We are working on a from that will use a look-up file to pre-populate the fields. The form is used by anonymous users only and there is some concern about privacy issues if we were to populate the form with personal data based only on a registration number.
Is there any way that we can trigger an email to be sent to the email address they enter in the form (without submitting or saving the form) so we can send them a code to enter into the form to continue?
Or can anyone thing of any other ways to deal with this?
(I know this would probably work with collaboration, but that seems a bit over the top for what is a pretty simple form.)
This is quite a common scenario, where we need to send a One-Time-Password to a customer to verify their identity. Typically, we would send this using a Dynamic Data Service, which stores the temporary token (possibly with an expiry time) against the Submission as a Submission Property.
A second Dynamic Data Service can be triggered when the customer enters the OTP code in the form. This service compares the code entered, to the stored code. If the codes are the same it can respond with the personal data, if the codes don't match it would respond with an error.
For added security, you may want the second service to store the number of attempts made to enter the code and limit the max attempts. This can reduce the risk of brute force attacks.
Hi Jye, im working with Lin on this and we were wondering if you can provide any examples?
Hey Don, sorry for the slow reply. I'm going to be in Aus the week after next. Perhaps I could pop in for a visit and help you guys build a quick example?
That would be awesome, Jye. We may have some other questions for you while you're here too. Just waiting for approval to use our support credits from the powers that be.
Hi Jye, didn't get a chance to discuss the code etc needed to do this when you were in last, are you able to provide the code/ methods needed to achieve this?