I'm having a tough time understanding all the moving parts involved. Could you post some drawings of what happens in different scenarios? 'cause I'm more of a visual learner.
From what I can tell, the user navigates to a site previously provisioned with Authy, they choose to authenticate via Authy, and then ??? happens resulting in their cell phone giving them a time-limited one-time passphrase.
From what I can tell, the user navigates to a site previously provisioned with Authy, they choose to authenticate via Authy, and then ??? happens resulting in their cell phone giving them a time-limited one-time passphrase.