Despite the claims of others elsewhere on the internet, myVidoop will continue to run for the forseeable future. Those of us who are still at Vidoop are committing to give you at least 30 days’ warning in the event that shutting down myVidoop becomes necessary.
The reality of the current economic climate and its impact on our target market (Financial Services) has unfortunately required a reduction in staff. Saying goodbye to loyal members of the Vidoop family has been one of the toughest decisions for myself and our management team, particularly following the announcement we made last November. The impact of the economic downturn has drastically lengthened the sales cycle for new technology, so we are proactively reshaping our cost and channel structure to ensure we can continue to deliver services to clients and ride out this more hostile environment.
We remain dedicated to delivering VidoopSecure to our current partners, prospective clients, and select others.
A sincere thanks to our friends and colleagues for their contributions to our shared dream–we wish them all the best!
Lately, I’ve been thinking a lot about the history of the security business. Not necessarily technology related, but physical security as well. Specifically how security has been used as a business differentiator. In the expansionist days of the youth of the United States, before the clear establishment of law and order, security was a key differentiator for most businesses. In the railroad business, the Pinkerton Agency was instrumental in securing and protecting freight shipments. Vigilantes were prominent in some communities, hired to protect the locals from outlaws. And the Winchester Repeating Arms Company arguably had the best selling home security system money could buy. Back then, the idea of protection and security, making people feel safe, was a clear business opportunity.
If you think about security in the context of banks, the opportunity for safety and security becomes clear. Back in the Wild West, it was all about the bank vault. If one bank’s vault was superior to another, guess which bank got more deposits. Why do you think vaults became such a prominent part of a bank’s physical structure? Remember those old banks that used to be housed in enormous, imposing marble buildings, with the gigantic vault door visible in the main lobby? Banks were designed that way to convey a sense of safety and security. Your money is safe here.
This same concept of safety and security still applies today, except most banks are not leveraging it to their advantage. The new wild west is the Internet. And it’s the new frontier for banking. Most people my age (29), that I know, use online banking pretty exclusively. Matter of fact, I haven’t seen a banker in the flesh in years. In fact, I conduct all of my financial transactions via the Internet (on my computer and phone). When it comes to cash, I use ATMs. And this is great for my bank because their cost per transaction is practically nothing compared to what it would be if I needed to visit their branch and talk to someone. What is interesting is that despite the daily headlines announcing yet another hacking incident, the majority of the major banks in the US have done little to nothing to enhance their access security. Or what they have done is deemed insufficient by their own users. Furthermore, there’s quite a bit of research that points to security as the biggest concern among online banking customers. Given that the growth of online banking in the US has pretty much ground to a halt, it is time to take a page from the history books and leverage security as a business differentiator.
And the same thinking applies to online businesses that house valuable data (social networks, email providers, apps in the cloud services, etc…).
A couple of interesting news items came out last week that illustrate the growing importance of security and user choice in the online medical record space. The first one was in the New York Times and titled “A Hospital is Offering Digital Records”. The hospital referenced is the New York Presbyterian Hospital, whose centers and clinics provide about 20 percent of the health care in New York, and is “the first large institution to move beyond the pilot stage as it begins to offer consumer-controlled health records for patients, and its experience will be closely watched in the industry”. In this case it is using Microsoft’s Health Vault platform. You will recall that from January 2009, myVidoop is one of only four approved secure OpenID providers to HealthVault.
The hospital has had its own computerized records for patients for many years, and has saved money and improved outcomes, for instance, reducing medication errors considerably. One of the doctors is quoted as saying “.. the personal health record is a powerful additional tool for improving health care and one that offers added benefits because the data is controlled by the patient, not tethered to an institution.”
The second story is a press release from CVS and concerns Google Health, who have teamed up with CVS so that millions of CVS customers would be able to easily transfer their prescription history to an online Google Health account. The main benefit is stated as “we are helping to close the gap in today’s fragmented health care system and provide a full view of a patient’s health.”
The central theme is user choice, user control and the security needed to go with the increase personal data going online. The mainstream demand for electronic health records may not yet be here but these stories show it’s just a matter of time.
If you’ve checked out the VidoopCAPTCHA demo lately, you’ve noticed that we’ve added a couple of cool new ways to display our CAPTCHA solution in small spaces. How did these additions come about? By recommendations from potential customers. When we initially released VidoopCAPTCHA, we started asking for feedback and reactions to it (and still do!). One of the first things we heard was “Looks great, I think it’s definitely more usable than what is currently out there and therefore a ‘no-brainer’ for us to put in, but the image might be too big to fit on my comment form.” So we brought that feedback to our developers, and they quickly created with JavaScript some great new ways for VidoopCAPTCHA to fit in small spaces.
The first new way we call a flyout. When a user clicks in the form field for the CAPTCHA, our grid of images with instructions slides out from the field. When the user is finished filling out the CAPTCHA, the image slides back, and the user’s answer is retained. If you’ve got VidoopCAPTCHA up and running on your site and would like to use the flyout option, please follow the recipe instructions detailed here.
The second new way we call the lightbox. For this one, when a user clicks a button, an image grid with instructions shows up centered in their screen. Like the flyout, when the user is finished filling out the CAPTCHA, the image goes away and the user’s answer is retained.
