openid retail summit at paypal - paypal identity
DESCRIPTION
OpenID Retail Summit at PayPalTRANSCRIPT
March 2011Ashish Jain
Social Media for Retailers Summit
DEMO
OpenID Authentication 2.0
SReg
Attribute Exchange
PAPE
UI
White list
STATUS
Name
Email Address
DOB
Phone Number
Shipping Address
Payer ID *
Is Verified PayPal *
SHARED CLAIMS
User will not have access to PayPal.com
RP can request max_auth_age at
runtime Or during on-boarding
Supports max time of 8 hours with no
challenge
SESSION / MAX_AUTH_AGE
Get a PayPal account
Login to x.com (Developer Network)
Submit your app
ON BOARDING PROCESS
ON BOARDING PROCESS
Additional claims
Authn Context Authn Type, Time, Risk/Fraud…
Payment Integration Login first, payment first, guest checkout…
QUESTIONS FOR RETAILERS?
Identity Propagation E.g. PayPal OP - Connector - SAML RP - SaaS
Identity Linking e.g. link PayPal to another IdP for additional claims
Payment Integration
QUESTIONS FOR PROVIDERS?
RP On-boarding UI Guidelines (new/existing account,
additional data…)
Local Password / Terms of service?
CSR FAQ
Multiple IdPs support (different data)
Account Recovery flows?
Attribute Exchange
Logout
…
QUESTIONS FOR COMMUNITY?
Q & A