By Cory Huff | Posted on July 27, 2012
Social login is a deceptively tricky piece of technology to implement, and nearly everyone makes at least one of these mistakes in their registration process. A mistake in registration can make a huge difference in the number of email opt-ins you receive or the number of sales you make. If your business depends on knowing something personal about your customers, then you want to make sure you get registration right.
Certain identity providers are also better suited for some verticals. PayPal, for example, is a preferred provider for the retail sector – especially since PayPal’s OAuth passes a confirmed shipping address which can be used to pre-populate registration forms.
I recommend offering four to six social login providers. This gives users a choice, but not so many that they will get frustrated and abandon your site. Janrain provides guidance to customers on which providers they should use when they are deploying our Engage social login product by looking at the target audience to see which identity providers they use most.
I’ve seen many sites where they have social login on the main registration page, but not on other registration pages. They might have it on a “Log In” page, but not on Registration/Account Creation, or the other way around. Careful planning of the registration experience will prevent mistakes like this.
One suggestion is to make all registration and sign in links call the same page on your site. AMC Networks is a good example of this. Whether you sign in to comment, to watch a video, or to enter a contest, they launch a modal overlay that shows the same login screen. This means they only have to design one screen and one registration process.
This might seem incredible to you, but I have seen this happen on dozens of websites. You go through a social login flow, and then you are forced to choose a username and fill out a long set of forms. The promise of Oauth/OpenID was that people wouldn’t have to remember new usernames or fill out more forms just to get into a website. The developer community built this technology for this very purpose.
At the very least, the data that comes across from the identity providers and social networks should pre-populate the forms in your registration flow. The best scenario, the one that converts the most registered users, is creating the account in your database with simply the name and email address, and then asking the user to fill out more data in their profile. This way you at least have the user’s contact information if they drop out of the registration process. You can then run a campaign to get users to add more data to their profile if necessary.
MTV has done a good of this with their registration process. They create profiles upon social login, and even use follower data to show you who else you are friends with on the page.
In a variation of the above problem, many companies offer social login, but then fail to utilize the data that comes across. Some providers (especially Facebook, PayPal, Google and LinkedIn) offer a tremendous amount of useful, insightful data. With the right permissions, you can find out a tremendous amount of information about your user.
Obviously you don’t want to ask for data that is completely irrelevant to your business – but there is a tremendous amount of data that is relevant. Being able to segment your market by music preferences, professional experience, favorite books, or who they follow on Twitter could all be very useful ways to create personalized messages and experiences.
A common challenge that I’ve seen is that while many marketers would love to take advantage of this kind of segmentation, they were not quite sure how to make all of the data work together in a seamless way. It requires some technology investment to store the data and make it accessible to marketing automation systems. This need is what gave rise to Janrain’s Capture product.
Security is important. You want users to know that their data is safe, and you also need to prevent spammers from taking over your database. Social login was designed with this issue in mind. When you allow someone to log in to your site with an Oauth/OpenID process, you are essentially importing already validated data. If the Facebooks and Googles of the world think this data is good enough to pass along, the chances are very good that the data is correct.
Because of this, there’s no need to force a user to create and remember a new password. Our research shows that 88% of people who are forced to create a new password abandon the site. If you are really concerned about someone coming back to your site at a later date and trying to sign in with their email instead of social login (this doesn’t happen very often), you can store a random string of letters in your database and prompt the user to reset their password.
Another common practice to ask users to click a confirmation link before their account is completed. This is also unnecessary with social login. Confirmation links exist to validate real humans – which you’ve already done with social login.
Oauth and OpenID were developed as a way to make life easier for developers and for website visitors. These deceptively simple technologies address questions that can be very complex – how do we get more people signed up for X and how do we find out more about them? As Big Data becomes more and more of a focus for marketers, social login will only become more important.
Obviously these mistakes aren’t the only ones that are made. In addition to pioneering the technology that makes social login possible, Janrain offers strategy services for our clients to help them be successful. We are happy to talk to anyone about how to succeed with social login and social data.
What questions do you have about implementing social login and managing social data?
How to tell if your identity management is ready for the new data protection regulations…
We just released the latest member of the Janrain product family: Janrain Advanced Policy Manager…
Janrain Information Security Manager, Lisa Nicholson, shares her thoughts on why CSA Level 2 and…