4.14.2 Authentication methods

Now that the account has been accessed successfully, let’s explore the different login methods available in the ZTrust Authenticator App.

• Push notification–based login

• QR code–based login

• TOTP

• NFC-based login

1. Push Notification-based login ZTrust uses push authentication to verify user identity by sending login requests to a trusted mobile device. Users can approve or deny access with a single tap, offering both convenience and strong protection against unauthorised access.

   1. After a successful login, select your account. You will be redirected to the profile page, where all features are available. To make your device the primary one, enable the toggle button.

      

      Fig 4.13.2.a: Home page of authenticator
   2. Login Process

      1. Visit the application URL where you want to log in.

         

         Fig 4.13.2.b: Login Page
      2. Below the Login button, click on “Try Another Way”. After clicking, you will be redirected to a page that displays all available login methods.

         

         Fig 4.13.2.c: Select authentication method
      3. From the list of available login methods, select Push Notification.

         

         Fig 4.13.2.d: Username page
      4. Enter your username and click the Log In button. A push notification will be sent to your registered mobile device.

         

         Fig 4.13.2.e: Submitted the username form for Push
      5. Open the ZTrust Authenticator app on your registered device. You will receive a login notification.

         

         Fig 4.13.2.f: Push notification in authenticator
      6. When the user taps Accept in the ZTrust Authenticator app, the request is securely confirmed and the response is sent back to ZTrust SSO. The login is then completed in the browser.

         

         Fig 4.13.2.g: Self service portal

      7. The user has now successfully logged in using push notification.

2. QR code–based login ZTrust enables secure login through QR code authentication, where users scan a unique code with their registered device to verify identity. This ensures fast, phishing-resistant, and seamless access.

   1. Login Process

      1. Visit the application URL where you want to log in.

         

         Fig 4.13.2.h: Login Page
      2. Below the Login button, click on “Try Another Way”. After clicking, you will be redirected to a page that displays all available login methods.

         

         Fig 4.13.2.i: Select authentication method
      3. From the list of login methods, select QR Code Authentication. A QR code will be displayed on the screen.

         

         Fig 4.13.2.j: QR login page
      4. Open the ZTrust Authenticator app and, from the Profile page, selects QR Code Authentication. The app then launches the QR scanner

         

         Fig 4.13.2.k: Scanner of ZTrust authenticator
      5. After successfully scanning the QR code, the app will prompt you to either Accept or Deny the login request.

         

         Fig 4.13.2.l: Confirm to login
      6. If you tap Accept, the login will be confirmed and you will be successfully logged in the browser.

         

         Fig 4.13.2.m: Self service portal
      7. The user has now successfully logged in using QR code–based login .

3. Time-Based One-Time Password (TOTP) ZTrust supports Time-based One-Time Password (TOTP) authentication, where users enter a short-lived code generated on their registered authenticator app. This adds an extra layer of security with simple, offline verification.

   1. Login Process

      1. Visit the application URL where you want to log in.

         

         Fig 4.13.2.n: Login page
      2. Below the Login button, click on “Try Another Way”. After clicking, you will be redirected to a page that displays all available login methods.

         

         Fig 4.13.2.o: Select authentication method
      3. From the list of login methods, select TOTP (Time-Based One-Time Password). A username entry form will appear.

         

         Fig 4.13.2.p: Username form for TOTP
      4. After entering your username, ZTrust will verify it and then display the TOTP page.

         

         Fig 4.13.2.q: Confirm TOTP
      5. Open the ZTrust Authenticator app and go to the Profile page. Select One-Time Passcode. The app will display a 6-digit TOTP (Time-Based One-Time Password), which refreshes every 30 seconds.

         

         Fig 4.13.2.r: Home page of authenticator, TOTP
      6. Enter the 6-digit TOTP into the field on the browser page and click Submit. You will then be successfully logged in.

         

         Fig 4.13.2.s: Self service portal
      7. The user has now successfully logged in using Time-Based One-Time Password (TOTP).

4. NFC-Based Login With NFC-based authentication, ZTrust allows users to authenticate by simply tapping their trusted device or card near an NFC reader. This provides a quick, contactless, and secure login experience.

   1. Prerequisites

      1. An RFAID card registered with your account.

         1. To register your card, please contact your administrator.

         2. A device that supports NFC-based authentication.

   2. Login Process

      1. Visit the application URL where you want to log in.

         

         Fig 4.13.3.t: Login page

      2. Below the Login button, click on “Try Another Way”. After clicking, you will be redirected to a page that displays all available login methods.

         

         Fig 4.13.2.u: Select Authenticator method

      3. From the list of login methods, select NFC option. A username entry form will appear.

         

         Fig 4.13.2.v: User name form for NFC
      4. Enter your username and click the Log In button. A notification pop-up will be sent to your registered mobile device.

         

         Fig 4.13.2.w: Username form submitted for NFC
      5. Open the ZTrust Authenticator app and navigate to the Profile page. A notification will appear in the app. The app will then display an NFC prompt, asking you to tap your NFC card.

         

         Fig 4.13.2.x: NFC request received
      6. The user taps the registered RFAID card on the phone. Once the NFC card is successfully read, the authentication process continues.The ZTrust mobile app securely verifies the NFC card. The authentication response is sent back to ZTrust SSO. If the response is correct, the authentication is successful.

         

         Fig 4.13.2.y: Self service portal
      7. The user has now successfully logged in using NFC Based.

1. Conclusion

The ZTrust Authenticator app supports multiple authentication methods — Push, QR Code, TOTP, and NFC. These methods together deliver an authentication experience that is highly secure, lightning fast, and seamless for users.