Over the last few months I’ve been involved in two consumer identity projects (lower-trust with OpenID.nl+ and higher trust for the financial sector, see slide 18). Not surprisingly, it are especially the potential relying parties that need convincing to start relying on identity providers to authenticate and identify their customers. Where I (naively?) used to think that the benefits for relying parties were pretty obvious, I learned that there is more to say on this subject than I realized. This is especially true if we also add the dimension of a trust framework to the discussion. Without going into any details: a trust framework is a set of agreements on top of a technical specification to increase trust. For example, US ICAM for government (C2G) identity, or OpenID.nl+.
In this blog post I list the benefits I most frequently use as benefits for consumer identity for a relying party, and the four additional ones if you use a trust framework. Disclaimer: my ideas on this keep evolving, and since this is a blog post I keep it (too) short.
1. Higher conversion at registration, because there is less hassle.
2. More re-visits of existing customers. Since it becomes easier to login.
3. Loose less customers that forgot their username/password, and give up on your website
4. Less (helpdesk) costs due username/passwords reset. This actually mostly applies to website that offer human assistance, or have an expensive (and thereby typically more secure) password reset. It e.g. does not apply to low-security websites that have a automated password reset using a known email address.
5. Enabler of social web. Identity is a first and in most case necessary step towards to social web. E.g., integrating with social network.
6. Enabler to offer integrated services with business partners. E.g., webshops that offer complementary products.
The additional benefits for a trust framework (i.e., a more trusted identity), compared to typical self-asserted OpenId-like solutions
7. More trustworthy and verified attributes. E.g., name or address.
8. More trusted and privacy-friendly. Hopefully both in the customer perception as in reality.
9. Scalability in trust levels. Without a trust framework, trust levels quickly becomes a scalability nightmare in case of more than a few identity providers.
10. Standardized service level agreements. This does depend on the specific trust framework.
Of course, there are also disadvantages, risks and market entry issues, but I want to be optimistic in this blog post 🙂