Identity, Authentication, and Provisioning Them Online

Christina jotted down some thoughts on indentity on a flight to SF and I read them this morning. In her post, she references Ev's excellent post on the same topic from a while back. So I went on a bike ride as the sun rose over the east end of long island and thought a bit about all of this.

Before going on, I'd like to emphasize that these thoughts are mine and mine only. Nobody has seen this post before publishing other than me, including my partners and our portfolio companies. It does not represent the opinions of any company I and/or our firm are involved in.

I don't have a single online identity. I have many. They are rich, representative, and different from each other.

@fredwilson

facebook.com/fredwilson

fredwilson.vc (tumblr)

avc.com

foursquare.com/fredwilson

soundcloud.com/fredwilson

fredwilson.fm

etsy.com/people/fredwilson

disqus.com/fredwilson

And many many more.

I apologize to all the services out there (in and out of our portfolio) that I left off this list.

I believe that OpenID is on the right track. In the OpenID scheme:

The term OpenID may also refer to an ID as specified in the OpenID standard; these IDs take the form of a unique URL, and are managed by some 'OpenID provider' that handles authentication.

OpenID has two important concepts in it. The first is identity. The second is authentication. The two are totally different but they have become comingled on the web because the leading third party authentication services, Facebook, Twitter, and Google, are combining the two in interesting ways.

When you build a web and/or mobile app and you want to make it easy for the user to share data between your app and one of these big three web services, you provide for one button authentication to them. Everyone who uses the web and mobile apps is now familiar with "login with Facebook", "login with Twitter" or "login with Google". We use them all the time. They make things easier on us.

These authentication services provide some notion of identity as well. But only your identity in their service. Not your entire identity.

So back to OpenID for a minute. I really like the idea that a URL can be an ID. But I don't like the idea that one URL is your ID. I like the idea that a list of URLs makes up your ID. I started my list at the beginning of this post. It is not complete by any means, but it is a good start.

So what I want is a layer that sits on top of all these services, aggregates up all of my URLs (identities), and then provides authentication in the same way that Facebook, Twitter, and Google do today.

And I'd like this layer to be able to provision to web services exactly the same data that you can get (and give) by authenticating directly with the social platforms. And, of course, I'd like to control what data gets provisioned to what apps.

Many have taken a stab at this over the past few years. It is a big opportunity and a big problem. But none (including OpenID) have gotten the kind of traction that Facebook, Twitter, and Google have. I believe there are several reasons for that. First, you need a brand that users recognize (and trust??) to be able to do this. Second, the authentication experience needs to be simple, easy, and not geeky in the least. And third, you need the cooperation of Facebook, Twitter, and Google to do this well and it is in their interests to be the providers of authentication and identity on the Internet so getting that cooperation has been tough.

The good news is it is becoming increasingly clear that no one web service will control our identity online. The success of Google+, Tumblr, Foursquare, Instagram, etc, etc in the past year has shown that users want more social platforms in their lives, not less. Or at least that some users want different social platforms than the ones that have been leading the way for the past decade.

So maybe the big three can get together and cooperate on building this authentication layer on top of their services and promoting is as an indepedent way to authenticate and provision identity and related data to web and mobile services. I'd love to see that happen and I suspect the Internet would be a better place because of it.

#Web/Tech

Comments (Archived):

  1. William Mougayar

    I think it’s a great goal to have, but my first reaction is that- as you implied, we’re doing this in a semi-aggregated way, ie. via the 3-4 big platforms that have become entry keys to other places. The OpenID implementation was probably technically sound, but a nightmare for the user. Just my opinion, but I’m not hopeful that they will co-operate. It’s like credit cards or club memberships. We settle on a few cards and a handful of memberships, but not one card rules them all, although a platinum Amex may get you some unique privileges, it’s more like the exception.

    1. tav rocky

      They won’t do that, because as long as there is ego it won’t happen unless the government regulates the web and makes them.

  2. leigh

    ID and community are two different things for me.  URLs represent the different communities I’m a part of.  While they are all part of who I am, they are in fact, all very different – how I connect, even who i connect with can be radically different (tumblr wld be a good example of that).  ID is about single sign on and not losing track of my online presence (convenience and control).I’m not sure i like the idea of big 3 collaborating on something so important.  Shareholders and all that.  Love Open ID concept but similarly to @wmoug:disqus  i found the implementation problematic.  Would like to see a non-profit org supported by big money (ala can afford good UX) to take a run at it.  

    1. fredwilson

      to me tumblr.com is a communityfredwilson.vc is my identity in that community

  3. dave

    I wish Twitter had done this, they could have — without anyone’s cooperation.In 2007, in a list of things Twitter could be — check out the third one…”3. A relatively open identity system. I’ve said it before, Twitter or something like it, could be the holy grail of open identity. While the engineers of the tech industry have been, imho, looking at the problem the wrong way by trying to glue together the huge namespaces controlled by powerful companies who don’t want to give up control. Twitter, with it’s ultra-thin user interface, and light feature set, and simple API (more on that in a bit) and the nothing-to-lose attitude of its management, may be the breakthrough. Or it could be Facebook, with it’s much larger user base and a management that also likes to roll the dice. The key is lots of users, a growing user base, and an API with no dead-ends.”http://scripting.com/storie…Huge corporate alliances don’t work. Let me tell you about SOAP someday. :-)Much better if something comes along, like Twitter, and fills the gap before the BigCo’s get around to fighting about it.

    1. fredwilson

      there’s a lot of things i wish twitter would have donebut they are back to building new stuff these days which i’m so happy to see

      1. dave

        I guess what I meant to say was this — there are moments when you can do these kinds of things, but most of the time you can’t.I suggest putting a bookmark on this idea, and if you happen to ever be inside a company that has the opportunity to do this, suggest it might be their best business model of all.BTW, I still think a Twitter camera would be a great idea.No need to reply.

  4. Martin De Saulles

    ” First, you need a brand that users recognize (and trust??) to be able to do this.”Fred, can you suggest any brands that might work?  Maybe a financial brand like  Visa that has international recognition?

    1. fredwilson

      i think a new brand is better

      1. Martin De Saulles

        problem with new brands/companies is whether people will trust them enough for something like this.  Early adopters may be willing to trust a new brand/company but getting mainstream adopters on board won’t be so easy. Although I guess Facebook hasn’t done a bad job of getting hundreds of millions to trust them (so far).

        1. fredwilson

          yes, but twitter, tumblr, foursquare, etc all are new brands

          1. tav rocky

            Bringing new brands into the space increases the current stake holders and challenges them to do better. It’s simply building blocks for someone to rethink the others idea and improve. I would like to call it progress.A fresh eye filled with passion to create and improve in this great tech space. Evolution of tech, if you will and it’s excellent.friendster, linkedin, myspace, facebook, twitter, google+ lead to something great.

  5. JimHirshfield

    Hard to keep this simple. Have you tried multiple logins on google? It’s cumbersome and flakey.

    1. fredwilson

      it’s a disaster on google. one of my huge pet peeves online.but what if you had a single login to a service. let’s call it auth.com.and when you join auth.com, you connect all your services to it.then you just login via your auth.com id and pw on whatever service you want

      1. William Mougayar

        Just carrying on that dream a little…I could see the first screen of auth.com as a simple dashboard/grid of your accounts already authenticated, and you go in and out, etc…, almost like an online banking App. It sounds great in theory, but will it work in reality? That’s the big question.

