Frictionless Authentication System: Security & Privacy Analysis and Potential Solutions
This addresses security and privacy issues in authentication systems for users, but it is incremental as it builds on existing concepts without introducing a new paradigm.
The paper tackles the problem of designing secure and privacy-friendly frictionless authentication systems by analyzing security and privacy threats and specifying requirements, but does not report concrete results or numbers.
This paper proposes a frictionless authentication system, provides a comprehensive security analysis of and proposes potential solutions for this system. It first presents a system that allows users to authenticate to services in a frictionless manner, i.e., without the need to perform any particular authentication-related actions. Based on this system model, the paper analyses security problems and potential privacy threats imposed on users, leading to the specification of a set of security and privacy requirements. These requirements can be used as a guidance on designing secure and privacy-friendly frictionless authentication systems. The paper also sketches three potential solutions for such systems and highlights their advantages and disadvantages.