<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<br>
<br>
<div class="moz-cite-prefix">On 24/Mar/20 00:19, Eric Tykwinski
wrote:<br>
<br>
</div>
<blockquote type="cite"
cite="mid:C2F65C6E-87B5-4D80-AF73-1869E14B7E34@truenet.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div dir="auto" style="word-wrap: break-word; -webkit-nbsp-mode:
space; line-break: after-white-space;" class="">I guess I wasn’t
as detailed as should be, multi factor authentication should
hopefully have 1 standard which will work for everything. So we
have an app on our phone to authenticate after a
username/password which give a 6 digit key, or we use a hardware
based key to sign a OTP. Really either doesn’t matter, but
trying to get endu sers to switch between each for every login
is going to hamper acceptance in the large scale.</div>
</blockquote>
<br>
For all my banking apps in South Africa, I can use
username/password, QR code or Face ID, in ascending order of
preference. All transactions that have not been pre-approved before
require further authentication, typically via SMS approval, which
goes to the the registered phone.<br>
<br>
Qatar Airways' FQTV app supports Face ID login, but it SMS's and
e-mails you an OTP as the 2nd stage of authentication.<br>
<br>
So different companies are doing different things, but one thing
that is consistent is that there are multiple stages being employed
to login.<br>
<br>
Mark.<br>
</body>
</html>