Posts Tagged ‘usability’
Posted at 8:16 am on July 2, 2009 by Brian Kissel
Yesterday, Sears Holding Company (SHC) announced it has adopted OpenID technology, enabling website visitors to easily register and login at the MySears and MyKmart communities using existing accounts at Google, Facebook, MySpace, Twitter, Windows Live, and Yahoo!. This is exciting news for for online retailers and follows shortly after the OpenID Foundation hosted the first Retail Advisory Summit this past April in New York.
MySears and MyKmart community sites are online destinations that give consumers a variety of ways to share in-depth information about products, helping make their purchase decisions easier. Visitors to these websites have the opportunity to write product reviews, post comments on the reviews of others, participate in discussion boards and post ideas for the community to vote on. Customers also have access to special offers and coupons in return for their participation in the community.
Read what Sears and Viewpoints (a technology partner) had to say in their press releases:
“We’re constantly looking for ways to stay innovative in our online initiatives by identifying and implementing technologies that help our users navigate our communities with ease,” says Rob Harles, Sears’ vice president of community. “Our adoption of the OpenID technology helps simplify our customers’ online experience and ultimately helps us meet our goal of ensuring our customers have the most efficient shopping experience possible.”
“As the social web becomes a bigger part of our everyday interactions and the boundaries separating the myriad of social networks blur, portable online identities will become critically important,” commented Matt Moog, Founder and CEO of Viewpoints Networks, a SHC technology platform partner.
By building on top of OpenID and related technologies, Viewpoints allows its clients’ websites to offer a more intuitive and customized user experience that uses existing profile data a consumer brings to their site from various OpenID Providers. Viewpoints and Sears have taken advantage of much of the ongoing user experience and usability work that is one of the two main focuses of the OpenID Foundation this year. Viewpoint and JanRain continue to show that by implementing OpenID in an innovative manner, companies such as Sears will increase registration and login rates while also enabling instant engagement with the consumer.
Sears and Kmart’s adoption of OpenID demonstrates its fundamental business value; it makes things easier for web users. In this case, OpenID makes the online shopping experience richer and simpler for customers. While much has been made of the impact of the social web, the action taken today by Sears and Kmart shows how relevant OpenID is becoming to mainstream retailers. This adoption is another example of the groundswell of interest found across a wide spectrum of today’s online user experiences.
This announcement represents a major step forward in OpenID adoption by a top ten retailer outside of the technology industry. Deployments like these continue to build on the ongoing usability and user profile management work being championed and facilitated by the OpenID Foundation and its membership. Sears and Kmart have provided a great example of how OpenID can dramatically facilitate quicker, easier, and richer online engagement.
Tags: adoption, relying party, usability
Posted at 6:07 pm on May 14, 2009 by David Recordon
This morning, Google released an upgrade to their OpenID Provider to support the draft OpenID User Interface Extension along with JanRain who added support for it to their Relying Party service RPX. This means that Google users signing into sites like UserVoice (choose “Google” to see it in action) now have a much better user experience; one much closer to that of Facebook Connect. Google also allows users to choose to share their profile information with Relying Parties via OpenID Attribute Exchange and the Google Data APIs via OAuth.
The OpenID User Interface Extension is one of the main pieces of work that has come from the OpenID Design Summit hosted by Facebook earlier this year. The extension replaces the traditional OpenID sign in flow of being redirected from the Relying Party to the OpenID Provider with a popup window which shows the URL bar on top of the Relying Party itself.
The Google Code Blog writes about their implementation in more detail:
The new popup style UI, which implements the OpenID User Interface Extension Specification, is designed to streamline the federated login experience for users. Specifically, it’s designed to ensure that the context of the Relying Party website is always available and visible, even in the extreme case where a confused user closes the Google approval window. JanRain, a provider of OpenID solutions, is an early adopter of the new API, and already offers it as part of their RPX product. As demonstrated by UserVoice using JanRain’s RPX, the initial step on the sign-in page of the Relying Party website is identical to that of the “full page” version, and does not require any changes in the Relying Party UI.
Once the user approves the request, the popup page closes, and the user is signed in to the Relying Party website.
User experience continues to be one of our key priorities for the community and foundation this year, and progress like seeing Google and JanRain ship the first implementation of the OpenID popup flow is demonstrating that we’ve been able to seize the momentum coming into this year and make real progress in a short period of time.
