When a user starts an APP, the first thing the APP needs to do is authenticate the user, especially if the APP wants to interact later with the Hive blockchain.
Usually, this is done by entering a username and password and matching it against similar data stored somewhere.
Hive Authentications Services enables applications to authenticate their users by simply providing a username and relieving the applications from storing additional credentials data.
The credentials are stored in the PKSA local storage and act as a Two-Factor Authentication (2FA) provider.
The users only need to trust one PKSA, where they safely store their private keys. They no more will be required to provide any key to any HAS enabled application. Likewise, they are guaranteed that their keys will never leave the PKSA.
After the user has provided the APP with their account name, the APP will perform the authentication process.