We're rolling out support for multiple authentication methods (Email OTP, SMS OTP, PIN) for sensitive merchant actions. Currently, the bank details update and withdrawal request flows are still hardcoded to SMS OTP regardless of the method a merchant has selected. Merchants who choose Email OTP or PIN will still receive an SMS code instead. A fix to route these flows through the selected method is in progress.