KCOS Logo

Highlights

The CIAM market continues to grow in terms of numbers of vendors, numbers of organizations deploying CIAM, and the numbers for consumer engagement. The trend toward digitalization of consumer experiences was well underway in the late 2010s, and the Covid pandemic forced more businesses and other organizations to expedite digital transformation. With every iteration of this report, we observe significant acquisitions of CIAM specialists by others in the market, and entry into the market of new vendors. These trends will continue for the foreseeable future.

  • Innovation in CIAM drives the wider IAM market. The “consumerization of IT” is exemplified by the push to use CIAM methods and technologies for registration, authentication, and authorization in workforce IAM.
  • Features that were considered innovative in the previous edition of this report are going mainstream.
  • The new entrants in CIAM tend to coalesce locally; that is, the startups form to address region or country specific use cases, populations, or government regulations. In other cases, new CIAM businesses offer some new technologies, modifications on deployment methods, or better licensing or subscription models.
  • Support for consumer IoT device identity linking is growing. Smart Home, wearable, and entertainment devices are proliferating, thus the need for such integration will increase as well.
  • Account TakeOver (ATO) protection is required for all industries and use cases. Some CIAM platforms provide advanced capabilities, and others provide connectors to third-party services. Multi-factor authentication is a primary defense mechanism against ATO.
  • MFA usage remains relatively low among their customers.
  • Account Opening (AO) fraud is a persistent problem across many industries, particularly those in finance. Identity proofing services help mitigate against AO fraud, and some CIAM service providers have integrations with one or more identity proofing services.
  • Consent collection and management requirements are expanding as more jurisdictions enact privacy regulations. However, consent management capabilities within CIAM platforms differ in the quality of consent management features provided, with some offering turnkey regulatory support while others deliver a Do-It-Yourself (DIY) consent collection base that needs customization.