Good morning. This is John Tolbert from KuppingerCole. I'd like to welcome you to our webinar this morning on identity 2.0 the next generation of customer identity with us today from Jan rain, we will also have Yvonne JIC and spin Domer.
So a little bit about Cooper or Cole. We were founded in 2004 in Europe. We're an international and independent Analyst organization.
We offer neutral advice and our thought leadership on a variety of subjects, covering things such as information, security, identity, and access management and access governance, risk management, and compliance, and all things covering the digital transformation. We support a wide variety of companies, corporate users, system integrators, software vendors, with both tactical advice and strategic direction. Our main business areas are research. We do different types of research on those areas, such as information security. And I did any management.
We have a vendor neutral approach, and our research is always up to date with the latest information provided by vendors and our clients. And we provide independent advice. Our other areas are events are just completed our European identity and cloud conference, our flagship event in Munich. We also have other events that we'll talk about in just a moment at these events. We provide thought leadership and give best practices, have case studies from different clients. They're great networking opportunities and give attendees an opportunity to meet experts in the field.
Our final business areas around advisory, we do advisory and consulting work to help make your business successful and provide good advice for the era of digital transformation.
So upcoming conferences, we are specializing in a consumer identity. So we have a consumer identity world tour. Our first location this year will be in Seattle, September 12th and 13th with some workshops on either side. Then we will also have workshops in the consumer identity conference in Paris, November 28th and 29th.
And then again in Singapore, December 13th and 14th, looking into early next year, we'll have a next generation marketing executive summit in Frankfurt, Germany, February 6th and seventh, and then rerunning our very successful digital finance world. Also in Frankfurt on February 20 and March 1st, 2018,
Some guidelines for the webinar, everyone is on mute, so you don't have to mute or on mute yourself. We control those features. The webinar is being recorded and it should be available to watch by tomorrow, we'll save 10 or 15 minutes for Q and a.
At the end, you can enter the Q and a at on the control panel on the side, and then we'll read through the questions and address them to whoever's most relevant for answering. So I will start talking about consumer identity, the differences between consumer identity and traditional identity and talking about some of the market trends that we see in the business drivers. Then I'll hand it over to Yvonne and spin, and then we will close it out with Q and a.
So a little background, a little differentiation between identity and access management and customer identity and access management.
Traditionally IM has been, you know, employee facing for your workforce or for your partners and contractors who you have on site or work closely with.
And typically these people would authenticate by windows logins or curbs smart cards in some cases, hardware, tokens, and the attributes about the users that we would collect would generally come upfront when the employee starts working and all those attributes would be used for things like authorizing what that employee should be able to look at or work with those attributes would then be stored as structured data in LEP database, active directory, in some cases, SQL databases to enable single sign on. We use SAML security, asserted market language.
And then one of the primary focuses of I am was around access control using those attributes to authorize who should get access to which resources customer identity is quite a bit different.
So different that a number of products have come up to specialize in that it's very customer facing. Most of the time users will authenticate either with simple username or password, social logins, such as Facebook, Twitter, LinkedIn, and then also mobile apps are becoming increasingly popular.
And we'll talk about that more in just a couple of minutes when attributes are collected from users, they're generally used for know your customer, and there's a variety of purposes under that, that will dive into just a bit also the information can be stored either in structured databases or even unstructured databases. So for customer identity systems, we'll see LGO DB used for customer profile storage, as well as the attribute SSO they'll use OAuth or the O IDC account structure. And one of the driving concerns that we have for customer identity is privacy more so than access control.
So we're referring to enterprise IM is identity 1.0, here we have employees inside and the customers are on the outside and it's difficult to capture really rich profile data about what the customers want or what they need to do here to four. We've had sales people manually entered data about customers into customer relationship management systems. And it's been difficult to offer flexible forms of authentication that are appropriate for customers in the enterprise. 1.0 identity, 1.0 scheme. This has led to some inefficient marketing processes.
Again, due to the manual data entry, not being able to capture the information directly from the customer and this actually scales very, very well to hundreds of thousands of employees, but it doesn't really zoom into the millions as does identity 2.0 or consumer. I am here. Some of the key features are providing SOC social logins and self-registration often white labeled so that they can be branded by the companies that are employing these products.
