OTP Authentication WhatsApp Template for Ecommerce
Every login, checkout, password reset, and COD verification on an ecommerce store hinges on one thing: the customer actually receiving their one-time passcode. SMS OTPs get buried under promotional junk, throttled by operators, and delayed at exactly the wrong moment — the payment page. This is a ready-to-use, Meta-compliant WhatsApp OTP authentication template built specifically for Indian ecommerce flows. It ships in the correct Authentication category with a secure copy-code button, so shoppers tap once instead of squinting at a six-digit number. Copy it, set your two variables, submit for approval, and start delivering codes on WhatsApp — usually the same day.
Variables
{{1}}= 729184{{2}}= Kiraana
Verified business
10:24
Preview · as customers see it
When to use this template
Reach for this OTP template at any moment your store needs to prove the person on the other end is really your customer. It is the right fit for account sign-in and sign-up, first-time device verification, password and PIN resets, changing a saved delivery address or payment method, and — critically for Indian ecommerce — confirming a cash-on-delivery order before you dispatch. Because it sits in the Authentication category, it is reserved strictly for these action-triggered, security codes; it is not a channel for offers, order updates, or nudges. If you also need to confirm the order itself or recover an abandoned cart, use the utility and marketing siblings linked below rather than bending this template to do double duty.
- Account login and new-account signup verification
- Password, PIN, or 2FA reset flows
- Verifying a new device, phone number, or email
- Authorising a change to address, UPI, or card on file
- COD order confirmation before dispatch
Why WhatsApp beats SMS for OTPs
On WhatsApp, an OTP lands in a conversation the customer already trusts, with a verified green-tick sender name instead of an anonymous alphanumeric header. Read rates are dramatically higher than SMS, and the delivery path does not fight for space against the flood of promotional messages that get OTP texts delayed or filtered. The copy-code button removes the single most error-prone step — manually retyping digits — which cuts failed verification attempts and the support tickets that follow. For stores serving customers on patchy networks or in regions where SMS deliverability is inconsistent, that difference shows up directly in completed logins and completed checkouts.
- Verified business sender name, not an anonymous SMS header
- One-tap copy-code button eliminates retyping errors
- Higher read and delivery rates than promotional-clogged SMS
- Fewer failed-verification support tickets
Personalisation and the two variables
Keep this template deliberately lean — Authentication templates are meant to be predictable. It uses exactly two variables: {{1}} carries the one-time code your system generates at request time, and {{2}} carries your brand or store name so the message reads as a genuine 1:1 security notice rather than a generic system blast. Repeating the brand in the security warning line ('not even a Kiraana representative') is a small anti-phishing touch that also reinforces recognition. Do not add the customer's name, order number, or product details here; those belong in utility and marketing templates. The strength of an OTP template is that it says only what it must, which is exactly what Meta's Authentication rules require.
Getting it approved (Authentication-specific tips)
Submit this under the Authentication category, not Utility or Marketing — miscategorising it is the most common reason an OTP template is rejected. Use the standard fixed-format OTP structure with a copy-code button and no marketing language, no links to your storefront, and no promotional add-ons. Keep the validity window and the 'do not share' security line intact; reviewers expect them. Approval for well-formed Authentication templates is typically fast, often within a day. If you edit the wording later, the template re-enters review, so lock the copy before you build it into your login and checkout code. InfiQ's template manager flags category and formatting issues before you submit, which keeps rejection loops short.
- Category must be Authentication — never Utility or Marketing
- Use the fixed OTP format with a copy-code button
- No links, offers, or promotional wording in the body
- Re-submit after any edit; approvals are usually same-day
What it costs to send
Since Meta moved off per-conversation pricing on 1 July 2025, WhatsApp bills per delivered message by category — and Authentication messages sit in their own, distinct rate. The 24-hour window that opens when a customer messages you is a free service window for support replies, not a billing unit, so it does not change what a proactive OTP costs. With InfiQ you pay transparent ₹ pricing (ex-GST), so the per-code cost is easy to forecast against your monthly login, reset, and COD-verification volume. Use the cost tools linked below to slide your expected volume and see the monthly figure before you commit.
Like this template? Send it live in 24 hours.