A One-Time Password (OTP) is a temporary, secure PIN-code that is valid only for one session. It is used to authenticate a user for a single transaction or login. OTPs can be generated automatically and are usually numeric or alphanumeric strings of characters. OTPs are used in two-factor authentication methods, where the users OTP app and the authentication server rely on shared secrets. OTP security tokens are microprocessor-based smart cards or pocket-size key fobs that produce a numeric or alphanumeric code to authenticate access to the system or transaction. The secret code changes every 30 or 60 seconds, depending on how the token is configured. Mobile device apps, such as Google Authenticator, rely on the token device and PIN to generate the one-time password for two-step verification. The OTP market is estimated at $1.5B in 2018 and is expected to reach $3.2B by 2024. OTPs are used by enterprises, banking, finance, insurance and securities, government, healthcare, and gaming.