And rather than collecting all the information front about each user, the consumer IM systems allow customers to slowly reveal information about themselves. We call this progressive profiling. So you might be able to come in and sign up with an email address and then over time user activity will generate data. So if it's a retail system or a service, the things that you purchase or things that you like through social media will become associated with your user account. This leads to a 360 degree view of the customer. That really is impossible under traditional IAM.
Moreover, the capturing of consent for the use of that information is of paramount importance. And we'll talk a bit more about that later, but under GDPR, which takes effect next year, companies that collect information on people from the EU need to ensure that they have the consent of the users for the, the use of that information for each purpose, that that information will be used for. So in this way, we see consumer identity management sort of augmenting what that customer relationship management has done in the past.
And that can provide an output for much better marketing campaigns, being able to use tailored information about each consumer, taking into account their preferences, to be able to offer them the kinds of things that will give them a much better experience.
This also enables not just bring your own device, being able to use different types of mobile authentication, but really bring your own ID.
So being able to associate an email address or an open IDC account that you have with the services that you sign up for this, this empowers the user, giving them the choice of which identity they wanna associate. Most of the CIA solutions are omnichannel. And by that we mean they aim to provide a very consistent experience between an online typical PC based experience to tablet, to even mobile phone and to provide the consistency.
There is something that, that most consumers find desirable and this can include IOT devices, so smart home devices and consumer wearables and things like that are sort of included under the rubric of omnichannel. And previously, when we were talking about enterprise IEM that scales to hundreds of thousands of users, fairly easily consumer I am systems have to scale to literally billions of users, billions of users who may follow a particular brand.
It, it may not be intensive, but there's a need to be able to provide accounts and cover the activities of that many users in cases for consumers.
So I wanted to quickly look at some key features as we were mentioning registration, providing a self-service Porwal with social network or open ID logins. And also there are cases where bulk provisioning must be used. And for that, you know, being able to create L D L diffs or skim to quickly upload large quantities of user data authentication kind of covers a wide range in consumer facing systems.
Again, the use of username and passwords, it's fairly ubiquitous, but also most cm solution providers, except most of the common social logins out there increasingly there's an, a need and availability of mobile applications for authentication. And we're seeing a greater uptake in biometrics fingerprint in particular, the customer experience, as we mentioned, white labeling is important. Being able to seamlessly integrate it into your brand.
You may wanna purchase a solution, but it doesn't need to be out there in front so that everybody knows which solution that you have SSO to unite multiple web properties in cases where you may have a large organization with lots of subsidiaries and you wanna provide a consistent experience to all of your customers. This feature is very useful.
And then consent management being able to collect clear and unambiguous consent from users about the information they provide about themselves, for whatever purposes your company has, whether it be for marketing or brand loyalty or offering discounts or things like that.
Security and privacy are very important as well. Fraud detection for consumer facing systems, obviously a great concern these days. And for that many CIM solutions include features like user behavioral profiling.
They also include the ability to integrate third party intelligence sources, threat sources that can include feeds about compromise, credentials, cybersecurity threats, and then reports of fraud to flag possible transactions for additional scrutiny, privacy management, again, the fine grain consent mechanisms. Many cm providers will provide a dashboard that allow users to come back in and see exactly what they have opted in or opted out of and what data is contained within their customer profile.
So the dashboard should provide the ability to edit that content exported, if requested and delete the customer profile data to help comply with the upcoming European GDPR.
The CIM solutions also provide security in terms of administrative security. Most of them integrate with the security incident and event management systems or real time security intelligence systems providing information that they can then correlate most. Also offer some form of strong authentication and authorization for consumers to get into let's say bank accounts or healthcare accounts as well.
On the marketing side, my distinguish between identity and marketing analytics, the identity analytics reports that are commonly found are covering things like logins. How often, where the logins coming from are there changes with the password or failed password attempts and then profile edits as well on the marketing analytics side, that's the, sky's the limit in terms of the number of kinds of information that can be collected that might be useful for marketing purposes. And we see age, gender income, social media accounts, et cetera, lots of information is available.
If the user can sense to providing that. And many cm solution providers have very rich marketing reporting systems, others will only provide APIs or maybe some out of the box integration kits to third party marketing solutions.
