1 Introduction
Consumer Identity and Access Management (CIAM) is the fastest growing specialty in Identity and Access Management (IAM) that has emerged in the last few years to meet evolving business requirements. Many businesses and public-sector organizations are finding that they must provide better digital experiences for and gather more information about the consumers who are using their services. Enterprises want to collect, store, and analyze data on consumers to create additional sales opportunities and increase brand loyalty.
To reduce money laundering, cyber-crime, terrorist financing, and fraud, regulators are requiring banks and financial service providers to put into place mechanisms for “Knowing Your Customer”. Having IAM systems dedicated to hosting consumer identities and their associated profiles is a good first step toward KYC.
CIAM systems can aid in other types of regulatory compliance. Now that the General Data Protection Reguation (GDPR) is in effect in the EU, collecting clear and unambiguous consent from consumers for the use of their data is often mandatory. Many CIAM solutions provide this capability, plus offer consumers dashboards to manage their information sharing choices. Moreover, CIAM systems can help corporate customers implement consistent privacy policies and provide the means to notify users when terms change and then collect acknowledgement.
The Revised Payment Service Directive (PSD2) in the EU will require banks, financial institutions, and other payment service providers to offer strong customer authentication (SCA) and perform user behavioral analysis to authenticate and authorize monetary transactions. Sophisticated CIAM solutions can provide these necessary functions. Additionally, the improved customer experience possibilities that CIAM offers will facilitate brand loyalty and give a competitive advantage to those financial companies that deploy it.
Common features of Consumer Identity solutions include:
- Self-registration for customers, usually via social network registration
- Consent mechanisms for users to control the use of their data
- Single Sign-On (SSO) across all digital properties
- Multiple authentications options for customers, depending on risks and policies
- Customer profile storage
- SaaS application integration
- Fine-grained access control to resources and data
Ubisecure is based in Finland and has offices in the UK, Sweden and Germany. They released their first CIAM product in 2006 with a focus on SSO and privacy. Their current offering, Ubisecure Identity Platform, is an API based offering incorporating CIAM functionality that can be deployed on customer owned or managed infrastructure, both on-premises or cloud, as Identity Server or hosted by Ubisecure in dedicated private cloud instances as Identity Cloud. It provides robust federation options, advanced mobile authentication using the GSMA Mobile Connect standard, and can integrate with several national e-IDs. The platform can handle organizational identity as a primary identity class, and when coupled with Ubisecure’s Legal Entity Identifier solution, branded as RapidLEI, enables management of highly assured organizational identity and an Individuals’ right to represent said organization.
