Archive for the 'data-portability' Category

Why be an OpenID Relying Party?

Thursday, February 12th, 2009

Plaxo’s Joseph Smarr presented the following at the OpenID Design Summit at Facebook HQ yesterday:

This was a controlled experiment combining 3 technologies (2 of which from the Open Stack but hybridized) under the hood to create a streamlined signup experience that goes like this:

  1. Someone at Plaxo invites you to join by entering your Gmail address
  2. You get an invitation email from Plaxo
  3. You click on the link
  4. Plaxo knows that you’re a GMail user (and likely still signed in), so it presents you with the following screen:

    I believe that since Plaxo already has your Gmail address, it is already somehow encoded in here to save you from having to type it in, but I haven’t tried it so I’m not sure
  5. Clicking “Sign up with my Google Account” brings you over to Google with the following screen:
  6. Clicking “Continue Sign-in” tells Plaxo that you are indeed the holder of the Gmail address, at the same time authorizing Plaxo to import your address book from Google.
  7. That’s it! You’re signed up to Plaxo and your Gmail address book is available in Plaxo.

The result was a staggering 92% return rate (from the Google authorization confirmation screen above), of which 92% continued with the sign up and allowed Plaxo to import their contacts from their Google address book. The results were so impressive that Plaxo’s business folks stopped the tech folks from turning off the experiment!

Indeed these results are impressive by today’s standard of endless signup forms and social networking fatigue. I would whole-heartedly agree that through this clever experiment, Plaxo has met their goals of making it better for the user, the identity provider, as well as the relying site.

The technologies that made these possible were:

  • OpenID for proving who you are (to Plaxo that you do indeed own the GMail address.)
  • OAuth (implemented as an extension to OpenID) was used to grant Plaxo access to your contacts stored on Google; and
  • Google Contacts API for actually importing them into Plaxo (would be nice to see Portable Contacts being adopted by Google)

Individually, those technologies are good at what they’re designed to do but when combined with a simple hint such as “the user is a GMail account holder, and is probably still signed in to the service”, it could be very powerful.

Still, my biggest takeaway from the slides are:

  • 17% (of Plaxo signups) come from GMail account holders; and
  • 73% come from the top 4 (Yahoo, Microsoft, Google, and AOL)
  • all of them being OpenID Providers

This shows that you can already take advantage of the fact that a large percentage of users already own an OpenID, who may be more willing to sign up to your service than they otherwise wouldn’t have if faced with another tedious registration form.

While many (including myself) have criticized OpenID that there are more providers than relying parties, Plaxo has proven (with impressive numbers) that with a little ingenuity and optimization of UX, sites can reap the benefits of being an RP!

Advantages of User-Centric Identity

Sunday, March 23rd, 2008

In a world of increasing openness and user-centric -ness (user-centric identity, increasing user-choice, user-controlled data), how do you convince enterprises to give up the data that they guard so dearly? One way to put it may be “it’s happening whether you like it or not, so you might as well go with the flow”. While companies can certainly go with the flow, more forward-thinking corporations may decide to do it more pro-actively, rather than being forced to react.

There were some talks about how VRM relates to DataPortability on the DataPortability-Public mailing list. In particular, this excerpt of a blog post from Adriana Lukas sums up the “What’s in it for business” aspect very well:

What’s in it for businesses?

We live in an increasingly decentralized world with more customer choice, yet vendors continue to fiercely collect and control customer data and exploit the opportunities therein. The ultimate goal of VRM is better relationships between customers and vendors, by considering and constructing tools that put the customer in control of their data and ultimately their relationships with other individuals, companies and institutions.

Benefits of ‘letting go’ of customer data:

  • Customers share the burden of storing and protecting the data – eases compliance, privacy & security concerns
  • Increased access to information about customers – direct benefits to the customer to share more data rather than less.
  • New services from previously unavailable access to customer data

The first bullet is a good point that I had never thought about, and is a very practical benefit. The second point is a classic example of “less-is-more”; maintain less control, and gain more in return. The third point being direct consequence of the second.

When will we see the first product that presents a holistic solution with tangible benefits of VRM to companies, as well as integration with / transition from their existing CRM systems?