Single sign-on access: a more user-centric vision

The user experience for accessing scholarly content should be as simple and frictionless, says Richard Padley

According to a survey reported recently in this magazine users of academic libraries see access ‘from anywhere – on any device’ as their ‘most important’ consideration. We know that use of mobile devices is increasing on campus (it doubled at the University of Sussex last year), and that institutional librarians are having to polish up their BYOD (bring your own device) policies. Meanwhile, the publisher sites we maintain at Semantico are seeing rising rates of mobile usage – in certain cases as high as 38 per cent.

This is all part of a general trend for computing to become more personal, more portable, and to escape the shackles of the desktop. And yet the world of scholarly publishing seems stuck in an anachronistic desktop-centric model, making for an increasingly clunky user experience, especially for those accessing publisher content on mobile devices outside the walls of their institutions.

There is a design issue here, certainly; but while publishers are by and large getting the message on the necessity to optimise their sites for mobile viewing, the access question goes largely ignored – and it is in many ways a more critical one. To put it baldly, access management for remote users of subscription content – i.e. users who have strayed outside the walls of their institution – is, from the user’s point of view, antediluvian.  

Access and the user journey
To illustrate this, let’s look at a typical user journey.

You are a researcher, working not in your university library, but in a coffee shop in the nearby town where you live. You have looked up a topic on Google Scholar, and found some papers that are interesting for your particular line of enquiry. As you click through these links you are faced with a variety of different ways to authenticate yourself and log on to different publisher systems, in order to prove that you have the right to access content subscribed to by your institution.  

You face a fragmented experience. You will have multiple user journeys as you negotiate a panoply of different login procedures, some of which will require you to go back to the website of your institution, to log in in there, and then to follow another link and effectively retrace your steps back to the original site. This is effectively a very disconnected user experience, especially compared to what we generally experience in the consumer market. And when you throw in the added complication that every site uses different terminology …

So imagine that, sitting there in you coffee shop, you get so tired of this incredibly tortuous process, that you decide to get in some early Christmas shopping instead and buy, say, a waffle iron for your mother. Instantly your path is smoothed. Though you might not have been to this particular site before, you are offered the ability to log in using your Google or Facebook identity. Everything is managed at the same site, and takes you no more than a couple of clicks. A big bonus is that you don’t have to enter your password to register on this new site.

My argument is that the user experience for accessing scholarly content should be as simple and frictionless as that. In fact, you could go a bit further and say it is my vision.

And the slightly sad thing, as far as our market goes, is that it is not a gleaming-city-somewhere-over-the-hill type of vision but a practical and present reality. This frictionless type of access management is available with existing technology. It is the vision behind SAMS Sigma, the latest version of our market-leading access management system, SAMS – and it’s coming to a coffee shop near you very soon.

What strikes me as slightly strange about our industry is the lack of focus on this problem. Commercial access management systems, by and large, tend to focus on individual publisher silos: no-one is looking at enabling single sign-on across multiple publisher sites, much as their users and institutional customers might want that.

What single sign-on is not

Perhaps I should make it clear what I mean by ‘single sign-on’ – since the term has been taken to mean various different things at different times – and also what I specifically do not mean by it.

IP address recognition has been called single sign-on. This is where on-campus users have their IP addresses recognized by multiple publisher systems, giving those users access to their subscription content. It was a convenient method that worked very well in the past, but there is a very good reason why it is starting to run out of steam, which is the trend towards greater mobility and more personal computing that I mentioned at the beginning of this article. All of your users are not on campus anymore, and more importantly, from the point of view of publishers’ businesses, all of the growth is not coming from on-campus systems, but from outside the institution’s network.

Shibboleth was an early attempt to solve the problem, but it is now old technology. The user experience is poor –  requiring users to pick their institution from a drop-down list in the hundreds and potentially repeat the log-in procedure for each new publisher site. As a consequence, adoption of Shibboleth has not been widespread in the important US market.

What I mean by single sign-on is a system where you sign on once, and can access all your publisher subscribed content without having to sign on again – whether you happen to be on or off campus, and regardless of which publisher site you want to access.

Benefits of single sign-on
The benefits to the user of removing friction from the log-in process like this are obvious: we all need less friction in our lives. An equally obvious benefit to publishers flows from this – greater usage, fewer turnaways and higher renewals – because all those users who were abandoning their search for content (and I’m sorry, but it does happen, especially on mobile) are no longer doing so. Build a better infrastructure and your usage improves.

All our analytics support the slightly hoary cliché – if you build it, they will come.

A perhaps less immediately apparent benefit it gives publishers is the ability to build a relationship with the individual user, in a way that they couldn’t do before. And then, in the particular case of SAMS Sigma, there is the wealth of analytical data publishers and their institutional customers benefit from, providing actionable insights in identifying relationships between users and content.

This new frictionless access process must not be purchased at the cost of decreased security. The security protocol we have used in building SAMS Sigma, OpenID Connect, is used by Google and many others and represents the flagship standard in online security. Security permeates the entire design of SAMS Sigma, and is not something added as an additional layer on the top.

Keeping the complications in the background
It could be objected that the access situation is inherently more difficult in the case of publisher content, and this is why publishers have been slow to move towards single sign-on.

It is not simply a case of connecting a user with a content provider, as in the consumer context – there are also potentially multiple institutional identities to factor in. The publisher sells subscription content to a librarian, who provides access to content under multiple subscriptions for researchers and students, who log in to that content via an access system provided by the publisher.

However, though this might have been a drawback in the past, the technology building blocks to make the connection happen seamlessly in the background are now in place. We are living in a world of open APIs, shared stacks and cloud computing. Integration is king.

It is simply not necessary to expose users to the complications of the situation going on in the background when they make a connection to subscription content, and the benefits for all concerned of taking the friction out of this are surely worth the candle.

Embracing a more user-centric vision
Ultimately, single sign-on represents a more customer-centred, a more user-centric view of access management. The user always owns his or her, own identity.

It is perhaps the necessity of making this shift in perception that has held publishers back from embracing a vision of single sign-on. The world is changing, and user expectations have changed too. Scholarly communication is a very special field of human endeavour, but it cannot afford to isolate itself too much from the mainstream of how information is discovered, accessed and used.

Neither can we safely assume that scholars enjoy a little difficulty – that they are energised by having barriers placed in their way. There are plenty of new, born-on-the web competitors and start-ups ready and willing to disrupt those who fall into such cozy assumptions.

Richard Padley is chairman and chief executive officer of Semantico