Business October 26, 2023

OpenID Connect: In a Nutshell

profile picture Elly Heath 4 min read
A lady using a log-in page on a laptop

There is a lot of information available about OpenID Connect (OIDC). A quick search online and it’s easy to get lost in technical jargon and still be left clueless as to what it actually is and if it could be useful for your business. 

In this blog, we cut through the noise and break it down for you.

How did OpenID Connect come to be?

Less than a decade ago, businesses in the online retail, search and social media spaces required you to set up an account and your details were stored. 

This created two problems: you had to sign up on every website (and remember those credentials for the future), and in the online retail world, customers would often fill their baskets but not checkout due to the effort of having to create an account. Not to mention the administrative and security risks for businesses of storing customer information.

Enter OpenID Connect.

What is OpenID Connect?

Launched in 2014 by the OpenID Foundation, OIDC lets you use single sign-on (SSO) to access multiple sites using OpenID Providers. For example, logging in to Spotify using your Facebook account credentials. 

OIDC is the third generation of OpenID technology and is now the leading online interface to achieve multiple domain SSO and prove your identity. 

OIDC is web and mobile-friendly, as well as API friendly. If you’re interested in learning about the technical details, you can find more information about how it works here

Some of the biggest brands are providers of OIDC, including Google, Apple, Microsoft, Facebook, X and Spotify. Any company who needs to capture customer credentials online and is keen to reduce barriers for users, should consider if OIDC is right for their business.

Let’s take a closer look at the benefits to both users and businesses. 

Benefits of OpenID Connect

The main benefit for users is reduced time and effort in having to set up multiple accounts (and remember all those passwords!). You can visit the same website many times or navigate seamlessly across numerous websites without needing to sign in every time – particularly benefiting retail businesses with reduced barriers at the point of sale. 

There may also be a feeling of trust for some users when interacting with a business for the first time if they can use their pre-existing credentials. This benefits businesses as they can rely on the trust users have in third party well-established brands in the space. 

There are some drawbacks to OIDC to be aware of too.

Possible cons of OpenID Connect

To be effective, businesses are relying on users being willing to use OIDC in the first place. Users are increasingly aware of their online footprint and so may be wary of logging in with their social media credentials for example, thinking that they are sharing their entire profile. People are more cautious than ever before about businesses gaining access to their personal information and exploiting it.

The authorisation of OIDC could also come into question in some circumstances. For instance, when you log in with Google: 

  1. If you’re already logged in to Google in the same browser that you’re asked to “log in with Google” (on another website), you won’t be asked to enter your password again 
  2. If you aren’t already logged in to Google, the other website will you ask for your password to prove its you

 

With option 1, anyone with access to your laptop or mobile would be able to browse online via your credentials, without being asked for a password. 

 

And there you have it – OpenID Connect in a nutshell. If you have any other questions about OIDC, please get in touch.

Keep reading

Articles April 11, 2024

Yoti assessed in the NIST Face Analysis Technology Evaluation program

An increasing amount of legislation is being introduced globally demanding that organisations effectively check the age of their users. It’s important that these age checks are inclusive; people should have a choice in how they prove their age. Regulators are recognising that not everyone will feel comfortable or be able to use a method based on identity documents. Facial age estimation gives people a way to prove their age without sharing their name, date of birth and other personal information from identity documents. It can improve online safety and help companies to comply with legislation, without having to process or

#business
Rachael Trotman Rachael Trotman
3 min read
Articles March 28, 2024

Yoti Identity Fraud Report

We’re pleased to publish the first edition of our identity fraud report, which explores the fraud trends we’ve seen over the past 24 months. We delve into the tactics fraudsters are using and how these are evolving. We also explain why using technology and a team of verification experts together provides the best defence against fraud.   Key takeaways from the report: It’s challenging to understand the exact figures and the true scale of fraud; businesses can only report on the fraud they know about Fraud is evolving; fraudsters are exploiting different tactics including deepfakes and tampered with documents The

#business
Rachael Trotman Rachael Trotman
2 min read
Articles March 8, 2024

Yoti MyFace Match development and improvement

Yoti MyFace Match is what’s known as a 1:1 and 1:N face matching solution. The technology compares a single image with another image or set of images in real time to determine if it is the same person. Yoti licences this facial recognition technology to businesses wanting to be sure that, for example, the right person is accessing their online accounts. MyFace Match is also useful to businesses because they invite users to opt-in  to be ‘verified’ and then be required to provide consent whenever their image or content is published. In the case of live streaming, businesses can monitor

#authentication#business
Matt Prendergast Matt Prendergast
4 min read