Tangilla keeps a list of trusted devices per user. The list has a maximum of devices set by client, typiclaly three (3). When a user tries to store a 4th device, the oldest device is deleted and the new one replaces it (first in, first out)
The trusted device feature works by dropping a cookie on the browser. The browser passes the cookie to the server every time the user tries to log in and checks to see if the value stored on the cookie matches one on the users trusted devices list. If it does the SMS is bypassed otherwise the SMS is sent.
If the user is using their browser in incognito mode or have installed a privacy plugin which blocks cookies, the trusted device feature will not work. This is because in both cases the cookies are deleted after the user closes their browser.
The words "trusted device" is a little deceptive. It's actually a "trusted browser". This means if you use edge to login and trust the device this does not make firefox on the same device trusted. This also means if you were to have 4 browsers on your device you could max out the number of trusted devices on one device. The reason it is this way is because "trusted devices" is achieved using cookies (as mentioned above) and cookies are not shared across browsers.
Note: the term "trusted device" and the implementation describe above is the same as the one used by Google.