Hey there @emanuele.gringeri!
Let me a little bit elaborate on that. No matter if you’re using Lock for Android or iOS, the main advantage that it gives you in terms of authentication is that we handle the authentication behind the scenes for you. You can customise the Lock widget so as to make it go well with your UI.
You’re also right that the login is performed through user’s browser (because of security reasons), when user wants to authenticate in your app, one is redirected to the browser and then after successful authentication redirected back to your app. Whole authentication as well as the login widget provided (with customisation options) is handled by the Lock SDK.
When it comes to the Authentication API itself you can authenticate the user too, using appropriate endpoints and do the UI fully designed by yourself