... that WAYF secures its data traffic using hardware cryptography? Learn more here.

• WAYF at the technical level is an empty pipe between institutional user databases and login systems on the one side, and external web services on the other – there are no user data residing in WAYF.

• With WAYF, you log in at your academic institution in order to gain access to a restricted web service outside of the institution's own login system — as indicated on the above figure and detailed here.

• WAYF makes it easy for an institution to share a restricted web service with other institutions, or to use a restricted web service operated outside of the institution itself.

• WAYF makes a large number of prospective, verified users available to the provider of a restricted web service, and saves him the trouble of maintaining login credentials for his users — effectively outsourcing this to the users' academic institutions.

• WAYF correspondingly saves staff and students the trouble of having to maintain distinct credentials for each web service they access outside of their institution.

• On the basis of user information transferred from the user’s institution on each login attempt, the service provider determines whether the user should be granted access to the service.

• Whenever a user attempts to access a web service, WAYF transfers only the minimum of information about him necessary for the service provider to be able to deliver the service to him.