So there's definitely two very different kinds of approaches that CIM vendors take with regard to marketing analytics, marketing automation, again, in some of those that are full featured in are marketing oriented marketing automation can be achieved by using native capabilities within the CIM solution or the use of APIs or out of the box integration kits with some third party marketing automation solutions as well.
For IOT integration, we see this as something that's becoming increasingly popular and increasingly needed. So there are a couple of different approaches that are out there.
Now, the, we expect to see a lot of work standards development, and hopefully see this area fill out with a lot more options. But right now some of the consumer identity platforms allow users to manage and synchronize the passwords or their IOT devices. And these are generally smart home devices. This is not something that we see in the operational security or T industrial world. There is also sometimes the ability to associate IOT devices directly. This can be a case where you, you may have device IDs that you can enter through the user interface.
And then those device ID are sometimes stored in L D or SQL there's limited technical capability to manage that. It's almost more of just an asset tracking system.
So far the most interesting and feature rich thing that we have as an I UTF draft standard called OAuth two device flow. It allows users to link their IOT devices, consumer, or smart home types of devices to their open IDC accounts.
And this is nice because many of these devices don't have full featured rich displays in this protocol or this standard aims at making it easier for those device manufacturers to help consumers associate those devices with their own profiles. So here I'm gonna switch just for a minute and talk about consumer attitudes toward consumer identity management. As you can imagine, at least three quarters of people admit to being tired of passwords, tired of password resets, remembering them. I think everyone is beginning to realize they're not very secure.
And in fact, 58% will avoid registering to a new site if it involves them having to create yet another user ID and password two thirds, one biometric options, almost half are using social logins today. And nine out of 10 users have concerns over data privacy.
So the consumer identity and access manage and market trends, we see that this is the fastest growing market segment.
Overall, the solution size is estimated to be somewhere around 20 billion globally by the year 2020 and the specialized CIM vendors have not only helped the market grow, but they've really made this a separate and distinct market from traditional identity and access management. And now we see many enterprise IM vendors are starting to move into the consumer facing market as well, just because they realize that perhaps traditional IM doesn't meet all the needs that the specialty products do.
And lastly, here, digital transformation really demands consumer identity management, the association of IOT devices, the being able to collect information and provide the kind of experience that users want. Consumer identity management is already a very important initiative for most organizations.
And, and if not, I would predict that almost everyone will have a digital transformation consumer identity and access management initiative simply to meet business objectives that are that changing throughout this year.
We see some divergence in the consumer identity and access management market. Some of these features that we've been talking about consent management, marketing, risk analytics, multifactor authentication, social login, and the progressive profiling have each of these fit into different kinds of markets.
So if you are interested in, let's say brand loyalty, you'll, you'll be interested in progressive profiling features and being able to collect the information slowly from users about what they want. You may be somewhat less interested in risk analytics if the risk profile of your site and the data that you are collecting doesn't necessarily demand a high security environment, but multifactor authentication and risk analytics are very important for industries such as finance. And we see PSD two driving that as well. Healthcare.
So the market is beginning to diverge around key feature sets and the companies that provide those more robust solutions in those area. And that also determines which kinds of customers they are in turn serving.
So GDPR is a market driver. GDPR will demand that users have to opt in rather than opt out, being able to collect consent and show the history of consent, provide notifications to users where in terms and conditions change as well as GDPR mandates that once a data breaches discovered the users must be notified.
The, the supervisory authority must be notified within 72 hours. And as we said before, users can request the export and deletion of their data as well. And CIM systems can help accomplish this.
PSD two, another directive in the EU, things that have historically been done by banks can, will now be able to be done by totally separate entities called account initiation, service providers, and account information, service providers, and payment initiation service providers. This will create additional competition in the sector and will come from non-traditional financial companies as well.
So this will create competition for the banks, both banks, these account information, service providers and payment initiation service providers will increasingly use mobile apps and mobile biometrics for customer authentication and risk based analytics as called for within the PSD two directive as well. So we'll see in the EU companies that want to compete with banks and banks themselves will have to offer a wider variety of strong authentication mechanisms, risk based analytics.
And then on the customer experience side banks AISP and PSPS will want to use consumer identity management solutions for competitive advantage.
Banks will have to do this to get the competitive advantage, just to improve the consumer's experience. It can also help with initiatives such as know your customer and can help banks and financial institutions comply with anti money laundering regulations. And lastly, here we see cm can really help banks and financial institutions both acquire and retain their existing customers. At this point, I'd like to turn it over to spin and Yvonne.
