Adobe Supports OpenID RISC Integration with Google Social Authentication

by Chris Parkerson

Posted on 02-05-2019

Today is Safer Internet Day, and the slogan is, “together for a better Internet,” calling for stakeholders to join forces and help create a safer Internet. Thus, we wanted to share the details on our recent efforts with Google. Adobe and Google are working together to develop and implement the OpenID Risk and Incident Sharing and Coordination (RISC) specifications to help protect our users. One of the key objectives of the OpenID RISC working group is to develop standards designed to protect third-party accounts (such as Google Social authentication) when they are used to sign-in to other services (also known as “social sign-on” or “SSO”).

Adobe supports multiple third-party SSO authentication methods through its identity management services, including Google Social authentication, for several of its products, including Adobe Creative Cloud.

This collaboration enables sharing of real-time security notifications that can help proactively protect Adobe user data if another SSO provider, like Google, experiences a security incident impacting their user accounts. This enablement is just one example of the ongoing efforts Adobe is undertaking with our industry partners and the broader security community to better protect Adobe users and their data.

Prior to this effort, if a third-party account, such as a Google Social account, was in jeopardy, all services that permitted users access using that third party SSO credential could be vulnerable until they were notified by the third-party providers. Open ID RISC is a standards-based effort that aims to reduce this risk by providing connected services (like Adobe) with immediate notifications from third-party SSO providers about compromised accounts. This helps companies, like Adobe, to quickly address the reported issue and secure its users accounts and data.

In support of OpenID RISC, Adobe updated its SSO authentication integration to enable real-time notifications from Google Social authentication services–demonstrating its commitment to enhanced user account protection efforts. With this integration, Adobe receives notifications of major changes to Google accounts (e.g. session revokes, account disabled, etc.) and acts to secure the user’s account (e.g. ending currently open sessions).

Adobe is committed to continuing its work with the OpenID RISC working group on this standard and promoting it as a solution for more secure integration with third-party identity providers. Adobe’s work with our industry partners, like Google, helps us provide a more seamless user experience while helping protect our user’s accounts as part of our continuous efforts to improve the overall security of our products and services.

John Trammel
Principal Scientist, Identity Services

Cristian Aurel Opincaru
Manager, Software Development, Identity Services

Topics: Security, Community, Ongoing Research