How Meta enables de-identified authentication at scale

Data minimization — collecting the minimum amount of data required to support our services — is one of our core principles at Meta as we continue developing new privacy-enhancing technologies (PETs…

Shiv Kushwah
10 min readintermediate
--
View Original

Overview

The article discusses how Meta implements de-identified authentication at scale through its Anonymous Credential Service (ACS), which enhances user privacy while maintaining secure authentication. It outlines the architecture, protocol, and real-world applications of ACS, particularly in WhatsApp and federated learning.

What You'll Learn

1

How to leverage anonymous credentials for secure authentication

2

Why de-identification is critical for user privacy in data collection

3

When to implement de-identified authentication in high-volume applications

Prerequisites & Requirements

  • Understanding of authentication mechanisms and privacy concepts
  • Familiarity with APIs and service architectures(optional)

Key Questions Answered

How does Meta's Anonymous Credential Service enhance user privacy?
Meta's Anonymous Credential Service (ACS) enhances user privacy by allowing authentication without user IDs. It uses anonymous credentials to issue tokens that cannot be linked back to the user's identity, ensuring that user data remains de-identified while still enabling secure interactions.
What are the phases of the anonymous credentials protocol?
The anonymous credentials protocol consists of two phases: token issuance and de-identified authentication. In the first phase, a client requests a token from the server through an authenticated channel. In the second phase, the client uses an anonymous channel to authenticate with the server using a mutated form of the token, preserving privacy.
What challenges did Meta face while scaling the ACS?
Meta faced challenges such as managing server capacity in relation to traffic growth, handling traffic spikes from batch requests, and ensuring a smooth onboarding process for new use cases. They implemented solutions like credential reuse limits and a self-service onboarding portal to address these issues.
How is de-identified telemetry used in WhatsApp?
De-identified telemetry in WhatsApp is implemented through ACS, which allows the app to report performance metrics without collecting user identity. This approach helps maintain user privacy while ensuring the app runs smoothly and efficiently.

Key Statistics & Figures

Requests per second handled by ACS for WhatsApp
hundreds of thousands
This high volume is necessary to support the scale of WhatsApp's user base and ensure performance.

Technologies & Tools

Backend
Anonymous Credential Service
Used for de-identified authentication to enhance user privacy.
Backend
Twine
Meta's container orchestration framework that ACS is built upon.
Database
Zippydb
Used for tracking credential reuse limits in ACS.

Key Actionable Insights

1
Implement de-identified authentication in your applications to enhance user privacy.
By using techniques like those employed in Meta's ACS, developers can protect user identities while still gathering necessary data for service improvement.
2
Utilize a self-service onboarding portal for integrating new use cases into your system.
Creating a streamlined onboarding process can reduce the time and resources required for new integrations, making it easier for teams to adopt new technologies.
3
Monitor and manage traffic to prevent server overload during peak usage.
Implementing rate limiting and request spreading techniques can help maintain service reliability and prevent denial-of-service scenarios.

Common Pitfalls

1
Failing to manage traffic spikes can overwhelm your authentication service.
This often occurs when multiple clients send batch requests simultaneously. Implementing techniques like request dithering can help distribute traffic more evenly.
2
Not providing adequate onboarding resources for new use cases can slow down adoption.
Without a self-service onboarding process, teams may struggle to integrate new technologies, leading to delays and increased reliance on expert knowledge.

Related Concepts

Privacy-enhancing Technologies
De-identification Techniques
Authentication Mechanisms
Federated Learning