Yeah.
Thanks again, John. And thanks everybody for listening to us this morning, all this afternoon or whatever time it is, wherever you are. My name is ER, I am responsible for product marketing at genera. And in case you are not familiar with who we are yet. Here's a little bit of information about genera. We provide a customer identity cloud service. So what John talked about custom identity management. That's basically what we do. Our service is a software as a service offering. And I think it is fair to say that gen rain is the company that basically created this marketplace.
We have been around for quite a while. The company was founded in 2002 by Larry DS, who is actually one of the FARs of the open ID protocol. Generat invented a lot of things in this area of customer identity and access management, including social log in which allows users to use their social media accounts to log into other websites.
We are headquartered in Portland, in the us, and we serve around 2100 clients today with a growing number of managed identities. Currently we are at around 1.5 billion.
And just to give you an impression here of some of our customers, there's a lot of brands that you will recognize, and you will also see here that we, we have a strong audience here in the B2C area. So a lot of clients that actually operate very large and many digital properties, be it websites, smartphone, applications, or other forms of digital properties that they use to get in touch with their consumers and actually offer a way for them to register, to make themselves known to the company by providing information.
And I wanna basically pick up a little bit the, the identity 2.0 versus 1.0, differentiation that John talked about earlier. So as you heard from John identity two, oh, we use this term here really for customer identity and access management. The diffi the, the important word here is customer or consumer. And the John talked about how this really has changed how the, the game has become very different compared to managing identities of employees within companies, within a known group of people.
When you run a website or a smartphone application, or some other form of digital property to offer your customers, your consumers, a service, then you are basically, you're basically opening the doors to anybody who's out there on the web, right? So you, you have no way of knowing your clients here, your customers here, you don't know who will register. And the scale is completely different.
And with the, the internet really being a commodity today, this brings a whole set of new challenges around scale. More than half of the world's population is actually digitally connected today.
This number is growing rapidly. We have more than 5 million mobile applications out there.
And the, the number of websites is, is growing day by day, even more so the number of connected things, the internet of things, this number is estimated to be at around six and a half billion today, but it's going to multiply within the next few years. So the, the areas where your consumers basically are active today is in the digital area. It's in the digital world and still companies want to reach their consumers as directly as possible, right?
Marketing to one, personalized marketing has become a bigger topic than ever before because this whole digital world of course opens a lot of opportunity with regard to getting in direct touch with your consumer, even though you might be a company that doesn't sell directly to your consumers.
And there's a lot of technology out there that allows you to track consumers, to track visitors to your website or users of your smartphone application, to gather data about their behavior, about who they are.
And if you are familiar with Scott Brinker marketing technology landscape, that's a, you know, that that's basically a collection of all the companies that offer marketing technology. Today. We currently see 4,000 marketing company in 49 categories at this number has been growing year over year. And so that is one area where customer identity management brings a lot of value because it's, it's basically the anchor point of collecting data about your customer.
And, but also not only collecting data about your customer without asking, I think one important feature that we're going to see in the rest of the presentation also is that you can actually have a direct dialogue with your customer and also make them consent to what data they're sharing that leads to the whole area of data governance.
So you not only want to ask your customers for consent to build a better relationship with them and, and build trust with your consumers. But of course there are also data protection regulations and worldwide.
If you operate in a global market, there are hundreds of these, the most prominent one, probably being the GDPR and this new EU law actually, you know, will, will penalize violations with up to 4% of worldwide annual turnover. So the penalties here are really severe and many countries, including the European union countries are really serious now about protecting the data of consumers. So there's a lot of, a lot of complexity that comes into the game and beyond just complying with the laws and regulations that are out there.
There's of course also the question of identity security with, or without these laws. You want to make sure that if you gather valuable information about your client, about your customers, about your consumers, then you want to protect this so that this data does not get into the wrong hands, because this is not, you know, it's not only problematic from a, from a regulations perspective, but it can also mean a huge damage to your brand's reputation if you actually are being blamed for a data breach of sensitive information.
