Consumer Trust in the Web Isn't for Sale

We all know by now that Microsoft (Nasdaq: MSFT) (Nasdaq: MSFT) is prone to tyrannical bouts of imperialism. A few cursory wrist slaps from the Feds won't change that.

But the software Goliath's latest bid for world domination defies logic. Veiled as a holiday promotion for its .NET Passport service, Microsoft is trying to purchase consumer trust en masse.

Through December 20th, shoppers who use Passport Express Purchase will receive a US$20 kickback for each $100 spent, for up to a maximum of $100 in rebates.

What Microsoft fails to realize is that consumer trust is a fragile and invaluable entity, and not a commodity to be bought and sold.

Personal Goals

The .NET Passport represents Microsoft's early stab at controlling the next phase of e-commerce. It is a centralized user authentication system -- or single sign-on -- that stores personal profile information to be shared with multiple online merchants.

The next generation of e-commerce, say analysts and vendors, will subsist on a network of deeply integrated, distributed software applications, whereby consumers will conduct sequences of related transactions with multiple merchants.

This post-Web world has earned such buzz words as X Internet, Web services, meta-services, peer-to-peer, and federated commerce.

Regardless of its industry-ordained moniker, this new boundary-blurring form of e-commerce will place unprecedented demands on consumer trust. User information will be managed and shared in ways yet to be fully defined.

Hide or Confide?

Microsoft wants to function as the gatekeeper to this brave new world, by serving as the main repository for user profile information. Its .NET Passport is step one toward this goal.

To take advantage of Passport Express Purchase, users must hand over credit card and billing address information. When making a purchase at any of some 75 partner sites, Passport users can pay the merchant with their "wallet," without re-entering payment information.

There's just one small problem. You have to bring yourself to trust Microsoft with your credit card number. How has Microsoft chosen to earn this trust?

Rebate checks.

In Rebates They Trust

Heads up, Mr. Gates: Consumers won't bite. According to Jupiter Media Metrix, 36 percent of online consumers do not trust any single company to store their personal data, let alone trust Microsoft to do so across the board.

In fact, just 3 percent would trust Microsoft with their identities, Jupiter said. Will $100 in rebates win over the other 97 percent? Not a chance.

Especially not with Microsoft's less-than-stellar track record in the areas of security and privacy.

Checkered Past

Does Microsoft expect us to conveniently forget the major security glitch exposed in Passport just over a month ago? A well-meaning engineer discovered that Hotmail users' financial data stored in their Passports could be picked clean by enterprising hackers.

One-time growing pain? Not so. Microsoft's security woes run deep.

How about the breach in Internet Explorer, also discovered in November? User cookie files were laid bare for intruders to pilfer credit card numbers, usernames and passwords. What's worse, Microsoft apparently lied about when it first learned of the software flaw.

Time and again, Microsoft proves that it lives by market share, at the expense of user privacy. The company cannot erase this reputation by offering a token handout to consumers.

Liberty for All

If not Microsoft, then who? Who deserves to win the battle of trust?

While it's clear that next-generation e-commerce depends on the secure storage and transmission of consumer profile data, it's far from clear how this will be administered.

My hopes are high for the Liberty Alliance Project, founded in September by Sun Microsystems (Nasdaq: SUNW) and backed by trusted financial institutions like Bank of America (NYSE: BAC) and American Express (NYSE: AXP).

Still young and very secretive, the Liberty Alliance is a consortium of companies touting a "federated solution" to the online identity crisis. The group posits that a person's online identity should be administered only by the user, decentrally authenticated, and securely shared with organizations chosen by the user.

Can't Beat 'Em

At this early stage, the Alliance is long on theory and short on practice. But a federation of trading partners, in whose collective interest it is to maintain user privacy, stands to earn a greater share of consumer trust than a single company with purely capitalistic intentions.

In fact, Microsoft's best chance of regaining consumer trust may be to join the Liberty Alliance.

Short-sighted incentive offers won't do the trick.

What do you think? Let's talk about it.