Making OpenID Mobile and Privacy-Friendly

Abstract: OpenID is a widely used single sign-on standard that allows users to access different services using the same authentication. However, its usage poses a number of issues regarding privacy and security. This paper evaluates the OpenID standard and introduces three mobile strategies, two of which are validated using a prototype implementation. Significant privacy and trust improvements are attained through the use of an identity management architecture that leverages the properties of a tamperproof module. Furth… Show more