The user clicks the “sign in with WhatsApp” button on the website or scans the QR code, which results in the code appearing on WhatsApp. The user clicks “send” on this message as if it was from them and they are automatically logged into the site.
This works as a basic method of MFA because the user is authenticated with his WhatsApp identity, including its connection to his registered phone number.
The technology behind nOTP reflects the company’s Descope Flows platform, which was developed as a way for companies to add any type of authentication to their website using a visual process that requires no coding.
The company includes nOTP as an option for certain use cases, especially companies that want to move away from SMS authentication or for use on devices such as smart TVs where entry is not suitable without a keyboard.
Being able to add any type of authentication to a website is amazing. A customer can add nOTP but allow fallback with another authentication method, including an old-world password.
Getting authentication up and running can be expensive and time-consuming. The promise Descope sells is that a developer can design and integrate their login process in a fraction of that time.
Source link