PromoStandards Webinar: Authentication Best Practices

Insights from the video:

💡 The webinar focuses on authentication best practices, addressing common questions and barriers related to credentialing and getting started.

🌟 "Digital transformation collaboration. That's really what we do if you are itching to get connected within the technology community in the industry."

🕵️‍♂️ Members of PromoStandards have access to the member directory, allowing them to skip the sales cycle and directly contact the technical people who can sign their credentials.

📝 PromoStandards aims to streamline the communication process and ensure that users can quickly reach the right person who can provide them with the necessary credentials, without directly storing or handling the credentials themselves.

🔄 Using promo standards mechanisms for credentialing can be a highly effective way to ensure accurate and up-to-date contact information, improving the success rate of matchmaking.

🚫 "Using the same set of credentials for all services is not a good practice for authentication."

🔐 Passwords should be mandatory for better security measures, rather than being optional.

🔒 Verifying trust and identity in the relationship between suppliers, distributors, and sales reps is a crucial challenge in authentication.

Summary

TLDR: PromoStandards offers solutions for obtaining and managing authentication credentials in the promo standards industry to improve customer experience and streamline the process of data exchange.

1. 00:00 📚 PromoStandards webinar discusses best practices for authentication, focusing on obtaining and storing credentials to improve customer experience and execute digital strategies in the industry.

   1.1 Today's webinar discusses the best practices for authentication, specifically focusing on the process of obtaining and storing credentials.

   1.2 PromoStandards collaborates to create open standards that improve customer experience, reduce transactional friction, and effectively execute digital strategies in the industry.

2. 01:59 📅 The speaker discusses the upcoming Tech Summit in Tampa, highlighting the importance of digital transformation and collaboration within the technology community, and mentions a recent email regarding core values and inclusion.

   2.1 The speaker discusses an upcoming event in Tampa, the Tech Summit, and highlights the importance of digital transformation and collaboration within the technology community, while also mentioning a recent email regarding core values and inclusion.

   2.2 The schedule for the event has been updated, with the hackathon being moved to a virtual format and the tech summit being shifted to Sunday night to Tuesday morning, allowing for an extra party.

   2.3 After the education summits, there will be opportunities to get involved with promo standards through a tech volunteer event and open committee meetings.

   2.4 The keynote speaker for the tech summit will be Andrew Larson, the director of data science at Fox Corporation, who will discuss how organizations in the industry can utilize basic and advanced data science tools and prepare for data science in the future.

   2.5 The speaker discusses the sponsorship of the event and their excitement for presenting on promo standards in 2015.

3. 07:09 🔑 Obtaining and managing authentication credentials in the promo standards industry can be challenging, but PromoStandards offers a solution by allowing members to directly contact technical personnel for credentials, bypassing the sales cycle.

   3.1 The video discusses the challenges of authentication in a peer-to-peer many-to-many architecture and explores best practices for addressing these challenges.

   3.2 Every request in the promo standards requires an id and a password, and it is recommended to require a password for authentication.

   3.3 The authentication landscape in the promo standards industry involves suppliers handing out credentials, distributors acquiring and storing credentials, and service providers connecting thousands of distributors to suppliers, resulting in a problem of acquiring large numbers of credentials.

   3.4 Members of PromoStandards can log into the website and access the member directory to directly contact technical personnel for authentication credentials, bypassing the sales cycle.

   3.5 Getting credentials for distributor pool emails, content forms, portals, and excel lists can be a constant headache, even though standards provide great access to operations and customer experiences.

4. 12:10 🔑 Suppliers and service buyers should handle their own credentials, including industry identifiers, to streamline the process of obtaining credentials and ensure legitimacy, using PromoStandards mechanisms for success.

   4.1 To access credentials from PromoStandards, go to the PromoStandards endpoint listing where you can find a directory of suppliers, their production and development endpoints, and contact information.

   4.2 Suppliers and service buyers should handle different credentials internally and not burden others with storing multiple credentials, and PromoStandards aims to streamline the communication process for obtaining credentials without directly providing them.

   4.3 Including industry identifiers such as asi number, ppai number, and ppc number in your credentials makes it easier for someone to assign them to you and shows that you are a legitimate player in the industry, generating two emails - one for the supplier side and one for the organization.

   4.4 Use promo standards mechanisms for the highest rate of success in credentialing by ensuring email confirmation and providing contact information for organizations.

5. 16:16 🔒 Use complex passwords, handle access per endpoint, keep credentials in sync, communicate clearly, and use secure credential exchange methods to ensure secure authentication and data exchange in vendor agreements with promo standards.

   5.1 Use complex passwords and avoid using the same credentials for all services to ensure secure authentication.

   5.2 Handle access per endpoint on your side, respond quickly to financial requests, and contact Jessica if there are any issues with receiving emails.

   5.3 Ensure that credentials are added and kept in sync for both the production and development environments, and don't assume that everyone will accept your credentials.

   5.4 Ensure clear communication and exchange of data by providing quick start documents, contact information, preferred practices, and data exchange frequency, and use the built-in credential request tools to obtain account numbers from suppliers.

   5.5 Having an account number as a field in the system helps verify usernames and prevents multiple accounts, while strong passwords should be mandatory for better security.

   5.6 Send a document with your onboarding expectations and use a portal for credentialing to ensure secure exchange of credentials, as vendor agreements with promo standards often include a form for entering credentials.

6. 22:28 🔒 Suppliers expect proof of representation, so organizations should stay on top of supplier partners, require credentials, verify legitimacy, use unique credentials for each supplier-distributor combo, and manage credentials efficiently to ensure proper authentication.

   6.1 Suppliers expect organizations to provide proof of representation, and it is recommended to stay on top of supplier partners and follow up to integrate with them effectively.

   6.2 Ensure that you have the legal authority to represent distributors and have agreements in place or require distributors to input their credentials into your system to protect against unauthorized data sharing.

   6.3 Verify the legitimacy of companies requesting data by requesting their full address, a purchase order (PO) number, and the last PO amount for quick cross-referencing.

   6.4 Get a generic account for basic data, but unique credentials are needed for each supplier-distributor combo, and it is widely adopted to put the responsibility on the supplier to build a portal or push mechanism.

   6.5 Send an excel file with authentication information to the supplier community to efficiently manage credentials and ensure authentication game is in order.

   6.6 Ensure that you have properly credentialed your distributor partners by logging in and checking if you are using these people.

7. 28:24 🔑 The industry is not using OAuth and single sign-on due to non-technical reasons, but PromoStandards is working on third-party solutions to address the trust problem and reduce friction in the standards process.

   7.1 OAuth and single sign-on (SSO) are not being used in the industry due to non-technical reasons, despite the ease of setting up an OAuth server.

   7.2 The identity and trust problem between suppliers and distributors is being addressed by a work group in PromoStandards, which is exploring third-party solutions to verify and establish initial trust without directly handling usernames and passwords.

   7.3 Reduce transactional friction in the standards process by exploring an oauth solution for better credentialing, ensuring it is the right one and will be adopted, as previous authentication services had low adoption due to complexities, with an update to be provided at the end of the year, and being aggressive in responding to credential requests for successful onboarding.

8. 31:31 👉 Promo series becomes more powerful in your organization, making it easier to work with, and there will be a tech summit next month with a panel discussing the content and how to maximize your experience at the event.