Originally advertised as “Project Verification” in 2018, ZenKey was intended to be a single sign-on system, similar to the Google or Apple button sign-in you see on various websites. The idea was that each operator would offer an app that could verify his identity, then act as a pass each time he logged into a supported website or made something like a bank transfer. In theory, it could be more secure because it used data from your SIM card and location to make sure it was really you trying to log in.
However, it doesn’t seem like ZenKey has gotten very far, and now it’s all but gone. LightReading reports that the website is down, AT&T stopped supporting him last year, and the “ZenKey powered by Verizon” app is no longer available in app stores (at least in the US). T-Mobile’s website appears to have almost no reference to the system as far as Google can find, although there is a mid-2020 article about your business site mentioning you.
For those familiar with the history of multi-carrier joint ventures, this result is not necessarily a surprise. LightReading called it when the service was announced in 2019, running holder “Meet ZenKey: The Doomed Single Sign-On Service From Telcos.” the edgeDieter Bohn called ZenKey “the right idea from the wrong companies” when writing about the Inter-Carrier Messaging Initiative that tried to replace SMS with the then-burgeoning RCS. He based his opinion on previous products like SoftCard, which was intended to compete with Google Wallet and Apple Pay. (It was just as successful as CCMI, which is to say it wasn’t successful at all, although it probably didn’t help that when it launched in 2013 it was called “ISIS,” a name that was about to disappear.) means something very bad to many people).
In the end, the usefulness of a service like ZenKey will depend on how much third-party support you get; even if your app is great, most people won’t bother with it if they can just use it to login. at three or four sites. And why would developers add ZenKey to their sites when there are other options like Google, Apple, Amazon, and Meta, who have their own single sign-on solution with accounts people already use? They are also likely to have much better brand recognition when a user lands on a login page.
Case in point: Here are all the sites and apps that ran on ZenKey in July 2022, according to a Wayback Machine file from his now defunct website:
A press release end of 2020 He mentions that other companies like Proctorio and DocuSign had “plans to test or go live” with support for the service, but it sounds like that didn’t exactly work out.
Even if cell phone carriers (unsurprisingly) couldn’t get rid of passwords, I hope they’ll eventually become a thing of the past. But getting rid of them will require a much greater effort from a much larger group; maybe access keys, a FIDO-powered passwordless authentication system powered by Apple, Google, Microsoft and the like, will end up being the thing. But unless it’s widely adopted (which isn’t exactly certain), we’re likely to be stuck with the patchwork of successful single sign-on options, password managers, and scattered sticky notes that we know we shouldn’t use, but do. we do anyway. .
