| SSO | Private | Nothing to learn | Non-profit | Pseudonymous | Open source | Decentralised | Centralised | |
|---|---|---|---|---|---|---|---|---|
| Promise | ||||||||
| OpenID | ||||||||
| SQRL | ||||||||
| Apple | ||||||||
| Beyond Identity | ||||||||
| Trusona | ||||||||
| Auth0 |
SSO is an abbreviation for Single Sign-On which basically means, that you can use the same login to authenticate everywhere that supports the provider.
The alternative to SSO, is that you create a seperate login with a new password each place you want to sign in.
Being private means that you personal identity is not stored or revealed to anyone. Not the provider. Not any relying party. Your privacy is guaranteed.
In a world where more and more data are collected for permanent record, being able to authenticate without revealing any personal information will be desirable.
In order to use the provider, there will be no new concepts you'll have to learn. If you've ever tried signing in with email and password, you're good to go.
In order to get wide adoption, it is crucial that the entire population on the internet does not have to learn new concepts before they can use the solution.
It means that the technology is not owned by a commercial entity.
Authentication is all about trust. Everybody should be able to trust, that the interests of the authentication provider is aligned with the public, not with shareholders and profit.
Being pseudonymous means that each relying party, will get their own unique and different identifier for you. Eg. example.com will know you as 'abc', while foo.com will know you as 'xyz'.
This makes it impossible for relying parties to profile you across services using your identifier provided by the authentication provider.
All source code is available to read.
As authentication if of public interest, the source code that runs the platform should be accessible for all to read.
The solution has no central server that "knows everything". The user has to decide on which hardware the authentication should happen.
Decentralising makes a solution more robust and less vulnerable to a wide range of attacks.
A central authority takes responsibility for hosting and maintaining the solution.
This relieves the user of the responsibility of providing or choosing which hardware the authentication should run on. It also allows for user friendly recovery of your account.