What Are Auth47 Paynym Accounts?

As a modern internet user, you’ve probably got accounts with tens, even hundreds of websites, from eCommerce stores to software applications, social media apps and news publications. Managing accounts on all these platforms has become such a pain you either have to opt for setting up a password-managing service or trust your browser to remember everything, which isn’t exactly the safest thing to do. 

It’s become such a pain that users are actively trying to avoid creating accounts with new platforms; it’s just more admin. No matter how attractive the offering, signing up for a new service is a pain in the arse.

OAuth logins have become website standard best practices; websites that don’t provide one-click sign-ups and logins are a rare breed. If you’re signing up for a service that requires you to provide an email address and generate a new unique password with special characters, you’ll likely bounce instead of going through the hassle. 

• Convenience: OAuth logins are typically much faster and easier than creating a new account with each website or service. Users can authorise the OAuth service to access their existing account information, and they are then logged in without having to enter any additional information.
• Security: OAuth logins are more secure than traditional login forms because they do not require users to reveal their passwords to the website or service they are logging into. Instead, the OAuth service generates a unique token that is used to authenticate the user. This helps to protect users from phishing attacks and other forms of password theft.
• Privacy: OAuth logins can help users protect their privacy by limiting the amount of personal information they share with websites and services. When users log in with an OAuth service, they only need to share the necessary information for that service to function. This helps to reduce the risk of users’ personal information being misused or sold to third parties.

In addition to these benefits, OAuth logins can also help websites and services to improve their user experience. Websites and services can increase user engagement and retention by making it easier for users to log in.

Issues with OAuth

While OAuth today might solve the friction of getting in and out of different services, it brings with it a new set of problems, as most OAuth services are run by big tech platforms like Meta and Google, who are foaming at the mouth to get more of your data. OAuth can also be a single point of failure; if any of these big tech firms were to go down temporarily or worse for good, your account would die along with it.

Well, you could go back and manually salvage your accounts and tie them back to your email address, but no one will do that, so consider those accounts dead.  

Instead of falling back to email, which has its merits as an age-old open protocol, we can consider Bitcoin an authentication method. Why should we be forced to hand over a method of contacting us (or, worse, spamming us) to create an account? 

Instead, why cannot we prove we are the user with a unique signature that only our wallet can generate? Wouldn’t that make for a better way to access tools online? 

Bitcoiners sure think so, and we now have several ways of turning a Bitcoin wallet into a method of proving your identity with tools like:

1. Login with Nostr
2. Login with Lightning
3. Login with Slashtags
4. Login with PayNym or Auth-47

What is a PayNym?

PayNyms are a secure and private way of sending and receiving Bitcoin using BIP47 Reusable Payment Codes, and they are currently supported natively by Samourai Wallet and Sparrow Wallet.

PayNym-compatible wallets produce a unique ‘payment code’ (beginning with ‘PM8T’) that never changes. These codes can be shared publicly and, when scanned or added by a compatible wallet, will generate unique unused Bitcoin addresses between one another without revealing prior transactions or balance history.

PayNyms are controlled and managed using client-side wallet software. Only the provable owner of the private keys can interact with their PayNym. A PayNym isn’t an intermediary or third-party service. Only your wallet possesses the private keys needed to control them, making it a great option to prove you are a unique owner of that wallet without handing over any additional information. 

How to use Auth-47

Using your PayNym, you can authenticate a login to a website or service which has this authentication feature integrated. Creating or logging into an account using the PayNym authentication method is known as Auth47 and uses a challenge-response mechanism to validate your PayNym identity.

If you have a PayNym set up and you found a website that will let you create an account with your PayNym, all you need to do is follow these steps

• Tap Authenticate using PayNym
• Paste the “challenge” into the text field
  or
  Tap the scan icon and scan the “challenge” QR code presented by the website or service.
• Visually verify the on-screen URL is honest (i.e. the URL displayed on the screen is expected)
• Tap Authenticate
• When authentication is complete, an Authentication success notification will be displayed:

Note: If the website, app or service you are trying to authenticate with operates over Tor, ensure you have Tor enabled within your Samourai Wallet network settings before attempting to authenticate with PayNym.

Benefits of Auth47 logins

• Increased user security: Auth47 privacy logins make it much more difficult for hackers to steal user data since you’re not passing on any to create an account. 
• Reduced risk of data breaches: Auth47 privacy logins can help to reduce the risk of data breaches by making it more difficult for hackers to steal user data. This is because Auth47 logins do not require users to reveal their personal information to the website or app they are logging into.
• Improved user experience: Auth47 privacy logins are fast and easy to use, which can help to improve the user experience. Users can authorize the Auth47 service to access their existing account information and log in without entering any additional information.

Why Add Auth47 to your website?

Auth47 offers users a privacy login ideal for capturing or catering to users who don’t want to hand over private information or if you’re looking to appeal to a privacy-centric or Bitcoin-centric user base. 

But it doesn’t mean your existing users would not want to take advantage of its feature sets if exposed to it. You can communicate the security benefits to users, allow them to connect their account to a PayNym later and explain the benefits versus using traditional security measures like SMS, email or 2FA authenticator OTP services. 

In addition to these benefits, Auth47 privacy logins can help websites improve their reputation. By offering a more secure and private login option, websites can show users they are committed to protecting their data.

Do your own research.

If you want to learn more about Auth-47, use this article as a jumping-off point and don’t trust what we say as the final say. Take the time to research, check out their official resources below or review other articles and videos tackling the topic.

• jsdelivr.com – @samouraiwallet/auth47
• samourai.io – Tools