Much has been written about facebook Connect (and Google Friend connect) recently and some seem to like it quite a lot and talk about a win-win situation for facebook and third parties using it.
But is it really one?
Is it a win for the user?
Well, that depends. Of course the user does not need yet another account, the old promise of Microsoft Passport and of course OpenID. So that is in itself a good thing. But putting this into the hand of only one party is certainly not good. Especially as you also put all your data into the hand of this one party and under it’s TOS.
Because it’s not you then who decides what happens to your data, it’s them!
So having a choice would be much more preferable.
Is it a win for facebook?
If many people start to use facebook connect it certainly is a win. It does mean:
- more data about users
- more relevance for the site because of that
- more control about user’s data
- more incentive to create a facebook account
- better market position because of additional users and data
Is it a win for third parties?
There are several possible advantages:
- facebook provides “real identities”
- users bring their social graph
- possible ways of reaching new users because of posted stories on a user’s activity stream
- ease of login to the site might mean more users
But is all that really a win and what are the drawbacks?
Why it isn’t a win for third parties
First of all the claim of “real identities” might be correct in theory, the practice looks different though. People give fake data and make up special identities and IMHO rightly so. The TOS forbids that but enforcing it is a different matter. It might even create bad press.
Then there are various further reasons all based on the fact that putting such services into the hand of just one supplier is nearly always a problem:
- the reputation of your site is at least partly bound to facebook. If they have bad press, having a facebook login might not be seen as a good thing anymore. Esp. if it’s bad press around facebook connect (remember Beacon?)
- if the facebook connect is going to be successful and lots of users use it, facebook is in a good position to dictate rules on third parties. Right now they “only” dictate how you show the facebook connect button, in the future it could be more. It depends how important facebook connect is going to be.
- if facebook is not available for whatever reason (like an attack or their own mistake) maybe many of your users cannot login and use your site. So facebook connect can directly affect your own page impressions.
- If you later decide to remove facebook connect from your site (or they shut it down themselves) you suddenly lose lots of your users depending on how successful this is.
All these reasons against using facebook connect can be alleviated by using a decentralized approach where one service going down does not mean losing the maybe majority of your users. One OpenID provider going down might not mean the complete loss of users esp. if you enable them to provide an additional provider.
You also give users more choice and you have a more future proof setup. Services (and their popularity) come and go, standards OTOH do that on a less frequent basis.
The same btw is true for Google Friend Connect. It’s nice that they use a standard for those widgets but nevertheless all data goes to Google and you as a user cannot choose. Neither can you as a third party (afaik, I still need to read the specs in detail).