Tag Archives: OpenID

Surviving & Thriving in the Online Identity Wars: Joseph Smarr at Web 2.0 Expo

Joseph Smarr at Web 2.0 Expo Joseph Smarr at Web 2.0 Expo Joseph Smarr at Web 2.0 Expo Joseph Smarr at Web 2.0 Expo

At the recent Web 2.0 Expo in San Francisco, Joseph Smarr, Plaxo’s Chief Platform Architect, took the stage with an all-new presentation, entitled “Surviving (and Thriving in) the Online Identity Wars”. As usual, he rocked it! Alas, the talk was scheduled for 8:30 in the morning, which meant that even if you were at the conference, you might still have missed it. So, this post is for everyone around the world who wished they could have been there.

Putting this into perspective: A year ago at Web 2.0 Expo, Joseph introduced the concepts of a “Social Web ecosystem” (with Identity Providers, Social Graph Providers, and Webwide Aggregators), fueling a “virtuous cycle” of social content/site discovery. And six months ago, at Web 2.0 Expo in New York, Joseph coined the term “Open Stack,” to refer to the combination of OpenID, OAuth, Portable Contacts, XRD, and OpenSocial, asserting that this collection of “small parts, loosely joined” is a whole that is greater than the sum of its parts.

In this new talk, Joseph gives guidance to sites on how to survive and thrive in the sea change of the opening up of the Social Web. I recommend everyone check out his specific “do’s” and “don’ts”…

Video of the talk (part one)

Video of the talk (part two)

Tagged , , , , ,

Live Blogging the OpenID Design Summit

I’m at Facebook headquarters in Palo Alto for the OpenID Design Summit that was announced last week along with the big news of Facebook joining the OpenID Foundation. I’ll be blogging it with photos and words, as I have at previous Open Stack events. The event starts at noon, and Facebook is live streaming it via Ustream. Folks are beginning to arrive. I see representatives from Facebook, MySpace, Google, Microsoft, Yahoo, AOL, PayPal, Plaxo, Six Apart, JanRain, and Vidoop. Isn’t it great that all of these companies can work together in the open toward a common goal that is good for the web?

OpenID Design Summit at Facebook

Luke Shepard and Dave Morin kicking it off. “The core problem we’re trying to solve is the user experience for OpenID,” says Luke, who is Facebook’s representative to the OpenID Foundation Board.

OpenID Design Summit at Facebook

Julie Zhuo from Facebook’s user experience team is our first speaker, talking about Facebook Connect’s approach to making the experience something users can understand. How can the user understand the value? Value: Skip filling out this form or having to register if you have a Facebook account. Showing CitySearch, citing that Facebook logo is present in the UI, but acknowledging the scalability issue (number of options, logos). What is the relationship between the RP and the OP. Problem: we want to message “Hey, these two sites are going to be tied togethr somehow.” Because the popup design was so simple, we could port it to the iPhone easily. What’s being shared? Instead of describing in text, an illustration of the two sites, with arrows representing flows of sharing. Simplification is a big theme of Julie’s talk. Philosophy: keep the first screen really simple; delay deeper stuff (like extended permissions) to later flows, in context. As a community, we need to figure out how to message and simplify. Showing auth screens for various providers. Can we simplify? Can we standardize?

OpenID Design Summit

Next up is Max Engel of MySpace. Sharing results of testing of OAuth, OpenID, and a hybrid of the two. First, OAuth by itself. An arrow linking AOL and MySpace was found to work better once the MySpace logo was moved from the right to the left, as users thought it meant something different when it was on the right. People were generally comfortable, but the experience was not always what they expected. OpenID standalone tested with Yelp (with hacked HTML, not fully working code). Users were confused. “When ‘open’ was in the term, people had security concerns,” says Max. Another confusion point, “When we gave hint URLs, people tried putting those in, instead of their own.” People felt less secure in the logged in pop-up than the logged out pop-out. Point of confusion in Yelp example: user logs in with a MySpace URL but was then prompted to create a Yelp URL.

Max Engel of MySpace at #openidux

Max continues. OpenID/OAuth Hybrid test was done using Netflix. Big security concerns, perhaps made worse by the commerce aspects of Netflix. Nice user quote, “Once you see it and once you get it, it seems really innovative and useful.” Users liked the hybrid experience in general. Tested “granular scoping” with lots of choices. This was the “crowd favorite” but no one missed it when the choices weren’t there.

Next, Brian Ellin from JanRain (says he doesn’t have a Twitter account; gasp). About to give a history of OpenID interfaces. “The benefit of OpenID? Sign in with an account you already have.” Most users (78%) have not heard of OpenID. Brian is showing what people have been typing into OpenID sign-in boxes. OMG, “elderly,” “I HATE YOU LADY GAGA,” “Hotmail,” their email address, or far to common: nothing. This is great. Showing all different UIs. Some that show canonical examples. Interactive versions, like TypePad’s, idselector, Clickpass, and MapQuest.

