Digital identity and the real world

William Gibson has a lot to answer for. His vision of the Internet as cyberspace, portrayed in the 1984 science fiction novel Neuromancer, conjured up the illusion of a separate, parallel universe with its own imaginary dimensions, and populated by our electronic alter egos. This metaphor has shaped the way that we think about the Internet, and it has been grossly misleading.

The Internet is not a destination. Cyberspace does not exist. The Internet is no more and no less than a delivery mechanism — a communications network that connects nodes in physical space. When someone logs in to a web site, they are not transported to some fanciful, otherworld location. The content and services are delivered to them wherever they happen to be in the real world.

Why, then, do individuals need a "digital" identity? They already have a physical identity in the real world. That physical identity is the one that owns their bank accounts, that goes to work at their employer, that shops at Amazon.com, and to which the government issued their passport. Each of these organizations already maintains a digital profile of information relating to that physical individual. Some of those profiles contain facts the individual does not even know about themselves, such as data from the likes of credit reference agency Experian.

Creating a unified digital identity will do nothing to help that individual gain more control over those separate digital profiles. Quite the reverse, in fact, because it is the lack of an effective digital identity that forces each organization to ask for the individual's physical participation in transactions. Take away that physical component, and what control will the individual be left with? The only parties who will benefit from supplementing an individual's physical identity with a cyberspace-dwelling digital doppelganger are those who, whether for legitimate or illegitimate ends, seek to exploit it — a long list whose most notable members include profit-hungry businesses, malicious hackers and overzealous government agencies.

It was encouraging in reviewing the commentary that came out of last week's Digital ID World conference to find that, in place of the chimera of digital identity, the concept of digital profile also got a hearing there. Jon Udell, for instance, neatly summarizes the views of Jamie Lewis, CEO of the Burton Group: "An identity at its core can be anything, a random number even. Building a context around it — managing the attributes, not the identity — is the strategic business issue."

Individuals do not need digital identities. They simply need to be able to control and manage their various digital profiles, assigning the appropriate attributes to each according to their context.

Identity only comes into play at the point when it is necessary to authenticate a digital profile to the individual who owns it (or, as I put it in a posting last week, to the owner of its digital title). In that respect, perhaps the most intriguing of last week's announcements came not at the Digital ID event in Denver, Colorado, but at RSA's user conference in Paris, France. The security software vendor revealed a technology partnership with UK-based integrator (and one-time ASP) iRevolution, in which it uses text messaging to a user's mobile phone to authenticate a Passport login. When the user attempts a login, the RSA Mobile system sends a one-time access code to a pre-registered mobile phone number. The user has to answer the call and transfer the code to the login dialog to complete the authentication.

It is iRevolution's several years' experience of working with RSA technology to authenticate remote user logins in its role as an ASP that led it to come up with this innovative yet elegant solution to a common problem — how to provide authentication that is more secure than conventional ID and password pairs, without the cost and inconvenience of function-specific security token devices. The solution's main merits are that it is rooted firmly in the real world — implemented as an add-on to a device that is an entirely routine aspect of an individual's physical presence. It may not be as cool as having a digital doppelganger in cyberspace, but to my mind it sounds a lot more like the way things actually work in the real world.
posted by Phil Wainewright 12:29 PM (GMT) | comments | link

Corporate Oxygen becomes Confluent

Stealth mode startup Corporate Oxygen is to unveil itself later this month under the new name of Confluent. Interest in the company's plans has been sparked by its co-founders' background as former members of Hewlett-Packard's ill-fated E-Speak project, an early web services experiment. CEO Rajiv Gupta has been reflecting on the E-Speak experience in a ZDNet interview this week, noting lessons that he believes many in the web services sector still need to learn:

"We focused on changing the world, but focused less on helping the world see the value ... [With web services,] many players are not paying as much attention to the business context and singing the praises of the technology. That has to change ... We should be selling Web services within the context of what the customer needs."

Since we said much the same thing on Loosely Coupled the other week, we think we're going to enjoy watching Confluent's progress.

