Detractors worry about security threats and potential abuses that could result from Microsoft's sole control of the Passport database. Of even greater concern to some is the potential for identity theft if the Passport servers are compromised.
Microsoft Revamps Protocol Licensing ProgramDramatically lowered royalty structure. No NDAs. Documentation samples. Choose from over 100 proprietary communications protocols that were not previously available and see how simple it can be to interoperate with Windows desktop products. Get started today!
Microsoft's .NET Passport, one of the largest online authentication services in operation, has more than 200 million active accounts and handles more than 4 billion authentications per month, Adam Sohn, product manager for the Platform Strategy Group at Microsoft, told TechNewsWorld. As a whole, Microsoft's .NET Passport service is a collection of Internet-based technologies designed to make accessing e-commerce Web sites easier, faster and, in theory, more secure. In addition, Microsoft has constructed the Passport service to make it relatively easy for developers to build in Passport authentication to XML Web services.
However, critics have faulted Microsoft's centralized identification model as being fraught with security risks, largely because all user data is stored in one place. In light of these risks, alternative services -- like the federated identity-authentication system developed by the Liberty Alliance Group -- could pose a threat to Microsoft's ability to expand its .NET user base. "This should not be viewed as Microsoft versus anybody else," Andrew Eliopoulos, senior director of network identity at Sun Microsystems (Nasdaq: SUNW) , told TechNewsWorld. A key player in the Liberty Alliance Group, Sun Microsystems has said that users will not be caught in a competition between opposing business models. "It is not an either-or confrontation," said Eliopoulos. "The marketplace is so large it will tolerate both the federated and the centralized concepts."