1 Introduction
Consumer Identity and Access Management (CIAM) is the fastest growing specialty in Identity and Access Management (IAM) that has emerged in the last few years to meet evolving business requirements. Many businesses and public-sector organizations are finding that they must provide better digital experiences for and gather more information about the consumers who are using their services. Enterprises want to collect, store, and analyze data on consumers to create additional sales opportunities and increase brand loyalty.
To reduce money laundering, cyber-crime, terrorist financing, and fraud, regulators are requiring banks and financial service providers to put into place mechanisms for “Knowing Your Customer”. Having IAM systems dedicated to hosting consumer identities and their associated profiles is a good first step toward KYC.
CIAM systems can aid in other types of regulatory compliance. GDPR requires collecting clear and unambiguous consent from consumers for the use of their data. Many CIAM solutions provide this capability, plus offer consumers dashboards to manage their information sharing choices. Moreover, CIAM systems can help corporate customers implement consistent privacy policies, and provide the means to notify users when terms change and then collect acknowledgement.
The Revised Payment Service Directive (PSD2) in the EU will require banks, financial institutions, and other payment service providers to offer strong customer authentication (SCA) and perform user behavioral analysis to authenticate and authorize monetary transactions. Sophisticated CIAM solutions can provide these necessary functions. Additionally, the improved customer experience possibilities that CIAM offers will facilitate brand loyalty and give a competitive advantage to those financial companies that deploy it.
Common features of Consumer Identity solutions include:
- Self-registration for customers, usually via social network registration
- Consent mechanisms for users to control the use of their data
- Single Sign-On (SSO) across all digital properties
- Multiple authentications options for customers, depending on risks and policies
- Customer profile storage
- SaaS application integration
- Fine-grained access control to resources and data
WidasConcepts was founded in Wimsheim, Germany in 1997. They do custom development for Big Data and IoT applications as well as consulting for many large organizations in Germany. The genesis for cidaas, their CIAM offering, evolved from some of the foundational work they were doing to help client integrate IoT devices with their consumer-facing businesses.