Authenticate without exposing your username
Usernameless transaction approval is a convenience feature to approve transactions without having to type their usernames first. The transaction might be a login to a company portal, an identification during an online support chat session, or an approval for an additional purchase of spare parts. The user scans the QR code specific for the transaction, authenticates on their mobile app, and their actual identity is passed on to the backend once the authentication is complete.
Desktop user flow
For example, customers to an insurance portal can just click the login button, and a QR code is displayed. They scan the code with the branded Access App on the phone, approve with a biometric authentication method, and they are logged in. No need to remember or expose their username, yet completely secure.
Mobile user flow
Alternatively, when chatting with helpdesk on a mobile phone, how often do you hear: "Oh, we just need to verify that it's you". Usernameless authentication comes to the rescue. Send a link from helpdesk to the device of the user. The user taps the link, which opens the Access App on their device, and asks for authentication. Once complete, the support agent has confirmation about the identity of the user, and can proceed with the transactions that require this higher level of certainty.
Technical user flow
As a precondition, the user is already registered to the system, and installed and set up a branded Access App on their mobile phone. Ideally, they used a biometric authentication method, such as FaceID.
A user, currently unknown, wants to log into your website. You issue a QR code tied to the login transaction, with no user specified. The user scans the QR code with the branded Access App on their phone confirms that they want to log in and authenticate with their FaceID. In the background, you keep polling the
status endpoint for the transaction with its token. While the user is still going through the motions, the transaction is still pending. But as soon as the authentication is successfully completed, the status endpoint returns a success data object with the
userId, and your backend systems can link the successful transaction and the login to the user account, and give them access to your website.