So given the complexities of cm, the question, of course, so why, why is this such a hot topic? And what's actually in it for me as a company. And I think the, the return of investment for enterprise is actually so obvious that now it's, it's actually not, not really a question if you want to do this, but how, and what is the best way to achieve this. And here are just some numbers and I won't go through all of these, but, you know, there are many areas where having customer identity management in place will actually improve your customer experience.
For example, by personalizing the experience. When you log into your digital property, you get a, a user experience and you get content that is personalized to you. And in order for that to happen, you know, the, the digital system needs to know that it's you, and it needs to know things about you needs to know your preferences, personalized experiences, be it in the area of user interfaces.
Content marketing will dramatically include success for marketing campaigns, for sales, for brand recognition. And it also helps with customer satisfaction scores.
There are a lot of challenges that this brings. If your customers depend on a Siam system or on, on technology that allows them to log into your site to register, to be identified authenticated. Then this becomes a very crucial asset. So you want to have a very high uptime here. High availability becomes a, a crucial factor. So this is not necessarily something that you want to leave up to your, your web agency or your marketing agency to implement. This is really a specialized area where you, you are dealing with a very mission critical piece of technology within your overall digital stack.
And to make things a bit more complex here, we already talked about the compliance requirements. There are standards that you need to comply with, depending on what industry you operate in PCI is, is one example here. And then of course, rules and regulations that are regionally different, like GDPR, P two and many others to make this a bit more tangible. I want to give you one example here. One of our clients is Phillips, and this is an example that I think is actually nice because it illustrates a lot of the different areas that customer identity management plays into.
So Phillips is a, is a very successful company, as you all know, and they have, they have over 550 million products out there. They also offer registration for that product.
But the, the rate of registration is actually below 1%. And one of their, their business challenges really was to drive this up and to use digital transformation as a way to create more loyalty, more brand awareness with their customers.
So the example that I, I want to show you here is actually a Bluetooth enabled toothbrush, and this toothbrush is specifically targeted at kids. So there's a lot of really smart things about this, this toothbrush, it, first of all, it creates a, a tie between this fluffy character and the actual device.
So if you want to switch to a different brand, your kids will probably be very much against it. After they've gotten familiar with this little fluffy character, this fluffy character actually will motivate kids to brush their teeth regularly. It will motivate them to brush them full three minutes and not shorter than that. It will explain to them how they need to brush their teeth.
It is a great way, not only to provide additional usefulness to their customers here, but also to create a much better loyalty with the brand and with the product on top of that, it also encourages almost enforces registration in order to use the features of this Bluetooth toothbrush, you need to register for it.
And that then allows Phillips to also tie things like warranty, customer support to this account. And it also provides a new way of upselling.
So for example, this toothbrush will tell you when it's time to change the, the brush head, and it will basically send you a notification in email or on your phone. It comes with this with a mobile application that allows your kids then to basically interact with this Bluetooth enabled brush. And what's, it's, it's really done nicely with this, this fluffy character, but of course, this is marketing to children, right? So there are lots of regulations that you need to comply with. And of course, it's a very sensitive area.
So security and compliance with regulations in different jurisdictions plays a big role because of course this product is marketed worldwide. And the screenshots that you, that you see here give you an impression of how this is done using a dedicated customer identity and access management solution.
For example, there is H gating involved here. So there are basically separate accounts for the children and for the parents. And there are dialogues implemented here in the UI that make sure that the children cannot get into the parents section. And of course, there's also consent.
There are questions about consent. It is important here together, the explicit consent from clients that this data can be used, you know, purpose based to use this product. And you see in the one screenshot here that you can turn the reminders to get brush, head, you know, get these reminders about when you are brush heads are worn and torn and you need to get new ones. You can turn this on and off.
And I think this is a, this is a great example to show you how much complexity is involved in this, on the surface, dealing with identity management and, and log in. That seems easier than it is.
But as soon as you dig into all the things that you need to comply with and all the requirements that you need to satisfy, it becomes a very challenging task to, to do. And with that, I'm going to hand this over to my colleague Ivonne, and he will talk a little bit more about customer-centric identity.
Yvonne, are you there?
Yes. And thank you. And this is actually very good, very good example about the kinds of data that are being collected about the user that users are providing, you know, to interact with, with digital properties in different, in different contexts. So it really, it makes more real that distinction around the enterprising and consumer access management, in terms of scalability, where dedicated C CIM services need to be able to handle large volumes of data, but also data that is generated from different sources.
