Inspiration
We were inspired by the massive dependency on SMS OTPs for authentication worldwide. OTPs are costly, unreliable during peak hours, vulnerable to SIM-swap attacks, and create poor user experience. We wanted to build a secure, global, OTP-less alternative that is fast, privacy-friendly, and free of cost.
What it does
ApnaAuth is a worldwide, OTP-less authentication system that enables users to log in using a device-bound, encrypted, tap-based verification flow via trusted platforms like WhatsApp. It eliminates SMS OTPs, reduces OTP costs by 99%, improves security, and enables instant login in seconds
How we built it
We built ApnaAuth using a WhatsApp Business Account–based authentication flow, with a backend developed in PHP and MySQL for secure session management and user data storage. The frontend is built using Bootstrap and JavaScript to deliver a responsive and smooth user experience. Instead of OTP entry, the system verifies real user interaction through WhatsApp, creates an encrypted, device-bound session, and securely redirects users back to the app or website. A lightweight integration flow allows developers to implement ApnaAuth quickly and easily.
Challenges we ran into
Designing an OTP-less flow that is both secure and simple
Handling device binding and encrypted session validation
Ensuring the system works reliably across different countries and networks
Maintaining user privacy while keeping authentication frictionless
Accomplishments that we're proud of
Reduced OTP costs by ~99%
Achieved instant login under 3 seconds
Improved security against OTP theft and SIM-swap attacks
Built a free-of-cost, globally usable authentication solution suitable for startups and enterprises
What we learned
Designing an OTP-less flow that is both secure and simple
Handling device binding and encrypted session validation
Ensuring the system works reliably across different countries and networks
Maintaining user privacy while keeping authentication frictionless
What's next for ApnaAuth
Reduced OTP costs by ~99%
Achieved instant login under 3 seconds
Improved security against OTP theft and SIM-swap attacks
Built a free-of-cost, globally usable authentication solution suitable for startups and enterprises
Log in or sign up for Devpost to join the conversation.