为API身份验证添加UTC时间戳是一个好主意

I have seen many sites such as

Amazon : (http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) adding UTC timestamp("seconds since epoch") to HMAC for stopping replay attacks.

Many authentication tutorials and forums like How to securely maintain user authentication through a third party API? are also suggesting this.

I have only one concern in this, can it cause issue when mobile apps communicate with the API, I have checked it will not cause issue on Web when communicating with API's on web with PHP.