If you operate a site or service and want to accept identity from large third parties, you encounter a bewildering array of implementations.  Some are fairly proprietary, such as Facebook.  Others, such as Google, are based on a standard but with a twist.  New ones come along, such as Twitter, and present their own versions.  This makes building them all a real resource challenge.  On top of that there is a real possibility of getting it wrong and creating a usability or worse yet a security problem as a result.

This challenge for site owners is a real opportunity for third-parties to provide a service.  A number of folks have been working on this, but by far the farthest along appears to be JanRain with with their RPX offering.  RPX is a software-as-a-service solution that abstracts away the multiple authentication offerings behind a fairly simple set of calls.  Given the variety of implementations in use that is no small feat.  JanRain is currently pursuing a freemium model with the base version of RPX available for free.

I believe that the benefits from using a “gateway” service can go significantly beyond ease of implementation, provided the gateway becomes popular among sites.   A popular gateway will have a lot of information that is not available to any single site and could be used to provide value-added services.  For instance, if all sites report back on accounts that are spamming or have otherwise been compromised, then the gateway could suspend those accounts across the network.  This is why I chose the word gateway on purpose – this is similar to credit card processing (thanks to Johannes Ernst for first turning me on to this analogy).  Any single merchant has a tiny (if any) fraud history for a particular card, but the network as a whole is efficient at detecting fraudulent activity.

If the network grows big enough, it might also be possible to provide some level of service discovery.  Not sure exactly how this would be presented to endusers (could be at one of the participating sites), but with enough sites participating the gateway could identify sites or services that are often used together and then propose “sites you might also enjoy.”

What is essential for the success of any such gateway is for the big players to support it as a way of speeding up adoption of external identity.  Ideal would be to have official endorsements so that developers can be certain that relying on the gateway will be supported going forward and they won’t suddenly find themselves cut off.

If you operate a site or service and want to accept identity from large third parties, you encounter a bewildering array of implementations.  Some are fairly proprietary, such as Facebook.  Others, such as Google, are based on a standard but with a twist.  New ones come along, such as Twitter, and present their own versions.  This makes building them all a real resource challenge.  On top of that there is a real possibility of getting it wrong and creating a usability or worse yet a security problem as a result.

This challenge for site owners is a real opportunity for third-parties to provide a service.  A number of folks have been working on this, but by far the farthest along appears to be JanRain with with their RPX offering.  RPX is a software-as-a-service solution that abstracts away the multiple authentication offerings behind a fairly simple set of calls.  Given the variety of implementations in use that is no small feat.  JanRain is currently pursuing a freemium model with the base version of RPX available for free.

I believe that the benefits from using a “gateway” service can go significantly beyond ease of implementation, provided the gateway becomes popular among sites.   A popular gateway will have a lot of information that is not available to any single site and could be used to provide value-added services.  For instance, if all sites report back on accounts that are spamming or have otherwise been compromised, then the gateway could suspend those accounts across the network.  This is why I chose the word gateway on purpose – this is similar to credit card processing (thanks to Johannes Ernst for first turning me on to this analogy).  Any single merchant has a tiny (if any) fraud history for a particular card, but the network as a whole is efficient at detecting fraudulent activity.

If the network grows big enough, it might also be possible to provide some level of service discovery.  Not sure exactly how this would be presented to endusers (could be at one of the participating sites), but with enough sites participating the gateway could identify sites or services that are often used together and then propose “sites you might also enjoy.”

What is essential for the success of any such gateway is for the big players to support it as a way of speeding up adoption of external identity.  Ideal would be to have official endorsements so that developers can be certain that relying on the gateway will be supported going forward and they won’t suddenly find themselves cut off.