Push messages on your branded Access App provide a quick and convenient way to securely authenticate your customers.
Push notifications overview
With push messages, passwordless authentication is fast and effortless. At each transaction, your users get a smooth, transparent authentication flow with near immediate feedback.
We recommend push notifications as an authentication method, if the following are true for your business:
- You want a low-effort, smooth authentication experience for you users.
- You want authentication to be as quick as possible.
- You do not want to invest in major technical development.
Your users can register any mobile device that runs the branded Access App as an authenticator. When authenticating a transaction, a push message is sent from your application, which is delivered by Apple and Google services to the user device. Tapping the notification opens the branded Access App, where the user can confirm the transaction using a PIN or biometrics.
To add an extra layer of security to push authentication, you can enable the number matching feature through the REST API. The number matching feature adds an additional step to the push authentication flow. In this step, a random, two-digit code is displayed in the browser and the user must enter the matching code in the Access App. If they correctly match the codes, they can continue with approving the push authentication. Using the number matching feature can prevent accidentally approving a push message. For more information, see Number matching in the Access App documentation.
Registration and authentication flow
To get started, you need the following information available:
- Instance ID
- Access Key
For more information on the instance ID and the Access Key, see the API documentation.
To implement and use push notifications, see the instructions on the following pages:
Push authentication relies on settings and capabilities of the user device. In most cases, default device settings allow the messages to arrive to the Access App without issues. If you experience that push messages do not arrive to a registered authenticator, see the Troubleshooting Guide.
Read more about push notifications in the Push messages section of the Access App documentation.
You can format these messages with a few HTML tags. Read more about them in the Transaction confirmation section of the Access App documentation.