We are spending a lot of time thinking about how identity will play itself out on the Internet. We are constantly running into the limitations of the existing arrangements even when companies from our portfolio are trying to collaborate. While there is definitely movement afoot with Facebook, Google and others extending their authentication to third parties and possibly moving the OpenID standard along (see previous posts on this).
But there is also another candidate for identity at least in some situations and that is the mobile phone number. I was reminded of that several times yesterday. First, I met with someone who has been living in San Francisco for quite some time but still has her 917 cell number. That made me realize that I have had my cell number for over 10 years and can’t imagine changing it voluntarily going forward. Then I spent some time with Jeff Lawson from Twilio, which makes it super easy for web developers to add voice interaction to their services. We talked about how IVR is often a pain, but generally that’s the case because the call starts out knowing nothing about you. Since mobile phone numbers change so rarely, that does not have to be the case! When I call say an airline, it should know who I am and immediately offer information directly relevant to me, such as whether my flight is on time. A good example (surprisingly) is the New York Times, which when I call from my home phone pulls up all my information and makes reordering a missed weekend delivery a cinch.
I know that phone numbers can be spoofed via IP telephony hacks, so I am not suggesting that the mobile phone number can easily be turned into a reliable form of identity for security critical applications, but it could be used much more extensively than it is today. This is especially true when you look at some type of multi-modal integration, such as calling in, being recognized and then being able to receive information back via SMS.