MySears and MyKmart community sites are online destinations that give consumers a variety of ways to share in-depth information about products, helping make their purchase decisions easier. Visitors to these websites have the opportunity to write product reviews, post comments on the reviews of others, participate in discussion boards and post ideas for the community to vote on. Customers also have access to special offers and coupons in return for their participation in the community.

Read what Sears and Viewpoints (a technology partner) had to say in their press releases:

“We’re constantly looking for ways to stay innovative in our online initiatives by identifying and implementing technologies that help our users navigate our communities with ease,” says Rob Harles, Sears’ vice president of community. “Our adoption of the OpenID technology helps simplify our customers’ online experience and ultimately helps us meet our goal of ensuring our customers have the most efficient shopping experience possible.”

“As the social web becomes a bigger part of our everyday interactions and the boundaries separating the myriad of social networks blur, portable online identities will become critically important,” commented Matt Moog, Founder and CEO of Viewpoints Networks, a SHC technology platform partner.

By building on top of OpenID and related technologies, Viewpoints allows its clients’ websites to offer a more intuitive and customized user experience that uses existing profile data a consumer brings to their site from various OpenID Providers. Viewpoints and Sears have taken advantage of much of the ongoing user experience and usability work that is one of the two main focuses of the OpenID Foundation this year. Viewpoint and JanRain continue to show that by implementing OpenID in an innovative manner, companies such as Sears will increase registration and login rates while also enabling instant engagement with the consumer.

Sears and Kmart’s adoption of OpenID demonstrates its fundamental business value; it makes things easier for web users. In this case, OpenID makes the online shopping experience richer and simpler for customers. While much has been made of the impact of the social web, the action taken today by Sears and Kmart shows how relevant OpenID is becoming to mainstream retailers. This adoption is another example of the groundswell of interest found across a wide spectrum of today’s online user experiences.

This announcement represents a major step forward in OpenID adoption by a top ten retailer outside of the technology industry. Deployments like these continue to build on the ongoing usability and user profile management work being championed and facilitated by the OpenID Foundation and its membership. Sears and Kmart have provided a great example of how OpenID can dramatically facilitate quicker, easier, and richer online engagement.

The OpenID User Interface Extension is one of the main pieces of work that has come from the OpenID Design Summit hosted by Facebook earlier this year. The extension replaces the traditional OpenID sign in flow of being redirected from the Relying Party to the OpenID Provider with a popup window which shows the URL bar on top of the Relying Party itself.

The Google Code Blog writes about their implementation in more detail:

The new popup style UI, which implements the OpenID User Interface Extension Specification, is designed to streamline the federated login experience for users. Specifically, it’s designed to ensure that the context of the Relying Party website is always available and visible, even in the extreme case where a confused user closes the Google approval window. JanRain, a provider of OpenID solutions, is an early adopter of the new API, and already offers it as part of their RPX product. As demonstrated by UserVoice using JanRain’s RPX, the initial step on the sign-in page of the Relying Party website is identical to that of the “full page” version, and does not require any changes in the Relying Party UI.

Once the user selects to sign in using his or her Google Account, the Google approval page is displayed. However, it does not replace the Relying Party’s page in the main browser window. Instead it is displayed as a popup window on top of it. We have updated our Open Source project to include a complete Relying Party example, providing code for both the back-end (in Java) and front-end (javascript) components.

Once the user approves the request, the popup page closes, and the user is signed in to the Relying Party website.

User experience continues to be one of our key priorities for the community and foundation this year, and progress like seeing Google and JanRain ship the first implementation of the OpenID popup flow is demonstrating that we’ve been able to seize the momentum coming into this year and make real progress in a short period of time.

We’re looking forward to discussing this and other initiatives at the Internet Identity Workshop this coming Monday.

Last week representatives from the OpenID Foundation (Google, JanRain, NRI and Yahoo!) led a discussion about third-party authentication and user-centric identity with representatives from several online retailers. Topics included:

• Business case for OpenID and third-party authentication
• Best practices for online retailers leveraging OpenID
• Leveraging rich user data from third party identity providers
• Feedback from online retailers to the OpenID Foundation and member companies.

Tatsuki Sakushima of NRI led a case study presentation on Japan Airlines’ use of OpenID and a custom extension they developed for federated identity with hotel and car rental agency partners. This work has led into the creation of the Contract Exchange Extension working group to develop a standardized extension for this use case.

