> Relying on Google and Facebook Identity is not sufficient for some professional users...We like that accounts have mostly real names and verified email addresses,...but I do think the validity of emails will decrease. Takeaway: If you’re creating a sign up flow for your app, you should think about these trade offs between social and email-based auth.
This is absurd and shows that they aren't thinking from the perspective of their users (even though they have an "I really don't want to pay" option).
There are many reasons why people might want not to link everything together; in fact this is a reason why many prefer paypal (more transactional) to linking directly to their CC. This is also especially true for low-intensity sites like this one (you may see the justification for linking Tinder to your FB account, but you likely use this service much less than you use TInder!).
Secondly, and again related to low-intensity sites: why should they care about real names?
I would (almost) never use a site that only allowed this as a means to login... it's so absurd that these are the only options. There should be two things they are interested in: 1. Is the email valid? 2. Is the credit card and details for that valid? Anything else is a distraction to making money.
I would (almost) never use a site that only allowed...
If you're a business customer, you'll use whatever auth system is presented. And 80% of the time Google login is perfect; the other 20% will deal.
"Oh, your product will save me thousands of dollars? But it requires a Google account? Sorry, can't use it"... said nobody, ever.
There's a huge difference between B2B and B2C customers, and you need to understand which business you're in. Yeah, if you're trying to accommodate the mass market, you need all the options. If you have a niche product that makes money for people, you should spend all your time working on features that make people money. Auth is not one of them.
I run a one person business and I often feel bogged down by little things. If I need auth and I can let some huge companies take care of auth for me and they’ve got simple APIs, I may choose that over some kind of roll my own. Personally I wouldn’t want to force my customers to participate in these surveillance platforms but I have also never made money on my businesses - perhaps because I put too much effort in to the little details.
Edit: I also imagine fraud is costly, and if the big platforms can save me dev time on auth and reduce problems with fraud, that adds up to a significant savings.
Fraud and auth are two orthogonal things. The only thing this does is save you from implementing a really basic login system which is really not much code to implement if you use something like devise or some other auth library. if fraud is a goal to prevent use something like paypal or stripe which is better than small shops at detecting it over some generic merchant account. All this does is tie people into one closed system identity which most people have more than one functional identity(e.g. my business identity is different than my personal identity is different than my family identity). If you force me into using facebook to login to a system where I might legitimately want to separate personal, business and family accounts you lose me as a customer. Also, you may be using some service on behalf of someone else and then what? the customer has to give you access to their facebook account? it's just shortsighted and, frankly, dumb to only allow facebook/google to control auth. use it as an additional auth mechanism if you want to but don't solely make that your only method.
Exactly. What is it about technologists that makes them feel so entitled to everyone's personal information?
She wants to know the "real names and verified email addresses" of everyone who uses her video editor, but I wonder how she would feel about giving the same information to manufacturers of stationary or household supplies she uses or to every restaurant she visits.
Google Accounts are free and simple to create, so if a user doesn't want to "link everything together" they can create a new separate account that they only use for Kapwing. Plus, we're aren't "linking" to your Facebook/Google data; we're just reading your name and email from your account.
We decided to rely on Google and Facebook for three reasons: 1. It's technically easier, and since so few users care about needed to sign in with one of them it's a low-priority feature request to add email sign in.
2. My co-founder and I worked on Google's identity team for a year. The fact is that passwords SUCK - people hate them and they lead to a huge amount of friction in UX. Reducing the number of passwords that a user needs to remember is a huge benefit.
3. Having user's "real" identity helps with validating credit card transactions, sending follow-up receipts and confirmations, and personalizing the site. If we do one day become a social network, we're less likely to be taken over by bots.
>Google Accounts are free and simple to create, so if a user doesn't want to "link everything together" they can create a new separate account that they only use for Kapwing. Plus, we're aren't "linking" to your Facebook/Google data; we're just reading your name and email from your account.
I don't know about Kapwing, but the problems with this:
1. Simple to create? I just went to the page and it wants birthday, gender, phone number, among other things. And then on top of that, I'm sure there will be a bit more work to confirm my identity (text message or email). Certainly not trivial. And will I need to go yet one more step to confirm anything from Kapwing?
2. Do I need to now monitor this new account for stuff from you? Overhead for me to maintain yet another account, in order to maintain yet a third account (Kapwing).
Benefits of email for me:
1. It's easier to create a throwaway temporary email account than to create a Google account. It is intentionally easier. They exist just for this purpose. Not sure if you've tried it.
2. Clicking on a confirmation link is easy for me.
>Having user's "real" identity helps with validating credit card transactions, sending follow-up receipts and confirmations, and personalizing the site.
This is where creating a separate Google account just for your site would be a negative. I'd have to set it up to forward to my email. I'd rather just get the email from you directly.
Google accounts are not really simple to create if you want to keep things separate.
I have had to create a number of separate Google accounts (for cheap tablets I do not really trust), and it seems Google randomly locks them, requires phone number verification, and does other annoying things.
Your blog post already explained why you thought this would be a good idea from your POV; I was pointing out that it's not uniformly a good idea from your customer's POV. But your reply to me was also from your perspective, not from a wide spectrum of customers'. That's a limit to growth. The friction of "simply" creating a new account on a different site in order to use yours? Forget it!
If your business runs the way you want it to then what I'm saying doesn't matter to you, and shouldn't. I don't mean this as criticism
(BTW I doubt you know about the failure rate because people who don't want to do that are most likely to silently go away without becoming customers. It's like a paywall, or those horrible splash screens that you have to click-away that try to get me to sign up before showing me the content. I simply refuse to visit those sites (I have a blacklist keystroke) so the people who deploy those antipatterns don't even know they are missing out on pageviews. Instead the collect only the positives and reason from there.)
I'm of the same mindset. I won't make a Google account just for a website login, and I won't use Facebook login for anything at all after an experience with winding up in "Facebook Jail" after they decided an image I posted "violated community standards" and then unable to log into another account I had tied to Facebook. I don't know if it was a transient issue or what, but it made me step back from using anything that required such logins.
I run my own email still, and I won't manage to get locked out of my own stuff. The same cannot be said of Google or Facebook.
[This is Julia, the OC] If you're interested, we wrote a blog post on why we included the "I don't want to pay" option and our reflection on the results. It's the first blog article on our website. Also the fact that you would call this "information rape" is kind of disgusting...The user doesn't have to give us information, can create a new Google Account if they want to, and are only asked for read-only access to their name and email. Happy International Women's Day!
This is absurd and shows that they aren't thinking from the perspective of their users (even though they have an "I really don't want to pay" option).
There are many reasons why people might want not to link everything together; in fact this is a reason why many prefer paypal (more transactional) to linking directly to their CC. This is also especially true for low-intensity sites like this one (you may see the justification for linking Tinder to your FB account, but you likely use this service much less than you use TInder!).
Secondly, and again related to low-intensity sites: why should they care about real names?