Report: Identity Crisis Looms for Telcos
The report, Identity Management: Telcos vs. Web 2.0 Titans, says service providers are in a unique position to offer IdM solutions, but most are not acting quickly enough. As a result, telcos could lose revenue to portals and Web 2.0 content aggregators like Google (Nasdaq: GOOG), Yahoo Inc. (Nasdaq: YHOO), and others that already provided trusted services to end users. (See Telcos Face a Web 2.0 Identity Crisis.)
So far, unified identity management for telcos has been focused on simplifying customer management, lowering operating expenses, and reducing customer churn. As telcos add triple- and quadruple-play offerings to their service portfolios, identity management is becoming increasingly important to managing users across multiple lines of business.
Offering a unified identity management system also allows carriers to give users a simplified sign-on process, as well as new services such as converged billing, email, and contact lists. But there is an increasing opportunity for network operators to extend user identity information to provide value-added services outside the carrier network.
Dawn Bushaus, research analyst for Light Reading Insider and author of the report, writes that "network operators have a unique opportunity to turn their identity federation technology outward to become identity providers capable of offering identity verification services to Web content providers."
One way a carrier could do this is to become an 'identity provider,' or an intermediary that could vouch for an end user's identity in transactions with various other service providers. But that is often easier said than done.
"Before telcos can become identity providers, they need more than just authentication, authorization, and accounting (AAA) servers inside their networks; they also need directory servers, tools for managing subscriber access, and the federation software itself," Bushaus writes.
And becoming an identity provider isn't cheap. "The federation software alone can cost hundreds of thousands of dollars, depending on the number of users or partners," Bushaus writes.
To complicate things further, the standards picture is still a little hazy. There are at least four methods for identity management, including SAML 2.0, which has been widely adopted by carriers and members of industry group The Liberty Alliance Project ; WS-Federation, an alternative standard being pushed by IBM Corp. (NYSE: IBM) and Microsoft Corp. (Nasdaq: MSFT); OpenID, which has gained acceptance on blogs and social networking sites; and Microsoft's CardSpace, a successor to its failed Passport venture.
While there are certainly barriers to entry in the identity management space, telcos could be missing out on a huge opportunity if they don't begin federating identity management solutions outside their networks soon.
"Available research suggests that network operators must build or buy IdM technology in order to prevent erosion of their customer bases in the face of competition from Web 2.0 companies such as Google and even eBay Inc. (Nasdaq: EBAY). As these Web 2.0 operators add data, voice, and even mobile access services to their portals, telcos risk being bypassed completely," Bushaus notes.
That could mean a massive missed opportunity for telcos. A study released by The Liberty Alliance in January, for instance, projects annual network operator revenue loss to Web 2.0 operators could reach more than $1 trillion within the next eight years.
Some service providers are already testing and deploying IdM solutions. BT Group plc (NYSE: BT; London: BTA), Deutsche Telekom AG (NYSE: DT), Orange France , Telefónica Móviles SA , and others have begun looking into federated identity management.
Orange, for instance, is using IBM's Tivoli Access Manager and Tivoli Federated Identity Manager in conjunction with its own IdM platform to converge mobile, wireline, and broadband services for 100 million subscribers throughout Europe. And DT's T-Com and T-Online subsidiaries launched "Netzausweis" ("Net ID card") federated identity services, enabling single sign-on (SSO) for Internet access, account aggregation, expedited and secure completion of Web-based forms, and subscriber age verification.
But U.S. service providers have been slower to adopt IdM technology. "There's no question that European and Asian network operators are ahead of their U.S. counterparts when it comes to deploying IdM technology," Bushaus writes.
That's something that carriers like AT&T Inc. (NYSE: T) and Verizon Communications Inc. (NYSE: VZ) will need to change before they begin to lose customers -- and revenues -- to Web 2.0 competitors.
For more information on the report, click here.
— Ryan Lawler, Reporter, Light Reading