Put the Power of MFA into
Your Mobile App

PingID® SDK Makes it Possible


•   Fully customizable without a separate app

•   Customers manage their own trusted devices

•   MFA for web sign-ons, transaction approvals and much more

what it solves

SDK in Action

Let's meet Sara, a customer who has a ShopCo account and just downloaded the mobile app for the first time. She doesn't know it, but the app is embedded with the PingID SDK—powerful multi-factor authentication capabilities driven by PingID. Let's walk through a variety of interactions Sara has with ShopCo and see how the PingID SDK can make her experience more secure and convenient.

how it solves it

Sara Authorizes

a Device

After downloading the ShopCo mobile app, Sara authorizes her device to be used for authentication and transaction approvals. Using push notifications from the mobile app is the most secure MFA method, but ShopCo can also choose to allow Sara to use SMS, email or voice as second factors.


  • First, Sara downloads the ShopCo app and signs on for the first time.

  • The ShopCo app then asks if she wants to make the phone she’s using a trusted device.

  • Once she approves, the phone is now Sara's primary trusted device.

how it solves it

Sara Signs On to the Shopco Website

When she signs on to the ShopCo website, the ShopCo mobile app sends her a push notification to approve the authentication. This is much more convenient and secure than using a third-party MFA app, SMS, voice or email one-time passcode for the approval. Additionally, the Ping Identity Platform can evaluate contextual details so that Sara is only prompted for MFA in risky scenarios, such as signing on from a new location or device.


  • Sara signs on the ShopCo website.

  • The ShopCo app, prompts her to approve her authentication.

  • Once she approves, she’s securely signed on to her account.



how it solves it

Sara Authenticates Without a Password

Since Sara has a trusted device, she also has the option to go passwordless when signing on. ShopCo has decided to place a QR code next to their sign-on form, and when Sara scans the QR code with her ShopCo app—and the PingID SDK inside of it—she’s instantly signed on. No username. No password.


  • Next time Sara signs on, she sees a QR code next to the sign-on form.

  • She scans the QR code with her ShopCo app.

  • She’s instantly signed on without having to type her username or password.



watch the video



how it solves it

Sara Approves a Transaction

ShopCo has chosen to require their customers to approve large purchases. When Sara makes an expensive purchase, she receives a push notification that confirms the purchase amount and other details for her approval.


  • Sara attempts an unusually expensive online purchase from ShopCo.

  • Her trusted device receives an approval request with specific details about the transaction.

  • Sara approves her transaction, and her package is shipped.



how it solves it

A CSR Confirms Sara’s Identity

When Sara calls ShopCo customer service with a question about the order she just received, the CSR sees that Sara has a trusted mobile device. The CSR chooses to verify Sara’s identity by sending a push notification to her device instead of asking a series of security questions (which can be compromised as easily as passwords).


  • Sara calls a ShopCo CSR who sees that Sara has a trusted device.

  • The CSR clicks a button to verify her identity, and the PingID SDK sends a push notification to Sara’s phone.

  • Sara approves the request, her identity is verified and the CSR is granted access to her account.



how it solves it

Sara Resets Her Password

If Sara needs to reset her password, she can choose to have a push notification sent to her trusted device for confirmation, and then enter her new password in just a couple of taps—no lengthy password reset process necessary.


  • Sara wants to reset her password and chooses to verify the request through her device.

  • Sara’s device gets a notification with details about what she’s approving.

  • Sara is immediately and securely able to enter a new password.



how it solves it

Sara Authenticates Into the Mobile App

When Sara opens the app on one of her trusted devices, her identity is verified behind the scenes. Even if a hacker had her correct credentials, they still wouldn't be able to sign on without her device.


  • Sara opens the ShopCo app from her trusted device. A payload with user credentials and device secrets is sent to the ShopCo server.

  • The ShopCo server verifies Sara's credentials and forwards the device secrets on to the PingID server so it can verify that the request is coming from one of Sara's trusted devices.

  • Sara is instantly and securely signed on to the ShopCo app, using both credentials and device secrets. She got all the security of MFA with none of the friction.
how it solves it

Sara Manages Her Devices

Sara just got the latest tablet and wants to be able to use the ShopCo app to make purchases from it. ShopCo has chosen to expose some device management capabilities to Sara so she can securely add and block devices, change her primary device and more.


  • Sara wants to be able to sign on to ShopCo to securely make purchases on her new tablet.

  • As she opens the ShopCo app on her tablet and signs on, the app asks if she'd like to make her tablet a trusted device.

  • A push notification is sent to the ShopCo app on her primary device where she verifies the request.

  • Sara's new tablet is now a trusted device that she can use to sign on to the ShopCo app and make secure purchases.


Want MFA for Your Customers?

Using MFA to secure customer data and protect them from compromised credentials is becoming a critical priority for enterprises. However, implementing MFA for customers has some very specific requirements.


Balance Security and Convenience


Mobile App



Self-management of

Trusted Devices







the proof

Like What You’ve Heard?

If you like what PingID SDK can do for your enterprise and your customers, you're going to love these.

  • white paper


    Discover the requirements of MFA for customers and the 5 things that a customer MFA solution must do to strike this balance.

  • data sheet


    PingID provides MFA for cloud-based applications and on-premises applications, VPNs Windows Servers and RDP, and Secure Shell (SSH).

    Download now
  • white paper


    The right Customer IAM solution requires greater security and scalability to manage millions of identities as well as a unique set of functionality.


Take the Next Step

See how Ping can help you stay ahead of the curve in a rapidly evolving digital world.