We’re looking forward to discussing this and other initiatives at the Internet Identity Workshop this coming Monday.
Tags: google, interface, janrain, popup, usability, user experience
Posted at 8:19 pm on April 7, 2009 by Guest Author
About two weeks ago, MySpace released an update to MySpaceID taking advantage of OpenID combined with OAuth to provide a sign in and profile sharing with a user-experience at parity with Facebook Connect. Max Engel is MySpace’s Product Lead for their Open Platform and took the time to write this post, providing some more details about how MySpaceID works.
At MySpace, we recently released several critical new feature enhancements to MySpaceID, a product under the MySpace Open Platform. We delivered OpenID support, an OpenID/OAuth Hybrid experience, and support for syndicating “Friend Updates” via the emerging Activity Streams specification.
These new components to the MySpace Open Platform allow us to not only provide developers with new tools to create distributed applications that are built on top of our social platform, but also to deliver an identity solution that builds on top of the “Open Stack” to provide flexible an extensible options that embrace open standards.
OpenID aligned perfectly with MySpaceID as an authentication technology. As a social portal, we already embraced the notion of representing identity with a URL. An overwhelming number of our users have setup vanity URL’s (i.e. myspace.com/pixelelated) and so we knew that OpenID would align well with our users. In addition, we wanted to make sure that we were working with the flow of the web, and we strongly believe that collaborating on open standards is critical to this mission.
As we worked on our OpenID solution for MySpaceID, we knew that we had to rollout the technology in a way that emphasized a lightweight and simple interface design and user experience. OpenID has wrongly been maligned by a stigma that the technology can’t be easy to use. Our aim was to break that label and demonstrate with our MySpaceID product that OpenID and usability aren’t conflicting terms. Luckily, there was a community ready and willing to help. The progress made at two OpenID Usability Summits helped us refine our implementation and allowed us to leverage the collective knowledge of other OP’s. This is the strength of open standards: the ability to work together to forge ahead and work together to solve a problem.
When working on the MySpaceID design, we embraced a pop-up window for login to help make the user experience even easier, and to help the integrating relying party offer a clean hand-off. We support both directed identity as well as standard URL-based discovery, and ultimately feel that by offering modular options to developers we are creating the most value for our users. In addition, by rolling out the OAuth Hybrid extension with this, we can allow our users to provision web service access to their MySpace profile, friends, content, and activities in the same step.
Beyond our new enhancements around single-sign on with OpenID, and the rollout of the Hybrid protocol, we are supporting the new Activity Streams specification. A core part of the DNA of MySpaceID is empowering the user to take their data with them. By offering API’s for sharing activities, we’re enabling our users to take their own activities and share them through aggregation and lifestreaming services. In addition, developers can provide a user with a window into their life on MySpace by incorporating the API in Dashboard-style widgets, such as our implementation with the new Yahoo! homepage. With activity sharing, we wanted to go beyond just offering the functionality and ensure that we were working with the community to implement something that could be standardized. We embraced this philosophy when collaborating on the Portable Contacts spec and worked to align it with OpenSocial, and so we were quite comfortable with this model of development.
I hope that we have shown that our choice for the technological piping which powers MySpaceID (OpenID, OAuth, Portable Contacts, OpenSocial, and Activity Streams) didn’t negatively impact the experience we could provide. In fact, it was quite the opposite. Our choice to embrace these open standards has given us a more powerful and flexible platform. We’re excited to prove that a MySpace user can visit any site that has integrated MySpaceID and go from a button click to bringing their identity with them, all while doing it in a way that has a clean user experience and puts the user in control of their privacy, security, and data. As an OpenID community, we’ve all worked to make tremendous progress over the past year, and I think we’re only beginning to realize the real potential to empower users through open standards for the social web.
Tags: usability, user experience
Posted at 11:30 pm on February 5, 2009 by David Recordon
Today we’re excited to join Facebook’s Mike Schroepfer in announcing that they have joined the OpenID Foundation’s board as a sustaining corporate member.
Luke Shepard, a key member of Facebook’s Platform and Connect teams and a huge internal advocate for OpenID, has been selected as their representative and joins the current board of seven community elected board members and six sustaining corporate members: Google, IBM, Microsoft, PayPal (joined last week), VeriSign and Yahoo!. Additionally, to maintain the ratio of community and corporate board members, Joseph Smarr will be joining the board as our eighth community member.