        1. jeff trudeaux

          An account creation process similar to mint.com would be great.  Sign up, link/register all your accounts, then use your auth.com account to sign in places and at sign-in, designate which sub-account (fb, goog’, etc.) is used for that site.  Back at auth.com you get a nice display of which account is linked to which site, maybe even with status updates (if possible?).   Damn, this could then turn into a flipboard like experience, with each ‘page’ of the app connected to individual online identities and the associated sites.  

      2. dave

        Hey Fred — why don’t you start this — perhaps in conjunction with a university, so no one would mistake it for a commercial venture.Factor it for total simplicity so it’s easy for developers to support.Then use your influence with Union Square portfolio companies to get them to allow logons from this place. Boom all of a sudden — installed base, and it becomes more attractive to developers, and users, etc etc.This is one of the things I wish VCs would do more of. Kick back some of your profits into projects that grow the playing field.

        1. fredwilson

          great suggestion dave. i’ll discuss with my partners. we are a partnership so we don’t do anything unless we are all up for it. also, we can’t require our portfolio companies to do anything. they would have to want to do thisbut i still like your idea and will suggest it

          1. dave

            Of course — goes without saying.Fred I’ve achieved fair success through enticing people to do what I wanted them to do. When I say “get” I fully appreciate that it’s a sales process.

          2. LE

            ..and maybe similar to a type of jawboning.”require” creates defensive behavior while jawboning creates fear of future known.

          3. dave

            I think of it as friendly arm-twisting. 🙂

          4. LE

             I mean of course “future unknown”

          5. markslater

            i mentioned in another post – talk to doc searls at the berkman center at harvard Law school – they are working on this exact set of issues with their VRM efforts. As dave mentions – your involvement can only help sow seeds across new fields of innovation in this area.

          6. fredwilson

            great suggestion

          7. markslater

            his new book is titled “the intention economy” – it will be right up your street.

      3. JimHirshfield

        That would be ideal. I thought that was the vision of OpenID or Oauth. Not sure the typical user cares how the sausage is made; but agree, it sure could be a lot easier.

    2. ErikSchwartz

      When the best solution to the problem of having three google ids going is to run one on chrome, one on firefox and one on safari something is wrong. What’s even worse is the google apps for biz ids act differently than the regular ids.They really need to let you merge ids. Both my YouTube account and my google voice account are tied to a google id I’ve basically deprecated in every other way.

      1. fredwilson

        i am doing that tooi use my gmail account on safariand my usv google apps account on chromenutssssssss

        1. RichardF

          you can use multiple sign in for the same browser

          1. Guest

            Yes Richard multiple account sign on has been a better way for me to go. Though I have to log into accounts in a specific order due to Google Plus. {Update: I have to do it that way (I think) because I have a separate tab open for G+ only.}

          2. RichardF

            Same here. Wanting to access Google + and my google apps account was how I discovered multiple sign in

          3. Guest

            Yeah, I just have to login with my Google account that is tied to my Google Plus account first then with Google Apps account is all. If I don’t do that I get an error and cannot access Google Plus. I am thick so it took me a few times to remember this part of my morning boot routine now. 🙂

          4. ErikSchwartz

            I have trouble with that. I think it’s because I have 2 regular google accounts, one free google apps account and one paid google apps business account. Multiple login for the regular ones seems to work fine. But seems to not work well with the apps accounts (particularly the paid one)

          5. RichardF

            I haven’t tried it with that many accounts Erik! 

          6. Fernando Gutierrez

            I have it working (kind of) with one gmail account and three google apps accounts (all free) in Chrome. I keep them open in four tabs most of the time.I had some problems with one of the google apps accounts until I transitioned that domain to the new version of apps (if you don’t do it they end up doing it themselves). Also, check if you have any of the email addresses informed as secondary address in any of the other accounts. I think that gave me some problems also.

          7. BillSeitz

            Yes, but I’ve found it rather buggy, e.g. if I click on a doc in GoogleApps doc-list, it tries to use my personal-gmail authentication and rejects me. If I refresh the GoogleApps listing page, then click on the doc, it works ok. Etc.

        2. Dhruvalpatel

          I found the best way to have multiple googles accounts in one browser is to open up an ‘incognito’ windows on chrome.This sandboxes your connection and gets rid of all the bugs with multiple signins.

      2. Doc Searls

        Try merging Apple IDs. You can’t, and it’s horrible: a huge usability hairball, at the world’s greatest “usability” company. When I update apps on my iPad or my iPhone, I have to do it for three different Apple IDs.Oh, and did you know that, even though .mac and .me addresses both interchange in email and other settings, they remain distinctly different IDs? Oh, and that you have to have a .me or .mac address if you’re going to do business with Apple, even if you never use it? Fun!”Namespace” issues are as old as computing, and my bet is that Google is no more likely to solve them than anybody else.BTW, my way of dealing with four different Flickr Pro accounts is to use four different browsers, just to keep the cookies separate. Easier than logging out and in, over and over.As Fred says below, nutsssss.

  6. LIAD

    If I had to think about all that whilst riding a bike I’d end up wrapped round a tree.

    1. fredwilson

      biking is a great way for me to clear my mind and dig a bit deeper on stuff

      1. jeff trudeaux

        and it’s soooo much easier and more enjoyable than running.  (though ideally there would be surf and you would have been bobbing around in the ocean)

      2. awaldstein

        You and I both on the bike thing Fred. I’ll keep a look out for you on the Hudson River Park bike path early mornings.

        1. fredwilson

          i checkin on foursquare into hudson river park right before i start. 

        2. Mark Essel

          That’s got to be a lovely ride. Do they rent bikes nearby?

          1. awaldstein

            Great ride…Sometimes to the boat basin for a coffee. Sometimes all the way up to the GW bridge, up to Riverside or Central Park, or when super ambitious, around the island.They rent bikes in a bunch of places, Names are not at my fingertips.

  7. RichardF

    You nailed it when you said you needed the co-operation of Google and Facebook, trouble is both of them want to own your online identity.Personally I’d be happy with Amazon providing the role but then I’m an Amazon fanboi

    1. fredwilson

      i am too

      1. RichardF

        just noticed the “bartender” ….nice!

        1. fredwilson

          birthday present from daniel and the disqus gang

          1. Donna Brewington White

            Happy Birthday again!

        2. Guest

          Another reason it sucks to be allergic to alcohol.  

          1. RichardF

            ….now there’s a problem waiting to be solved.  I’m surprised Anheuser-Busch haven’t sponsored a biotech company to discover the gene that causes that allergy and cure it.

    2. Donna Brewington White

      Me too, Richard.  Amazon can do little wrong.  When Fred made the statement “First, you need a brand that users recognize (and trust??) to be able to do this.” I found myself nodding — especially at that word “trust” — for me this is essential.  Amazon has earned that trust in a way few other brands/companies have.

    3. Fernando Gutierrez

      That would be terrible for my bookaholism!

  8. maxmzd

    Your solution is correct, however, the “big 3” will absolutely not implement something like this willingly. Each of their applications is a fairly basic feature-set in terms of initial development. Their strength is the fact that they own their respective networks. I know a dozen hackers that could replicate Twitter and FB in a matter of weeks… but then what? Without access to a network of users their app would just sit there. I wrote a blog post about this recently: http://maxmzd.com/2011/05/t…Beyond solving the problem of identity, a solution like you recommended would also allow for more innovation, information discovery, and security on the web. This is absolutely needed for the internet (and society in general in my opinion).I’ve become really passionate about this issue and have started work on specifications for just such a protocol, which I’m calling the Palmetto API: http://www.PalmettoAPI.com/ – it’s crowd-sourced, not-for-profit, and will advance the internet like nothing we have seen since TBL wrote the original spec for the Web.

