Ask HN: How to govern identity in online forums?

2 points by austinjp ↗ HN
Providers of web forums and similar: how do you "guarantee" your members are who they say they are?

How can a forum provide a trusted environment where all members can reasonably trust the identity of all other members?

I appreciate that this is not a concern for many (case in point: HN). However in some circumstances a forum moderator wants to be reasonably sure that all members use their real names, and are who they purport to be. For example: private forums serving a profession. Anonymous accounts would not be permitted, and usernames would have to reflect the user's actual name -- or their account would have to declare it to any forum member who went looking.

What is your identity verification process, and what lessons have you learned?

Obvious online providers are the ubiquitous Facebook login, however many people distrust this. LinkedIn offers an alternative, but suffers from lower uptake.

What other providers are feasible? Does anybody here use PayPal for this purpose?

There is no perfect solution -- I'm interested in experiences, workflows, and lessons learned.

This question isn't in support of draconian policies [1], it's about how to provide an online environment where identity can be trusted by all participants.

[1] http://www.computer.org/csdl/proceedings/hicss/2012/4525/00/06149194.pdf

9 comments

[ 2.9 ms ] story [ 33.1 ms ] thread
The general problem of forums is not verified ID, it's use. Verified identification isn't a natural extension of what usually makes stand alone forums useful -- corporate sponsored forums may be a little different, but even then identification stifles the exchange of ideas. To put it another way, verified identification is only a feature when that's what users want.

To me, the clear best-in-class for professional forums is the StackOverflow model -- and it isn't a forum. It's first function is utility and not socializing.

This raises the question: is there a better way to create value for your users than a forum?

Good luck.

You're quite right of course. However, assume I have no choice :)
(comment deleted)
What approaches and software are you considering?
Currently, frankly it's looking like Facebook and LinkedIn sign-in buttons. Nothing else comes close. Hence the question.
FWIW, gmail\google+ is my preferred Oauth\OpenId provider. It's neutral between personal and professional and Google knows what I am doing on the web already...
(comment deleted)
If you need a high level of trust, you can use identity verification services like BlockScore. We see it used when the cost of fraud or misrepresentation is high enough to justify the cost and hurdle of participation. The hurdle being collecting the required information from trusted users. If you want to know more, see blockscore.com.

I have also seen others like Nextdoor use address for verification. If you have a locality-based service, that is a low-cost option that will likely also weed out bad actors because a credit card with valid billing address is required.

I'd not heard of blockscore.com, thanks. In Googling for a reputable UK equivalent, I noticed that the UK government has decided to roll its own solution "Verify" for its online services [0] previously mentioned on HN [1]

I'd considered postal addresses, similarly to how Google sends (used to send?) codes on postcards to verify ownership of addresses in Maps. Obvious problems with this are (1) time; and (2) it verifies access to a location rather than identity.

A valid credit card, verified with a micropayment a la PayPal, might be a potential way forward. But charging people obviously puts them off, even if it's a token amount.

[0] https://www.gov.uk/government/publications/introducing-govuk...

[1] https://news.ycombinator.com/item?id=10716104

(Edit for clarity.)