As the OpenID community entered 2009 two key topics have become the focal points on the road to mainstream adoption: user experience and security.
Given the popularity and positive user experience of Facebook Connect, we look forward to Facebook working within the community to improve OpenID’s usability and reach. As a first step, Facebook will be hosting a design summit next week at their campus in Palo Alto which follows a similar summit on user experience hosted at Yahoo! last year. The summit will convene some of the top designers from Facebook, the DiSo Project, Google, JanRain, MySpace, Six Apart and Yahoo!, focusing on how existing OpenID implementations could support an experience similar to Facebook Connect.
Facebook’s financial contribution along with its membership on the board signals the company’s enthusiasm to work more closely with the OpenID community, building up momentum towards their adoption of OpenID as a standard. Facebook furthering its commitment to openness couldn’t have come at a better time to make 2009 an amazing year for OpenID and the wider social web.
For press contacts, please call OpenID Foundation board members David Recordon at 503.341.3009 or Chris Messina at 412.225.1051.
Tags: facebook, Foundation, usability, user experience
Posted at 9:14 pm on November 25, 2008 by David Recordon
Last month at the first Content Provider Advisory Committee meeting in New York, several media companies and affinity groups identified two desired areas for improvement around OpenID: the user experience as it reaches mainstream adoption and the increased ability to exchange profile information given user consent. Since then, the OpenID Foundation, its members and the wider community have been working hard to understand what it will take to make OpenID more usable by mainstream users and why the larger OpenID Providers have not been quick to support OpenID Attribute Exchange.
As a quick aside, AOL has just launched My MapQuest which sports a great new OpenID login experience. It’s worth noting that in the process of signing up for a MapQuest account using OpenID, you’re also creating what seems to be an account at AOL too. Additionally, AOL requests profile information from your OpenID Provider meaning that in some cases you’re able to sign up for a new account without having to type your email address, name, nickname, etc. AOL is the first large internet company to support OpenID sign in on a non-blogging product and while they don’t yet let you use your OpenID to sign in on AOL.com, it’s seems clear that is the direction they’re headed.
From the user experience front, Yahoo! hosted the first OpenID User Experience Summit where nearly forty people came together sharing what they’ve learned around usability, user experience, and various interface designs for OpenID and OAuth. In the following weeks, more work has been underway focused on implementations that improve the intuitiveness of OpenID registration and login. At the Internet Identity Workshop in Mountain View the week before last, sessions were held around many different aspects of OpenID; technical, business and user experience, among others.
The general approach to improving user experience over the past year has been the idea of graphically representing various larger OpenID Providers. The main critique is that it will only scale to a fixed number of providers since not every logo can be displayed. That said, it represents the approach taken on an increasing number of OpenID enabled sites, by Facebook Connect, and is being productized by companies such as JanRain with their RPX interface.
As Google continues their usability research around federated login, they’ve built a login widget which allows the user to enter their email address and say that they don’t have a password but need help logging in. This then allows the site to see if they recognize the email address within their own login database or if it belongs to a domain such as @gmail.com or @yahoo.com which also acts as an OpenID Provider. The ability to use an email addresses within OpenID is currently a highly discussed topic that is leading to the formation of a new technical working group to better understand the motivations and challenges, while also proposing a technology solution.
On the data side, Yahoo! has just announced a controlled beta of support for the Simple Registration extension (SREG) which provides full name, nickname, email address, gender, language, and timezone if the user chooses to share it. AOL has also just announced preview support for SREG profile information transfer of email, nickname, country, date of birth, gender, and postal code if the user chooses to share it. Additionally, Google’s OpenID Provider supports the transfer of a validated gmail.com email address via Attribute Exchange if the user chooses to share it. This trend of being able to more easily and securely exchange profile information via OpenID is one that we expect to increase through 2009.
Tags: adoption, attribute exchange, simple registration, usability, user experience
Posted at 10:20 am on October 21, 2008 by David Recordon
As OpenID continues to gain momentum, over the past few weeks both Google and Yahoo! have released the results of usability studies they’ve done around OpenID and digital identity systems in general. Google released their Usability Research on Federated Login looking at how to create user experiences that mainstream users can understand when using one account to login to other websites while Yahoo!’s OpenID Reasearch focused much more on how their own users are able (or not yet able) to understand what OpenID is and how they can use it. While at first glance this might seem troubling, instead it is actually one of the steps in the natural evolution of seeing a technology start to go from intriguing the early adopters to working on crossing the chasm to mainstream usage.
