The user experience must train users to look for the Information Card
sign-in, but not handle it in such a way that it would seem to be unwieldy or irritating.
With the recent introduction of Information Cards, RPs not only have to add the
support for accepting them, but they must also convince users of the bene?¬?ts
and convenience of using them. Although it certainly is the RP??™s choice to teach
the user or not, the long-term reciprocal bene?¬?ts of using Information Cards
(faster sign-up, lower drop-off, identity federation) to authenticate to the website
should encourage sites to opt for the ???path of enlightenment.???
Signing in should
be fast and simple
286 Guidance for a Relying Party
an account. The particulars of the token are matched against the
local database; if a match is found, the user is signed in. In the
case of many websites, this involves setting an authentication
cookie??”which should still be done??”and the client is then directed
to the appropriate page.
Handling the Unknown Card
Until Information Card adoption becomes commonplace, the
most likely scenario is that the user will not have previously
registered his card with the website. In the event that the card is
not recognized, the user should then be prompted as to what he
wants to do, by way of being directed to a new web page (see
Figure 5-7).
Pages:
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420