Could OpenID Revolutionize Online Shopping?

A couple of weeks ago Thomas Huhn and I discussed OpenID with regards to online merchants. We noticed that hardly any merchants have adopted the OpenID technology yet. Actually I don’t know of any at all. However we noticed that many online retailers in Germany don’t require customers to register for a permanent account if they don’t intend to return to the site later. Creating an account is just a matter of convenience.

From my own experience I am hesistant to create accounts at every online merchant. If I have the option to purchase products without the account creation step, I typically go for it. I would rather type in the required information again in the future. There is no specific reason why I don’t want to create accounts all over the place -- maybe I just want to keep the number of accounts I have low.

What about OpenID?

Online merchants should implement OpenID. I could then provide my details like my address, phone, etc. only to my OpenID provider. There are a number of extensions to the OpenID protocol which support this type of account: Simple Registration and Attribute Exchange (also see Dennis Blöte’s excellent article on the topic). Both extensions allow transfer of profile data from an OpenID provider to a relying party, e.g. a merchant. The first time I confirm my OpenID to a merchant, the merchant will ask for ask to retrieve the data. If I accept, all future authentication requests will be made automatically.

So what happens if my address changes? Before OpenID, I have to change my address in every merchant's database. I think that’s unnecessary. Merchants don’t even have to store that data thanks to Simple Registration and Attribute Exchange. Assuming my address changes I will update it at my OpenID provider. When returning to a merchant it simply asks my provider for the necessary details again and the updated information is provided to the merchant. It’s really that simple: the merchant will always have updated data but doesn’t have to store it and doesn’t even have to ask me for it. When the products are delivered and paid, it can delete my data.

Recommendations

Can online shopping be even more convenient? Yes, and here APML immediately comes to mind. It collects users’ attention data and their interests, e.g. their favorite music or movies. Just think of Amazon’s recommendation system. The data is stored in a file which can be shared and parsed by any services that support the APML standard.

The APML file can be stored anywhere. Why not at my OpenID provider? A merchant could ask for that file and, upon request, it gets transferred. Once the file is transferred, I would get recommendations based on my attention profile even if it’s the first time I visit the shop. For example, A music merchant could access my APML file which contains all the music I have listened to on Last.fm. And that’s the difference with Amazon which can only recommend products to me if I have already purchased products on Amazon.com or have surfed the site in detail. A shop supporting APML can provide the same thing immediately.

After I make a purchase at a merchant who accepts APML, it would be great if they would update my APML file and then send the updated file back to my OpenID provider. I have no idea how to make this work, just seems to make sense. Maybe OAuth is a solution or even Attribute Exchange as it is capable of storing data at the OpenID provider.

Conclusion

I think OpenID could really help make online shopping more user-friendly. There are benefits for both customers and shops. Customers don’t have to deal with registration processes anymore and get better recommendations for products they might be interested in. Shops will always have more accurate customer data and with APML support they could even boost sales because customers are only shown relevant products. Merchants can also save money on data management.

This article was authored by Carsten Pötter. Carsten blogs about OpenID and related topics from an end-user perspective at notsorelevant.com.