Updated CX artefacts and requirements to reflect:
• Consultation Draft 369: Redirect to App - Draft Standards; and
• Change Request 700: CX Guidelines | Redirect to App (R2A) CX Guidelines Changes.
This includes:
• Visual, UI and Experiential updates to reflect the new standard requirements
Standards changes
• New standards relating to:
◦ fallback authentication flows (new checklist item: 2AU.00.26)
◦ friction (new checklist item: 2AU.00.27)
◦ levels of assurance (new checklist item: 2AU.00.28)
◦ app install (new checklist item: 2AU.00.29)
◦ one time password credential requirements (new checklist item: 2AU.00.30)
◦ passwords (new checklist item: 2AU.00.31)
◦ memorised secrets (new checklist item: 2AU.00.32)
◦ profile selection (new checklist item: 2AU.00.33)
• Updates to standard relating to:
◦ password link (updated checklist item: 2AU.00.02)
◦ one time password expiry (updated checklist item: 2AU.03.05)
◦ one time password credential requirements (updated checklist item: 2AU.00.06, 2AU.03.08, 2AU.03.10–15)
◦ user identifiers (updated checklist item: 2AU.01.07)
• Retirement of existing standard requirements due to their removal from the standards (retired checklist items: 2AU.00.03–4, 2AU.00.09)
Guidelines changes
• New CX guidelines relating to:
◦ authentication methods (new checklist item: 2AU.00.34)
◦ authentication credentials (new checklist item: 2AU.00.35)
◦ app download link (new checklist item: 2AU.00.36)
• Updates to guidelines relating to CDS guidelines and conventions (updated checklist item: 2AU.01.20–21)
CX Guideline website page
• Updates to page hierarchy for clarity — section title changed from ‘Redirect with One Time Password’ to ‘Redirect to Web with One Time Password’
• Updates to include references to consultations standards and guidelines
• Updates to CX checklist
• New open source design asset 2AU. Redirect to Web with One Time Password v1.35.0.2025.09.22
Authenticate: Redirect to Web with One Time Password