Now sites that may originally not have had the web page “real estate” to display our full image grid can have VidoopCAPTCHA without changing the feel of their registration, comment, or commerce pages. It’s yet another result of our efforts to make VidoopCAPTCHA more configurable and useful. Verification doesn’t have to be annoying or human-proof to the real people who visit your site. Who knows, maybe they’ll even enjoy the experience of filling out a CAPTCHA after seeing VidoopCAPTCHA slide out or pop out onto the middle of their page!
Text based CAPTCHAs have not kept up with either the onslaught of the bad guys against them or the demands of the users of sites they set out to defend. Since their inception in 2000 there has been something of an arms race between CAPTCHAs and their nemesis, the automated spy bots….and it looks like the latter are winning. This means the sites are breached and deluged with spam and all too often the user has to find solutions for ever more confounding CAPTCHAs. One study shows that 1 in 5 of all attempts to read a CAPTCHA fail! That’s too many frustrated legitimate (and profitable) users being thwarted in accessing websites. To prove a point, albeit somewhat anecdotal, we have been monitoring ‘CAPTCHA’ on Twitter. It seems like everyone has their favorite story of their worst CAPTCHA. There are about 40 comments a day in total and about 25% are complaints like the ones below:
@sparkxxxx: “Don’t you hate it when you’re on like your 3rd try and you thought you nailed the darn CAPTCHA every time”
@decaxxxx: “XXXX.com’s CAPTCHA is really, really annoying”
@sparxxxx: ” I am just not smart enough for CAPTCHA sometimes”
@photoxxxx: “tried to comment on the blog post but the CAPTCHA kept throwing errors. :(“
@tolxxxx: “Today’s insanity: The continued use of CAPTCHA by major email vendors”
@dcelcxxx “It literally took me THREE hours to get past XXXX.com CAPTCHA”
This is why we think there are significant problems with CAPTCHA (check out the slideshow)
Fortunately this can change. There is now a better way with the launch of VidoopCAPTCHA, an image based, significant step for verification. Its effective, usable security that stops bots without thwarting the legitimate user. It’s also FREE. Check out the VidoopCAPTCHA demo for the phase 1 product and let us know what you think. More improvements are on the way. We have a Wordpress plugin and others will follow shortly – volunteers needed to help develop the rest!
For the marketing guys out there, there is a significant bonus. A host web site can use its own branded images to engage its users every time VidoopCAPTCHA is displayed. This not only has a financial placement benefit, but unlike other media, the user is actively searching for the image. Now all the marketing advantages of the Vidoop’s ImageShield come to CAPTCHA.
The legitimate user gets easy access, the web site operator gets effective verification, the website marketer gets habitual, guaranteed impressions for FREE.
Our CTO Scott Blomquist presented a BrightTalk webinar session recently, on the subject of ‘The Importance of Authentication in the Cloud’. The audience was from a variety of industries and represented various roles in IT and non IT areas. Scott covered some of the recent trends in Cloud computing, some recent cloud attacks and the consequent case for strong authentication in this emerging space. The most significant challenge for businesses is how to implement the same standard of security in the cloud as they implement on their current infrastructure. Scott touched on how cloud applications can often be made better by desktop client apps, but unfortunately very few client apps currently support strong authentication. It is likely the case that having client applications make use of the browser for strong auth is the best way to get over this hurdle. Vidoop’s work with Google was demonstrated as one way this could happen. The recent demos of Vidoop’s three forms of authentication were highlighted. Check out Scott’s 5 star presentation and the Q and A session.
Yesterday afternoon, the OpenID Foundation (OIDF) announced that Facebook would be joining the OIDF. We couldn’t be more thrilled here at Vidoop as Facebook will be bringing some of its resources and understanding to bear on helping solve some of the user experience (UX) issues with OpenID. This is just another sign of the critical mass of people and companies rallying around OpenID and looking to move “open” forward everywhere on the web.
In addition, Plaxo’s Joseph Smarr will also be joining the OIDF board as a community member. Joseph has been extremely active in the OpenID, OAuth and Portable Contact space for quite some time and he’ll be a great asset on the board.
Next week, representatives from several companies, including our own Chris Messina and Michael Richardson, will be attending the UX Summit being held at Facebook. We’re looking forward to sharing what we’ve learned with the building of VidoopConnect.
We are delighted that our authentication solution is now available to Microsoft HealthVault users. The use of strong authentication is a key element to adoption in the emerging area of electronic health records, and we believe our solution provides both the usability and security that will encourage consumers to access and manage their own information. The electronic medical records issue has been in the news frequently, especially with the new administration’s plans to upgrade HealthCare IT in the US to the tune of $50 billion.
The goal of moving patient health care records from paper to electronic is a global endeavor, and it makes sense for patients, physicians, and insurance companies.
We wish Microsoft well in the HealthVault initiative and look forward to a growing role in helping consumers protect their valuable information.
We’re excited to announce that MyVidoop is now one of the white-listed OpenID providers available for your use on Microsoft’s HealthVault service.
“Our objective is to give our customers choice and make their Web experience easier, while helping them safeguard their privacy,” said George Scriban, senior product manager, Health Solutions Group, Microsoft. “We’re happy to be working with Vidoop to give HealthVault users the option of using their log-in and authentication solutions with their HealthVault account.”
HealthVault enables consumers to share health data with family members, healthcare providers and others they trust, and use it to make more informed healthcare decisions. We give HealthVault users another option for secure login to easily access and control their personal information and medical records online. Our unique ImageShield(R) replaces the traditional password field with an array of photos that are different with every login. When the ImageShield is presented, the consumer selects the images that fit pre-selected secret categories and are granted access to their medical records.