Authentication modes

There are 3 different authentication modes available for Cronto.

These modes are described for the login process, but apply analogously for transaction signing:



Scan & TAN

The default mode: a cryptogram is displayed in the web browser, the user scans it with the Cronto device/app and manually enters the display TAN code into the browser.

Scan & Login

The cryptogram is displayed in the web browser and has to be scanned by the user with the Cronto device/app. The app then automatically sends the response TAN to the IAM server, without the need for user interaction. As a fallback for offline situations (and Cronto hardware devices), the TAN can still be entered manually.


Instead of scanning a cryptogram, the challenge is directly sent to the Cronto app through a push notification. The user only has to confirm the login/transaction on the app, which then sends the resulting TAN to the IAM server. For offline situations, fallback to "Scan & TAN" is possible.