There are 3 different authentication modes available for Cronto.
These modes are described for the login process, but apply analogously for transaction signing:
Mode | Description |
---|---|
Scan & TAN | The default mode: a cryptogram is displayed in the web browser, the user scans it with the Cronto device/app and manually enters the display TAN code into the browser. |
Scan & Login | The cryptogram is displayed in the web browser and has to be scanned by the user with the Cronto device/app. The app then automatically sends the response TAN to the IAM server, without the need for user interaction. As a fallback for offline situations (and Cronto hardware devices), the TAN can still be entered manually. |
Push | Instead of scanning a cryptogram, the challenge is directly sent to the Cronto app through a push notification. The user only has to confirm the login/transaction on the app, which then sends the resulting TAN to the IAM server. For offline situations, fallback to "Scan & TAN" is possible. |