When a user signs in to my website, I want an SMS one-time password sent instantly to any phone, whether it’s running Android or iOS. The flow should be simple: the visitor enters a phone number, receives a numeric code by text, then submits it to complete the login. I haven’t chosen a gateway yet, so feel free to recommend and configure whichever service—Twilio, Nexmo, or any other reliable provider—that best suits fast delivery, regional coverage, and clear reporting. Security matters: codes must be random, time-bound, single use, and validated server-side before the session starts. Deliverables • Clean, well-documented code (backend + minimal frontend hook) that triggers, sends, and verifies SMS OTPs • Gateway setup with test credentials and clear instructions for going live • Brief hand-off notes so I can adjust expiry time, message template, or sender ID later If everything works smoothly—code arrives in seconds and blocks reuse—I’ll consider the job done and future phases open for discussion.