Corporate Oxygen received $2m seed feeding from Apax Partners late last year, which was subsequently topped up to $6m in July.

posted by Phil Wainewright 2:30 AM (GMT) | comments | link

Giving subscription a bad name

Effective price-setting is going to be a vital skill for vendors who aim to deliver services via the Internet, especially when pricing subscriptions. It's difficult enough to price a one-off product, but putting a price on a service relationship is infinitely more complex. No wonder then that so many vendors do it so badly.

Last month, Microsoft quietly closed down its pilot scheme to sell Office by annual subscription to consumers in Australia, New Zealand and France. Writing in the Sydney Morning Herald, industry analyst Graeme Philipson notes that, "According to Microsoft, it is our fault. We couldn't understand it." Some 10,000 Australians had handed over a A$400 annual subscription to join the pilot, but a substantial number failed to follow up with further payments when the next year's subscription fell due. Microsoft says this is because "the subscription model was not well understood by customers participating in the pilot." Maybe an alternative explanation is that Australian buyers understood it all too well, and saw it as a perfect opportunity to pull a fast one on Microsoft, reckoning that an outlay of A$400 to get their hands on a copy of Office XP is a much fairer sum than the full A$1288 retail price. It turns out the ploy worked better than anyone expected, as all participants in the pilot will now get a free upgrade to the full version.

Meanwhile, Microsoft's failure to understand the most elementary principle of subscription pricing has left it with egg on its face. The idea that subscriptions can be used as a device to lock customers into perpetuating an existing revenue stream is one that stands the model on its head. Unfortunately, vendors persist in making this mistake, but that doesn't make it any less crass. The one thing you can't do is take your existing retail price, divide it by your preferred product lifecycle, and make the resulting number your annual subscription price. Not unless, as Amy Wohl notes in comments on the Australian episode, you offer "substantial incremental value in new software, new access to additional function and support, or other customer seductions."

What Microsoft didn't understand was that a subscription relationship is a two-way commitment. Customers give up their freedom when they enter into a subscription arrangement, and they expect to see the vendor give something back in return. If the only party benefitting from the relationship is the vendor, then who can blame them for looking for a way to get even? A one-off payment of $1288 is one thing, but to ask for A$400 a year for as long as I need to use your software is worth a lot more to you than it is to me ... so thanks, mate, but no thanks.

PS: If you can rely on an industry with the bare-faced brass to get this even more wrong than the software industry, look no further than financial services. Yesterday, my wife received a letter from her bank, offering "a new Gold Service feature that will put your account and all its benefits right at your fingertips." For a special trial price of just £2.75, Lloyds TSB (one of Britain's four biggest retail banks) will send my wife a 2003 week-at-a-glance diary that "lists all of your Gold Service benefits and phone numbers," most of which of course consist of the ability to buy additional services from the bank. If she accepts, she'll automatically get a diary every following year, and each time the bank will debit her account by the rather more substantial sum of £18.75. At least they have enough sense to offer a discount price for the first year, but it's a bit precious to call this overpriced, self-serving offering a "Gold Service feature". The trouble is that the prevalence of "offers" like these give subscription deals a bad name, so customers need a lot of persuading of the value and trustworthiness of a subscription service.
posted by Phil Wainewright 4:53 AM (GMT) | comments | link

XDocs is to Microsoft as OS/2 was to IBM

I'm still marveling at XDocs. "This is being billed as a forms-creation tool, but a more accurate description would be to call it an application development tool for information workers," I wrote in my ASPnews column today. Here's how Jean Paoli, the XML architect behind XDocs at Microsoft, describes it in a Q&A on the company's website: "This is a tool that in the XML community we have been trying to build for a long time to put the creation of XML content in the hands of the masses."

But even though XDocs will do a great job of keeping the traditional Office user community loyal to the vendor, I'm not so sure that's where the real battleground lies for Microsoft in the years ahead. Sure, XDocs is a fabulous concept, but it's not going to be that difficult to emulate it on low-cost open source platforms like PHP. If I want to stay tied to Microsoft, I'll get a lot of utility out of XDocs, but if I really want to take control of my destiny, then maybe I'll be better off making a few compromises and going to the lower cost, more open platform of shared hosting, as I describe in my column. Could XDocs be to Microsoft as OS/2 was to IBM? Like I said before, it seems unthinkable ...
posted by Phil Wainewright 4:03 PM (GMT) | comments | link