60 Identity Problems that OneID can help solve

  1. “I forgot my username”
  2. “I forgot my password”
  3. The need to create new username and password at each new site
  4. Having to type in or remember usernames
  5. Having to type in Passwords
  6. Typing in information that has already been typed in; repetitive form filling
  7. CAPTCHAs (you should only have to do that once if at all)
  8. Repetitive E-mail and/or SMS verifications of your phone number and/or email
  9. Having to disclose credit card to a merchant
  10. Having to fill out forms to create an account
  11. Not being able to use US credit card at UK site
  12. Risk of CNP transactions
  13. Forced password changes
  14. Password standards
  15. Temporary passwords
  16. Picking usernames
  17. Shared secrets
  18. Mass breaches of other sites database allowing attacker to login to your site with the same username and password
  19. Mass breach of password databases
  20. “I forgot my loyalty program #”
  21. I have too many loyalty cards
  22. Takes too long to fill out the application for a loyalty card
  23. Denied credit card charges
  24. Knowledge-based authentication security questions
  25. Need to share secrets over the phone or web with a server or person
  26. The risk of using a public terminal or a friend’s computer
  27. Usernames that are your old email and cannot be changed
  28. Break-ins of your accounts caused by theft of a password database at that site or another site on the Internet where you used the same password
  29. Fear of an attacker stealing your identity and wiping you out
  30. The pain of changing your credit card everywhere when it is lost, stolen, or expires
  31. The pain of changing your email everywhere when you get a new job or new email
  32. Remembering screen names
  33. The privacy risk (OneID can’t decrypt your data)
  34. The risk your IdP can pose as you
  35. No use of PKI so no DigiNotar
  36. Single point of compromises
  37. The incentive to phish
  38. Account lock outs due to:
    1. Inactivity
    2. New devices
    3. Invalid password guesses
    4. Use from strange locations
    5. Or any other reason
  39. Having to contact all appropriate vendors when any of your contact or billing information changes
  40. The inability for RoboForm, etc. to fill out logins or forms on certain devices and certain websites
  41. The need to change your password or PIN when one is compromised (phished or break into the site or another site)
  42. The need to ever have to talk to a customer service representative about authentication issues
  43. The need to remember who you gave your SMS to so in the event your phone is stolen, you can revoke the SMS verification.
  44. The pain you have to endure when you try to convince the bank that they really did steal your phone
  45. MITM, MITB attacks where you can’t trust what you see, even if you are using SecurID (which is not out-of-band)
  46. LoA is set exclusively by the RP (user can’t get a higher LoA)
  47. The need to re-type authentication (password or PIN) within a short interval
  48. The ability to set LoA on a per transaction basis (no more having to approve a free app purchase if YOU think it is silly)
  49. Malware threats including Citadel and Eurograbber
  50. Problem with user forgetting he’s logged in when he leaves the computer so someone else can make transactions as him
  51. User ambiguity where system needs to disambiguate from clever attacker and legitimate owner
  52. Having to change ALL your passwords if malware on your machine and you are using a password manager
  53. When your air carrier forgets your reservation, if they had stored the confirmation code in your OneID, even when they make a mistake, you are still covered because you can go to Account in OneID and retrieve the data
  54. The chance that you might have typed in the wrong passport number when you made your plane reservations (because OneID can auto fill this info)
  55. Having to remember the answer to all the KBA ambiguous questions
  56. The risk that your account can be phished (no username or password to phish)
  57. Having to know about and manage digital certificates (these are all hidden)
  58. Having to remember which offer you want to associate with each merchant (e.g., you can associate the Virgin America miles offer with you Hertz reservation)
  59. Having to manage all those usernames and pwds, especially those tied to your old email that you can no longer access!
  60. You changed your cell phone number. Now all those out of band verifications don’t work (like at Microsoft)
  61. The insecurity of SMS; Australian Telcos Declare SMS Unsafe For Bank (OneID never used SMS because it is unsafe)
  62. Not being able to set a cumulative dollar limit on your identity so you can secure your purchase
  63. You can't purchase on Best Buy and other sites with RoboForm and other form fillers because the autofill doesn't trigger a manual type-in, so users are completely baffled as to why their purchase fails
  64. Being able to purchase from multiple Internet sites and seeing all your tracking numbers and receipts in one place
See also:
OneID documentation guide