    1. fredwilson

      getting adoption of your solution, or any other, is the trick

      1. maxmzd

        Agreed. I recognize adoption will require top-down implementation. That’s why I’m focusing on building a suite of apps first to gain user-adoption (by competing on features with the incumbents), then opening them up to the Palmetto API for the good of the Web.

        1. FAKE GRIMLOCK

          YOU GET IT.ME LIKE.

    2. Dave W Baldwin

      Reading your site… me like  😉

      1. maxmzd

        Thanks Dave 🙂 Let me know if you have any insights.

        1. Dave W Baldwin

          I promise!

      2. FAKE GRIMLOCK

        HURR HURR. EVERYONE SHOULD BE LIKE DAVE, AND TALK LIKE GRIMLOCK.

  9. awaldstein

    …” that users want more social platforms in their lives, not less.””I agree and the more this becomes true the messier it will become and the larger the opportunity.

    1. Dave Pinsen

      I thought you were going to correct Fred’s choice of words there (less versus fewer). But since you didn’t, here goes:”Fewer” for things you can count, such as social platforms.”Less” for things you can’t count, such as sugar.

      1. awaldstein

        You never cease to amaze me Dave…

      2. Donna Brewington White

        You’re funny.And smart.

        1. Dave Pinsen

          And handsome. 

          1. Donna Brewington White

            And quick.Was going to “like” this but realized this could give the wrong impression.

          2. RichardF

            Well I liked it !

      3. Donna Brewington White

        And I thought you were going to correct @awaldstein:disqus ‘s comment that users want more social platforms.  I had just agreed with  @Ciaran:disqus above which includes the thought that many of us do not — or are questioning whether we do (I was actually agreeing with some of his other thoughts more than this particular one).   But “hearing” this from Arnold and having some sense of where he’s coming from, there is a sense in which I do want more places to know and be known — to create community — but don’t want to have to manage more.  I am on Google+ and think it is very cool, but barely have time to do anything there.

        1. fredwilson

          can you tell me why you like google+?i’m not drawn to it in the leasti’d love to see is succeed but i am afraid it is failingi don’t see anyone i know in the “real world” using it

          1. Donna Brewington White

            Not sure what you mean by “real world”?  What I like most:  the potential, the flexibility, the UI, the newness, the potential for rich discussions, the immediate categorization through circles, and that it is not Facebook. While the hope of Google may be that people will replace FB with G+ I don’t see this happening on any large scale — I may not trust FB but I am pretty well entrenched there with family and close friends — but it’s a pretty limited interaction.I see G+ as a place to expand interactions with or exposure to the same people that I am connected to (or following) on other platforms such as Twitter and Disqus, and possibly others such as LinkedIn — beyond the capabilities of these platforms.  The question is, How motivated am I to do this?      I haven’t even scratched the surface with Google+ and even though I believe it has potential, in order to realize that potential, I need to make an investment that I don’t have the time or incentive to make right now.This comment stream started by @ccrystle:disqus sums it up for me:https://plus.google.com/105

          2. fredwilson

            by “the real world” i mean people who don’t work in tech

          3. Guest

            Donna, I enjoy Google Plus as well. Enjoyed your comments above as well. Like you I have not had much time to devote to Google Plus lately. I need to gain more traction on some things and that has prevented me from spending time on a variety of social platforms (oddly, I have been a more frequent user of Facebook as of late). I do not know why Fred has not been able to find ‘real world’ folks. I am a non-tech person and I was on Google plus the first night (I think it was the first night). So, non-tech people can be found . Also, users have a number of Google Plus invites at their disposal. So, the current user base has an opportunity to help influence the make-up of users to some extent.

  10. Mike Kijewski

    This strikes me as a mini-version of the issue with centralized medical records in the healthcare industry. The only way to solve that problem (in my opinion) is for a new company serving as a neutral third-party to give patients a universal UID that lots of different EMRs can access.The same thing could work in tech. But I think the payoff in healthcare would be about 100x the payoff in tech.

  11. Jonathan Washburn

    Another interesting approach is being taken by Mozilla – worth understanding well in my opinion.  BrowserID – http://identity.mozilla.com/ which is based on Verified Email Protocol — https://wiki.mozilla.org/La….

    1. fredwilson

      i will dig into that one. thanks!

  12. JamesHRH

    The conundrum would appear to be revenue model.To cover the vast majority of social media users, it should be free or freemium. But, the freemium features likely not there (haven’t gone for a run on this one) and you can’t do ads, as they create instant trust issues.

    1. fredwilson

      maybe some kind of ecommerce/transaction model?

  13. Dave W Baldwin

    There is a way to do this not requiring wasted money and false hopes.It is a matter of looking at the bigger picture knowing from which angle (or position on battlefield) to work from.If you focus so much on which player just might cooperate or not leaves you with too much risk, for the big players want to grab you as user and have you spend the majority of time with them.  This, in the end, is a gimmick where freedoms/choices of the individual are limited.YES(!) it has to be a new player… simple.  It will HAVE to work as promised… simple.  Linear (1 dimension) planning will NOT provide the solution… simple.— the above is not meant as negative, just the truth… simple—

  14. Ronnie Rendel

    Wow, we have finally reached that age!Haleluja.

  15. aswath

    Probably I am missing your point, but I think OpenID already allows for what you are looking for:Attribute exchange allows me to share a selective subset of my “app identities” (URLs) or any other personal information, with the subset selected based on to whom I am sharing. And the beauty is that there is no need or a single provider that we all like. Each one of us can pick our own provider and of course you as a Relying Party can decide which providers you will trust for which Attributes.This leaves with the user interface issue with OpenID. But then I think it is a bum rap. If we sign into our provider in one browser tab and keep it open, then subsequent authentications at other sites do not involve the much maligned “whiplash inducing page flips”.So did I miss your point altogether?

    1. fredwilson

      no you did not.i just don’t think openID is easy and simple to use and understand

      1. aswath

        Can you please elaborate why you feel OpenID is not easy to use compared to Facebook Connect and Sign in with Twitter? I think they all use the same steps in their UI.

        1. fredwilson

          i think the facts speak for themselvesnot that many services accept OpenID and the ones that do don’t get a lot of use on it compared to FB and Twitter

          1. tav rocky

            Yes, it’s all about who’s putting it out.Fred, mention (trust of the brand) ! With out trust/followers you have nothing. When you have people like Ryan Secrest speaking of Twitter and Ashton and great tech professionals, that builds trust. (branding).. think big!So, if open ID had such of a flocking it would do better for sure.

  16. Tom Evslin

    Once this is done (and it will happen), this one ID will also replace your phone number and be a way to reach you wherever you are and on whichever device you want to be reached on and, if you want it to, to authenticate you to someone with whom you’re communicating.

    1. fredwilson

      well there is the answer to the business model questionthanks tom!

      1. FAKE GRIMLOCK

        EVENTUALLY ONLINE ID REPLACE:SMSEMAILPHONEJUST ONE ID, CONTACT YOU MULTIPLE WAYS.

