It's not Microsot's MFA, others do this also. It's push notification authentication. Better than SMS in that sim swapping or ss7 type attacks won't work on it. They also support yubikey/fido, it's up to your AAD admin to allow any of those.