Yesterday at Yahoo!’s campus in California, nearly forty people from the OpenID community came together for a day to discuss the usability and user experience of OpenID and OAuth. Presentations were shared by Facebook about their experience developing Connect, MySpace explained how they’re combining OpenID and OAuth, Yahoo! around how they’re evolving their own OpenID Provider in response to their research, Magnolia shared how they’ve been using OpenID to help reduce spam, Google with their study on federated login user interfaces, and Plaxo wrapping up the day with how they’re looking at OpenID as a piece of a larger “open stack” for the Web. Lots of interesting presentations, analysis, and ways to move forward to help improve the usability of OpenID and OAuth came out of the day.
John McCrea has the play by play if you’re wanting to read more about what happened during the day, but I’m excited to see the sheer number of people and companies from various backgrounds (even those who compete with one another) collectively working to help improve OpenID and build a better Web.
Tags: adoption, design, research, usability, user experience
Posted at 5:00 am on August 10, 2008 by Scott Kveton
Its been an busy week in the world of OpenID. On Friday Ben Laurie announced a security vulnerability around OpenID that relates to existing problems with DNS and certain SSL certificates. Discussions on the OpenID General mailing list have been fruitful and the major OpenID providers out there today have disclosed that they are either not vulnerable or patching quickly. It should also be noted that none of the providers listed at openid.net/get were ever vulnerable to this attack.
One of the greatest parts of the OpenID community is that the people developing this technology react so quickly to problems that inevitably arise. There is no such thing as 100% secure with anything on the Internet but we can (and have) put measures into place to react quickly as a community when issues like this occur.
OpenID has two challenges it faces to increase adoption and use; security and usability. This afternoon, Randall Stross of the New York Times published his “Digital Domain” column criticizing OpenID on both of these points. Its great to see people looking at security with regards to OpenID and asking the hard questions and it also highlights a few common misconceptions:
- Authentication is out of scope for OpenID: Because there is no silver bullet for security, the way you authenticate your OpenID is actually out-of-scope of the protocol. As such, you can use whatever level of security you want to protect your OpenID. We have seen vendors offer unique solutions like Verisign’s VIP, JanRain’s CallVerifID and Vidoop’s ImageShield created to provide alternatives to passwords for authenticating users’ OpenID’s. OpenID allows companies both large and small to experiment with ways to authenticate their users without requiring buy-in from sites across the Internet.
- Information Cards solve a different problem than OpenID’s: In his article, Randall mentions how Information Cards are more superior in terms of authentication compared to OpenID. In actuality, you can use an Information Card to secure your OpenID if you want and there has been a lot of work on this within the OpenID community. VeriSign’s OpenID provider even supports Information Cards in addition to token based authentication. Information Cards provide the means to securely authenticate you assuming you have the technology installed on your machine. In addition, Information Cards lack the ability to take advantage of one of OpenID’s main strengths, the destination or URL that a user has proved they own. The potential for this end-point for services is limitless and may serve as one of the key components driving OpenID use; the ability to move data from somewhere on the Internet that you have proved you own.
- Nobody is really adopting OpenID: I’m always surprised to hear people say that just because the big players are only OpenID providers (and not consumers) that we’re failing here. I always try to remind people that this technology is only three years old and we’ve made tremendous strides since its inception. Not only that, the latest graphs continue to show hyperbolic growth. These things take time and again, security and usability will be key drivers to OpenID adoption moving forward.
I’m excited to see a lot of interesting efforts from the community to help with usability. Tom from Barnraiser.org has been doing a series of articles that describe some of these usability issues. We’ve seen community efforts such as Email Address to URL Translation, which allows users to enter their email addresses instead of URL’s and Identity in the Browser (IDIB) which is hoping to bake OpenID functionality (and increased security) into all of the modern browsers.
On the security front, we’re seeing traction in the development of the OpenID Provider Authentication Policy Extension (PAPE) which will help sites be able to determine which providers they will trust based on the means of authentication the user has used to get access. Both Sxip and JanRain have implemented early prototypes of PAPE on their OpenID providers.
We’ve got a long way to go here with OpenID and getting it to a point where it can stand in the face of criticism but I’m confident of this community that has come together through the first three years to get where we are today. I still firmly believe the best is yet to come.
Tags: openid, security, usability