Is It Really You Who Forgot the Password? When Account Recovery Meets Risk-Based Authentication

arXiv:2403.11798v1 Announce Type: new
Abstract: Risk-based authentication (RBA) is used in online services to protect user accounts from unauthorized takeover. RBA commonly uses contextual features that indicate a suspicious login attempt when the characteristic attributes of the login context deviate from known and thus expected values. Previous research on RBA and anomaly detection in authentication has mainly focused on the login process. However, recent attacks have revealed vulnerabilities in other parts of the authentication process, specifically in the account recovery …

account accounts arxiv attributes authentication context cs.cr features login online services password protect rba recovery risk risk-based risk-based authentication services takeover unauthorized