The royalty card redemption option should be in user role policy . So that we can assign to that users only to whom we want.
And every time of adding token amount the OTP should enter.
Thanks & Regards
Loyalty card redemption cannot be security based. To ensure security, you can enable OTP for redemption purpose. We are marking this idea as "Will not Implement".