Give me less privileged accounts!
I’m quite sure this has happened to you: You are surfing along. You find that your favorite blogger/website links to a cool new social network/application/utility and you sign up/download it. Then it starts asking you for your Google/Yahoo/Bank/Credit Card/etc account information. If you are like me, that’s when you stop, back away, and just say NO. It’s not that I don’t trust the developers of these services… Oh, wait, that’s exactly the problem – I don’t trust them. I don’t trust them to keep the information to themselves; I don’t trust them to ensure that each and every employee who has access to the info is a fine, upstanding person who won’t run off with it; I don’t trust them to have super-bullet-proof systems that keep everyone else from getting ahold of my keys. To me, it’s just not worth the risk.
I do wish I could give them my account info. I miss out on a lot of potentially neat features by not feeling comfortable doing this. For instance, I was reading up on a new iPhone application today called A Personal Assistant. (review) This app, despite its current rough edges, actually seems like a good idea. It’s essentially a dashboard for all one’s important accounts – banks, credit cards, airlines, social networks (if those are, indeed, somehow important) and more. A one-stop shop for the information that is probably a good idea to keep tabs on, or that you at least want to check quickly. But, of course, to access all this info you have to turn your keys over to the developer. Nuh-uh.
What I want: for each and every site that I can log into that in some way provides or contains personal information about me I should be able to create an alternate account (or accounts) which has basic read-only and, preferably, customizable rights. For instance, an account that can see my current minute and dollar balance for my cell phone, one that can read the basic contact info from my Google account, one that can see my current flight schedules on NWA.com, one that can see my order status and tracking info at Amazon, etc. But none of these accounts would be able to change anything or see any sensitive data that I didn’t want them to see. So, sure, I may be giving someone the ability to see that I currently owe $60 on my cell phone bill and that I’m nearly out of minutes, but that person would not be able to change my plan, order a new phone, or even see my call details. And I should be able to do this absolutely everywhere it makes any sense at all.
Software agents are just going to keep getting more and more prevalent in our society – whether they take the form of Dashboard widgets, iPhone applications, or even web site aggregators, they are here to stay. More sites need to start offering data access in a way that enables this functionality without compromising the security of their site or their users.
(Props to the few sites out there with a robust API for read-only access. It’s a start.)