2012 confoo: defining user identity

Defining User Identity

True Identity VS Anonymity

Jonathan LeBlancDeveloper Evangelist: X.commerce

Email: [email protected]: @jcleblanc

X.Commerce (eBay Inc.)http://www.x.com | @x_commerce

The Foundations of Human Identity

Tribalism and Social Grouping

The Big Bag of Social Identity Fail

Experimental Identity Methods

What We’re Going to Cover


Human Identity: User Types

Anonymous Users Real Identity Login


OAuth (1.0a + 2.0)PayPal Access, Facebook, Twitter

OpenID (…and the upcoming OpenID Connect)PayPal Access, Google, Yahoo!

BrowserIDMozilla

Human Identity: Open Identity Programming


Human Identity: Anonymous Users


There are a few common options

Human Identity: Tracking Anonymous Users

Tracking Cookie Local Storage


• On each page visited, track the URL

• HTML5 Local Storage as primary storage

• Cookies as secondary storage


Program Overview

Tracking Anonymous Users with Local Storage

var storeName = "visited";if (typeof(localStorage) == 'undefined' ) { //Local Storage Not Available} else { try { var sites = localStorage.getItem(storeName); sites = (sites === null) ? window.location : sites + window.location; localStorage.setItem(storeName, sites + "|"); } catch (e) { if (e == QUOTA_EXCEEDED_ERR) { //quota exceeded } }}

Tracking Anonymous Users with Cookies

function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for (var i = 0; i < ca.length; i++) { var c = ca[i]; while (c.charAt(0) == ' '){ c = c.substring(1, c.length) }; if (c.indexOf(nameEQ) == 0){ return c.substring(nameEQ.length, c.length); } } return null;}

var storeName = "visited";if (typeof(localStorage) == "undefined" ) { var cookieVal = readCookie(storeName); var value = ((cookieVal === null) ? window.location : cookieVal + window.location); var days = 1; var date = new Date(); date.setTime(date.getTime() + (days*24*60*60*1000)); var expires = "; expires=" + date.toGMTString(); document.cookie = storeName + "=" + value + "|" + expires + "; path=/";} else { //Use Local Storage}

Tracking Anonymous Users with Cookies


• Remove oldest results when storage fills

• Build categorization mapping prior to storage to save space (more on this later)


Next Steps / Improvements


Human Identity: Real Identity Users


Human Identity: Real Identity Sources

Social (perceived) Concrete (true)

Sources of Real Identity


Human Identity: BrowserID


BrowserID Source<script src="https://browserid.org/include.js" type="text/javascript"></script>

JQuery Source<script src="http://code.jquery.com/jquery.min.js" type="text/javascript"></script>




navigator.id.get(function(assertion) { if (assertion) { $.ajax({ url: 'https://browserid.org/verify', type: 'POST', data: 'assertion='+assertion+'&audience=jcleblanc.com', success: function(res) { console.log(res); } });});


{ audience: "jcleblanc.com", email: "[email protected]", expires: 1320081400987, issuer: "browserid.org", status: "okay"}

Human Identity: BrowserID JSON Results


Social Grouping: It’s Not A New Thing…


Tribalism started as a way to keep us safe

…it has lead to some horrible parts of history

but it is also a foundation of many of our social relationships

Social Grouping: Foundation in Tribalism


Social Grouping: The Real Life Social Graph


Social Grouping: The Online Social Graph


Social Grouping: Group Types

Follower Type

Connection Type

Group Type


Social Grouping: Data Miners are Rock Stars


• Use all URLs from the previous program.

• Obtain content category for page.

• Categorize user interest.

Social Grouping: Group Programming Primer

Program Overview



Step 1: Obtain Website Content



Step 2: Perform Keyword Density Search



Step 3: Weight Keywords


“My privacy concerns are not trite. They are linked to my actual physical safety” --Harriet Jacobs (Gizmodo)

Social Identity Fail: Personal Safety

When Social Discovery Impacts Personal Safety


“Path Uploads Your Entire iPhone Contact List By Default” --Mark Hachman (PCMag)

Social Identity Fail: Privacy Concerns

When Making Things Easy Impairs Privacy


“How Target Figured Out A Teen Girl Was Pregnant Before Her Father Did” --Kashmir Hill (Forbes)

Social Identity Fail: The Fine Line

The Fine Line Between Insightful and Creepy


Experimental Identity: WebFinger


Step 1: Perform Discovery

curl https://gmail.com/.well-known/host-meta




<XRD xmlns='http://docs.oasis.open.org/ns/xri/xrd-1.0' xmlns:hm='http://host-meta.net/xrd/1.0'> <hm:Host xmlns='http://host-meta.net/xrd/1.0'>gmail.com </hm:Host> <Link rel='lrdd' template='http://www.google.com/s2/webfinger/?q={uri}'> <Title>Resource Descriptor</Title> </Link></XRD>


Step 2: Collect User Data

curl http://www.google.com/s2/webfinger/[email protected]



User Profilehttp://www.google.com/profiles/nakedtechnologist

Portable Contactshttp://www-opensocial.googleusercontent.com/api/people/118167121283215553793/



profileUrlidthumbnail urlurlsphotos


name formatted family name given name display name


Identity is more than just a login

Authentication is just the first step

Find the tool that:– Has the raw data that you need– Works with your business

Identity Programming Core Concepts

Thanks! Any Questions?

Jonathan LeBlancEmail: [email protected]

Twitter: @jcleblancGithub: https://github.com/jcleblanc

http://slidesha.re/confoo_identity2

2012 confoo: defining user identity

Technology

commerce ebay

real identity usersx

online social graphx

var sites

real life social graphx

var cookieval

var date

var ca