OpenID Foundation Market Research Report from IIWb 2008


Published on

Summary of research from OpenID Foundation Content Provider Advisory Committee and other primary market research.

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

OpenID Foundation Market Research Report from IIWb 2008

  1. 1. OpenID Foundation Customer Research Committee November 11, 2008
  2. 2. <ul><li>18 Organizations </li></ul><ul><li>8 OpenID Providers (OPs), 8 Relying Parties (RPs) </li></ul>
  3. 3. Ranking Areas of Interest
  4. 4. Positive Feedback <ul><li>OpenID is viewed positively: open, lightweight, extensible, etc. </li></ul><ul><li>OpenID addresses an important market need, OpenID (or something like it) will have broad adoption sooner rather than later </li></ul><ul><li>Strong market adoption from net savvy technologists, people with early adopter values, user-generated content websites and small Web 2.0 companies </li></ul><ul><li>Market drivers </li></ul><ul><ul><li>Move to open web, interoperable framework </li></ul></ul><ul><ul><li>Growing on-line activity levels (research, e-commerce, social networks, etc.) </li></ul></ul><ul><ul><li>Increasingly web savvy consumers </li></ul></ul><ul><ul><li>Move to user-centricity, growth of user-generated content </li></ul></ul>
  5. 5. Positive Feedback (cont.) <ul><li>Technology enablers </li></ul><ul><ul><li>Acceptance of open source software, software as a service (SaaS) </li></ul></ul><ul><ul><li>Matured web technologies </li></ul></ul><ul><li>Business benefits cited </li></ul><ul><ul><li>Allow consumer users to move from website to website easily and seamlessly, manage their web identity in one place, get personalized info in a “trusted” way </li></ul></ul><ul><ul><li>Provide SSO federation across multiple web properties within a ‘family’ of sites (“internal”) </li></ul></ul><ul><ul><li>Provide federated SSO with partner sites (“external”) </li></ul></ul><ul><ul><li>Holy Grail: Consumers will be able to move seamlessly across all sites on the web in an authenticated session </li></ul></ul><ul><ul><li>Streamline registration, reduce drop-off rate of potential visitors at registration, increase conversion rates of site visitors to registered users </li></ul></ul><ul><ul><li>Reduce customer care costs associated with password maintenance </li></ul></ul><ul><ul><li>Provide a higher-quality brand experience; get consumers more easily engaged and interacting; retain them better, longer </li></ul></ul><ul><ul><li>Learn more about consumer users via “user-centric identity tools” (SREG, AX, OAuth, MySpace Data Availability, Portable Contacts, etc.) </li></ul></ul><ul><ul><li>Enable revenue-sharing arrangements between OPs and RPs </li></ul></ul>
  6. 6. Areas for Improvement <ul><li>User Experience </li></ul><ul><ul><li>“ Over complicated” user experience </li></ul></ul><ul><ul><ul><li>UI design, sign-on flow, attributes, URL as identifier, inconsistent user experience across OPs and RPs, reconciliation of multiple user accounts, sign-off, etc. </li></ul></ul></ul><ul><ul><li>Lack of consumer understanding of OpenID </li></ul></ul><ul><li>Data </li></ul><ul><ul><li>Many large OPs not sending SREG data today, email is most requested field </li></ul></ul><ul><ul><li>Lack of a flexible international data scheme with ability to adapt it to local customs, business models, etc. </li></ul></ul><ul><li>Business/Legal </li></ul><ul><ul><li>Not all business managers fully understand the business benefits of OpenID </li></ul></ul><ul><ul><li>Legal and regulatory frameworks not fully developed </li></ul></ul><ul><ul><li>Security/Trust/Privacy issues require further development </li></ul></ul><ul><ul><li>Possible need for some kind of OP certification program </li></ul></ul><ul><li>Adoption </li></ul><ul><ul><li>Few large companies have implemented it broadly yet </li></ul></ul><ul><ul><li>OpenID supporters and Foundation Board members appear to be more focused on the technology than the business applications and needs </li></ul></ul>
  7. 7. Initiatives Underway <ul><li>UX </li></ul><ul><ul><li>Yahoo, Google, AOL, Microsoft, MySpace, Facebook, JanRain, Vidoop, Plaxo and others met at Yahoo for a user experience (UX) summit to discuss ways to improve the OpenID user experience between OPs and RPs. </li></ul></ul><ul><ul><li>Yahoo streamlined their OP login process, Google LSO initiative, JanRain RPX </li></ul></ul><ul><li>Data </li></ul><ul><ul><li>Google is providing verified email via AX, Yahoo and AOL evaluating SREG deployment, MySpace to provide profile and friends data, Plaxo supporting Portable Contacts </li></ul></ul><ul><li>Legal Framework </li></ul><ul><ul><li>Yahoo and Google are developing templates for legal and business agreements governing OP/RP interchanges </li></ul></ul><ul><ul><li>NRI leading on Trusted Data Exchange (TX) extension </li></ul></ul><ul><li>Security </li></ul><ul><ul><li>The PAPE authentication security standards have been officially submitted for public review and final ratification </li></ul></ul><ul><ul><li>OIDF Security Committee has been formed, chaired by Tony Nadalin of IBM </li></ul></ul>