        1. Fernando Gutierrez

          This connects with the discussion a few days ago about anonymity. So much centralization can scare some people, even if the system allows for some level of indentity management –I know giant robot dinosaurs fear nothing, but humans are weak and I already know a few who worry about Google having so much info about them–

          1. FAKE GRIMLOCK

            ONE ID, CONTACT IN MULTIPLE WAYS, NOT MEAN ONLY HAVE ONE ID.ALSO NOT MEAN THAT ID NEED BE GLUED TO REAL SELF. 

  17. Porter Haney

    Services like embed.ly have been successful at being able to aggregate content from very similar services.  I envision it a little like embed.ly does with content, but for auth-ing.

  18. Georgi Kobilarov

    mapping user accounts across services is just one piece of the puzzle. users are connected to objects (the ‘taste graph’ like music, movies, books) and locations, and those are connected even further. All these entities exist in many disparate APIs, but there hasn’t been a mapping layer to connect them. Yet. Have a look at http://uberblic.com/2011/08… 

    1. fredwilson

      will dogreat point

  19. Steven Livingstone

    I looked at something similar on http://openid.org by allowing you to join your other accounts with your OpenID … that allows you to log in with any of *them* to a single account on openid.orgThe other side of the problem of course is the reverse …. there are some options but agree it is an area that really needs to come from a consumer down perspective rather than technology up.

  20. Nate Quigley

    Wondering how QR codes will play into this in the offline world. Apocalyptic musings aside, I think I’m ready to become fully “scanable” if it simplifies my life. QR Code becomes my ID (holds all my URLs) and waving it infront of a camera is how I authenticate and pay? Just flash my code to taxi driver’s iPhone. Maybe easier to get this to scale than NFC in offline world because the systems are already everywhere (cam, software, web). Wondering if it will take a new approach/tech to get to the scale that would be required to get the Big 3 in this post to open up and accept another ID/Auth currency. Far fetched probably but some big change in ID/Auth in the offline world could force a change online. Thinking about this because I got introduced to the team at http://www.qrcodecity.com yesterday. They’re behind the iPhone app “Scan” that has lots of momentum. Interesting to think about getting scanned instead of scanning.

    1. LE

       “QR Code becomes my ID (holds all my URLs) and waving it infront of a camera is how I authenticate and pay? Just flash my code to taxi driver’s iPhone.”What happens when someone easily grabs your QR Code?

      1. Nate Quigley

        enter PIN. or retina scan 🙂

        1. LE

          People won’t like retina scan at least not in a taxi. Grabbing a pin would be trivial as the person running the capture device could be a man in the middle deal or a hacked app etc.. Maybe a fingerprint but that will raise other concerns. Remember the RSA securid’s were hacked as well recently….earthquake felt!!

  21. stevewex

    If anyone cracks this then we should put them on the perpetual motion project too!  It will take a fast growing startup to implement this to get it going and it’s a pity twitter didn’t do it when they had a chance but they obviously had their own reasons why, possibly business model related. I do also think people are comfortable with having different identities for very specific reasons and keeping them completely separate is a positive in many instances, putting these in one place can feel uncomfortable.  As for creating a standard I’m not sure with so much fragmentation it’s possible and as William said each of the big 3 have implemented aggregated versions which allow users to control each networks identity differently.  

  22. Raul Moreno

    I have been thinking about this a lot. Mainly because I hate typing usernames and passwords. Imagine if you could authenticate yourself without a username and password. Imagine if your mobile could identify your fingerprint and your eye, and know who you are. The Lock your phone app touches on the concept, but seems like a scam. http://bit.ly/n4hfk1 I think we will forget about connect with facebook, twitter, soon. Our mobile will know its us.

  23. daryn

    Maybe Janrain is on the right track – have to get that out there in case this is another one of Fred’s foreshadowing posts… :)I’d love to chat about it with you sometime Fred. I rewrote this comment several times, but it’s hard to get all the details in without writing a novel. Anyhow, I think there’s a lot to be done around this concept, but there are a lot of moving parts, and a lot of solutions to non-problems.OpenID has a lot of this baked in, but it’s all tangled up in clunky implementations. If we separate authentication from identity, Schema.org and HTML5 microdata gives us a chance to semantically link all of our published content to an identity, and identities to each other.  And of course, all that linking and profiles could all be implemented over the one existing decentralized system we all already use: DNS, using subdomains for profiles, and SRV/NAPTR records. All we need is a little bit of glue and some pretty packaging and we’ve got a solution that would be pretty simple to drop in. Would it happen / would it get used? It’s seemed like the right time for years, but a lot of people much smarter than me have been struggling with this for a long long time.There’s the ideal solution, and then there’s the practical/likely one: the big three will each do their own thing, consumers will choose which they prefer to use to different situations, and developers will continue to build support for all of them. 🙁

    1. fredwilson

      if there is a service i should support, point me in that directionis janrain it?

      1. Patrick Sweeney

        Fred – what you should support is a single sign on to social media via a device like an RFID tag. NFC is too limited in it’s utility (short range, takes battery power and is expensive). UHF RFID using ISO 18000-6 standard allows both long range read, and short range secure payments (in the near field) and can be put into a phone, bracelet, keychain for pennies.If you want to log into a computer at an airport, or a them park, for instance, a URL leaves evidence and information on untrusted computers. An RFID tag – a secure token that you take with you – is the solution.Disney is spending a billion dollars on an RFID program called NextGen, Vail Resorts EpicMix had millions of Facebook posts automatically last winter and will grow exponentially this year. Mercedes just provided a Social Media Experience at the PGA Championship and will do so at the US Open. This is how companies will combine the real world with the social graph, and it solves your problem at the same time.Social Media Experiences provide great value from a marketing and psychographic analysis perspective, and they make the user experience simple by eliminating the friction of signing in to yur social program, composing a post or a picture and updating to facebook, google +, foursquare, etc. Look at ODIN’s EasyConnect is you are interested in more info.A

  24. Jason Goodrich

    Seems to me, a typical multi-profiled individual like Fred, that there are two main paths to centralized auth: internal and external.Internal auth – Individual as hub for existing services. Relatively messy, but you control access and data flow. Ex: CloudbotExternal auth – Third-party verification gateway. Cleaner access in exchange for data control. Getting universal buy-in is main challenge. Ex: OpenIDThis could hold up the Convergence, so let’s fix this ASAP!

  25. Wen Tian

    There is another missing piece here: profile management. Now days, if I want to change my profile picture or change the write up about myself or update my address, I need to log into all the services where I maintain social profiles. With ever increasing number of web apps out there, it can become quickly unmanageable. I want to start attacking this problem soon by developing a way to keep all my profiles in sync as it has become an really annoying issue for me. I almost see this as a bigger problem than single sign on authentication because most people tend to use the same email/password for accounts they create on the web.

    1. Michele Leroux Bustamante

      Absolutely, if I had a dollar for every obsolete email address, bio, photo I had out there in the various public and private profiles I have…I wouldn’t be rich but I’d have enough for a significant number of soy vanilla lattes.

    2. fredwilson

      i think this problem is getting better. when i change something on facebook or twitter, it gets updated in dozens of services automatically

  26. Nick Allen

    i think this can be taken one step further. it’s great to have ones online identity verified and authenticated, but can it be extended to the real world? our online identities are increasingly merging with real life…think collaborative consumption, airbnb, ThredUp, Spride and even craiglsit and ebay. These sites all share similar security and identity concerns, but differ drastically in the quality of protection.What I’d like to see is a service that protects me and my stuff in real life when i rent it out or share via the web. We at Spring Ventures would love to see a robust solution around personal security for this growing issue.

