Intelligent Authentication Gateway: Bridging the Gap between Traditional and FIDO2 Security through AI/ML Enhancement

Abstract

The prevalence of password-based authentication remains a significant security risk, susceptible to attacks like phishing and credential stuffing. FIDO2 presents a promising alternative, offering robust public-key cryptography and various authenticators for a more secure and user-friendly experience. However, transitioning from traditional systems to FIDO2 faces challenges, including integrating with existing infrastructure and ensuring a seamless user experience. We propose an Intelligent Authentication Gateway (IAG) that bridges this gap, leveraging the strengths of both traditional and FIDO2 authentication. The IAG employs an ML model, called Gator, trained on various parameters to dynamically assess risk and direct users to the appropriate authentication method. For high-risk scenarios, FIDO2 provides enhanced security, while low-risk situations utilize traditional methods for efficiency and convenience. This hybrid approach optimizes security based on context while minimizing disruption to user experience, enabling organizations to smoothly transition to FIDO2 and addressing user acceptance and integration complexities.