The Great Identity Wars of 2007
Posted by Jeff as Open Source
When I was with SAP Ventures we invested in Ping Identity with the very simple investment thesis that 1) identity technologies were on a path to identity federation simply to reduce the complexity that users have to deal with across systems, and 2) the line between consumer and enterprise technology was blurring as business users (consumers themselves) would ultimately demand the kind of convenience with their business systems that they were getting from consumer technology.
The thesis was and is still sound but we missed one important element, openness. I’ve been a fan of OpenID for a while, starting with my first experience with it when I signed up for a MyOpenID URI as part of signing up for a Zooomr account. Ping and Sxip are still great solutions for enterprise deployments, but how do I get an identity on Ping or Sxip and use it for my business and my personal use?
Sure, I can use Sxipper if I use Firefox, and get an OpenID to boot, but simply remembering passwords is not enough to be a convenience for consumers and business users alike, and neither is a form filler. More to the point, my identity information has already been created online, it’s in the bits and pieces that exists across all the services I already use. How do I vacuum up all these bread crumbs and present it in unified form as my identity, without asking me to recreate it as a deliberate act?
A drivers license is a universally accepted ID and it’s completely self contained, I carry it with me and whenever I hold it for display it is accepted as a bona fide credential. What is the equivalent of a drivers license on the web? It would appear that AOL is aiming to be an identity authority and given their footprint in the market I would suggest they have a credible shot at it. Yahoo! is also making a big push with BBAuth in an attempt to leverage the massive amount of user information they have in their database, but AOL’s embrace of OpenID is smart because it makes a bet that an open identity technology will ultimately be the one most adopted by websites and systems, and it doesn’t require them to develop a lot of technology from scratch.
I think it’s pretty safe to say we’re going to see all the major consumer players adopt similar strategies as a means of securing a corner at an important intersection in the market.
Why AOL Created 63 Million New OpenIDs:
How does it affect AOL/AIM users? With the OpenID integration, an AOL user will be able to login to a service provider that accepts OpenID, using their AOL/AIM username/password, without needing to create a new service-specific username/password. This is a great way for AOL to try and retain its once formidable (and still significant) user base, by providing an OpenID-based solution to the knotty problem of web single sign-on. So AOL user names will potentially be an entry into hundreds of different web sites and services, thanks to OpenID.