The verifier SHALL use permitted encryption and an authenticated secured channel when collecting the OTP in order to deliver resistance to eavesdropping and MitM attacks. Time-primarily based OTPs [RFC 6238] SHALL have an outlined life span that is determined via the envisioned clock drift — in possibly course — with the authenticator above its