Consumer Security

Amazon Spreads Its Influence With Single Sign-In

Amazon on Tuesday announced a feature that lets users access websites using their Amazon account information. The goal of Login with Amazon is to reduce sign-in friction by providing secure credentials to websites, apps, games and other online access points on the Web, as well as on Android and iOS devices.

Google+, Facebook and Twitter already offer similar social sign-in capabilities. Amazon has tested the new login on its own properties, Woot.com and Zappos.com, and found that both sites saw “significant customer adoption.”

On Zappos, 40 percent of new customers used their Amazon account info to sign in. On Woot, twice as many customers opted to log in using Amazon than chose to create a new login or use a different social login such as Facebook.

Amazon has more than 200 million active customers who can take advantage of the login program, which will result in increased access to participating sites, the company said.

Open Source Amazon

Login with Amazon is based on the OAuth 2.0 authorization framework. The open source code, created in conjunction with a number of sites, including Twitter, has become an online standard.

“We are using OAuth 2.0 as it is the standard way of securely exchanging data between different sites and apps without sharing passwords,” Amazon spokesperson Scott Stanzel told the E-Commerce Times. “With Login with Amazon supporting OAuth 2.0, developers can reuse their existing knowledge to implement it without having to learn a new set of concepts.”

Open source OAuth 2.0 helps simplify coding for developers.

“Prior to their OAuth2 support, all the third-party SaaS and developer tools had to ask for your secret API keys,” said Nic Williams, founder of Stark & Wayne.

“You personally had to either give away your master API keys — the initial keys you’re given by Amazon Web Services that can do anything — or you had to muck around with IAM and create specifically scoped credentials, get the API keys, and then give them away,” he told the E-Commerce Times.

Amazon is playing a bit of catch-up with its late-to-the-game launch of a universal login using OAuth 2.0.

“Aside from AWS, the rest of the API Internet had figured out that OAuth2 was the far better way and better user experience for a third-party app to request specific access to your account via an API,” Williams observed.

“Twitter, Facebook, GitHub and hundreds more — everyone else, really — offers OAuth2 to allow you to grant granular access to a third party to access your personal user account via the API,” he said.

Developer Benefits

Login with Amazon assists developers by simplifying code, giving developers useful data and increasing registration. For mobile, it reduces the steps required for registration.

“It benefits developers by making their apps more accessible and enabling consumers to conduct transactions with one click, without the need to enter lots of data in multiple fields on a small screen, in the case of mobile,” said Greg Sterling, principal analyst at Sterling Market Intelligence.

While the Facebook universal login has become ubiquitous on websites and in apps, the Amazon name may carry some weight.

“Many consumers trust Amazon, and that confidence would make them more likely to engage and/or buy from a third party with whom they don’t have an existing relationship,” Sterling told the E-Commerce Times. “Consumers also gain the convenience of a streamlined registration and/or checkout process and don’t have to create new passwords or give their data over, yet again, to an unknown party.”

Amazon’s Big Data

Amazon has developed its empire on the data it collects on its customers. It knows a consumer’s purchases and product searches. It gathers information on their entertainment preferences. Whether Amazon will gain any additional data through Login with Amazon is unknown, but it’s certainly one possible benefit of the program.

“It is not entirely clear what Amazon will be getting, but presumably user purchase data as well as where they’re registered,” said Sterling.

Apart from a possible new cache of data, Login with Amazon will give the company even more clout online.

“What is emerging is a battle of several large Internet companies vying for user login loyalty — Facebook, Google+, Amazon and others,” said Sterling. “Amazon may in fact be the most trusted among the group.”

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories
More by Enid Burns
More in Consumer Security

E-Commerce Times Channels