My take on OpenID
You may have seen the news recently about Open ID and how companies such as VeriSign (along with Google, Yahoo, IBM and Microsoft) have all expressed support for this emerging standard, well here is my take....
Open ID has been around now for a couple of years and with any jump in technology we shouldn't expect adoption by large commercial organisations immediately, so the fact the Yahoo have gone for it is a sign that this technology is reaching an early level of maturity. Other large US based online consumer organisations are expected to follow over time.
It is great to see Yahoo taking the plunge on this and I am fully supportive as this will mean the consumer nightmare of having to remember a different user name and password for every site will disappear.
The challenge for the Open ID community is getting more traditional and risk-averse businesses like the banking community on board.
The reason for this is that banks will be worried that if a consumer's Open ID is compromised at another site then their banking relationship will be compromised. A fair point I must say.
The solution to this? Well 2nd factor authentication, which the banks are rolling out in the UK and is already established in many markets means that the banks retain control of the customer relationship, even if the Open ID account is compromised.
For those of you that don't know about 2nd factor authentication, it is usually achieved with a small token (such as this one) which provides a unique one time password for every time a consumer logs into the site.
Bottom line is that Open ID will be adopted by many other businesses and their consumers, but it will only be adopted by the banks in conjunction with 2nd factor authentication.
