What does “mobile-to-web cross login with a QR code” mean ? It is one of the approaches for the two-factor authentication. Suppose that a user is already authenticated in your application (in my example it would be an android app) and the user wants to use it’s actual session to perform an automatic authentication in another application (in my case it’s a web app). There are several examples of popular apps which use this approach. For example, to login into a web session with WhatsАpp, you must login on your phone and then scan a QR code in the web interface.