The user experience is closely tied to time and effort required to use a service. As either metric rises, customer experience plummets. Tying all digital identities together under one, secure sign-in reduces both metrics considerably. Other mechanisms can be used to further improve the experience, like press-button authentication for a new service, instead of current multi-factor methods, which typically requires transcription of a code sent via text message. In the end, consumers are more likely to use services that they can reliably and quickly access, and have indicated a willingness to pay more for better app experiences.
As I mentioned earlier, many websites and web-based apps are turning to Facebook and Google for identity management, to both lower the barrier for new sign-ups and streamline sign-in for current users. One problem is that Facebook and Google store user information all over the globe, and it’s not always clear how user data is replicated as it is used to federate identity (this is a major security concern for any identity proxy). Facebook and Google might offer best-effort ID management on the cheap, but it is far from carrier-grade, and has no place in the enterprise world.
In lieu of a better solution, security begins and ends with a so-called “strong” password for most people. “Passwords are just a false sense of security,” says Corey Williams, Senior Director, Centrify. Firstly, users tend to re-use passwords for their dozens of logins and digital identities. Second, these passwords are rarely updated on a regular basis. And third, the passwords themselves are often passed between services and applications unencrypted, or are replicated in numerous data repositories.
A better solution is “tokens as opposed to passwords,” says Williams. In this way, user information never leaves its secure silo, is never replicated in non-federated data silos, and all that is exchanged is authentication token. CSPs interested in offering identity as a service should ensure that their vendor solution of choice doesn’t replicate user data and relies on token-based authentication.
As we rely more and more on our digital identities, the management and security of these identities will become increasingly important. Luckily, in the future there will not be dozens of passwords and logins to track and consistently update. However, it will be crucial that the steward of these digital identities be incredibly secure, always available, and easy to navigate for consumers and enterprise IT managers. As services and devices continue to become ubiquitous and commoditized, identity may prove to be one of the single differentiators of value in the coming years. CSPs should innovate in the next frontier now, and become the digital identity managers of the future.