OTP Authentication WhatsApp Template for D2C Brands
When a shopper is mid-checkout, mid-login, or confirming a phone number for your D2C store, a one-time passcode has one job: land instantly and get typed in without friction. This is a ready-to-use, Meta-compliant WhatsApp OTP template built in the Authentication category — with a copy-code button, the right variables, and the approval notes that keep it from getting rejected. Copy it, drop in your brand name and code, and send it through InfiQ once approved.
Variables
{{1}}= 482913{{2}}= Nuvora
Verified business
10:24
Preview · as customers see it
When to send this OTP template
Reach for the Authentication category any time a real, user-initiated action needs a code to continue — never for promotions. For a D2C brand that usually means one of a few precise moments: verifying a new customer's mobile number at first sign-up, logging a returning shopper into their account or order-tracking page, confirming a phone number change, authorising a wallet or store-credit redemption, or a step-up check before editing a saved address or payment method at checkout. The template shines where SMS routinely disappoints — it renders reliably on Android and iOS, avoids the DLT template friction that delays Indian SMS OTPs, and the copy-code button removes the fat-finger errors that kill conversion on a mobile checkout.
- New-account or first-purchase phone verification
- Returning-customer login and order-tracking access
- Step-up verification before changing address, email or payment method
- Wallet, loyalty-points or store-credit redemption
- Guest checkout when you want a verified number for delivery updates
How this template stays compliant and approvable
Authentication templates are the strictest category Meta reviews, and that is a feature, not a bug — the tight format is exactly why they get approved fast and rarely get flagged. Submit it as Authentication, keep the body to the code, its validity window, and a security reminder, and attach a Copy-code button (Meta's zero-tap and one-tap autofill options are also available if your app supports them). Do not add a URL, a marketing line, an offer, an emoji-heavy header, or your logo as a promotional element — any of these push it into Marketing or get it rejected. The {{1}} code variable must carry only the passcode, and the {{2}} brand variable should hold a stable, recognisable business name so the message reads as trustworthy at a glance.
- Category must be Authentication — no promotional content, links or offers
- Body limited to code, validity period and a do-not-share reminder
- Use a Copy-code button (or Meta autofill) so the shopper taps once
- Keep {{2}} as your consistent, verified brand name for trust
Personalising it without breaking the rules
Authentication gives you far less room to personalise than a marketing template, and that is deliberate — but the two variables you have still matter. Populate {{2}} with the exact brand name a customer sees on your storefront and packaging so there is no doubt the code is legitimate; a mismatched or generic sender name is the single biggest reason shoppers hesitate to enter a code. Generate a fresh, high-entropy value for {{1}} on every request, expire it server-side at the validity you state (10 minutes here — say what you mean and enforce it), and never reuse a code across sessions. If you serve customers in multiple languages, submit a Hindi or regional-language variant as a separate template rather than translating on the fly, so each version carries its own approval and renders correctly.
What it costs to send
Since Meta retired per-conversation pricing on 1 July 2025, WhatsApp bills per delivered message by category, and OTPs fall under the Authentication rate — typically the lowest of the three categories in India. The free 24-hour service window is not a billing unit here; each authentication message you send is charged individually, and InfiQ layers its own transparent ₹ pricing on top of that (ex-GST) with no surprise line items. Because OTPs are short, single-message, and high-intent, the cost per successful login or verification is usually a rounding error against the order or account it protects — and cheaper than a comparable transactional SMS route once failed-delivery retries are factored in.
- Billed per delivered message at the Authentication category rate
- Free 24-hour service window is not the billing unit — each OTP is charged
- Transparent ₹ pricing, ex-GST
- One message per code keeps the per-verification cost predictable
Like this template? Send it live in 24 hours.