I heard about Amazon's announcement to enter the OAuth Login market. I am curious about Amazon's entry into this space. Despite it not being a social networking site they do give insights into the purchasing patterns of a user. The advantage they have is sticking to purchasing patterns instead of worrying about other interests of the user. The real adopters of Login with Amazon ( LwA ) will be businesses which sell goods and service on the internet.
Amazon could expose the user's purchase history, credit card information, gift card information, etc. In a purchase use case flow, A site that uses LwA could redirect the user to Amazon for payments. Building on top of this, the user could even allow the site to deduct certain amount from the Amazon gift card. A consent from the user might allow the site using LwA to auto deduct amounts from the gift card and / or charge the credit card during the user's next visit to their site. Additional constraints on the maximum amount that can be deducted or charged could make the experience better for the user.
From a business perspective, Amazon may charge a fee for every transaction made at a site which redirected the user to Amazon for authentication and authorization. It will help monetize user's personal data stored at Amazon. Unlike login with a social networking site, LwA might help sites distinguish themselves. A site using LwA might indicate to a user that the service offered comes at a cost.
However, There are some concerns that need to be addressed.
- What kind of user data will be shared with other sites that use LwA ?
- Will the user be willing to share data present in his/her Amazon account ? I wouldn't.
- What happens if the bearer token that Amazon provides to the site using LwA is lost ?
- Why would I ever use LwA as a user if I can use other social networking sites that do not expose any of my monetary details ?
- Can I trust any OAuth client that uses LwA ?
The future of LwA will depend on the security and privacy policy it adheres to and the business model it surround it. But, if LwA is a success, then very soon Banks, Payment services such as PayPal, etc might enter as identity providers in the e-business space. Only time will tell what happens to Login with Amazon.
