Comment on Mandatory TOTP for illiquid risky contracts

Vijaya Krishna commented on 11 Jun 2020, 10:59 AM

Hi Zerodha Team,

Your intentions are good, however, I see the following issue with this approach.

The authentication is made completely dependent on mobile. What if mobile goes down for some reason after someone initiating the positions? Is there any way to login to kite web without the mobile to take care of the positions?

The resolution can be to make the authentication of TOTP optional. If someone used it to login then do not restrict them to take the positions in illiquid stocks. If someone used PIN and trying to take positions in illiquid stocks, then ask the TOTP only once per that login session.

View the full comment thread »