1) We plan on integrating TOTP into the Authian server so that TOTP can be used as an alternate option where no other IMs are supported by the end-user
2) Using OTP over encrypted IM has less friction. Many other options require people to install "yet another app". TOTP is also not that well understood by the average person, whereas most people are already familiar with SMS-based authentication (which also has low friction, but is comparatively expensive)
3) TOTP can't do notifications of successful login attempts to the TOTP app. Whereas OTP over IM offers this, as well as baking in other security enhancements as required by vendors (eg. account recovery options)
With that said though, I would consider TOTP and OTP over IM to be complementary products.
Not sure if this is relevant, but TOTP via phone app doesn't work when a phone is experiencing NTP sync issues. At least, this is a problem which I experienced.
My answers (in point form) are:
1) We plan on integrating TOTP into the Authian server so that TOTP can be used as an alternate option where no other IMs are supported by the end-user
2) Using OTP over encrypted IM has less friction. Many other options require people to install "yet another app". TOTP is also not that well understood by the average person, whereas most people are already familiar with SMS-based authentication (which also has low friction, but is comparatively expensive)
3) TOTP can't do notifications of successful login attempts to the TOTP app. Whereas OTP over IM offers this, as well as baking in other security enhancements as required by vendors (eg. account recovery options)
With that said though, I would consider TOTP and OTP over IM to be complementary products.