Accessing applications on a mobile device
As mobile devices have become ubiquitous, very often they are users' primary means to access services online. For these cases we use a slightly modified user authentication journey.
As users try to access your backend application, the backend replies with an authentication requests, usually in the form of a deep-link that opens up the Nevis Access app to perform the authentication. Once the user has authenticated with either their fingerprint or facial patterns, the app signs the challenge for the backend. The backend complete the process and issues the session cookie. When users access the service and authenticate with the same device, it is often called in-band authentication.