Existing OAuth/OIDC authentication mechanisms (e.g., “Sign in with Google/Facebook”) enable convenient single sign-on but empower identity providers (IdPs) to cross-site track users, severely compromising privacy. This paper proposes BISON, the first stateless, blind pseudonym derivation protocol that requires no new entities or device-state assumptions. BISON ensures the IdP learns neither the relying party’s identity nor any linkable information: each authentication yields a scope-limited, unlinkable, and irreversible pseudonymous identifier. Built upon a lightweight elliptic-curve oblivious PRF, BISON incurs only four scalar multiplications and four hash operations—deriving identifiers in ≈3 ms. It extends OIDC via a standards-compliant, drop-in extension requiring zero modifications to existing deployments. Evaluation demonstrates that BISON effectively prevents collusive tracking by IdPs and relying parties, achieving strong security guarantees while maintaining high efficiency and practical deployability.

Delegating authentication to identity providers like Google or Facebook, while convenient, compromises user privacy. These identity providers can record users' every move; the global identifiers they provide also enable internet-wide tracking. We show that neither is a necessary evil by presenting the BISON pseudonym derivation protocol, inspired by Oblivious Pseudorandom Functions. It hides the service provider's identity from the identity provider yet produces a trusted, scoped, immutable pseudonym. Colluding service providers cannot link BISON pseudonyms; this prevents user tracking. BISON does not require a long-lived state on the user device and does not add additional actors to the authentication process. BISON is practical. It is easy to understand, implement, and reason about, and is designed to integrate into existing authentication protocols. To demonstrate this, we provide an OpenID Connect extension that allows OIDC's PPID pseudonyms to be derived using BISON. Additionally, BISON uses lightweight cryptography. Pseudonym derivation requires a total of four elliptic curve scalar-point multiplications and four hash function evaluations, taking ~3 ms in our proof of concept implementation. Thus, BISON's privacy guarantees can be realized in practice. This makes BISON a crucial stepping stone towards the privacy-preserving internet of tomorrow.