Google is constantly pushing to move from authenticator codes to Google prompt, due to it being more secure according to them. I can not find any explanation on the security of authenticator vs prompt. With my limited knowledge, I believe both are susceptiple to phishing, so what's the security benefit?
In OTP/TOTP it doesn't matter where the OTP comes from, so code is the second factor. In google auth the mobile device is the second factor.