So things like IOT, as in a previous example of, of, of, of Phillip toothbrush, as well as IP addresses, device fingerprint, all those things are particularly in the context of GDPR regulation now considered personal data. So not only what used to be traditionally known as personally identifiable information, but much broader set of data.
And then we look at some of the applications around the volume of users and, and, and the peak demands, for example, on the viewing of real time events, it really makes that need for a, for a service to scale at a real time, much more challenging than, than in enterprise space.
And then on the other hand, looking at the security and privacy of all the data that is collected at different point of user interaction and, and the opportunity potentially to aggregate that data and compromise users in different ways really brings security and privacy of data as one of the big needs that we are seeing now that customers are voicing more than much more than, than before. So we mentioned GDPR couple of times during this presentation.
And then when, when we look at this landscape of, of, of personal data, some of the questions that organizations will have to answer is really around how is this data collected various data about the user is user aware, or do they agree for that, for that data to be collected? So, so positive and, and ambiguous opt in rather than opt in by default organization of organizations to demonstrate what is the purpose of this, of, of, of the data that they, that they use, and whether it is actually used in a, with the intent that is been collected and whether the data subject rights.
So user rights are respect things likek when, when, when dealing with children or, or for that matter, any of other provisions that are, that are defined. So, so, so, but also looking from a, from perspective of, of some of the other regulations, like for example, John mentioned PSD too, which which relates to, to payment services, but also in that regulation, there is a lot of mention around the consent for the users being able to access data the, on the purpose of authorizing providers to, to share their account information as well as payment information.
And, and then if we, if we think about as users becoming more engaged with the brands, different kinds of data is collected throughout the customer journey. Organizations need to be able to demonstrate when the data is collected and UHS change their opt preferences, to be able to track that over the time.
So if you, if, if you move on, if you move on the, the next slide.
So, so some of the, so some of the quotes from the regulation really refer to users' consent of their, of their data be used, needs to be really obtained in a, in a very specific way freely given. And a lot of other keywords that, that really reflect how clearly intent needs to be communicated with end user. So things like generic optins are not acceptable anymore and more fine grain consent management is required at the same time, this broad amount of data that is collected, but the user can create complexity in how user perceives it and is able to manage that.
So again, balance between the level of detail and, and how user is able to, to manage their preferences is, is very, is very important.
And then, oh, from a, from a different perspective. And if you, if you just move on, so please, so, so it is not about collecting data about the user over the time. One thing that, that we are seeing is that consumer IM solutions are deeply integrated with a number of different systems and services within digital stock and, and all of those, or, or lot of those systems need customer data to, you know, to fuel business processes.
So from the perspective of an organization, sharing data is critical in order to manage efficiently their, their business and their services, they provide to the customer. On the other hand, there needs to be much stronger handle around how the data shared and, and, and how that, and that that is done in, in line with, with, with the customer's consent.
So, for example, if some of the data about user is shared with CRM systems, so, or, or some of the analytics systems, if based on users consent for this data to be shared, if user changes their, their Optim preferences and they opt out of, they revoke their, their consent to, to data sharing, then there needs to be a mechanism to, to track that and to, to change the, the, how the data flows and processes are managed in order to respect this, this change in, in users, in users preferences.
And, and then, so looking how some of, some of the examples, how some of our customers have use solution to deliver some of these, some of these functionalities. So for example, with the channel four and their on demand application for viewing content on demand for OD.
So one of the things that that they've done is labeling of content with the different parameters based on how it is suitable for different audiences in different age groups, and, and therefore they, they are able to, to, to offer user, to, to ask for, for their willingness or fusing parental or controls, for example, some of the, some of the adult content is being streamed and through disability to set the preferences, they are, they, they actually are able to communicate users, not at the upfront, by collecting large amounts of data, but actually at the time when the content is being requested and, and really asking for the consent at the time of, at the real time, in the context of user interaction on, and then, and then another example with, with Coke.
And so, so, so what, so, what they, they have done is looking at how legal terms are updated over the time on the, on their brand's website. And there need to, to effectively collect consent from their, from the consumer based on the latest version of, of the, of the terms as they're updated. So what they, what they have done is created dynamic triggering of, of re acceptance, essentially resending of, of user at the time when, when the terms are updated and, and this, this is a required action from a user at their next, at the next slogan.