  27. Ciaran

    “The success of Google+, Tumblr, Foursquare, Instagram, etc, etc in the past year has shown that users want more social platforms in their lives, not less. Or at least that some users want different social platforms than the ones that have been leading the way for the past decade.”I’d disagree strongly with the first suggestion, and agree (with reservations) with the second.personally I think there are far too many platforms, offering very small differentiations on the others. I’m on Google+ but simply don’t have the time to operate it, and Facebook, and Twitter, properly. I come & go with foursquare, but don’t think that there is a need for the tens of clones and remixes on the ‘check-in’ concept. As for Tumblr, is that really a new identity. or simply a way for people tired of wordpress, who want more than Twitter, to blog in the tenties (what on earth are we meant to call the decade after the noughties?)And instagram is great, but I mainly use it because it’s a great photo app, not for the instgram community – what I like about it, socially speaking, is that it plugs into my main networks.I have a slightly poncey name for all of this – the tyranny of attention (more here http://blog.mindshareworld….. I agree that there is a need for a more nuanced way of managing authenticity and identity than just using Facebook/Twitter/etc… but feel that OpenID failed because it ended up being, contrary to its aims, another password to remember.I dislike sites (Techcrunch) that force me to use Facebook to leave a comment, and like the fact that Disqus solves this. But even so, there are too many different identities out there already, and I’m not sure a bit of rationalisation wouldn’t be a good thing.

    1. Tom Labus

      Time to do all this is the big issue.  Most people are not inclined to have 20 different entrees to the Net and manage them,I imagine that it will evolve into one service that lets you distribute where you want.

      1. ShanaC

        Why bother distributing then? The internet feels like a city, you could just have everything contained in one space…

        1. Tom Labus

          Yes, but sometimes you want to select where a comment appears.That’s the “personality” part of the equation.  Figuring out and checking that everyone is who they say they are will be worked out in time.  But the interesting thing will be delivering the facets of your personality and where you want them to arrive.

    2. Donna Brewington White

      REALLY relate to this.

  28. Marc Mercuri

     If you’ve not seen it, check out the whitepaper from Kim Cameron on the subject. He does a great job of evaluating what’s worked and what hasn’t in the past, and established a set of “laws” based on them.  Getting a single ID has been challenging historically (see Microsoft Passport).The “Law of Justifiable Parties” is usually the largest sticking point. Facebook has succeeded where others have failed because they’ve become the center of the universe for so many people online and related “relying parties” that use the Facebook identifier are typically pulling through social. The other item to look at is the value of the transaction for which the identity is being used. Facebook may be fine for social engagement, for example, but won’t be used to login to your bank account (they’re not a justifiable party, and the bank isn’t going to take on the risk)Kim’s also put forward another paper on a vision for an identity metasystem, which discusses an approach that addresses the problem space in a way governed by the laws.Links – Laws of Identityhttp://www.identityblog.com…Identity Metasystemhttp://www.identityblog.com…

    1. fredwilson

      thanks for pointing me to Kim’s work. very nice

    2. Michele Leroux Bustamante

      Information Cards and CardSpace had some great features. It was like giving everyone an issued certificate without them having to know anything about certificates. Even grandma could understand it. You could even have multiple persona. Only cards accepted by a site were lit up when you browsed so less confusion about “how do I log in”. Without adoption, momentum, even a potentially great idea can’t lift off.

  29. Dennis Buizert

    I love the idea behind OpenID. Yet I have two thing on my mind those are identity and verification. If I say more than enough times on several websites that I am “Tom”, does that make me “Tom”? This needs to be verified in order to ensure that you really are “Tom”. To be it a more of a social and secure way of using OpenID someone needs to come up with a way that it really verifies you. Now we are talking about privacy I fully understand and agree it is relatively young and still in the exploration status. But I do think it needs some extra thought on that. 

    1. fredwilson

      i don’t think there is another person on planet earth who can produce the nine URLs I listed above. the aggregate of them (and many more) are my identity online

      1. Dennis Buizert

        It is not about able to, it is about beating you to it. Social Engineers stay on top of all the progress involving social media nowadays. I remember a presentation at a security conference someone made over 50 profiles of exsisting people. There was only a 10% feedback from their friends who didn’t trust it completely.That is what I meant by saying Tom a lot of times, people will believe you 90% of the time if you repeat it more than enough.

    2. 2joshis

      @dbuizert:disqus @fredwilson:disqus  Not your claim of “tom” but other peoples belief that you are “tom” is what will verify that you as Tom. I would call this “trustrank” based on the number of people who trust you to be Tom.If there is sufficient social proof (social graph) which if seeded by existing social graphs of google/twitter/facebook should make it easier.Trick would be how to ensure that this is not gamed ala “SEO”

  30. hypermark

    A lot of this falls into the bucket of what I call the 1.0/3.0 Paradox. It basically says that while we all have 3.0 aspirations, we engage based on immediate 1.0 needs. Since entrepreneurs can only deliver 1.0 solutions (initially), there is real paradox in that whoever solves the 1.0 problem is usually “good enough” to get to 2.0, and by then you are the 3.0 incumbent.This separate layer is sort of a 3.0 problem, where for most people, the current approaches are “good enough.” The real issue is that WHAT you share from service to service is not consistent. For example, a service like Posterous allows me to auto-post to LinkedIn, Facebook, Twitter, TypePad, etc. which is great, but when I share that content, sometimes the formatting is just a twitter-style title and a link. Other times, it’s richer, and includes a photo. Still others, it might be more nicely formatted on Facebook than LinkedIn. This stuff is klugey enough that if you care about how things are rendered, it’s often easier to manually post the link directly from within your target service (e.g., Facebook LinkedIn) than to rely on the host (Posterous in this example) to do it for you. I am not sure whether this is a sender-side, middleware or receiver-side type of problem, but suffice it to say, it seems that whoever wants to solve this problem has to address both the data store issue (i.e., make ME the keeper of my index, not Google) and the presentation side. Otherwise, you are solving a lot of complexity for very little immediate reward for the consumer.

  31. Rihards Gailums

    You are talking about ‘Digital Identities” – represented by set of attibutes: username, email, profile link…One human being is able to create and operate several Digital Identities, provided by digital identity providers: Facebook, Twitter, Google etc.Some of identities are public (i.e. holder would like to be associate with them), some are private.Every Identity provider has a different username policy, limited username space, etcThe common problem is that no identity provider really verifying and legally bind digital identity with its physical holder, except banks.There is definitely space in market for 3rd party Trusted Digital Identity provider, except Big 3,, able to provide consistent username policy accros different providers and prove physical person behind.

    1. LE

      “space in market for 3rd party Trusted Digital Identity provider, except Big 3,, able to provide consistent username policy accros different providers and prove physical person behind. “This is similar to what started out with certs which were priced very high and now has deteriorated into anyone being able to get a cert for a very low price. With really none of the original validation. And many users will just click through a self signed cert.The problem is that anytime you have competition in price companies will cut corners and the competitors will feel a need to do the same thing. Not to mention that the people  who would depend on the “trusted” source will in the end not care anyway.Lastly, look what happened with the bond rating agencies. Big and trusted but then because the payment model changed and everything went out the window.

  32. NICCAI

    What about parental consent? I’d love to know some thoughts on how people approach this and how it could work in this scenario.

