There was lots more to ponder in the world of identity this week:
John Fontana: CIS Series. Bob Blakley: The value of negotiation Today's login and registration systems may as well shout "Surrender!" rather than asking a user for their name and password or some other combination of identity information. Bob Blakley thinks this reveals a fundamental flaw, and at the Cloud Identity Summit in July he'll use his keynote presentation to explain why the exchange of identity information should be a negotiation.
Mat Honan: Yahoo's Very Bad Idea to Release Email Addresses Yahoo is releasing inactive Yahoo IDs so that users can score a better email address. This means you can finally have firstname.lastname@example.org instead of email@example.com, for example. Sounds great, right? It's actually a spectacularly bad idea.
European Identity & Cloud Awards 2013: Lifetime Achievement Award This year, the "Lifetime Achievement" award has been presented again, and this time it went to Kim Cameron, who has greatly contributed to the Identity Management field with his "Seven Laws of Identity" and who continues to shape the IAM field with new ideas.
Dave Kearns: What do you mean by that? I first became aware of this when the areas of Identity and Security began to seriously overlap late last century. Around 2005 a group, the "Identity Gang," coalesced around the idea of having informal discussions about identity issues either before, during, or after conferences (Catalyst, Digital ID World, EIC, etc.). What we all quickly discovered was that we didn't agree on the meanings of terms. So we launched the Lexicon project. We didn't get very far.
Jim McDonald, Identropy: Open Identity Summit Recap I just returned from the first annual ForgeRock Open IAM Stack Summit (@ForgeRock #ois13 for those on Twitter). It was held in beautiful and rustic Pacific Grove, CA. I made a lot of new friends and was refreshed by the vision of Open Identity. The progress that ForgeRock and the community are making with the Open Identity Stack is creating a viable alternative to the big boys.
Kami Haynes, UnboundID: Why Identity Etiquette Matters An excerpt from a Compass Intelligence Report shows that consumers do care about how their data is used - 62 percent of consumers expect companies to ask permission, in one way or another, before using digital information. Many of the respondents to the study stated that they would like to determine what, if any, of their data is shared.
Anil John: Tools for the Connected Backpacker In this time of always-on connectivity, I hike and backpack to enjoy the outdoors and step away from the pace of daily life. Provided you do not let them overpower your reasons for being in the backcountry, these are some of the gear and technologies that I've found useful in the backcountry.
Ronnie Mitra, Layer 7: When Good API Design is a Waste of Time In the majority of these cases, technical teams have very little say during the procurement process of outsourced and cloud-based services. In effect, these API providers don't need to design for their developer audience because they aren't critical to succeeding. For many years, a sound strategy for selling cloud-based products has been to sidestep technical teams and engage directly with the business. It's frustrating that technology teams are often still left with the responsibility for reducing integration costs regardless of the lack of sophistication in the APIs that they are tasked with connecting to.
Sean Deuby: Attention, IT Pros: You Can Help Evolve a Secure Cloud, Too I was at Microsoft in May for meetings on what the company calls its Cloud OS, the holistic combination of Windows Server 2012, System Center 2012, and Windows Azure. Central to the core of this service--or any modern and complex hybrid computing service--is an integrated identity system. But unlike the world of domains and Kerberos, cloud identity protocols and standards are still far from settled.
Brent Jensen, Stormpath: 2013 Social Login Best Practices One of the alarming things we hear is that social integration is an easy way to deploy basic user management, on a service that will maintain all the security and hosting (in theory). There are some good reasons to connect with Facebook, but ease of deployment is not one of them.
Gigya Offers Log In With PayPal for One-Step Checkouts Yesterday, PayPal announced major upgrades to Log In with PayPal, which allows users to save their payment credentials with PayPal for a more streamlined shopping experience on participating third-party commerce sites. Log In with PayPal eliminates the need for consumers to re-enter their payment information when making an online purchase, acting as a secure commerce identity system that functions across all web properties within its partner network.
Neville Pattinson, Gemalto: A smarter US social security card It would essentially be an updated and modernized version of the one we have today; a durable plastic card with a secure electronic chip which makes it possible to read information stored on the chip electronically and authentic both the card and it's citizen. The idea is not so farfetched, and could resolve many issues that are plaguing the social security system.
Danielle Kucera, BusinessWeek: Using Social Media to Stop Online Payment Fraud Users of Facebook (FB), Pinterest, and Twitter share personal details every day. Now credit bureaus and payment companies Equifax (EFX), EBay's (EBAY) PayPal, WePay, and Intuit (INTU) have begun trials to see whether social posts can help prove identities or detect whether customers are lying about their finances.
Dave Birch: Back in the real world (well, West London) I thought so too. It worked so well that it made me wonder - as was the case using Square in the US - what the point of having the physical card and the card reader was. PayPal have made a real effort to produce a slick customer experience, and it makes you wish that other more conventional players in the retail payment world would do the same. There seems to be an attention to detail in what guys like this do, to be honest. And the race continues. While PayPal is adding Square-like features, Square is adding PayPal-like features.
Identity Woman: Interesting events in 2013 This is a calendar of events that I know in 2013 (and beyond). I think they're interesting, I'm currently planning on attending all the events in BLACK, I'm helping co-organize all the events with RED headlines. Some events will change from interesting to attending as they approach.
IDESG: July 2013 Plenary Meeting What: 5th IDESG Plenary Meeting When: July 24-26, 2013 Where: Massachusetts Institute of Technology (MIT) Media Labs - 75 Amherst St Cambridge, MA 02139
Call For Papers - Open Identity Summit 2013 September 10th - 11th 2013, Kloster Banz, Germany Deadline for electronic submissions: May 15th, 2013 The aim of Open Identity Summit 2013 is to link practical experiences and requirements with academic innovations. Focus areas will be Research and Applications in the area of Identity Management and Open Source with a special focus on Cloud Computing.
eID & ePass 5th edition National eID & ePassport Conference - the Global Forum on the drivers behind the digitalization of citizen ID documents proudly announce the 5th edition in BERLIN 2013, 28th & 29th of October @Intercontinental Berlin.
InCommon Advance CAMP: Identity Services Summit November 12-13, 2013 San Jose, California https://spaces.internet2.edu/display/ACAMP2013/Home Part of the 2013 Identity Week (www.incommon.org/idweek) Join leading identity architects and developers from U.S. research and higher education and international and commercial identerati at Advance CAMP: Identity Services Summit, November 12-13, 2013, in San Jose, California. Explore the state of the art in identity services and discuss the leading edge work that's taking us there. Join us and get involved!
InCommon: CAMP Cloud: Identity and Access in an Era of Outsourced Services November 14-15, 2013 - San Jose, California Part of the 2013 Identity Week (www.incommon.org/idweek) Are your campus stakeholders looking at cloud-based solutions? Are you experiencing challenges or do you have concerns with outsourcing email, storage, or other essential services? Are you concerned about the management and maintenance of an accurate, accountable identity inventory? Come to "CAMP Cloud: Identity and Access in an Era of Outsourced Services" and learn about solutions being discussed and implemented across higher education.