We are intentionally staying away from OAuth, we can do better with Bitcoin. As @aesesino points out, every transaction needs to be signed with Paymail. While this may come off as inefficient today, this is like taking one step back today to move ten steps forward tomorrow. It will become much more efficient and powerful exactly because we adopt this scheme.
It's a completely different type of bitcoin overlay authentication/authorization system only possible with the current BSV infrastructure, which will make apps extremely portable, where applications revolve around users instead of users revolving around apps.
This is not obvious at the moment but it will be, soon.
That said, the onboarding problem is very real, and I know that all Bitcoin wallet companies are working hard to fix this in their own unique ways, and know for a fact that there are some great solutions to be shipped soon. So my point is, yes, the onboarding problem exists, but it's being actively worked on by all wallet companies and I believe that's the right way to fix this problem instead of introducing technical debt.