    1. ShanaC

      I think we’re going to have to develop a more multilayered internet.  definitely by age 9, kids can figure out how to websurf on their own. That doesn’t mean all content is appropriate for them, even at its most basic (imagine you kid reading up on number theory at age 9 because that is what they found on wikipedia…I doubt more 9 year olds will be able to understand what they are reading).  We probably should have some sort of fluid segmenting…

      1. NICCAI

        I don’t agree with segmentation (although there are obvious issues around appropriate content), but I was curious more regarding the need for parental authorization in regards to services tracking the online identity of children.

        1. fredwilson

          tracking who they are or what they do?

          1. NICCAI

            Yes, according to the Children’s Online Privacy Protection Act, the saving of any data associated to a child is illegal – that includes name, email, IP, etc. I was aware of the basics of this act and its intent, but I was unaware of the literal extent. It presents an interesting problem for anyone trying to manage a single online identity service. How does one bake in parental authorization? Are children excluded completely? How do the requirements change for services that target children versus those that target all? To what extend does a EULA suffice in meeting the intent of this privacy legislation? For me, there are a lot of questions around provisioning identities for minors and the effect on larger services.I read an article on Ars the other the day that brought this to light.http://arstechnica.com/tech…(Sorry if this ends up being a repeat – my original reply didn’t save.)

    2. Donna Brewington White

      That’s a good one. Don’t have anything to add but very curious on how this can factor in.

    3. fredwilson

      parental consent to do what?

  33. Dave McClure

    much as I appreciate the goals of OpenID and a unified identity / auth platform, the incentives for fragmentation by leading players will always be strong & economically powerful. I just don’t see it happening.also, historically OpenID has failed miserably on the usabiity / adoption front, whereas other singular forces like Facebook and others have done a much better job.(btw Fred, in addition to Facebook, Twitter & Google I think you should also include Apple… )

    1. NICCAI

      I suspect many users like fragmentation as well – avoids a single point of failure (assuming you don’t use the same password).

    2. FAKE GRIMLOCK

      IT IMPORTANT TO THINK LIKE HUMAN, NOT ENGINEER.ENGINEER THINK BECAUSE OPENID IS ELEGANT SOLUTION, EVERYONE WILL DO IT.AVERAGE HUMAN THINK “WHY THE HELL WOULD I SIGN UP FOR THIS?”FACEBOOK, TWITTER, GOOGLE, GET UNIVERSAL LOGINS BECAUSE AVERAGE HUMAN ADOPT THEM FOR OTHER REASONS, GET LOGIN AS FREE EXTRA.OPENID NEED TO BE SAME.

      1. fredwilson

        word

      2. Jeff Pester

        Fake Grimlock make smartest comment in thread!

        1. fredwilson

          a regular occurrence around heresome people underestimate him because of the robot thingbig mistake

          1. Matt A. Myers

            I’m so lucky that he adopted me

          2. FAKE GRIMLOCK

            YES. HOW YOU DOING IN KENNEL? OLD RATTY BLANKET COMFORTABLE?NEED NEW BOWL OF WATER OR CHEW TOY?ME WANT BE GOOD PARENT!

          3. FAKE GRIMLOCK

            ME SUBTLE. 

    3. fredwilson

      thanks for stopping by and commenting dave!i will add apple if they produce at least one social or web service that matters

    4. Bill Phelan

      Unfortunately Dave, you could not be more accurate on the failure of OpenID and the whole Id Commons tribe on usability, which I believe has led to very poor adoption.  The iNames effort, dating back to early 2000, solved most of the technical issues on identity and authentication.  Unfortunately, even today, they are just awful at explaining it to the world.  However, the technology is VERY good…surprise surprise.If the OpenID crowd could get their act together on UI/UX, they would really have something 

  34. testtest

    “But none (including OpenID) have gotten the kind of traction that Facebook, Twitter, and Google have”People have given up their information without thinking about the consequences. An information inertia: tick the T&Cs without reading, and then fill in my life details. That’s how they’ve got the traction.If I was Facebook/Twitter/Google I wouldn’t want to highlight the information I had on people.  It may snap them out of the narcissistic daydream of: All these tools have been made for me, and they’re here to help me, for free. And whilst that’s true, and they’re great companies, they benefit from users not knowing the value of their data.

  35. Pete

    Isn’t the Apple Game Center already doing this on the device, from a social gamer perspective? It might not hit every scenario discussed, and yes it’s limited to iOS devices and games. But those seem like easy problems to fix. I love when I fire up Angry Birds how the game center says “welcome back, headoflead”

  36. Michele Leroux Bustamante

    Everyone wants and needs security, no one (socially) wants to pay for it. The enterprise story around security is a different animal because they don’t want social, or rarely. They will pay for enterprise software the enable SSO across the various protocols (WSFed, WSTrust, SAML11, SAML2, OAuth2, OpenID) for applications within their enterprise. THey’ll also pay for centralized governance with authorization policy a la XACML standard.Internet apps on the social side are quite different. Every once in a while you see enterprise that sometimes have a corner set of apps that include social account access (rare). At least, this is my experience.I like your auth.com analogy…a lot…and if someone could build that and make it free that would be the ideal scenario. My guess is that it is unlikely to happen soon. Hosted security WILL become more popular in the future but today the costs are too unpredictable in particular with transactional pricing.Since the cost of hosting auth.com solution as a free service is the challenge, and since the goal really is for users not to have to “remember” all their accounts and login…really…this could be a browser plug in that logs you in to all services when you start the browser, saves a cookie and you can opt/out any time, periodically you’ll have to log in again if the cookie expires perhaps…but you open the browser, and BAM you get in to twitter, fb, google, yahoo, windows live, done. The tool would have to handle this in the way janrain does it. Having not used janrain, I’m not sure what that experience looks like but it sounds like it could work.It is safe because it does not require hosting credentials elsewhere. Make it free and then use that tool to collect (with permission) browsing statistics, etc.Janrain could provide this and potentially target people to sell their enterprise product. How about that! Use your own tool to target people with marketing who in turn might buy the tool to target people with marketing? Doh.

  37. Reykjavik

    When you talk about the big three, what about Amazon, the only one of these that actually has significant dollars flowing through it? If money=trust, then people currently trust Amazon more than any of the others (particularly Twitter, which is still used only by a tiny minority of Internet users).That being said, Amazon has been most resistant to moves like this because of the high amount of value they can extract from owning the user account. This will be increasingly so as they get deeper into payments and advertising. I suspect that PayPal would have similar issues.  So perhaps unified identity management for non-economic transactions is different from economic transactions.

    1. ShanaC

      But they’re not.  They are being more subtle about how – Amazon is opening an Ad Network, which means they’ll be able to tie in purchases to some sort of ad profiling set…I think they realize we’re  complicated and have multiple parts about us

    2. Donna Brewington White

      @RichardForster:disqus mentioned Amazon as well.  They are a great example of a company that could pull this off.

    3. fredwilson

      yup. amazon should be on the list. thanks for pointing that out

  38. Mark

    I’m not so sure I want this. Even then, (at the very least), I would create more than one of these accounts for different activity. I don’t trust any service not to eventually betray what I consider to be the proper conditions for such a service.I like this scenario more than OpenID as is, but not much more. I don’t use Quora due to their login requirements. I’m interested in questions and answers, not sharing my identity with them. I am more comfortable with Disqus, because it’s more on the level of light conversation. But, if I am going to get deep into a community, I want to detach that persona from the rest of my personas.This sounds good, but I have a feeling its divisions would be compromised.