• Japan Airlines saw a 100% increase in partner registrations as a result of the OpenID deployment.
• Further, Japan Airlines was able to deploy a federated identity solution with its business partners faster, more flexibly, and at lower cost than alternative approaches they had been considering.

Praveen Alavilli of Amazon enthusiastically endorsed the work of the Usability Committee: the User Interface Working Group proposal and first draft of the OpenID User Interface Extension.

Brian Kissel of JanRain reviewed several case studies summarizing the quantitative and qualitative benefits of OpenID and third-party authentication. Some examples include:

• Sulit.com.ph: 15% of new registrations are via OpenID, up from 10% a couple of months ago
• 37 Signals: 15% of logins are via OpenID on their Basecamp productivity application
• Mixx: UI improvement resulted in ten-fold increase in registrations via OpenID and third-party services. 20% increase in registrations from direct and referrer traffic.
• AFI (Rock band, event promotion): “We were blown away with the fan response. In two weeks we received 850 (YouTube video) submissions, had 12,500+ fans register on the website, 10,000+ comments, and over 100,000 votes to select our winners.”
• Get Satisfaction: Deployments for their customers — Twitter and Songbird — are seeing OpenID utilization of 20% or more
• Sourceforge.net: OpenID login has grown to about 10% of total logins
• Stackoverflow: Third-party registrations have grown from 10,000 to 50,000 users in a couple of months

The entire webinar presentation is on Slideshare and embedded below.

Improving the OpenID User Experience

Speaking of the Usability Committee, at the last OpenID Foundation Board meeting, an official committee was formed to help continue spearheading the community efforts. Allen Tom of Yahoo! and Luke Shepard of Facebook agreed to co-chair this important new committee. They’re looking for volunteers, so if you’re interested, make sure to get in touch with them. With Breno de Medeiros of Google, Tom is proposing an OpenID User Interface Extension. This an exciting continuation of the work started at the Content Provider Advisory Committee as well as the past User Experience Summits hosted at Yahoo! and Facebook.

So it’s been an exciting and productive time during the last few weeks. We encourage others to share their experiences, successes and challenges with the OpenID community via the mailing lists and our new UserVoice feedback site.

At MySpace, we recently released several critical new feature enhancements to MySpaceID, a product under the MySpace Open Platform. We delivered OpenID support, an OpenID/OAuth Hybrid experience, and support for syndicating “Friend Updates” via the emerging Activity Streams specification.

These new components to the MySpace Open Platform allow us to not only provide developers with new tools to create distributed applications that are built on top of our social platform, but also to deliver an identity solution that builds on top of the “Open Stack” to provide flexible an extensible options that embrace open standards.

OpenID aligned perfectly with MySpaceID as an authentication technology. As a social portal, we already embraced the notion of representing identity with a URL. An overwhelming number of our users have setup vanity URL’s (i.e. myspace.com/pixelelated) and so we knew that OpenID would align well with our users. In addition, we wanted to make sure that we were working with the flow of the web, and we strongly believe that collaborating on open standards is critical to this mission.

As we worked on our OpenID solution for MySpaceID, we knew that we had to rollout the technology in a way that emphasized a lightweight and simple interface design and user experience. OpenID has wrongly been maligned by a stigma that the technology can’t be easy to use. Our aim was to break that label and demonstrate with our MySpaceID product that OpenID and usability aren’t conflicting terms. Luckily, there was a community ready and willing to help. The progress made at two OpenID Usability Summits helped us refine our implementation and allowed us to leverage the collective knowledge of other OP’s. This is the strength of open standards: the ability to work together to forge ahead and work together to solve a problem.

When working on the MySpaceID design, we embraced a pop-up window for login to help make the user experience even easier, and to help the integrating relying party offer a clean hand-off. We support both directed identity as well as standard URL-based discovery, and ultimately feel that by offering modular options to developers we are creating the most value for our users. In addition, by rolling out the OAuth Hybrid extension with this, we can allow our users to provision web service access to their MySpace profile, friends, content, and activities in the same step.

Beyond our new enhancements around single-sign on with OpenID, and the rollout of the Hybrid protocol, we are supporting the new Activity Streams specification. A core part of the DNA of MySpaceID is empowering the user to take their data with them. By offering API’s for sharing activities, we’re enabling our users to take their own activities and share them through aggregation and lifestreaming services. In addition, developers can provide a user with a window into their life on MySpace by incorporating the API in Dashboard-style widgets, such as our implementation with the new Yahoo! homepage. With activity sharing, we wanted to go beyond just offering the functionality and ensure that we were working with the community to implement something that could be standardized. We embraced this philosophy when collaborating on the Portable Contacts spec and worked to align it with OpenSocial, and so we were quite comfortable with this model of development.

