There is no secure authentication method because if you compromise the client (i.e. the desktop PC or phone they are using to perform operations) then you can just take control after the user authenticated regardless of authentication method.
What you need is a secure client, such as a dedicated tablet that is only used to access that service, along with a tamper-proof self-destruction system and a camera and set of sensors that can identify that only the intended person is present.
Even then the user can still be blackmailed to act in the attacker's interest, so you also need to offer the user a secure place to live in and make sure they are fully happy.
What you need is a secure client, such as a dedicated tablet that is only used to access that service, along with a tamper-proof self-destruction system and a camera and set of sensors that can identify that only the intended person is present.
Even then the user can still be blackmailed to act in the attacker's interest, so you also need to offer the user a secure place to live in and make sure they are fully happy.