Frequently Asked Questions

What is an Identity Provider?

The increasing number of accounts is not easy to manage by users. An Identity Provider helps users to reduce accounts by managing digital identities of registered users for the purpose of provisioning identity attributes to applications (such as web sites or web services) who are willing to rely on this information.

What is OpenID?

OpenID is a very light-weight Web protocol for user authentication. The idea is to use a URL as the identifier for the digital identity of a user. Using OpenID to log in at an OpenID-enabled web site, the User is redirected to his/her identity provider and asked to log in. Upon successful authentication, the identity provider sends a message to the web site that asserts the user's identity.

What is InformationCard?

Using information cards a user's identity is represented by a personal card that contains information about the user's identity provider. If a user wants to authenticate to a web site or web service, a small software running on the client machine is started, the so called identity selector. The identity selector allows the user to select an identity provider by choosing the corresponding Information Card. Once the user's has been authenticated, a message with the authentication status and additional identity attributes is sent to the web site or web service that the user wants to use. Under the hood, the InformationCard approach builds upon the web service specifications which makes it in particular usable for SOAP-based web services.

What is a digital identity?

A digital identity comprises a limited set of attributes of a real-life identity that characterizes this entity and is usually associated with an account. A single entity can hold a multitude of digital identities, one with each system it interacts with.

Are OpenID and InformationCard similar?

OpenID and InformationCards are solving the same problem, namely how to use the same identity for several applications (web sites and services). Both approaches offer a so-called "Decentralized Identity Management", which decouples the places where a digital identity is stored from the places where this identity is needed. A comparison pointing out the differences is given below.