Vidoop continues to sponsor the efforts of Chris and Scott helping to develop OpenID and grow its marketshare on the Internet.

In addition to the OpenID Foundation elections, Scott Kveton has just joined the Board of Directors for the Software Association of Oregon for the 2009 term.

Congratulations to Chris and Scott and look for more exciting news coming from Vidoop in 2009. Happy New Year everyone!

Let’s look at what the criminals are stealing.  “Some malware is used to routinely watch for and then steal log-in and password information, specifically consumer financial information.”  They are stealing usernames and passwords.  If this is the case, then wouldn’t it be wise to use something more than a password to protect your users?  That seems pretty simple.  Yet financial institutions, email providers, social networks, SaaS (software as a service) companies, and dozens of other types of online services that house our valuable personal information offer nothing beyond a password and possibly a challenge question (just another easier to guess password).

Like many others, I have built a great life online.  A nice virtual house, full of nice virtual things.  And I don’t want someone walking through my front door and robbing me blind.  At least give me the option to have a stronger front door.  Why can my World of Warcraft gaming account be more secure than my email? bank? apps? stock trading? social network?  I have much more valuable things in these accounts.

It’s time to quit handwaving, making up excuses, sending us “security” marketing messages, and generally ignoring the issue.  Step up and offer us some way to protect our accounts!  Before the guys at World of Warcraft open an online bank, start offering email, add applications, allow me to trade stocks, etc…

Eric Sachs, Google’s Security Product Manager, is leading the charge. He’s been rallying the strong auth stakeholders both inside and outside Google with the message that web-based strong auth for web-based applications is just around the corner. In fact, it’s mostly here today. Any enterprise with an interest in securing their Google Apps users, for example, via a stronger mechanism than the username/password option that Google provides need only implement a SAML provider, or buy one of the available commercial products.

What isn’t quite here today is the ability to use these strong authentication mechanisms outside the web browser and within the family of rich client applications that are built to work with Google Apps. The list of rich clients includes such things as the Blackberry email client or the Google Talk desktop client. But that’s likely to soon change as well with Eric and his team pushing to spread awareness of enterprise authentication requirements within Google. In order to show off the power and simplicity of moving the existing web-based mechanisms into desktop applications, they’ve built a prototype of a desktop application that makes use of a web browser to request authorization to access data in the cloud.

Seeing the prototype in action provides a powerful and tangible demonstration to Google insiders of how close their desktop applications are to working with the various and plentiful strong authentication solutions out there such as Vidoop Secure. Even more powerfully, it shows Google outsiders just how close their strong authentication needs are to being met even on SaaS applications.

We here at Vidoop are excited to see all of the great work that’s being done toward enabling strong authentication in more places, and welcome the opportunity to help secure your business’s life in the cloud.

You can see screencasts of Vidoop Secure in action in Eric’s strong auth video collection.

So what is the rationale? Vidoop is unique in look and name which is a good thing as it means the brand has equity. However like all things we need to review and recalibrate dependent on new findings, always trying to increase equity, and this is what we have been doing. Before we talk about the look lets define “equity”.

So what is ‘brand equity’ ? Like most things there are many definitions but the one I like is that it is the premium a firm can obtain relative to competitors, from selling similar products. It’s a real and realizable value and is a function of:

1) AWARENESS (do customer targets know who you are), and
2) IMAGE (do customer targets know what you stand for), and
3) LOYALTY (do customer targets stay with you).

The new logo is only one element that influences equity. In fact the greatest influence usually comes from how we want to position the brands, or make them stand out relative to competition. We now know a lot more about who are competitors are, and about our target audiences and how we can be distinct and offer real value to them.

So the logo helps define who we are (the ‘image’ element above). In our case it underscores that we are: bold, confident, innovative, simple and straightforward. These qualities ally well with what we see our role in the internet ie. todevelop innovative solutions that make it easier for users and businesses to engage with each other securely on the Internet.

The infinity symbol has many good qualities. It has positive (and tested) equity of its own, reinforces security, identity, user centricity and omnipresence. We shall use it in a variety of new ways, always helping reinforce who we are and so increase that elusive equity, so watch this space, more to come.

We are narrowing our focus to concentrate on those areas of our business that make the most sense in this economy. We are taking these steps for the benefit of our company and our stakeholders, which include all the affected employees. Several of them have been with us from the first day we opened the company in a two-bedroom loft in downtown Tulsa.

The Vidoopsters are like family, and are the best at what they do. When the economy turns around, we hope we can bring our folks back to Old Town. In the meantime, we have made arrangements to help them find other positions.

We honor the contributions of our departing friends, and are committed to fulfilling the vision that each and every one of us has shared for nearly three years.

Please let us know if you have any questions/comments/concerns here.

Thank you for using MyVidoop!

Finovate marked the launch of our expanded Vidoop Secure login authentication platform. In addition to the ImageShield, we presented Multi-factor Authentication via phone as a complement to the ImageShield or as a standalone strong authentication solution. It gives financial institutions the option of very simple MFA or a comprehensive solution. Making the phone a token makes a lot of sense; the audience got it.

We’re big fans of the Finovate conference. We presented back in the spring this year so we had a sense of what to expect in NYC. Presenters receive almost instant feedback on their presentations, and we were really pleased with what we heard.

The biggest buzz came when Mitch commented on the idea of presenting sponsored images in the ImageShield. What’s fantastic about the idea is the images don’t look or feel like advertising to the user. However, it’s an innovate, eyeballs-to-brand opportunity for advertisers. Financial institutions that have a medium to large number of logins can generate significant revenue using sponsored images. The idea of turning a cost center into a profit center is an idea everyone can love.

We also received great comments from the press. Banking blog Banktasktic’s two reviewers both gave Vidoop five stars (out of five, of course!) Among the comments were, “Your bank or credit union NEEDS to look into this,” and, “Ready for mobile - the demo was on a iPhone. Looks great even on the phone. I liked the verifying techniques they implemented. Super userful.”

Be sure to catch Mitch’s brief video interview with Banktastik. It includes great info for anyone wanting to know more about how Vidoop is going to help banks, credit unions and other financial institutions be more secure and user-friendly at the same time.

Let’s step out of the weeds for a minute.  Everyone is currently trying to solve these problems from the standpoint of every individual site’s different implementation, of which no one seems to agree on a standard.  We’ve got buttons, IDselectors, URL as Identifiers, email addresses as Identifiers, Google is proposing to do it one way, Yahoo another, etc…  Each with different trade-offs, but the end results are basically the same.  Mom doesn’t get it!  For everyday users to really understand online Identity, we need to solve the problem from the browser level.  We need to let the browser act on behalf of the Identity Providers.  One quick advantage is that it only requires a handful of project owners to agree on a standardized user experience, rather than every site on the entire Web.  Not only that, but discover-ability and education of OpenID can be standardized in the same handful of places.

The solution is Identity in the Browser (IDIB).

IDIB delivers the 3 main things that must be present for my mom to understand Identity on the Internet.

• Standardized experience with your Identity provider
• Standardized experience with your Relying party
• Standardized discover-ability

This is what it’s gonna take for Identity on the Internet to make sense.  Right, mom?