Terms and definitions

activation letter

An activation letter is a letter (PDF) usually sent to the user by a trusted mail service.

Activation letters are often used to verify the physical address information supplied during registration, or in situations where an independent and secure digital communication channel has not yet been established.

Airlock 2FA activation letters contain a QR code for the enrollment of an Airlock 2FA app.

Airlock 2FA app

The Airlock 2FA app is our mobile application for authentication and transaction approval. It is available for Android and iOS and can be downloaded from the app stores.

enrollment, Airlock 2FA

Airlock 2FA enrollment is the process of activating an Airlock 2FA app and linking it to an IAM user account. Enrollment can be in the browser (e.g. migration of other 2nd factors to Airlock 2FA) or using an activation letter.

hardware token

A small device whose sole purpose is strong authentication or transaction confirmation.

mobile-only authentication

Another term for single device authentication used in conjunction with Airlock 2FA.

OAuth 2.0

OAuth 2.0 is a standard for access delegation. Clients can act on behalf of users by using bearer tokens for authentication during resource access.

Offline QR code

Offline QR code is a type of authentication and transaction approval in Airlock 2FA.

A QR code shown in the user's browser is scanned using the Airlock 2FA hardware token or mobile app which then displays transaction or login information and a verification code. The user confirms the process by entering the verification code in the browser.

It allows transaction approval and logins in situations without an internet connection of the smartphone.

Online QR code

Online QR code is a type of authentication and transaction approval in Airlock 2FA.

A QR code shown in the user's browser is scanned using the Airlock 2FA app. The user is then asked to approve the login or transaction and the app sends back the decision to the Futurae cloud. The user does not have to type in a OTP code or alike.


The passcode method is the simplest authentication method provided in Airlock 2FA. The app displays a one-time code (OTP) that is valid for 30 seconds.

It allows authentication in situations without internet connection of the smartphone.

payload encryption

The payload encryption feature is part of the Airlock 2FA offering and ensures that transaction data is encrypted when transmitted between Airlock IAM and the Futurae service.

It makes sure that no intermediate component, such as a reverse proxy, can read transaction details. The feature is enabled in the Airlock 2FA Settings and needs to be enabled on the Futurae service.

single device authentication

Authentication scheme involving only one device (typically a mobile device): the authentication app or functionality resides on the same device as the business application for which the authentication is performed.

Also called "mobile-only authentication" in Airlock 2FA.