Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Identity and Authentication Services

Google's Smart OpenID Move

Created: 03 Nov 2008 • Updated: 08 Aug 2012
nicolas_popp's picture
0 0 Votes
Login to vote

There has been a lot of buzz around Google's OpenID announcement last week. First, because Google awkwardly decided to change the service end point discovery part of the protocol. The good news is that Google fixed their faux-pas fairly quickly. In fact, they had no reason not too follow the spec and alienate the OpenID community.

More significant and more interesting however, was Google OpenID departure from requiring users to use URL as OpenID identifiers. Instead Google wants to let users use their GMail address as an OpenID identifier. Using GMail addresses as OpenID is not only a justifiable way to improve the OpenID user experience; it is also a very smart move by Google in their quest to become the dominant Internet identity provider (IDP).

As a consumer, there is no doubt that using an email address is the obvious identifier. Email is to consumers what domain names and URL are to businesses: a natural identifier. After all, email is already my Amazon, Apple and many other sites login. It is the intuitive OpenID that any consumer will expect to type in any relying party login box. In the long run, not having to teach millions of consumers that they should type a URL instead of an email address will prove a huge win for OpenID. Too bad it took though it took the weight of one to move an entire community forward.

But the consumer is not the only winner here. I think Google will prove to be the other beneficiary. By making email addresses, the de-facto OpenID identifier, guess who is now more likely to become the identity provider of choice for millions of consumers? I would venture that those IDPs who are already providing millions of Web mailboxes to consumers, have just gained a position of strength. Coincidentally, Google, Yahoo! and Microsoft have quite a few of those under management! Of course, Yahoo! and MSN are well tame rivals as far as Google is concerned. No, to appreciate this chess move, we ought to look at the other guardians of our Web identity: the social networks.

So, by changing the OpenID user interface, Google is now in a position of strength vis-à-vis OpenID, forcing FaceBook further into a dead-end proprietary identity APIs strategy. The beauty is that Google did not even have to force a button or any branding on relying party web sites. The choice of identifier alone will make it easier for consumers to choose Google over FaceBook. I would now expect to see Google drive OpenID integration across all APIs related to social networks and mobile (we already know that OAuth/OpenID integration is next) at full speed.

So, for sure, with Google and email, OpenID has gained a lot this week. At the same time, the idea of a federated Web identity network dominated by the three large Web mail providers is becoming more real. Nevertheless, consumers should rejoice. This week was a big step towards less name and passwords, and in the end, more convenience is certainly no evil.