OTP Verification in Android using Broadcast Receivers

Debajyoti Basak

·

Follow

5 min read

·

May 13, 2018

--

Listen

Share

OTP Verification is a easy way in which we can verify mobile numbers while Signing up or Logging in users in our application.

To make this process effortless we can auto read the OTP as soon as it reaches the users inbox.

Prerequisites

• Working with a network library like Volley.
• Basic Knowledge of Broadcast Receivers.
• Basic Knowledge of using interfaces to send data between different components of Android.

Steps to Follow

We will follow the steps below in order:

1. Make a Way2Sms Account
2. Register for a Sms API Key
3. Setting up Android Studio
4. Storing important details in Constants
5. Permissions for Reading and Receiving Sms
6. Generating Random 4 digit OTP
7. Call Sms API to send Sms
8. Create Broadcast Receiver to receive Sms messages
9. Setup Broadcast Receiver in Activity
10. Verify the OTP

Complete Workflow

The below flowchart shows the complete workflow

Now lets start the process.

Make a Way2sms Account

We all know Way2sms from the Pre-Smartphone Era when we had to send Sms to communicate with our friends.

Sms Gateways are not free and thus we will use our way2sms account to send Sms for OTP Verification. Signing up is pretty easy. Just go to http://www.way2sms.com/content/index.html and click Register.

For the next step we would require the account mobile number and password of way2sms.

NOTE: For this post I am using way2sms. However Way2sms is also not always reliable and thus if you want to implement this in production then I would suggest you to opt for a paid Sms Gateway. The prices are minimal and they offer good services.

Register for a Sms API Key

Go to the link below and put your Email Id and Mobile to generate an API Key.

Now we have to append the URL as shown in the image to send Sms.

https://smsapi.engineeringtgr.com/send/?Mobile=XXXXXXXXXX&Password=XXXXXX&Message=XXXXXX&To=XXXXXXXXXX&Key=XXXXXXXXX

• Mobile is your way2sms account mobile.
• Password is the password of way2sms account.
• Message is the message you intend to send. It should be OTP: XXXX
• To is the number to send sms.
• Key is the API Key Generated above.

Setting up Android Studio

Just add the following dependencies in your sample project or your existing project.

implementation 'com.android.volley:volley:1.0.0'

Add internet permissions and permissions to Receive and Read Sms.

<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.RECEIVE_SMS" />
<uses-permission android:name="android.permission.READ_SMS" />

Storing important details in Constants

We will create a Constants File and store all the important string values required in our project.

• SMS_API_URL is the URL of Sms Gateway.
• SMS_API_KEY is the API key we generated here.
• BROADCAST_ACTION is the intent filter action to receive sms.
• WAY2SMS_MOBILE_NUMBER is the way2sms account mobile number.
• WAY2SMS_PASSWORD is the way2sms account password.
• MOBILE_NUMBER is the mobile number to receive OTP.
• MESSAGE is the OTP message which will be appended with generated OTP.

Permissions for Reading and Receiving Sms

In your activity file you have to put the following code for checking Read and Receiving Sms Permissions.

We will be calling the API in the sendSms(generateOTP()) method call.

Generating Random 4 digit OTP

We need to add the following method to generate random 4 digit OTP.

Call Sms API to send Sms

We use volley network library and append the SMS_API_URL with the parameters that we stored previously in the Constants File. Here we pass the generated OTP as a parameter to this method which we pass to verifyOtp method call when we get success response from Sms API.

Create Receiver to receive Sms messages

A PDU is a “protocol data unit”, which is the industry format for an Sms message. We use a Object[] to get the Sms message contents.

We then iterate and extract the senderNum and message from the Sms.

We will check if the senderNum has “WAYSMS” string which denotes the way2sms provider. If you use any other Sms Gateway then you can find out the Sms senderNum format and set it accordingly.

We have to make an interface to help us communicate to our activity when an Sms is received.

Then we use another method getVerificationCode to split the Sms according to “:” delimiters (Remember I told you above that we should have a format for OTP) and extract the 4 digit OTP.

Setup Broadcast Receiver in Activity

We initialize the Sms Receiver in onCreate(). We add a Intent Filter implicitly in the onResume() method and add an action that we stored in Constants file. We then register our Sms Receiver in onResume() and unregister it in onPause().

Verify the OTP

We use the bindListener public method in our Broadcast Receiver to implicitly call the interface in the Broadcast Receiver. As soon as the Sms arrives in your inbox, it checks if it matches with the OTP we generated and sent via the Sms API and finally we show the success method.

You can run the application now and check if it receives the Sms as soon as it arrives in the inbox. If you run into any problems feel free to contact me at d.basak.db@gmail.com

Conclusion

It was a long article so thanks for having patience. Now its time to congratulate yourself. 😃

Refer to the Github repository below for the full project.

Thank you for reading this article. Say thanks by clicking 👏 and share it to help others find this article.