And this is basically a, actually a pattern that's been then implemented by a number of other other customers, but it is one example of how changing consent, how changing the, the terms and evolving essentially requirement for consent over over the time. So that, that really with this couple of examples, IED part of the presentation. So dunno if
This, this is it, and we have a few minutes, I think for questions, but we'll, we'll hand it over to our friends from co a cold,
Just kind of go through a couple of key takeaways here at the end.
So consumer focused identity solutions can help organizations turn what were previously unknown users into known customers. And I think, you know, we've seen a couple of really good examples of how that works today. Then cm can also enhance marketing efforts and provide a better customer experience, a consistent experience across different channels. And then lastly, we've, you know, this is a very deep topic.
There's lots of different angles that we could go into around identity 2.0 and how it can help with regulatory compliance, but we've touched a bit on anti-money laundering, GDPR for privacy, know your customer, and then the massive changes that are coming in the European financial market as a result of PSD two. So with that, yeah, we've got a couple of questions I want try to get to them. There's a really good one here about the use of Fido U two F for cm. Would you guys like to take a first shot at that? And then I'll, I'll say a bit about Fido as well.
How do you see Fido U or UAF as an authentication mechanism for consumer identity?
So, I mean, I, as a general comment from, from my perspective, Fido allows really decoupling of authentication mechanisms and, and gives the organizations flexibility, what kind of authentication they want to, they want to use in order to have a compelling user experience. One thing to, to keep in mind if, if metal such as biometric are, are used, then that can potentially mean collection of sensitive personal data, which has its own implications under GDPR, for example.
Okay. Yeah.
In my opinion, Fido, I think is a very interesting alternative. I think it's captured the attention of lots and lots of people. And the U two F variant that's specifically asked about in this question. I don't know that that will be all that popular for consumer identity. I think the UAF mobile device variant will be much more useful for consumer identity, but at the same time, you know, phyto is working hard on 2.0 specifications. And I think at a later point this year, there's going to be an attempt to at least somewhat unify the features in U two F and UAF.
And as that sees broader adoption across industry, particularly with the different kinds of browsers, I think phyto adoption will begin to increase later this year and into 2018. And I think it will be a, a good thing for consumer identity management solutions. The next question we have is about digital IDs and government IDs, governments who issue IDs that then people use to pay their taxes online and being able to offer additional higher assurance.
You know, I think there are a number of vendors that are playing in that space, being able to incorporate government issued IDs. I think that's a, an interesting twist on the consumer identity market. It's really more of government to citizen spin or Yvonne. What do you think about the use of higher assurance government issued credentials for use in consumer identity systems?
I think there are different ways to look at this on, on, on the very high or on the highest level.
We, as a vendor could consider these as another identity provider, just like we currently support over 30 identity providers from the, the Facebooks and, and Googles of this world. Now, I think there are a number of additional challenges with regard to government IDs, but it it's really a case by case basis here.
The, at the end of the day, this has to the user experience that these government IDs provide have to have advantages in order to find broad customer acceptance. I think from a technology perspective, integrating these is hopefully not a huge challenge, and hopefully these IDs will provide additional security and protection for their users. If you operate in a global market as a company, this might of course, you know, put you into this position where you have to support an increasing number of identity providers and, and different government IDs.
And I think it, it will be very interesting to see how this plays out and we definitely are going to support whatever has acceptance in the market and is meaningful to our clients here. But it's also, I think it's also early to say a bit too early to, to really say how this will play out and how much relevance this will, this will gain.
Okay. We're almost at the end, there were a couple of questions. I'll try to address them real quickly. Where do the numbers on cus consumer attitudes come from? That comes from a consumer survey that was run within the last six months, I believe.
And then there's questions about the availability of slides or the presentation we do intend on making this available on the website probably by tomorrow. So I would encourage you to check back then. And just a reminder, we do have upcoming conferences, consumer identity related in, in Seattle, in September Paris and November Singapore in December, then one that's focused on marketing in Frankfurt in early February and digital finance world, also in Frankfurt in late February, early March. And with that, we've run out of our time.
I want to thank our presenters for attending today and thanks to all the attendees who have listened patiently, and we encourage you to engage with us. If you have further questions, thank you. And this ends the webinar.
