- We need a Single Sign On across the web, from a truly trusted brand
- Sellers need to know who customers are, just as much as we need to identify real retailers
- Web sites that build a reputation score will need to transfer their data
To give you an idea of how ridiculous passwords have become, let’s look at my bank. My bank is one of the most technically advanced banks, and has created some great innovations.
I use their website banking, which uses a log in process that has been designed to deter users from using the service. It takes two screens, a physical device to generate a random number, and various other forms of identity.
And then take their mobile app. With a simple 5 digit numerical passcode, I can do almost anything I can do via the website equivalent. Either the security department went on holiday when the mobile app was released, or they came to their senses to make it easier for customers to access their account. I hope it was the latter but it was probably the former.
Passwords are one of the biggest nuisances of the Internet. Another nuisance is multiple accounts. The number of accounts we have, and continue to keep creating, has got out of control. Not only is it out of control, but we then have security experts telling us not to use the same password on multiple sites. And personally I won’t use a password manager because I fear they are all run by some spotty (but clever) teenager from his bedroom, and one day he’ll have access to lots of people’s accounts and go on a spending spree at Amazon.
If I see a website offering to use my Facebook or Twitter credentials to register or login to a website, I’ll always take the offer. It’s so much easier.
The problem with websites offering Facebook or LinkedIn or Twitter is that the social network gets to keep the customer data, not the website we’re registering with. And also, whilst I’m happy to use a social network to log me on to various websites, I’m not sure I would use Facebook connect for my healthcare or pension site.
We need a Single Sign On system across the internet from a trusted party. It needs to be trusted by both users and website owners – from my bank to the Inland Revenue (whose authentication system is extremely rigid).
Once we have the Single Sign On system, it needs to keep a track of our various reputation scores. I have an eBay account with 100% positive feedback amassed over a few years and over 500 ratings, both buying and selling. So when I join a site such as TripAdvisor, or AirBandB, that eBay should count for something.
As the Internet continues to become more complex, retailers need to know their customers are who they say they are, and can be trusted. We’ve been using SSL security certificates on the Internet for a long time now, and as a means of ensuring we are buying from a company who is who they say they are. It’s now time for the other way round – for customers to prove who they are.
This type of system is called VRM (Vendor Relationship Management). It’s all about making the Internet a level playing ground, establishing trust that we take for granted in the real world, and migrate it to the virtual one. All with the aim of being treated as a real human being rather than an IP address and cookie jar.