I hope that we have shown that our choice for the technological piping which powers MySpaceID (OpenID, OAuth, Portable Contacts, OpenSocial, and Activity Streams) didn’t negatively impact the experience we could provide. In fact, it was quite the opposite. Our choice to embrace these open standards has given us a more powerful and flexible platform. We’re excited to prove that a MySpace user can visit any site that has integrated MySpaceID and go from a button click to bringing their identity with them, all while doing it in a way that has a clean user experience and puts the user in control of their privacy, security, and data. As an OpenID community, we’ve all worked to make tremendous progress over the past year, and I think we’re only beginning to realize the real potential to empower users through open standards for the social web.

Even with the substantial momentum that OpenID has gained already in 2009, Don has his work cut out for him beyond our two main priorities of improving user experience and security along with increasing our outreach to and engagement of website operators and end users. To get a sense for his priorities and anticipated plans for the Foundation, I asked him some introductory questions:

1. Q: How did you first learn about OpenID and what interests you in the technology?
   A: I have been working with web transactions, privacy policy and identity validation for a while now. So I’ve been watching OpenID from the sidelines. I’ve wanted to take a deeper dive in how social networks overlays those issues. The Foundation is at the intersection of those issues and more. There’s no better place to be.
2. Q: What challenges do you think OpenID faces that it must confront in 2009?
   A: First and always, continue to balance the interests and be responsive to all stakeholders, community members, and corporate sponsors, etc.

   Second, to deal effectively with success. That means to make sure the Foundation can responsibly sustain and accelerate the momentum now underway.

3. Q: What technologies or services suggest where you think the web will go over the next several years?
   A: I know we at the beginning of the era of social networking. But I’m not smart enough to know where the web will go. That’s one of the things I like about this space.

   I do know the OpenID can be a “Front Door” for the web experience for people, for users, for members across the board.

4. Q: What experience do you have that you intend to bring to the OIDF?
   A: I have a career-long interest in identity authentication and a personal passion for protecting individual privacy. It is a painful irony that is seems our physical identity is more protected than our digital identities.

   I come from the content creation and online transactions world. I have the benefit of learning from naive and failed attempts at walled gardens — proprietary plays and the like. So collaboration is more than a mantra: it’s the only way this work gets done on a corporate, community and personal level.

5. Q: As ED, what will be your top three priorities?
   A: My short-term priorities are to build a foundation for growth. It’s not sexy but “plumbing” is important. So my immediate focus will be on making sure the Foundations’ finances and governance issues are solid. The third priority is to begin planning for a major OIDF event later in the year.
6. Q: What are you most looking forward to with regards to OpenID in 2009?
   A: I am blown away by with the level of engagement from all stakeholders. The make-up of the new board reflects how articulate, diverse and committed the community is. A physics professor of mine pointed out the high correlation between passion and success. The OIDF seems to have both in abundance.

If you’d like to reach out to Don and welcome him, you can contact him via email at don@oidf.org or leave a comment right here.

Luke Shepard, a key member of Facebook’s Platform and Connect teams and a huge internal advocate for OpenID, has been selected as their representative and joins the current board of seven community elected board members and six sustaining corporate members: Google, IBM, Microsoft, PayPal (joined last week), VeriSign and Yahoo!. Additionally, to maintain the ratio of community and corporate board members, Joseph Smarr will be joining the board as our eighth community member.

As the OpenID community entered 2009 two key topics have become the focal points on the road to mainstream adoption: user experience and security.

Given the popularity and positive user experience of Facebook Connect, we look forward to Facebook working within the community to improve OpenID’s usability and reach. As a first step, Facebook will be hosting a design summit next week at their campus in Palo Alto which follows a similar summit on user experience hosted at Yahoo! last year. The summit will convene some of the top designers from Facebook, the DiSo Project, Google, JanRain, MySpace, Six Apart and Yahoo!, focusing on how existing OpenID implementations could support an experience similar to Facebook Connect.

Facebook’s financial contribution along with its membership on the board signals the company’s enthusiasm to work more closely with the OpenID community, building up momentum towards their adoption of OpenID as a standard. Facebook furthering its commitment to openness couldn’t have come at a better time to make 2009 an amazing year for OpenID and the wider social web.

