BYOI (bring your own identity)

BYOI (bring your own identity) is an approach to digital authentication in which an end user's username and password is managed by a third party.

BYOI is increasingly being used for website authentication. Instead of requiring visitors to create a new username and password during the registration process, the website allows visitors to use their existing social identities such as Facebook, Twitter, LinkedIn, Google+ or Amazon to log in. Although this approach provides site visitors with single sign-on capabilities, some site visitors worry they will be trading convenience for privacy, so most websites make BYOI an option -- not a requirement. Also known as the consumerization of identity, BYOI is a byproduct of IT consumerization, the blending of personal and business use of technology devices and applications.

With the growing acceptance of cloud-based services, it is becoming less important where an identity access management (IAM) system actually resides. Proponents of BYOI maintain that traditional identity provisioning is no longer necessary and allowing a third party to assume the security, privacy and compliance burdens associated with IAM reduces administrative overhead, simplifies data management and lowers storage costs. Adversaries warn that BYOI has too many risks, including the potential for compromised identities and identity theft.

In the enterprise, BYOI may be called identity as a service (IDaaS). IDaaS for the enterprise is typically purchased as a subscription-based managed service that provides subscribers with role-based access to specific applications or virtualized desktops through a secure portal.

BYOI may also be called social sign-on or federated authentication.  It may also be spelled BYO-ID.