Use of computers in daily life has become ubiquitous, such as to enable users to access and use a variety of types of remote services over the Internet (e.g., via Web sites) or via other access mechanisms (e.g., cellphone networks). For example, some such services may provide various types of information (e.g., current news or reference material), while others may provide a variety of types of activities and capabilities (e.g., online banking, online shopping, email or other messaging services, etc.). While some services may provide information and capabilities to anyone, many others are restricted to authorized users, such as to protect the privacy of user information by making it available only to authorized users (e.g., to require a user to login to a email service before making the user's email available), to manage user data used for the activities being performed (e.g., for an online merchant to store financial and shipping information for a user to facilitate the user's shopping, such as part of an account maintained for the user), and to ensure that users have provided appropriate payment or satisfied other conditions for use of the service.
In order to be able to sign on (or “logon” or “login”) to a service to demonstrate authorization to access restricted information or functionality, users must typically first register with the service and obtain appropriate sign-on information (e.g., a username and password) unique to that service. However, as such services proliferate that each have unique sign on information, users are inconveniently forced to remember numerous distinct sets of sign-on information for different Internet sites. In addition, many operators of Internet sites and other providers of such services would prefer to be relieved of the burden of providing functionality to enable such sign on of user and to maintain user sign-on and other authentication data.
In an attempt to address these situations, single sign-on systems have been created in which a user creates a single set of sign-on information that enables access to a group of multiple affiliated services or systems. Unfortunately, current single sign-on systems have a variety of problems. For example, many operators of services are reluctant to use sign-on functionality provided by another operator. This reluctance may be due to a lack of consistency in the users' experience when interacting with the sign-on system (e.g., due to a lack of consistent branding or other consistent appearance and functionality), because available sign-on systems may not provide functionality that is desired, etc. In addition, service operators and users may have concerns regarding security, such as fears that imposters may be able to impersonate a user or service operator in interactions with the single sign-on system and thus improperly obtain access to restricted information or functionality.
Thus, it would be beneficial to provide techniques to improve single sign-on services and to provide other benefits.