Now on to OpenID 2.0, where you can input provider, like yahoo.com. Showing brand power, with results from RPX. The demographics of the site shift the mix of which providers users choose for signup. Showing RPX and Plaxo ui now. Max Engel asks if JanRain has metrics for dropoff between the RP and the OP. Brian says not yet. I whisper to Max, “Stay tuned.” (As I know that Joseph Smarr of Plaxo has that in his presentation, coming after lunch.) Brian points out two key observations:

1) Brand selectors are good at letting users express preference, but at the time of choice, user has no idea which OpenID experience will be better.

2) Knowing which one the user chose, allows that brand to be more prominent in subsequent signin.

3) Once you add a button to your interface, you can never remove it.

Brian Ellin of JanRain at #openidux

Google is up next, with Eric Sachs, Breno de Medeiros, and Dirk Balfanz. Not sure if all will talk, but they’re all working to set up a demo. While we wait, I observe that almost every laptop in the room is a Mac (including mine). The Google team is going to demo the OpenID Popup that they released yesterday. Ooh, that is sweet. Love the “smoky” background. Can’t wait to roll that into the Plaxo/Google hybrid experiment! Funny quote, “If you have good feedback, channel it to Plaxo, who will beat us up.” :)

Breno de Medeiros of Google at #openidux

Interesting question about the consent page. Has Google experimented with granular permissions, vs. having all the items consented to at once? “Yes. It was horrible,” says Eric Sachs. “People cursed at us when we did it one by one. They want it in a single step.” Wow. Important insight.

Next up, Joseph Smarr of Plaxo. Hilarious intro. (I’m biased.) “Hi! I’m Plaxo, and I’m in an open relationship with all of you. But it hasn’t always been easy. Sometimes it’s been confusing. And you haven’t met all my needs (for user data). By lately I’ve been spending a lot of time with…Google.” (Lots of laughs). “Experimenting with a new technique, that leverages more of the Open Stack.”

Joseph described the exeriment Plaxo and Google did, using hybrid OpenID/OAuth plus Google Contacts. Trying to prove that Open Stack onramping can be strictly better for all parties than traditional registration flows via a two-click signup.

Demo just went *great* and we’re looking at the final step. After the onramping, the new user is shown an “education lightbox” reminding the user where to look for the “sign in with Google” link.

Now, to the results. Drum roll, please. But wait! The RP/OP round trip, a.k.a “the Chasm of Death.” Asking the audience to guess the percentage of people who would survive. The crowd guesses 35%, 45% , 50%. The real answer is 92%! The crowd is wowed.

That means we lose 8% to the chasm of death. Of those that return, 8% choose “no” to the Google account signup option/consent. 92% say yes and automated address book import. Joseph says, they get higher conversion rates, higher import rates, more connections per user, and no drop-off in return visits.

“In other words, our business guys won’t let us turn off the experiment!”

Joseph Smarr at the OpenID Design Summit

Joseph says, “This is an historic movement. I’ve been evangelizing this stuff for two years, but all of the experiments before this were worse for our business. This is no longer about selling this as good for the web. This is about the Open Stack being measurably better for your business than traditional registration.”

Here’s Joseph’s presentation.

We’re back and Chris Messina of Vidoop and the open community at-large is up, sharing views about various contexts that OpenID will need to survive and thrive in, including web, mobile, desktop, API, and headless. Now, Chris is walking us through various OpenID UIs, pointing out points of confusion, also showing alternatives with better user experience. I’ll add a link to his slides when I have it.

Chris Messina at OpenID Design Summit

We’re going to breakout groups now. One for Relying Party concerns, one for Providers. I’ll let the working sessions proceed without live blogging. I’ll return to the task when the groups convene to share results.

Update: ReadWriteWeb wades in on the implications of the Plaxo/Google experiment.

RP breakout session

OP breakout session

The live stream laptop

Summary from the OP breakout
Julie is talking. Agreement on popup as the way two go; two states: signed in or not. Have a high-level outline. Next steps real wireframes. On the white board now. Site name at the top. Below that something illustrating “what is happening”. Below that Options. Then ID and password (for not signed in). Legaleze, preferably small. Below that Okay or Cancel. Second step (optional) for getting access to more data. What’s interesting to me is it sounds like the OPs ended up with strong consensus about key elements. Max Engel from MySpace adding commentary, along with Angus Logan of Microsoft, and now Allen Tom of Yahoo. Consensus = goodness here. Second screen for the signed in state: site name, who you are, what is happending, options, okay/cancel. Same as first screen but simplified. Agreed that canceling just closes the pop-up and returns you to the site. Discussion around how to handle the different states (like cancel). Max chiming in, plus Breno from Google. Unresolved is sign-out implications between the sites. Breno sharing the need for getting RP logos from the web, with simple discovery; upload from the RP to the OP is not scalable. A little bit of back and forth on some corner case questions, but *great* to hear how MySpace, Facebook, Google, Yahoo, and Microsoft emerged from a room all “on the same page”. Facebook, MySpace, and Google “magically converged” on the same width for the ideal popup, says Julie. (450 pixels, I think.) Breno says that there should be a hard requirement that the popup can be re-sized.

