I’ve been writing about the need for a trusted Single Sign On system across the web for some time now and I think I’ve seen it start to emerge.
My concept of the Single Sign On solution is similar to Facebook Connect, but from a trusted, strong, long term brand. Facebook still needs to prove its credibility in the trust arena. I only use Facebook Connect for some personal sites where I want to reduce, or even avoid, the time it takes to register.
Would I use Facebook Connect for tax returns, or my road tax, or my company’s payroll system? Nope.
I do a fair amount of travel and seem to need my passport number (and sometimes other passport details) from time to time. I once scanned my passport and I keep it as a digital image on some secure digital storage where I know I can access it everywhere (interestingly the UK Government also recommends to “store it online using a secure data storage site“). The same goes for my National Insurance card, photos of my bikes’ frame numbers and stuff like that. When I speak to other people about this, they have similar solutions, and I know some people who keep these solely as photos on their phone. We all have different levels of security that we’re comfortable with, but I really wouldn’t advise the phone method.
Last week I heard about a new service from Barclays Bank called Cloud It. Cloud It enables, well actually it encourages, users to upload important documents. It then adds additional functionality such as alerts for expiring documents, or regular renewals (e.g. MOT certificates and insurance).
I have no proof whether Barclays Cloud It is any more or less secure than say, BT, Google, Microsoft or Dropbox, but the fact that a bank is storing your document ‘feels’ more secure.
The next step of Cloud It really should be Single Sign On. I would trust my bank to authenticate me into other services.
Trust a bank?
I spoke about this concept of a bank offering Single Sign On at a conference earlier this year. Over lunch afterwards I was asked whether people really trust banks after the recession, and the bad press that bankers often receive. One person on the table categorically stated that he wouldn’t trust his bank.
My answer to this is simple: people still keep their money, one of our most valuable day to day assets, in banks once they’ve been paid and they still go to banks to borrow money for their houses and cars. Conversely, if people didn’t trust banks, we’d be hearing a lot more about mass withdrawals after being paid. But people don’t withdraw their money based on lack of trust (except Cyprus), and this proves that people do trust them, and in the future we’ll be trusting them to log in to all sorts of systems across the Internet.