will your customer see the message.
Copy code button or Zero-tap button
The text does not support URLs, media, or emojis. Authentication templates containing a one-time password button consist only of preset text and a button, so the risk of such templates being suspended is greatly reduced.

Select Category "Authentication", and name the template and select the template language

Page for naming the template, selecting the template type, and template language
Choose the sending method:
Choosing different sending methods here will result in variations in the interface buttons and usage methods that the user receives. Overall, zero-click verification codes offer the best user experience, making them the preferred solution. However, this button is currently only supported on Android devices outside of India, and implementing such a button requires changes to your app's code to perform a "handshake." Additionally, the app's signing key hash needs to be modified. A specific comparison is as follows:

It is recommended to set a custom validity period, allowing you to choose between 1-10 minutes as the message's validity period. Once set, your authentication message must be delivered within this timeframe. If the message is not delivered to the user's device within this period, it will be withdrawn, you will not be charged, and your customer will not see the message. If you do not set a custom validity period, the standard WhatsApp message validity period (24 hours) will apply. This means you might incur additional charges for invalid messages sent after the timeout.

Click Submit Template

Next, you can send OTP messages through API
Click to view API Docs
API request reference: WhatsApp Messaging Examples
1.Configure the Callback URL
Click Developers > Webhooks ,then configure Webhooks。
Create a Webhook endpoint and enter the callback URL. Notifications regarding the status of the message will be sent to your Webhook callback.

2.Monitor OTP Messages Status
For each message you send, notifications regarding the status of the message will be sent to your Webhook callback. You can determine whether your verification code was successfully sent based on the feedback received.

1.Front-End Interface Design
Using WhatsApp to send OTP is a new method. To ensure that your users have an optimal experience during the verification code process, we offer some UI design suggestions:

2.Check if the user has WhatsApp installed.
To improve user experience and default to using WhatsApp, you can implement a check to determine if the user has the WhatsApp application installed on the same device running your app. If WhatsApp is detected, you can proceed to submit the WhatsApp verification code. If it is not detected, you can switch to sending the OTP via SMS.
For detecting whether the app is installed, you can refer to:
IOS: https://developer.apple.com/documentation/uikit/uiapplication/1622952-canopenurl
Android: https://code.luasoftware.com/tutorials/android/android-check-if-app-installed
Here is an example implementation for detecting WhatsApp on Android:
fun PackageManager.isPackageInstalled(packageName: String): Boolean {
return try {
getPackageInfo(packageName, PackageManager.GET_ACTIVITIES)
true
} catch (e: NameNotFoundException) {
false
}
}
fun isWhatsAppInstalled : Boolean() {
val whatsAppPackageName = "com.whatsapp"
val whatsAppBusinessPackageName = "com.whatsapp.w4b"
return getPackageManager().isPackageInstalled(whatsAppPackageName) || getPackageManager().isPackageInstalled(whatsAppBusinessPackageName)
}
3.Set Up an Auto-Resend Policy
Generally, auto-resend policies fall into two categories:
1. Immediate SMS Resend for Failure (Highly Recommended)
Failed: Indicates that the WhatsApp message submission has failed. If the receipt shows a failure, immediately resend the OTP via SMS to ensure a smooth customer experience.
2. SMS Resend for Delayed Delivery Status (Optional)
We recommend designing a strategy for handling timeouts when the delivery status is not received. For instance, set a timeout period: if the WhatsApp OTP message is successfully submitted (sent) but the delivery status update is not received within the timeout period, automatically resend the same OTP via SMS. We suggest a timeout period ranging from 15 to 60 seconds, depending on how you balance cost and customer experience.
In addition to the commonly used method of businesses proactively sending verification codes, there is a special inbound verification method where user verification is completed through users actively sending inbound messages. This method is similar to the third-party login experience on WeChat. The advantages of this method include:
Lower Costs: For example, in Indonesia, conversations initiated by users are charged at a rate that is at least one-third cheaper than those initiated by businesses.
24-Hour Free Interaction Window: Since the conversation is initiated by the user, it provides a 24-hour free interaction window. During this period, businesses can send marketing or notification messages to the customer without incurring additional costs.
Below is a case study of the Shopee app in Southeast Asia: 👇