Ask A Question

Notifications

You’re not receiving notifications from this thread.

How do i create a QR code lead authentication strategy

Dearg OBartuin asked in Rails
Dearg OBartuin Dearg OBartuin

Hi all,

please visit the popular challenger bank https://web.tide.co/login/ for an example.
Their auth strategy is to present the user with a QR code that changes every 30 seconds (I'm sure this is a representation of some form of hash representing a token). In order for the user to authenticate, they must open the mobile app, authenticate and then scan the QR code via the app. This fires a request back to the provider who then match the two tokens and then authenticated the online website and shows the dashboard.

I am curious how this strategy keeps the login page on the webpage constantly listening for a change in the backend to know for sure the QR code has been scanned from an authenticated device. Are Tide keeping a channel open at their log in page, creating a session cookie and storing it locally. Some scalable and reliable way to return back to the browser from the mobile app.

If you were re-creating this in rails, where would you start?

thanks

Reply
Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 86,946+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.