W3C home > Mailing lists > Public > public-webpayments@w3.org > September 2013

Re: Web Payments and Identity

From: Erik Anderson <eanders@pobox.com>
Date: Tue, 24 Sep 2013 07:45:36 -0400
Message-Id: <03DEA2A9-9BE6-431F-95A5-B00E0AB94BBA@pobox.com>
To: "public-webpayments@w3.org" <public-webpayments@w3.org>

On Sep 24, 2013, at 6:11 AM, Anders Rundgren <anders.rundgren.net@gmail.com> wrote:

> I can't verify that banks "desperately need" on-line atteststions from third-parties regarding their customers and particularly not from third-parties authenticating their customers with passwords.
> 
> Microsoft tried exactly this trick with Information Cards and it didn't work.  Before we have strong authentication banks won't care.
> 
> anders via phone
> 
+10 Anders

I expect, in the near future, Apple, Google or Symantec to come up with a 1 time password authentication with biometrics included. Hint hint iPhone5S authentication app.

Only a strong biometric authentication mechanism that's everyone willingly carries in their pocked will succeed. Without biometrics and in everyone's pockets there is NO possibility of a universal authentication mechanism because either end users or large corps will refuse to adopt it.

However, possibly a series of "OpenTrust" system might work. Like Ripple's trusted gateways with access control lists.

But unfortunately if someone like Google or Apple isn't behind an OpenTrust system it won't get off the ground.

Much as I hate vendor lockin but Apple + Symantec paired have the best chance for success right now.

Personally I use Yubikey + OpenID but I don't see the general public ever using this mechanism as its too many steps to setup and use.

Erik

Sent from my iPhone
Received on Tuesday, 24 September 2013 11:52:03 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:07:24 UTC