Frictionless Authentication System: Security & Privacy Analysis and Potential Solutions

TL;DR

This paper introduces a frictionless authentication system, analyzes its security and privacy challenges, and proposes potential solutions to enhance its safety and user privacy.

Contribution

It provides a comprehensive security and privacy analysis of frictionless authentication systems and suggests three potential solutions with their respective pros and cons.

Findings

Identified key security and privacy threats

Defined security and privacy requirements for frictionless systems

Outlined three potential solutions with advantages and disadvantages

Abstract

This paper proposes a frictionless authentication system, provides a comprehensive security analysis of and proposes potential solutions for this system. It first presents a system that allows users to authenticate to services in a frictionless manner, i.e., without the need to perform any particular authentication-related actions. Based on this system model, the paper analyses security problems and potential privacy threats imposed on users, leading to the specification of a set of security and privacy requirements. These requirements can be used as a guidance on designing secure and privacy-friendly frictionless authentication systems. The paper also sketches three potential solutions for such systems and highlights their advantages and disadvantages.