Wouldn’t it be great if you could have one super secure login & password to access all your private information?
Isn’t it frustrating to log in with various user names & passwords all the time? Multiple email accounts, online banking, eBay, Linkedin, Skype, loyalty programs, iGoogle, online supermarket, itunes, etc…. Ever wondered how you could make this much easier on yourself and access your personal data from all of the above, and more, with a single identification point? How far are we from a single chip that would carry all the information about an individual? And that ever happens how scary would it be?
Actually, the below Coca Cola campaign, clearly demonstrate that we are not that far away!
Here is my top line understanding of the solutions available:
The OpenID protocol had been available since May 2005, more than 2 years earlier than OAuth Core 1.0. Even though it got support from the main digital platforms (Symantec, Yahoo!, Sun Microsystems, MySpace, Windows Live, Paypal…) it hasn’t been adopted by the end user as THE revolutionary identification system, which demonstrates the importance of the end user benefits since the combined force of all those platforms was at the time much greater than Facebook alone. With its Graph API, Facebook gave a massive push to OAuth, and in 2010, OAuth 2.0 became the lead identification standard.
In 2008, The New York Times said: “Instead of trying to hoard information about their users, the Internet companies (including Facebook, Google, MySpace and Twitter) all share at least some of that data so people do not have to enter the same identifying information again and again on different sites.” This is it! Facbeook has set itself in a monopoly situation with its Connect API.
So, where to from here?
Facebook holds our “hard identity” (first name, last name, place & date of birth…). Information such as, colour of eyes, height… why not finger print identification (through mobile and computer devices) could be added to the current profile fields. After all, Facebook has already added a face recognition feature on pictures. Facebook also holds our “soft identity” (who we are friends with, our interests, what we like, where we are…). So with total control over the ‘social graph’ and its increasing critical mass Facebook might eventually find increasing pressure from governments to provide access to its information. We can easily imagine that governments will soon want to intervene. At some point, they might try to usurp control of the third party authentication business and that it ultimately it will become a government regulated industry (e.g. of applications: law enforcement, travel documents, welfare, medical data…). In the same trend, we can think that private and public sector will start to integrate their own systems with Facebook. Third party authentication will become the norm across all website and mobile experiences that connect individuals’ experiences. This is where a multitude of commercial application comes to mind: loyalty programs, retail applications, customer care, personalisation and prediction…
So has, OAuth 2.0 protocol brought us heaven or hell on earth?
How long until, this becomes a day to day reality… I am afraid, not as long as we think…