Please Approve Account Access for "them"

Twinsen

T
I was thinking about buying some DLC from the Gamestore. I logged into my account without issue. I clicked on DLC and was presented with this request:

Please Approve Account Access for Elite
:unsure:
Er-- okay. I don't understand why I would need to approve anything. I bought DLC before but it was a long time ago. Anyway, I approved it and went ahead with trying to buy something. I needed to get "ARX". Okay. I clicked on "Buy now". I had to log in separately to the "arx" site (!) and once again, I got:

Please Approve Account Access for Elite
:cautious:

I stumbled on another page/site that once again required logging in and also asked for approval:

Please Approve Account Access for Factions
o_O

Why do I need to make all these approvals? Isn't this Frontier's website?

These approval messages are also a bit vague. Each starts with "They will have access to the following", followed by a list of information. Who is "they"? Frontier? Frontier already have everything in these lists that is relevant in my case.

I just wanted to buy some DLC with my account. I assume the answer is going to be that I surrender all my information to "them" :p but I would be grateful if someone can explain.
 

Ian Doncaster

Ian Doncaster
Frontier have implemented a single-sign-on system, which is used for authentication on both their internal sites and to allow 3rd-party tools to verify CMDR identity and retrieve information from Frontier servers on the CMDR's behalf.

Sensibly, for the purpose of 3rd-party tools, it lets you know what information the 3rd-party tool (website or desktop) will get access to.

Unfortunately:
- their internal authentications have the same approval requirements when - as you've figured out - it's just Frontier passing information from one of their own services to another, so you end up needing to "sign on" multiple times in the "single sign on" process.
- their information set ups for 3rd-party tools require the 3rd-party tools to request a bunch of information that they neither need nor want, so you then just have to trust that the 3rd-party tool correctly discards it all, which means you're less likely to approve it than you would be if they actually just gave access to the info the 3rd-party tool actually wanted

It needs a bit of work.
 

Twinsen

T
Ian Doncaster said:
Unfortunately:
- their internal authentications have the same approval requirements when - as you've figured out - it's just Frontier passing information from one of their own services to another, so you end up needing to "sign on" multiple times in the "single sign on" process.
- their information set ups for 3rd-party tools require the 3rd-party tools to request a bunch of information that they neither need nor want, so you then just have to trust that the 3rd-party tool correctly discards it all, which means you're less likely to approve it than you would be if they actually just gave access to the info the 3rd-party tool actually wanted

It needs a bit of work.
Click to expand...
Thank you, Ian. So, I can assume that "Factions" is just part of Frontier (as "Elite" must be)?

It's too bad it makes the 3rd-parties request all that information. That makes everything more difficult. They can get into trouble several ways, such as data breaches, mishandling the information or not deleting it properly. As you point out, it will also mean that many people are less likely to approve it.

The single sign-on idea does sound sensible but this implementation certainly needs work.
 
You must log in or register to reply here.
Back
Top Bottom