Authentication methods comparison
Authentication Cloud offers multiple ways of delivering the payload to mobile devices, when using passwordless or two-factor authentication. For emergency access scenarios, recovery codes can also be configured for user accounts. The next table gives a compatibility overview of all of the authentication methods.
|Authentication method||2FA||FIDO||Passwordless||Usernameless||Additional information|
|QR codes||✅||✅||✅||✅||Uses the Access App and SDK.|
|Deep links||✅||✅||✅||✅||Uses the Access App and SDK. Fit for mobile-only scenarios.|
|FIDO2 and passkeys||✅||✅||✅||✅||Requires FIDO2-capable device and browser.|
|Push notifications||✅||✅||✅||Uses the Access App and SDK. Fit for both mobile-only and desktop-mobile scenarios.|
|SMS OTPs||✅||Not recommended for sensitive transactions.|
|Recovery codes||Only used as a recovery option.|
For more detailed information about QR codes, deep links, and push notifications, see Channels in the Access App documentation.