  39. Samuel Ian Rosen

    Fred,I think this is Launchrock’s long term vision. Although they originally started with just a “viral landing page,” they plan to host the a website’s user table and eventually provide single sign on access across all sites.I wouldn’t be surprised if About.Me is trying to do this as well (and AOL has been trying to do single sign on for a long time).

    1. fredwilson

      if i was a website, i wouldn’t want anyone “hosting my user table”

  40. thomasknoll

    While it is easy to focus on the technical implications of identity and authentication, I truly believe the deeper reality is that all this was never about the networks or the tools or the data… it has always been about people and their relationships. The channels, modes, and means, forms, and formats, are supposed to support and enable better communication and relationships around the people, ideas, and beliefs we want to give our attention to.A ‘solution’ to the identity/authentication problem will most certainly have to come from outside of those networks themselves. While those networks (a.k.a. businesses) can choose to become better citizens of the world, the ability to connect the dots will come from something that transcends the networks, and focuses on real people with real relationships.My life’s work in the community space has been, and will continue to be, understanding people’s relationships and enabling better communication between groups. So I have high hopes for a solution in the near future.

    1. Jameson Detweiler

      Totally agree. The service that wins this game is the one that enables better experiences for both the user and the site owner and, more importantly, bridges the gap between the separate social networks.Both the user and the site owner will both need to feel that they are benefitting from this additional layer and are getting/creating better experiences and relationships (both user to user and user to site owner relationships) because of it. In the end, the web won’t be about a single social graph. These various networks will be outlets for us to correspond, interact and relate online.(Disclaimer: Thomas and I work together at LaunchRock, so I’m biased.)

    2. ShanaC

      I think it is something beyond relationships- it is about contextual environments that makes one able to build relationships.  Creating these environments seems to be key in how to answer the fact that we have multiples of Ev’s setup of identity on the web 

  41. ShanaC

    This is not the issue for me at all, nor for a lot of my friends.  Often I don’t even use one of these mixed in Identity programs that come with Facebook, twitter, OpenID, whatever.For me the issue is as follows – permissioning.  To start with part of the metaphor on Ev’s post -when it comes to just authentication, I want flexibility and levels of control.  The same way I flash an id at a bar, and let employers photocopy it, should be the same way I control permissioning online.  Similarly, I would lend out keys to a friend if they were doing me a favor.  Context and item is everything.  And that problems spreads to every other aspect ofmeanwhile, his understanding of presentation also seems flawed.  I want a multiplicity of reputations (eg: it is totally useless for me to be seen as a “cute girl” here, quite the otherwise when I go out to drinks with friends) I could apply the same  metaphor for communication or representation.  This in the end creates flow through problems with personalization – which me are we dealing with, and when will that version of me be shut off and replaced by a different one. Unfortunately, on the internet this behavior makes me seem like I’m a blob of possibilities, none of which cleanly link up to each other, beyond that they come from one point.  It makes implementation very very difficult, because how is a machine supposed to know which me it is dealing with, when I am not always sure myself…

    1. Donna Brewington White

      Don’t underestimate the value of being a “cute girl” here, Shana…or anywhere for that matter.

      1. ShanaC

        I still think it isn’t what I always want to be perceived as….

        1. Donna Brewington White

          Fair enough.

  42. Dave W Baldwin

    Off subject, but since this post has to do with design of sorts, thought I’d add Samsung’s play against Apple:http://www.macrumors.com/20…Including video from 2001: A Space Odyssey. Read down on the bottom the ‘best’ comments, one even uses JLM’s ‘Well Played’…

    1. fredwilson

      well played indeedthe whole notion of patents makes me throw up 

      1. Dave W Baldwin

        Could do a widespread demonstration (maybe music vid) with hundreds holding piece of cardboard cut to dimension with a little magic marker to do abstract tablet art.  They get arrested, visited by the suits, eventually burning. 

        1. fredwilson

          sixties era social unrest over patents?i’d love to see it. i’d participate for sure. but i wonder if enough people care to make it happen

          1. Dave W Baldwin

            To me, not have it set to ’60s’… I forget who did the vid 15-20 yrs. back that had words on cards being flipped through… was really clever.Mixing animated to live characters to all sorts with their pieces of cardboard in their neighborhood, street, city moving out global.Trust me, from my time in television, tell ’em you’ll make ’em a star…. they’ll drop everything.  Sort of like saying ‘don’t care about no rankings’, but somehow seem to do 100 replies the other day   😉

          2. fredwilson

            rankings, we don’t need no stinking rankings! 🙂

  43. Markku M:

    OpenID usability has been really bad. URL as an identifier kind of makes sense for us geeks, but doesn’t make any sense for normal people. In addition there are several pretty bad implementations of OpenID interfaces out there. The OpenID group has lately been promoting the use of e-mail address as the sole identifier, but I’m afraid the motivations behind this are wrong. The big guys see a lot of value owning your identity, so they want to tie it into their service.However, OpenID spec and protocols are very useful. We just need to solve the usability issues. Here’s our take on it; we use OpenID for a secure two-factor authentication service https://www.mepin.com. We make accessing your services secure and easy.

  44. FAKE GRIMLOCK

    BEST TOOLS DO WHAT HUMANS ALREADY DO, BUT BETTER.WEB IS A TOOL.REAL IDENTITY NOT SINGLE THING. IT DEPEND ON CONTEXT. HUMANS DUCT TAPE THIS TOGETHER ONLINE BY USE DIFFERENT IDENTITIES ON DIFFERENT SITES. OR MULTIPLE IDENTITIES ON SAME SITE.SERVICE THAT AGGREGATE YOUR LOGINS, AND THEN GROUP THEM BY IDENTITY, BE THE BIG WINNER.

    1. Donna Brewington White

      Yes!

  45. David Gordon

    Personally, the problem with the current OpenID IDPs is that they offer no obvious benefits or use cases compared to the “big three”. Between the Google+ “real name” fiasco, increased COPPA policing, and eCommerce fraud its time for an IDP to offer identity backed to government issue data to combat these very real problems. Disclosure: I’m the founder of tru.ly which is working to do this.- tru.ly/david

  46. GabrieI

    OpenID is a great solution to more than one problem. It should’ve been everywhere by now, much more than Facebook Connect is.Its problem, as FAKE GRIMLOCK gently hints, is that it focuses too much on the Security aspect of things. Security is great, OpenID brings it, fine. But to make it work, it needs to market its Convenience and Simplicity. People _would_ use a one-click login system that works pretty much everywhere. Just build it around ease of access instead of security as BOFH understands it.

  47. CJ

    The problem with one ID is that I’m one person with many faces.  To the friends I actually see everyday, I’m X and we discuss Y.  To the people I communicate with here I’m A and we talk about A-G.  On and on, I don’t want my online identities to overlap which is illustrated brilliantly through the completely different social graphs I keep on FB and G+.  There is barely any overlap on the two services for me and barely any of the same content gets cross-posted by me.  In order to solve the one ID problem, you also have to solve the fractured identity issue and I don’t know if anyone can because most people don’t want it solved.

  48. markslater

    this is one area of the VRM movement over at berkman at harvard. Your colleague christina i believe is a participant in this. Its a big and hairy idea. Its passing control from vendors to users – its the opposite of CRM. Its going to change everything. I mean EVERYTHINGGetabl is one part of the VRM movement – we are real-time personal RFP. Its a concept that is going to fertilize huge fields of innovation over the next 5 years – as entrrepreneurs like us build tools that give the user more control over their online activity. If you are in boston (or christina) and you want to hear about our take on it – we’d love to show you!But if i were a VC – i would be looking closely at the VRM movement and staking my pieces of ground in each of the fertile fields of innovation that it will undoubtedly produce.

