1 Introduction
In recent years, Consumer Identity and Access Management (CIAM) has become the fastest-growing specialty within Identity and Access Management. Traditional Identity and Access Management (IAM) worked well for the enterprise with internally facing requirements to address their employees. Still, as organizations began reaching out to customers and gathering information about the consumers who are using their products & services, they found that they needed to provide a better digital experience.
Consumer IAM systems provision, authenticate, authorize, collect and store identity and other information about consumers from many and sometimes unauthoritative sources. Improved user experience is often manifested through consumer's mobile devices or social networks and providing an easier onboarding experience for consumers.
Although CIAM provides many benefits to the consumer, in regards to user experience, there are challenges for the organization implementing a CIAM solution, such as customer identities may be orders of magnitude more numerous than the employee identities enterprises have been managing. Organizations also need to be concerned about privacy compliance such as GDPR or PSD2, as well as compliance with new and demanding anti-fraud and other regulations is required.
Given these challenges, there are also new opportunities created by CIAM: many enterprises plan to use the stream of rich customer data collected in these systems for marketing analyses.
Common features of Consumer IAM solutions include:
- Ability to scale customer identities magnitudes higher than traditional IAM
- Self-registration for customers
- Multi-factor authentication options
- Social login support
- Fine-grained access control to resources and data
- Risk adaptive authentication
- Inclusion of 3rd-party fraud and compromised credential intelligence
- Marketing analytics based on customer data, built-in or via interface to 3rd party products
- Privacy and consent management
- Enhanced user experience
- White-labeling with the client enterprise's brand
- Integration with IoT devices linked to customer identities
- Software-development kits (SDKs) for integration of Web and mobile apps with the CIAM infrastructure
In the IAM market in Japan, NRI SecureTechnologies offers its Uni-ID solution as a consumer-facing IAM (CIAM) product. It was first developed in 2008 and rebranded and relaunched as Uni-ID Libra in mid-2017. NRI SecureTechnologies became a subsidiary of Nomura Research Institute (NRI) in 2000. The research lead at NRI, Nat Sakimura, is one of the authors of the OpenID Connect specification and a member of the board of directors of the OpenID Foundation. Also, NRI Secure was the first Japanese company to obtained an OpenID Connect Certification. With its headquarters in Tokyo, NRI Secure provides security consulting and solutions. Currently, NRI Secure claims 20-plus large Japanese automotive, financial, retail, media, and telecom customers with over 100 million consumer identities served by Uni-ID Libra.