Last week I visited for the first time the Internet Identity Workshop in Mountain View (www.internetidentityworkshop.com). It was a great happening with lots of people ‘on a mission’
(me included). After all impressions ‘sunk aways’ the following sticks around in my mind:
- Fragmentation. The domain is highly fragmented with lots of initiatives. On the event I counted at least twenty. Think of names like Info Cards, OpenID, XRI, VRM, SAML, XRD, OAuth, Webfinger, OIX, PubSubHubbub, LRDD, Kantara, Liberty Alliance, OSIS, RSA,
Firefly, Higgins, Concordia, Identity Commons, Pamela, ID-Legal etc etc. A standard procedure on the IIW is an ‘acronym freeze’ and the right of every visitor to ask for the meaning without looking stupid.
- Use case based innovation. The reason of fragmentation in this domain is the ‘use case based’-innovation. Everybody with a problem or urge starts a project and develops over time in the landscape. By having a lot of meetings and short interactions the changes
of convergence of initiatives are maximized. If nothing happens, the project dies. Survival of the fittest. There are many versions of the modern history on internet identity. The good thing about use case based innovation is that things move one, the risk
of ‘analysis paralysis’ is minimized. On the other hand, an overarching concept of solution framework would do good to all initiatives.
- No paying customers. Internet identity has its roots in blogging and social networks. OpenID is the initiative with the most traction. There is no perceived financial value by relying parties, except for the improved user experience. Relying parties are
not willing to pay for identity with hardly any verified identity of users. There wasn’t a clear addressing of what business proposition e-identity can bring to relying parties other than technical propositions.
- The trust issue between parties in a network. This has to be solved, otherwise e-identity will remain a technology driven affair. The recent initiative by Open Identity Exchange is a promising step, where trust is organized by separating trust providers
from their auditors. Any vertical industry or sector can then define their requirements for identity providers. The issue of liability remains unsolved to date, so a lot of work still to be done. Recent initiatives in The Netherlands and Nordic countries,
might give an additional direction on how to tackle these kind of issues.
- No presence of telco’s and banks. These players hold the key for massive adoption of e-identity, since they already have a lot of identities issued. Identity is too often regarded as an internal affair, used to solve e-banking access for clients. Mainly
by Nordics banks identity is seen as a re-usable asset for businesses and governments.
The conference format was made ‘fit for purpose’ for the subject. The event was led by Kalya Hamlin, (www.identitywomen.net), a pro in the so called ‘unconference’ format. The agenda is made on
the day itself, and anyone can instantly host a session. The notes are published on the wiki (http://iiw.idcommons.net/Notes_IIW10) and at the end of every conference
day, the results of the sessions are briefly summarized. In this fashion you get to cover many topics and meet lots of people. This fall IIW will come to London for a European session.
Here’s my take: it’s about time internet identity is approached as a two sided market. In this market paradigm users and relying parties both interact with each other with the help of a platform. The platform (e.g. single players like Facebook/Google/ Paypal/etc
or a network of cooperating parties) optimizes both the proposition towards users and the relying parties. The relying parties are business (including banks) and governments, all with clear business needs: relying parties achieve better e-services for their
customers and lower cost of operation. Hey, this sounds like a service being worth paying for, just like the same relying parties pay for other services such as banking, telecommunications and energy. If there is value, a market can come and the growth will
come by itself when the trust is organized properly. It’s just a matter of getting the industry act together. Let’s start looking for the business problems we are trying to solve with e-identity.