The risk is that every time every time you add incentives to use SMS auth, you increase the friction of SMS auth deprecation
-
-
There is a marginal reduction of risk on a short timescale, but there is a marginal change in lifetime of risk on a long timescale. Whether that change is a net positive introduction of risk is something I don't have the data to answer but it's something that warrants discussion
1 reply 0 retweets 0 likes -
Point taken on the intent to experiment, but in my experience this means "we are going ahead with implementing this and we are just working out the finer points"
0 replies 0 retweets 0 likes -
Replying to @fugueish @HarperMitchell
I *do* expect this to end up in production, thanks to the diligence of the team, but we did no go this route lightly. We are the first to worry about telco/opco identity provision.
1 reply 0 retweets 2 likes -
Regardless, identity in markets we care deeply about -- India, specifically, but others with many first-internet-users as well -- has swung *hard* to SMS OTP over the past 3-5 years. Many (most?) users in these markets don't have an email addr they know or care about.
1 reply 0 retweets 3 likes -
The consequence is asymmetric: the web can continue to withhold this capability (even in a form that can be an on-ramp to something better, as I believe this design is) or it can try to get to a competitive place that lows teams to bet on the web for the long haul.
2 replies 0 retweets 1 like -
Not having this is a frequently cited reason that both sign-up and transaction conversion rates suffer on the web vs. native. Given what I'm seeing about web/native usage, the counterfactual has to include "...and that's how the web died on mobile..."
1 reply 0 retweets 1 like -
So we're weighing up the risks here and saying "an imperfect web is still worth saving". I have tons of time for the dissenting view, but it was market reality that swung us -- maybe just not *your* market.
1 reply 0 retweets 1 like
And if we get the web to a place where it's handling *most* client-side computing on mobile moves to the web, we'll have the ability to move folks to a better place. Holding out for the perfect hasn't worked this far, so at one level it's at *least* worth trying the alternative.
-
-
Replying to @slightlylate @fugueish
Like I said, I am sure the engineering team has greater data on this than I, and I have used a large number of OTP backed services in India. My broader meta-concern was related to who all is represented on the body that makes these decisions regarding trade-offs.
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.