Nowadays, different approaches exist to authenticate a user that requests a service. As an example, the SAML (SAML: Security Assertion Markup Language) protocol authenticates a user that requests a service from a service provider. According to the SAML protocol, the possibility is offered to exchange security-associated information between two entities for providing authentication for the one entity seeking authentication.
According to the SAML protocol, the service may be requested e.g. by a terminal. Upon receiving the service request, a server of the service provider sends an authentication request to an authentication server, which authenticates the user based on an authentication procedure, e.g. information provided or cause to be provided to the authentication server such as a password, a one-time password, a certificate, a biometric representation of the user, etc. In case the authentication was successful, a response is returned to the server of the service provider. Thus, the user is authenticated and the requested service can be provided to the user.
However, by performing an authentication of the user solely, there is room for fraudulent usage of the service. For instance, authentication credentials, which may be used for identifying the user, may be copied by an unauthorized third person, in particular if an application that is used to provide the authentication credentials has been compromised. The unauthorized third person may spoof the authentication server to believe that the unauthorized third person is the eligible user.
Further, another possibility of fraudulent usage of a services to modify the electronic device and/or an application that is used by the user to access/use the requested service. In this way, although the user may be entitled to use the service, the modification of the application may cause the service to be used in an unexpected or even criminal way to the disadvantage of the user and/or service provider.