I’m the developer of the applet linked by @bernado82

The updater do not prompt for the root password to make it more user friendly (the default kde updater does the same).

My updater uses Polkit to manage permissions so if you want you can override this behavior with a .policy file, but then you’ll be prompted for root password also when the applet search for the updates (this is necessary because “zypper dup --dry-run” cannot be run by normal users, it require root to be launched)

We all understand that user friendlyness and security are battling each other.

Rather then going to find out how to change the Polkit configurations and then not to forget to do that change on all the systems I install, I prefer to not have Packagekit installed and not have the Applet installed. I do not want to have my users any task in managing software (or bothering about it). That is the task of the system manager (root) alone.

But that is my personal view.