  49. Michael Lugassy

    Google Social Graph API (see http://code.google.com/apis… ) is trying to do something similar. Only relying on public data for now but can certainly weigh in different linkage between your private accounts and/or add some form of validations. You can see you certainly have many more: http://socialgraph-resource

  50. Prokofy

    I don’t get how all those IDs of yours are so different, they are all essentially “Fred Wilson, VC”.And I totally oppose OpenID. They are wonky, non-consumer friendly, oversensitive to criticism, cultic even, like a lot of open source “let’s take over the world” dictatorial movements.I don’t want one form of ID validator “sitting atop” everything else. No thank you. What keeps us free is the competing services that each have their own set-ups and protected enclaves. If one of them bans you, you are still free to go to the other.Open

  51. Matt A. Myers

    I have figured out how to do this. It clicked one morning 4 months ago and proceeded to cause me to write for 4-hours straight; I think I know where that notepad is..And you don’t need any of the big three to cooperate.We shall see if someone else figures it out before my projects can evolve to where they need to so I’ll have the funding / resources to take over the world — I mean, to do it all..I have a feeling November will be a telling month for me.

  52. yngling

    About.me seems so be wanting to go that route.

  53. leapy

    Doc Searls wrote a seminal piece about identity metasystems back in 2005. That really opened my eyes to the issues and that is why I use OpenID wherever possible. It’s still so relevent today despite (or because of) the intervening years.http://www.linuxjournal.com

    1. markslater

      yep – i asked doc to come over and join in this discussion. Its part of the larger VRM movement that i think is going to catch some serious wind….speaking of wind, i have to get back to battening down the hatches here in boston

      1. leapy

        I wish you luck. I have friends in Virginia Beach who are going to have a rough time….

      2. Doc Searls

        Thanks, Mark.It’s interesting looking back on that Linux Journal piece from 2005. In some ways that framed much of what we’re now doing with VRM. (In that piece we called it CoRM, but it’s the same thing.) The Intention Economy, a follow-up piece in Linux Journal, led directly into creating ProjectVRM at Harvard’s Berkman Center, with the purpose of encouraging development of (ta-da) companies like yours, which align with the buying intentions of the customer, rather than just the sales objectives of the seller.As for identity, my own belief is that we can only solve it by anchoring our perspective, and our solutions, with the individual: that is, with our selves. We should be the points of integration for our own data, and the points of origination for what gets done with it.This requires being able to selectively and appropriately present the credentials required for doing business. Some of those will be acquired from government agencies, banks and so on. Some will be our own self-asserted identifiers, made trustworthy within the context of relationships in which we play more than a passive and compliant part.This isn’t easy, which is why I co-organize the twice-yearly Internet Identity Workshops, and invite all interested to come and contribute. (fwiw, OpenID as as we know it was born, to a significant degree, out of work done at IIWs).

  54. Donna Brewington White

    Wondering why my reply to @markkat:disqus was flagged.  Unless it’s that spammer getting back at me.If only I could say something dangerous enough to be flagged.  That would make my day!

  55. Johnny Chard

    Great post Fred. This is something that has bothered us as a firm for sometime – the web for all it gives us, could use an “anchored” set of interconnections or authentication layer. The ease of use and making it not too geeky is critical. I am not sure if it is as simple as a single sign-on given changing contexts and trust requirements. The third party trust provider needs to create value, the individuals (you) need to have control, and the participating web services need to ensure it doesnt impact or create friction for them. A problem worth solving.

  56. Turki Fahad

    Great article, totally agree that brand recognition, trustand a mass number of users are clearly some of the reasons whey FB and Twitterconnect made them leap frog OpenID. I think you really stepped on something, we’vebeen trying to solve which is uniting your different identities under one rooflike in real life. However, like in real life you want to show one aspect ofyour identity to your friends but not necessary to your coworkers for exampledone through privacy groups among other stuff. This is all based on the premisethat the content you publish is a valid source of defining who you are onlinewhich sparked edintity.com as a publishing solution with a keen interest ononline identity.

  57. Mr. Dictionary

    In the non-digital world, we have a fragmented series of relationships, none of which reveal our full selves – other than the relationships with our most intimate friends and family, and if you believe every writer since Cervantes, including them.  Growing up, we called them “school friends” and “home friends.”  Sometimes the Venn diagrams of our lives would overlap, largely they do not.  The multiple digital lives you listed – a new semiotics of identity – a contemporary expression of the same urge. We can’t forget that we evolved over millions of years by traveling in small hunting packs of 12-14 people.  Later, we joined into small tribes and clans, which is why the Dunbar number – even if the actual number may not be accurate – is biologically correct.  Our brains are a certain size and structure because it was evolutionarily selected.  So the idea of one ID is counter-evolutionary.  We see manifestations in many ways.  Even though it makes perfect rational sense to consumers to consolidate at one bank, they don’t.  For three decades financial institutions have been struggling to convince consumes to consolidate – even offering meaningful incentives.  But they don’t.

  58. Seth Gold

    To answer your question, I think Google built Google +directly for itself to enter the identity market, but indirectly to fulfill itsmission, “organize the world‘s information and make it universally accessible anduseful”. The most valuable commodity is information and there’s nobetter information than identity. Identity is the best way to separate and organize data.  It is only natural for all of theworld’s services and information to be consolidated into 1 entity.  I am not saying that there is no valuein Brick and Mortar, actual human to human conversation etc, but the web has acharacteristic of incredible scale. Think about the European Union, the global Economy, the Ipod, a tribe ofpeople, Walmart, or even multiple VCs entering into a funding round.  Organisms group together in order tospecialize and progress.  Is itreally that impossible to think that Facebook can’t be the 1 stop shop for allservices/communications.  Forexample, making phone calls, registering for college, applying for a mortgage,validating your passport.  1 stopshops make sense; its faster, cheaper, and more efficient.  Facebook is the clear leader in a racethat is light years in distance.  Iam going to have to disagree with you in that people want more social platforms.  They just want more services; servicesthat 1 social platform today can’t provide for whatever reason (scalability,the product itself, $$).  Think ofall the VCs that thought people did not want social networks due to theirexperiences with six degrees, tribe.net and theglobe.com.  The germ of the idea is out there,someone just has to iterate it and make it happen!!

  59. fredwilson

    why isn’t janrain doing this?

  60. markslater

    its so expensive charlie – we looked at it and got scared off by the cost.

  61. awaldstein

    I spoke with Janrain a while ago. They have the infrastructure but I’m not sure the vision to do this.I’ve just sent an email to the CEO to join the discussion. Let’s see.

  62. awaldstein

    Without passion you have nada. I don’t know them well enough honestly to say.

  63. maxmzd

    Haha I’ve been getting called that a lot lately. Feels right.

  64. Mark

    Absolutely. One of the good things about the web is being able to fragment your interactions.A new community is like going to a new school as a kid. There’s a little bit of reinvention to it. Any umbrella may eventually threaten that dynamic.

  65. Matt A. Myers

    There’s no benefit for Google/Twitter joining, nor Facebook. Their size gives them a huge advantage in terms of having a headstart.Opening up levels the playing field.