For press contacts, please call OpenID Foundation board members David Recordon at 503.341.3009 or Chris Messina at 412.225.1051.

• Open standards-based user-centric identity is clearly becoming an increasingly important part of the evolving web infrastructure
• PayPal has significant experience and expertise with security, trust, reputation and retail transactions that can be directly relevant as OpenID expands into new market and application areas

Executive committee announced

Following the community board member elections in December, the Board elected its Executive Committee (EC) at the first OpenID Foundation Board meeting of 2009 (minutes). The EC which works with the executive director on day to day operations and governance of the Foundation.

The following members were selected to the EC for 2009:

• Chair – Brian Kissel (JanRain)
• Vice-Chair – Scott Kveton (Vidoop) who was previously Chair
• Secretary – Mike Jones (Microsoft)
• Treasurer – Raj Mata (Yahoo!)
• Committee Liaison – David Recordon (Six Apart) who was previously Vice-Chair

The election of the EC was by unanimous consent on a full slate of officers, as discussed and determined by all the board members. The full Board meets every six weeks and the EC meets every two. In addition, in affirmation of the global nature of OpenID, the Board recently voted to add an International Liaison to the EC and will select that member shortly.

Board members featured on ReadWriteTalk

Last week, four Board members joined Sean Ammirati and others from popular technology blog ReadWriteWeb for an hour long podcast about increasing overall OpenID adoption, future plans for the OpenID Foundation and our thoughts on Google Friend Connect and Facebook Connect. The interview has been published on ReadWriteTalk.

Once again, we look forward to continuing our progress in 2009 and continue to welcome the input and contributions of the entire community.

2008 was an awesome year for OpenID where the community created significant momentum moving toward mainstream adoption.  No, not every site on the web is using OpenID nor does every consumer know what OpenID does, but last year alone the number of sites that accept OpenID for sign in more than tripled¹.  Today, there are over thirty-thousand publicly accessible sites supporting OpenID for sign in and well over half a billion OpenID enabled accounts.

• AOL², Google³, Microsoft⁴, mixi (the largest social network in Japan)⁵ and Yahoo!⁶ have all shipped OpenID Provider implementations with nearly all of them supporting OpenID 2.0.
• In addition to many of the independent OpenID Providers already supporting the ability to exchange profile data, Google added the ability to do so in a limited fashion with AOL⁷, mixi⁸ and Yahoo!⁹ have all introduced it in a limited beta fashion.  This means that OpenID users signing into your site will easily be able to share information like their preferred username or email address if they wish to do so.
• A number of major sites added support to sign in using OpenID including AOL’s MapQuest¹⁰, Google’s Blogger¹¹, Microsoft’s Health Vault¹², SourceForge¹³ as well as the commenting services TypePad Connect¹⁴ and Intense Debate (which in turn enabled Barack Obama’s Change.gov¹⁵).  Google Friend Connect also enabled any site to support OpenID sign in via JavaScript¹⁶ which thousands of sites have done.
• Google, IBM, Microsoft, VeriSign, and Yahoo! joined the board of the OpenID Foundation¹⁷ bringing additional insight, complementing the community board members and helping financially support the organization.
• A Japanese chapter of the OpenID Foundation was formed in February¹⁸ and has since added nearly forty-five member companies¹⁹; including merchants, portals, educational institutions, insurance companies, manufacturing companies, airlines and banks.
• The BBC hosted twenty-six people from seventeen organizations in New York City to kick off an OpenID Content Provider Advisory Committee²⁰ meeting facilitated by JanRain and the OpenID Foundation.  Through the day specific questions by the content provider community (media companies and national affinity groups) were answered about OpenID and a discussion around how it could benefit the participants by supporting OpenID.
• The OpenID Foundation helped push forward usability and user experience research and best practices, by hosting an OpenID user experience summit led largely by Yahoo! and Google.  The community plans to continue this work throughout 2009, with many individuals and companies participating.
• Projects aimed squarely at open source developers like the Pinax platform which is built atop Django or the DiSo project atop WordPress and Movable Type integrated OpenID support as a core feature, making it even easier to build new social websites with support for OpenID sign in.  These of course join the likes of Ruby on Rails which already had an OpenID plugin used by sites like 37Signals.
• The OpenID Provider Authentication Policy Extension was approved as a finalized OpenID specification²¹.  It enables Relying Parties to request that the Provider employ specified authentication policies such as that the Provider employ a phishing-resistant authentication method.
• Multiple community driven projects looked at how OpenID usability and security could be improved by integrating OpenID with the web browser.  Coming into 2008, VeriSign had launched their OpenID SeatBelt plugin and Sxip launched Sxipper for FireFox and Flock.  In 2008, not only did VeriSign²² and Vidoop²³ add one-click sign in functionality to their OpenID Providers, but Flock, MySpace and Vidoop collaboratively launched a new project called Identity in the Browser²⁴.  I also wrote my thoughts on Getting OpenID Into the Browser, talking about why an identity enabled web browser really should be built.
• The first annual election of the OpenID Foundation’s community board members was held where one-hundred-and-seventy-five members voted resulting in the election of Brian Kissel, Chris Messina, David Recordon, Eric Sachs, Nat Sakimura, and Snorri Giorgetti²⁵.

