Engineers at Apple have proposed a standardized format for SMS One-Time Passcodes (OTP). To be specific, Apple engineers working on WebKit, the core-component of the Safari web browser have put forth the proposal with two goals.
In the above example, “747723 is your FooBar authentication code” represents the text added by brands while “@foobar.com” denotes the origin URL (https://foobar.com) and “#747723” is the actual OTP code.
This approach could make it easier for apps and websites to identify OTPs without compromising on security. If implemented, this could also eliminate spammy and malicious actors from taking over accounts with phishing sites.
