Microsoft Corp. is recasting ambitions for its .Net Passport identification system, saying the service now will be limited to its own online offerings and those of close partners. Microsoft no longer sees Passport as a single sign-on system for the Web at large, a spokeswoman said.
Microsoft repositioning of Passport comes as careers Web site Monster.com said it was dropping support of the authentication service. Monster was one of Microsoft’s banner Passport users.
Once a key part of its hosted services strategy, Microsoft has been quiet about Passport in the past few years and has not done any significant development work on the system. Instead, the company has been quietly scaling back several of Passport’s components. A directory of sites that support the service was removed this year, and in March 2003, a payments feature was axed.
Passport is clearly not all Microsoft made it out to be. In 1999, the Redmond, Wash.-based company envisioned thousands of online stores and other services using Passport, allowing users to sign on using the same user name and password combination used for Microsoft services. But the reality turned out different, as Web site operators balked at the idea of having Microsoft control access to their sites. Aside from Microsoft-owned sites only a few dozen others signed on to Passport.
Microsoft has “learned a lot” over the past few years from working with partners and customers working with Passport and has adjusted its ambitions for Passport accordingly, said Brooke Richardson, lead product manager for MSN at Microsoft.
“Going forward, the mission of the Microsoft Passport service will be to provide authentication services to Microsoft services and products and to Microsoft partners,” she said late Tuesday in an e-mail response to a reporter’s questions.
Cutting Passport ambitions is part of Microsoft returning to its software roots, said Matt Rosoff, an analyst with Directions on Microsoft Inc., in Kirkland, Wash. “Microsoft’s interest in hosted services has decreased since 2001. The company’s focus has returned to software, which is where it belongs,” he said.
In 2001 Microsoft announced that eBay Inc. and TMP Worldwide Inc.’s Monster.com would adopt Passport, two of only a handful of big-name companies Microsoft was able to sell on Passport. Monster.com is cutting Passport this week, while eBay continues to support the technology although it is hardly used, spokesmen for both companies said.
“Based on the adoption rates of Passport, which represented a low percentage of Monster users worldwide, a decision was made to make the most effective use of resources within Monster” and end support for Passport, said Monster spokesman Kevin Mullins.
Microsoft acquired the Passport technology in 1998 when it bought Firefly Technologies. It initially used Passport as an authentication service for Hotmail and other Microsoft services, but in 1999 pitched Passport as the solution to all online shopping woes. Adopting Passport for user authentication would save companies time and money and give them an instant audience of over 200 million Passport users, Microsoft said.
The market largely rejected Passport as the system’s security was tested by hackers and scrutinized by privacy watchers who did not like the idea of Microsoft controlling user information. Regulators in the U.S. and Europe eventually put restrictions on Microsoft and Passport. Also, Internet users, it turned out, don’t decide where they shop because of the log-in service an online store supports.
Additionally, Passport faced competition from the Liberty Alliance, which was formed in late 2001 and set out to create an open authentication platform as opposed to Microsoft’s proprietary Passport technology. The Liberty Alliance, originally sponsored by Sun Microsystems Inc. and about 30 other companies, has continued to expand and specifications developed by the group are supported in several products.
The Liberty Alliance consortium slowed Passport’s momentum, because it presented an alternative to Microsoft’s model, which centralized identity information, said Michael Barrett, vice-president of security strategies with American Express Co. and the president of Liberty Alliance.
“Liberty changed the dynamic, simply because we came out very quickly and said that centralized is not the right model, essentially because there are parties that will never trust one centralized identity source,” he said. “By the end of 2002, nobody was talking about Passport… it was remarkable how fast the centralized idea died.”
With the failure of Passport and the interoperability pact struck April of this year with former arch-rival Sun, Microsoft may elect to join the Liberty Alliance or support the group’s specifications. Microsoft and Sun have said that identity management is one of the first areas they hope to achieve interoperability.
On Wednesday, IBM Corp., announced that it had joined the Liberty Alliance. Microsoft has said it might join the group, but so far has not. IBM’s move could put pressure on Microsoft, according to Ronald Schmelzer, senior analyst at ZapThink LLC. “I think it will encourage them to take a look at it.”
Whether or not Microsoft joins, however, depends on the extent to which its customers demand it. “Microsoft doesn’t always follow the pack,” Schmelzer said.
Directions on Microsoft’s Rosoff agreed that Microsoft’s participation in the alliance was a possibility. “I could certainly see Microsoft join the Liberty Alliance,” he said.
(Robert McMillan in San Francisco contributed to this story)