Indeed, the launch of Facebook Connect – a completely proprietary identity system for the web – in 2008 underscores the importance of open standards-based technologies like OpenID.  Certainly it provides clear motivation to the entire OpenID community to demonstrate the value of decentralization and interoperability with an additional emphasis on usability, security and consumer friendliness.

While Facebook Connect continues introducing consumers and companies to the idea of shared sign in and profile exchange, forward-looking social networks like MySpace are now building the same functionality atop OpenID, OAuth, OpenSocial and other non-proprietary technologies.  To their credit, Facebook continues to participate in an increasing number of meetups and events around OpenID.

Considering all that has been accomplished by the community since OpenID 1.0 first appeared on LiveJournal in 2005, in its short three-year history, OpenID has seen phenomenal adoption by individuals, the open source community, non-profits and companies. 2009 most certainly will see a continuation of that trend, especially as usability, consumer utility and pragmatic solutions become the focus.

1. Relying Party Stats as of Jan 1st, 2009
2. Why AOL Created 63 Million New OpenIDs
3. Google is Now an OpenID Provider
4. Windows Live Adds Support For OpenID, Calls It De Facto Login Standard
5. mixi Supports OpenID with the Simple Registration Extension
6. Yahoo Implements OpenID; Massive Win For The Project
7. AOL releases preview support for SREG
8. Mixi Brings Sophisticated OpenID to Millions of Japanese Users
9. Yahoo! OpenID limited testing for Simple Registration support
10. AOL’s MapQuest Integrates OpenID
11. Blogger Buzz: OpenID Commenting
12. Microsoft’s First Step In Accepting OpenID SignOns – HealthVault
13. SourceForge Allows OpenID Logins
14. TypePad Connects to Google, AOL, Yahoo! and more
15. Barack Obama’s Change.gov Adds OpenID
16. Google Friend Connect: now available
17. Evolving the Foundation Board
18. Supporting OpenID Communities Around the World
19. OpenID Japan Launches with 32 Member Companies
20. OpenID Content Provider Advisory Committee Kickoff Meeting
21. PAPE Approved as an OpenID Specification
22. Personal Identity Portal (PIP) – Learn More About PIP
23. What is the myVidoop Plugin?
24. Vidoop and MySpace Bring OpenID to Flock
25. OpenID Board Election Results

Specifically, the PAPE Specification enables Relying Parties to request that OpenID Providers employ specified authentication policies when authenticating users and for OpenID Providers to inform the Relying Parties which policies were actually used.  With PAPE, for instance, a Relying Party can request that the OpenID Provider employ a phishing-resistant authentication method for authenticating the user, and know whether such a method was used or not.  The specification can also be used to request multi-factor authentication and to learn what NIST level (or other levels) the authentication conforms to.

At the time of this writing, the working group is aware of at least four implementations of the specification:  PHP, Ruby, and Python development versions from OpenID Enabled and a .NET version from the DotNetOpenID project.

The PAPE working group looks forward to seeing use of the specification help make OpenID interactions more secure in the real world!

– Mike Jones, for the PAPE Working Group

Elected to serve 2-year terms:

Elected to serve 1-year terms:

Not elected:

The seven elected community board members will take office on January 1st, 2009. The five corporate board members will remain in office.

I’d like to thank all those who ran for their commitment to serving the OpenID community. I look forward to working with many of you on advancing OpenID over the coming year, including, I’m sure, many of you who were not elected to the board in this election.

– Mike Jones, for the Elections Committee