Summary of the RP breakout
Luke Shepard from Facebook is sharing the findings. The big question is what to show the user: box vs. buttons vs. smart typeahead. Joseph Smarr from Plaxo chiming in: we have a set of contexts (like Chris Messina talked about before: organic signup, viral signup, return signin, lightweightm download/desktop, mobile, email validation, OAuth-only, prove affiliation, personalization, “connect”). To do these right, we have a wishlist for what we want from the OP (button, email, data access via OAuth/hybrid, discovery of services, is user logged in?, streamlined UX, email to OpenID lookout). Luke is now talking about one of the big concepts/issues: How can an RP? Eric Sachs of Google talked about doing a “third-party cookie system than (opted-in) users could reveal their identity provider. Breno says it’s like DNS. Neutral third-party. Eric had said there’s an existence proof for something similar for advertising systems for compliance with various privacy laws around the world. Joseph talking “RP Verticals” worth exploring for thinking through differing needs and UX approaches (media sites, e-commerce sites, blogs, social sites).

Tagged ,

Open Stack FTW: Facebook joins the OpenID Foundation!

From the OpenID/OAuth UX Summit

It’s a great day for the opening up of the Social Web. The largest and fastest growing social network, Facebook, has sent their strongest message to the world that “open” is strategically important to them by stepping up to become a corporate member of the OpenID Foundation. Sweet! Breaking coverage: VentureBeat, CNET, TechCrunch.

Given the popularity and positive user experience of Facebook Connect, we look forward to Facebook working within the community to improve OpenID’s usability and reach. As a first step, Facebook will be hosting a design summit next week at their campus in Palo Alto which follows a similar summit on user experience hosted at Yahoo! last year. The summit will convene some of the top designers from Facebook, the DiSo Project, Google, JanRain, MySpace, Six Apart and Yahoo!, focusing on how existing OpenID implementations could support an experience similar to Facebook Connect.

Here’s the official post from Facebook’s Mike Schroepfer. The best quote: “We see great opportunities to increase our contributions across the open stack.”

This news will surprise (or even shock) many, but I see this as a natural and expected move. After all, Facebook has been getting more and more involved in the open community, attending the OpenID UX Summit last Fall and the Activity Streams meetup a few weeks ago. And Luke Shepard, from the Facebook Connect team, ran in the recent election for the OpenID Foundation Community Board. Luke will now be Facebook’s official representative to the foundation.

I have to say this is a great moment in time. I am so proud of my friends at Facebook who have helped make this happen. Props to Dave Morin and to Luke Shepard. You guys rock!

In related news, Joseph Smarr of Plaxo is being added to the OpenID Foundation Community Board as a result of Facebook becoming a new corporate member. (The rules of the Foundation have the Community Board expanding at the same rate as the corporate membership. Joseph happened to be next in line, based on the election results.)

Looking forward to next week’s OpenID UX Summit, hosted by Facebook. It wouldn’t be surprising if I were to live blog it!

Recommended reading: Chris Messina’s take on the news.

Tagged , , , , ,

The Social Web TV: Google, Plaxo, and Hybrid OpenID

In this week’s episode of The Social Web TV, Joseph Smarr and I are joined by special guests, Dirk Balfanz and Breno de Medeiros of Google to discuss this week’s rollout of Hybrid OpenID/OAuth and a “Two-Click Signup” experiment between Google and Plaxo. Check it out:

Tagged , , ,

An “Open” Letter to the Obama Administration

FDR was the radio President. JFK was the TV President. Obama is the Internet President. How should this administration leverage the Open Stack to revitalize our democracy? Chris Messina, Joseph Smarr, and I tackle that question in the latest episode of The Social Web TV:

Tagged ,

New Episode of The Social Web TV: “On Feeds and OpenID Momentum”

The acceleration in the emergence of the Social Web continues, confronting David Recordon and me with the challenge of trying to cover six different news items in one less-than-15-minute video podcast. We found a way to weave them together in a narrative arc that starts with some things relating to activity streams (or “feeds”) then segues into OpenID momentum. Topic discussed include: Yahoo adds 20 external feeds; iLike integrates with Google Friend Connect; Plaxo integrates with Amazon; Google adjusts resourcing for Dodgeball and Jauiku; Six Apart enhances support for OpenID in TypePad Connect; and OpenID reaches more than 30,000 sites and more than half a billion accounts. Check it out:

Tagged , , , , , , , ,

On OpenID Gaining Momentum: 30,000 Sites, Half a Billion Accounts

Two nice pieces yesterday on how OpenID picked up steam in 2008. David Recordon’s post at OpenID.net is simply entitled 2008:Momentum. It offers a great review of the progress made last year:

2008 was an awesome year for OpenID where the community created significant momentum moving toward mainstream adoption. No, not every site on the web is using OpenID nor does every consumer know what OpenID does, but last year alone the number of sites that accept OpenID for sign in more than tripled1. Today, there are over thirty-thousand publicly accessible sites supporting OpenID for sign in and well over half a billion OpenID enabled accounts.

