Identity as a Service

, Oct 27, 2005

Phil Wainewright believes Identity as a service would be a killer app:

Not as a service offered in its own right to individuals, but as a service to websites and providers that have no workable identity management infrastructure of their own to offer their users. Restricting access on a named-user basis to individual URLs — RSS feeds, screencasts, PDF files or web service URIs — is the key that would enable such sites to realize value from those assets. At present it’s not a viable option because of the cost and/or hassle of maintaining their own secure identity management system. But if the site owner could sign up to a third-party identity service, and have an embedded sign-up process that meant the service provider would take care of allocating rights to the user profile and then authorizing access to the relevant URLs — perhaps with options to measure or limit usage over a certain period — it opens up a whole new world of possibilities. Make it cheap enough — no more than a dollar a month per ID — and at a stroke the fabled thousand flowers would bloom as businesses found new ways to monetize information flows and online services by restricting them to named users, whether they be employees, customers or even other websites and service aggregators.

While I don’t believe in exactly this business model, I’m pretty sure the next wave of successful infrastructure vendors will be selling platform services instead of middleware products — with Google being the next Microsoft.