PingID SDK is built on the concept of a network of trusted mobile devices for each user and for each application. SMS, voice and email comprise alternative trusted authentication devices, using notifications with customized content and a one time passcode (OTP). The PingID SDK also provides the option to integrate QR code based authentication as a passwordless authentication option in your mobile apps.
A user can link more than one device to their user account. For example, once a user uses a native mobile application which includes the PingID SDK component, they can pair the device and use it as the authenticating device from that point on. In addition, any login to that application on the device will be secured by PingID SDK.
Each linked device is part of the user’s network of trusted devices. When a user introduces their first device to the system, a trust is established between the device and the PingID SDK server (device pairing). The user will need to use that trusted device to approve each additional device that they want to add to the trusted network.
In a network of devices, PingID SDK supports the following options for a new untrusted device requesting access:
- Trust this device
- Allow this device a one-time access
- Ignore access requests from this device for a defined period
- Deny this access request
- Block this device