{"_id":"561272d60157131900b45870","category":{"_id":"55ffceca0e2b090d008633b2","pages":["55ffcedffeaf310d007dd6d6","55ffd0879e7ccf0d000a1e09","55ffddd1feaf310d007dd6e8","55ffdee4feaf310d007dd6ea","55ffe2336932a00d00ba7abf","55ffeb898c0c9d0d00dcacd0","55fff74c6932a00d00ba7b0c","55fff9df0c703d1900952fe1","55fffecb6932a00d00ba7b1b","55ffffd49e7ccf0d000a1e49","560001159e7ccf0d000a1e4d","560004126932a00d00ba7b2a","560006ef0c703d1900952ffc","560009fa8c0c9d0d00dcad0d","5601137f9137690d00335697","560120f34ea1b40d003bf1a4","5601221bf01fb90d00d4bf7e","5601274781a9670d006d1514","5601292881a9670d006d1516","56012ab3f01fb90d00d4bf88","56012c754ea1b40d003bf1b9","56012d824ea1b40d003bf1c0","56053e9df6b86e0d00284ad1","560541907c8e580d0001afe8","56123c063cf4bc0d00554e37","561264c70157131900b45863","561272d60157131900b45870","5612796d09bdc51700696fdf","56138c7a6fd7042b008f0187","5613a63d46c35f3500773c06","5613a79a44d6662b0071f5d9"],"project":"55edea207145f717001ac12c","version":"55edea207145f717001ac12f","__v":31,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-09-21T09:32:58.200Z","from_sync":false,"order":0,"slug":"sdk","title":"SDK"},"__v":4,"user":"55ede9ed1452cd0d009e5e6b","version":{"_id":"55edea207145f717001ac12f","project":"55edea207145f717001ac12c","__v":11,"createdAt":"2015-09-07T19:48:48.670Z","releaseDate":"2015-09-07T19:48:48.670Z","categories":["55edea217145f717001ac130","55ffa8038c0c9d0d00dcac72","55ffbaa48c0c9d0d00dcac88","55ffbd3e8c0c9d0d00dcac8b","55ffbee40e2b090d00863393","55ffc4306932a00d00ba7a85","55ffc66bfeaf310d007dd6c8","55ffc9c2feaf310d007dd6d1","55ffceca0e2b090d008633b2","560111b06811d00d00ceb34e","560262e74f15002100ee4445"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"project":"55edea207145f717001ac12c","updates":[],"next":{"pages":[],"description":""},"createdAt":"2015-10-05T12:53:42.791Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":31,"body":"For users of an integrated system who do not possess a Rublon account (they do not want to sign up or don't own a smartphone), Rublon provides a simplified form of two-factor identity verification. This feature employs an email message with an identity confirmation link sent to the email address of the user being authenticated, assuming that no one but that user has access to his/her email inbox.\n[block:callout]\n{\n  \"type\": \"info\",\n  \"body\": \"This feature is enabled by default. However developer can force users to authenticate using the mobile app, to avoid the Email2FA process, which can increase the security. The forcing mobile app feature is available only to systems integrated within the Business plan. [Check the pricing](https://developers.rublon.com/98/Pricing).\"\n}\n[/block]\n##Principles of operation\n\n1. Rublon looks for a Trusted Device, which will authenticate the user automatically.\n2.  If a Trusted Device cannot be found, Rublon will check if a user with an email address provided by the integrated system is protected by Rublon. If such a user is found, the process involves using the mobile app. \n3. If no user is found (the user does not have a Rublon account), the Email2FA process is started. \n4. The user will receive an email with a identity confirmation link.\n5. After clicking the link, the user will be asked if the current browser should become a Trusted Device (signing in) or [a question about confirming a transaction will be displayed](doc:sdk-secure-transaction-confirmation).\n6. After answering the question, the user will be redirected to the integrated system's [callback URL](doc:sdk-authentication-finalization) and logged in (or the transaction initiated by the user will be confirmed).\n\n##Example usage\n\nThe use of Email2FA is by default active and looks the same as the [Signing in process](doc:sdk-signing-in#example).","excerpt":"","slug":"sdk-email2fa-simplified-identity-verification","type":"basic","title":"Email2FA - simplified identity verification"}

Email2FA - simplified identity verification


For users of an integrated system who do not possess a Rublon account (they do not want to sign up or don't own a smartphone), Rublon provides a simplified form of two-factor identity verification. This feature employs an email message with an identity confirmation link sent to the email address of the user being authenticated, assuming that no one but that user has access to his/her email inbox. [block:callout] { "type": "info", "body": "This feature is enabled by default. However developer can force users to authenticate using the mobile app, to avoid the Email2FA process, which can increase the security. The forcing mobile app feature is available only to systems integrated within the Business plan. [Check the pricing](https://developers.rublon.com/98/Pricing)." } [/block] ##Principles of operation 1. Rublon looks for a Trusted Device, which will authenticate the user automatically. 2. If a Trusted Device cannot be found, Rublon will check if a user with an email address provided by the integrated system is protected by Rublon. If such a user is found, the process involves using the mobile app. 3. If no user is found (the user does not have a Rublon account), the Email2FA process is started. 4. The user will receive an email with a identity confirmation link. 5. After clicking the link, the user will be asked if the current browser should become a Trusted Device (signing in) or [a question about confirming a transaction will be displayed](doc:sdk-secure-transaction-confirmation). 6. After answering the question, the user will be redirected to the integrated system's [callback URL](doc:sdk-authentication-finalization) and logged in (or the transaction initiated by the user will be confirmed). ##Example usage The use of Email2FA is by default active and looks the same as the [Signing in process](doc:sdk-signing-in#example).