The story of OnlineOTP
A few months ago I faced an annoying problem. I wanted to redeem my Cathay Pacific Miles but I was unable to log into my account. The SMS OTP never arrived. My account was tied to my Sri Lankan number, which I’ve had for many years, yet I never received their OTP. After wasting an inordinate amount of time, first with their chat support, then with the call support, I was told this was a “known problem”. When I browsed through /r/SriLanka I immediately noticed this was a recurring problem that has gone back for more than a year on a number of services. I really wanted to scratch this itch. I knew from past experience that jumping to building was not the best solution, but at the same time I wanted to ride the momentum of this idea. Two weeks later I had an MVP ready to go. Powered by Ruby on Rails, Tailwind, Render, Twilio, Resend, Tally, Hopes and Wishes. The Security guy in me was crying as I built this product. The Pragmatist in me was satisfied that I had a use case when the product flow was broken. The Entrepreneur in me watched me scratch this itch knowing the pitfall I was knowingly putting myself into, after all I hadn’t validated this product yet. With this I went live! ... in Beta . My hope was that the survey would get me my initial customers and help me validate this product. I was all too willing to keep this product live for a year in case I got a single Beta user. 1 month later I had 5 survey submissions I gave out 4 beta codes And got 0 signups that redeemed a code Fun Fact: Someone created an account on my site before I could 😅 After I went live in Beta, itch scratching satisfied, the Entrepreneur in me finally got a hold of the steering wheel and went to work. I talked to a number of people and one very helpful interested customer who reached out to me on LinkedIn. When trying to list every real world situation where someone might need OnlineOTP, or less gloriously "SMS to email" I came up with a surprising number of usecases. Expats who lose access to home-country services Professionals who must verify accounts across multiple countries Travelers who need OTP reliably and without roaming fees People in countries with unreliable carriers People with privacy or security concerns I went on the hunt. I stalked through forums trying to find users who face this problem and to pick up how they solved this problem for themselves. I had some success And some failures Overall I came to the overwhelming conclusion that I had a problem, but not really a solution that would reliably work. Here’s a snippet from a report I wrote to my coach. The majority of people want to receive OTP from financial institutions like banks. Banks do not like virtual numbers as it somewhat defeats the purpose of a multi factor authentication. Which means as a product calling itself OnlineOTP, I can not guarantee service quality as banks may not send their OTPs to VOIP numbers even though they accept it during registration. #strike1 The TAM is quite small and will get smaller as The people who want the solution seem to either be travellers who feel this momentary pain and then they are back home As banks move towards the industry standard of two factor auth via apps, passkeys or authenticator apps this will reduce in value. People don’t want to let others get access to OTPs. especially since it’s coming from banks. Trust factor issue. #strike2 When I initially started the project I got an “OK” from Twilio for my usecase, but before I went past Beta I wanted to be doubly sure and this time there was a lot of push back and a polite no, that this is against their acceptable use policy. Researching other providers I found that almost all of them have terms that imply they won’t be happy with reselling phone numbers or using it to receive OTPs. #strike3 I think I’m fairly sure a real problem exists but I don’t think the solution I’ve come up with is the right solution. At the moment there doesn’t seem to technically be a way to provide SMS to Email without becoming a Telecom Provider myself (MVNO specifically), which is not practical. A bit disapointing. That said, I regret nothing. It’s been fun going through this process even though it's resulting in me shutting down a product a month after launch. I’m just glad no one redeemed a beta code, as I would be honour bound to support the product for at least a year then. With this blog post, I'm closing up OnlineOTP. Excited to see what 2026 holds. Happy New Year! Cool Logo… Check Shareworthy Landing page… Check SEO… Check Focusing on the problem…Check Functioning buy a VoIP number and then get SMS to Email… Check Handling edge cases when buying a number… Check [Entrepreneur: What why?] Live dashboard showing SMS as you receive it… Check [Entrepreneur: seriously?] [Security guy: mate you're receiving OTPs… you should be self destructing it instead.] Mandatory FAQ explaining caveats with this product… Check I'm a UK expat living in Malaysia who needs a UK phone number that can receive SMS while in Malaysia. I'm a Certified Public Accountant based in the Philippines with clients in Singapore and Hong Kong. I am unable to reliably receive SMS OTP to process payments while sitting in Philippines I'm a Virtual Assistant who manages their client's accounts remotely and needs OTP access to complete tasks. I'm a Freelancer who needs a local number in multiple countries to access region-specific apps. I'm a business owner who manages accounts in multiple regions and needs OTPs from each region forwarded to one inbox. I'm a businessman who wants to receive OTPs on my Canadian phone number without having to pay Roaming Charges while I travel. And I travel frequently. I'm a back packer on a tour around the world who uses a temporary number but still needs to reliably access OTPs from their local bank. I'm a digital nomad who cycles through countries every few months and can't maintain SMS reliability. I'm a cruise passenger relying on ship WiFi and unable to receive SMS at sea. (Or Flight). I'm a traveler who temporarily uses a local SIM card but still needs OTPs from my home-country number. I'm a Sri Lankan who has a local Sri Lankan number who does not reliably receive SMS from Cathay Pacific on my local phone number. I'm someone living in a rural area where cellular coverage is weak, but email over WiFi works. People accessing platforms that require local numbers I'm an online seller/buyer who needs verification codes from marketplaces that only text local numbers. (If I remember correctly, Carousell in Singapore had that issue when I tried to buy something from it when I visited SG) I'm someone who wants an international virtual number for privacy but needs guaranteed SMS delivery. I'm someone who frequently relocates and prefers a stable, long-term virtual number. I'm a business founder who doesn't want to expose their personal number to dozens of SaaS platforms.
Business
Rails
Ruby
AI
Open Source
Database
Backend