Fallback Authentication Framework

These guidelines provide examples for when Redirect to App is unable to be used for the purposes of CDR authentication, and Decoupled Authentication is not supported.

‣

On this page

Overview

The Fallback Authentication Framework relates to the Fallback Authentication Flows section of the Authentication Schedule Standards. These standards apply where Redirect to App is unable to be used for the purposes of CDR authentication, and Decoupled Authentication is not supported. In such cases, data holders are required to continue providing support for Redirect to Web with One Time Password (OTP) flow.

All data holders and data recipients must implement the relevant redirect to app standards by 10 May 2027. If implemented prior to this date, CDR participants will also need to meet other relevant standards, such as the Fallback Authentication Flows outlined in this guidance.

Wireframes and guidelines

Note: The wireframes shown are examples of how to implement key rules, standards, and guidelines. Use the on-screen functions to adjust zoom level or expand the wireframes to be viewed at full screen.

The following wireframes show an example of the Fallback Authentication Framework.

‣

See key requirements and guidelines

Download open source asset

Open sources design assets are created in Figma for the purposes of assisting implementation. This Figma file contains annotated wireframes and working prototypes for Fallback Authentication Framework.

Download design asset

Item	File	Date released	Version introduced
2AU0. Fallback Authentication Framework v1.35.0.2025.09.22	2AU0. Fallback Authentication Framework v1.35.0.2025.09.22.fig	Sep 22, 2025	1.35.0

For past versions, refer to Change log.

‣

About open source assets

About this page

References

The artefacts on this page were informed by the following sources.

Title	Author	Date published	URL	Type
Change Request 700: CX Guidelines \| Redirect to App (R2A) CX Guidelines Changes	Data Standards Body (DSB)	Jun 5, 2025	github.com	Consultations
Consultation Draft 369: Redirect to App - Draft Standards	Data Standards Body (DSB)	Apr 4, 2025	github.com	Consultations
Decision Proposal 327: Authentication Uplift Phase 1	Data Standards Body (DSB)	Aug 29, 2023	github.com	Consultations
Noting Paper 326: Authentication Uplift Context	Data Standards Body (DSB)	Aug 29, 2023	github.com	Consultations
Authentication Uplift - Comparison Report	Data Standards Body (DSB)	Jun 21, 2023	cx.dsb.gov.au	Research
Decoupled Research Report	Data Standards Body (DSB)	May 28, 2023	cx.dsb.gov.au	Research
Noting Paper 296: Offline Customer Authentication	Data Standards Body (DSB)	Mar 17, 2023	github.com	Consultations
App/Browser-to-App Research Report	Data Standards Body (DSB)	Dec 15, 2022	cx.dsb.gov.au	Research
One Time Password Research Report	Data Standards Body (DSB)	Dec 15, 2022	cx.dsb.gov.au	Research
Noting Paper 280: The CX of Authentication Uplift	Data Standards Body (DSB)	Dec 7, 2022	github.com	Consultations
CDR Support Portal: Offline Customer Guidance	Australian Competition and Consumer Commission (ACCC)	Apr 6, 2022	cdr-support.zendesk.com	Guidance
Phase 2, Stream 3 Research Report	Tobias	Jul 31, 2019	cx.dsb.gov.au	Research

Last updated

This page was updated @Sep 22, 2025

Have your say

Community consultations and maintenance are part of our ongoing process. Here’s how you can get involved:

Request new Guidelines or changes to existing Guidelines through the CX Guidelines Consultation process
Request new Standards or changes to existing Standards through the Standards Maintenance process
Log a ticket for any questions about the rules, standards, or guidelines through the CDR Support Portal
Email your feedback to cx@dsb.gov.au

Quick links to CX Guidelines:

Accessibility statement

→ cx@dsb.gov.au → cx.dsb.gov.au | cds.gov.au

The Consumer Data Standards Program is part of Treasury. Copyright © Commonwealth of Australia 2023. The information provided on this website is licensed for re-distribution and re-use in accordance with Creative Commons Attribution 4.0 International (CC-BY 4.0) Licence.