European Dealers

identity specialist Ping Identity claims its Cloud Identity Connectors

Internet users can re-use cloud-based and social network identities for logging onto other websites and cloud services. Federated identity specialist Ping Identity claims its Cloud Identity Connectors will make it easier for service operators to log in new users by using an existing ID from any of half a dozen services. “Research shows that at least 75 percent of the time people walk away” when presented with a registration page asking them to set up yet another online ID, said Ping’s marketing VP Roger Oberg.

The cloud connectors install as an add-on to Ping’s PingFederate single-sign on (SSO) tools. They create the web code needed to offer the option to log in via a cloud or social networking ID – for example Facebook, LinkedIn, Twitter or Windows Live – and then connect to the chosen service for an access token which authenticates and authorises the user.

In a federated identity scheme such as this, the identity provider merely confirms that the user is who they claim to be, along with any permissions or authorisations that that implies. No passwords are exchanged or revealed.

There are several mechanisms involved in doing this, including OAuth, OpenID and SAML, Oberg said, adding that while a website could simply offer Google or Facebook-based login, say, “abstracting it to a layer removes the problem of management”.

He argued that making it possible to connect with a single click – whether using a social networking ID in a consumer context, or perhaps a Microsoft, Salesforce.com or Google Apps identity in a business context – would increase “stickiness”, security and ease of use. If a user needed to go further than their current authentication permitted – from simply checking interest rates to opening an account, say – they could then be asked for additional “step-up” authentication.

“Each identity gives a different degree of information,” he said, adding that “Authentication is not a binary event.”