He supports the claim of momentum with no fewer than 11 proof points!

The other post is from Wired.com’s Michael Calore, entitled Want Proof OpenID Can Succeed? Just Scroll Down. David Recorodon and I are both quoted in the piece. Michael focused on the traction OpenID is showing in the area of blog commenting, which led to this great quote from David:

“Blog commenting is not a niche,” he says. “Social activity on blogs in total dwarfs social activity on any particular social network.”
“If anything, the success of OpenID and Facebook Connect in situations such as commenting on blogs, coupled with a number of high-profile sites, will continue pushing this idea toward a mainstream audience that cares about being able to easily sign in, find people they know, and share what they’re doing on the web.”

Let’s hope that the incredible gains OpenID made in 2008 will be matched and exceeded in 2009. With strong support from Google, Yahoo, Microsoft, AOL, Six Apart, Plaxo and more than 30,000 other sites, I think that’s fairly likely.

Also worth checking out is David’s other recent post, this one at Six Apart’s blog, detailing enhancements to Typepad Connect, with expanded support for OpenID, including user-friendly click-the-logo sign-in via Google and Yahoo accounts!

Tagged , , ,

Optimism for 2009: Joseph Smarr Demos the Near-Future of the Social Web on the Open Stack

Joseph Smarr at the Open Stack Meetup

It is kind of fashionable at the moment to point out the real or imagined shortcomings of OpenID, in light of the elegance of Facebook Connect. But the reality is that together with the other elements of the Open Stack (OAuth, XRD, Portable Contacts, and OpenSocial), OpenID is entering 2009 with incredible momentum, and tantalizing possibilities. And no one is more capable of demonstrating the possibilities than Plaxo’s Joseph Smarr, who “kicked ass” at the recent Open Stack meetup. Video of his killer presentation with demos has just been posted online. Yes, it’s geeky, and the demos are not pretty to look at, but the new capabilities shown will be turned into product early in 2009 at Plaxo, Google, Yahoo, and MySpace, among others. If you want a glimpse into the near-future of the Social Web, built on the Open Stack, this is 17 minutes of must-see TV:

Also, check out Joseph’s new post reviewing six months of progress on Portable Contacts.

Tagged , , , , , , , ,

My Keynote Address at Last Week’s Open Stack Meetup

2008 is going out on a high note, with incredible momentum for the new Open Stack. I had the honor of delivering a brief introduction to the Open Stack at last Friday evening’s Open Stack Meetup in San Francisco. We’ll end up using this material on The Social Web TV somehow, but thought I’d share this you now. [Warning: Contains cursing.]

Tagged , , , , , ,

For Posterity: The First-Ever “Open Stack” Meetup

I’m just back from a great evening in San Francisco for the first ever Open Stack Meetup, put together by David Recordon of SixApart and Joe Stump of Digg, and hosted at Digg. I had the honor of kicking off this historic event with a keynote on the Open Stack, as a whole greater than the sum of its parts. [Update: Video of my keynote is now online.]

The godfather of open, Marc Canter reports that there were about 100 people there, and I totally agree with him that “Joseph Smarr just kicked ass”. There was a mix of vision, description, and demo, and it all came off pretty well (given how little coordinated planning was involved). Plus, we gave out a cool new t-shirt that said, “I hack on the Open Stack”.

Here are a few photos I took. We’ll follow it up with video on The Social Web TV.

Eran Hammer at the Open Stack Meetup

David Recordon at the Open Stack Meetup

David Recordon at the Open Stack Meetup

Allen Tom at the Open Stack Meetup

Kevin Marks at the Open Stack Meetup

Kevin Marks at the Open Stack Meetup

Joseph Smarr at Open Stack Meetup

Joseph Smarr at Open Stack Meetup

Joseph Smarr at Open Stack Meetup

Joseph Smarr at Open Stack Meetup

Joseph Smarr at Open Stack Meetup

Joseph Smarr at Open Stack Meetup

Chris Messina at Open Stack Meetup

Tagged , , , , , , , , , , ,
Follow

Get every new post delivered to your Inbox.

Join 34 other followers

%d bloggers like this: