Hello, everyone, good morning, good afternoon, and welcome to our webinar. I'm John Tolbert, Director of Cybersecurity Research here at KuppingerCole.
And today, I'm joined by Cooper Matheson, who's Director of Sales at LoginRadius. Hello, Cooper.
Hey there, John. Today, we're going to talk about CIAM.
In fact, the title is Mastering CIAM. And I'll get into some very recent research that I'm currently working on on this subject. And then I will turn it over to Cooper, and we'll do Q&A at the end. So let's get started. Some logistics info, everyone's muted centrally, so there's no need to mute or unmute yourself. We're going to do a couple of poll questions at the end of Cooper's presentation. So we encourage everybody to answer those polls, and then we'll talk about those afterward. And we're going to do Q&A.
You'll find a control panel in the CVent app that will allow you to enter questions, and we encourage you to enter questions, and we'll answer them at the end. And then lastly, we're recording this, so both the recording and the slides will be available shortly. So as I said, I'm going to start off talking about CIAM, the challenges, the overview, some of the trends that we're seeing in our research. Then I'll turn it over to Cooper, and then we'll close out with Q&A. So I thought it'd be good to sort of level set what we mean by C and CIAM.
I always used to mostly define it as consumer identity and access management, but things have changed a lot in the last few years. It's increasingly used for B2B, which we're going to dive into that in a few minutes. And then also citizen, G2C, or government to citizen. So on the consumer side, we all have one or more, probably more identities for different services that we interact with every day, whether it's your bank, retail sites, e-commerce, media subscriptions, things like that.
A lot of these require us to have device identity, not only our phones, but a lot of the devices that we buy need to be associated with our consumer accounts to manage them. On the customer IAM side, you can think of supply chains with primary contractors and secondary contractors and the logistics that are involved with that. And on the G2C side, CIAM solutions are often used for paying your taxes online or applying for or renewing licenses of different kinds. So C and CIAM is pretty all purpose. So what do people want when they go out and look for a CIAM solution?
Well, maybe they already have a CIAM solution, or maybe they are using their old enterprise IAM solution and it's not really working that well for them. Obviously, we need to be able to find ways for them to register. Oftentimes, that's using an email address. It's also the case where you may need to allow social network credentials and sometimes now we're seeing decentralized identities for registration. You need to be able to host consumer profiles.
LDAP has always been common for IAM, but increasingly we see NoSQL kinds of databases used to house things like audio, video, photos, all sorts of things that your site might want to keep for consumers. From a business perspective, you really want to convert unknown users into known customers and CIAM through the means of progressive profiling can really help with that. That's where you get basic information at the beginning and then just add to that as you go along. Don't overwhelm the consumer or customer with inordinate information requests from the beginning.
Consent collection for regulatory compliance, we'll talk more about that in a few minutes too. Once you get that consent, you want to use that information most likely if you're a for-profit business to figure out or to use marketing analytics and automation ultimately to increase revenue. We need to be able to offer better and stronger authentication and account recovery mechanisms to reduce fraud. As we probably all experienced, fraud feels like it's out of control. So there's lots of different aspects of fraud reduction that can come into play in CIAM solutions.
And then lastly here, identity analytics for security. Knowing behavioral baselines for users can help determine when something anomalous is going on and improve your overall security. So some of the obstacles that organizations encountered in early generation CIMs were things like, well, it can be really difficult to deploy, especially if you're going to do something that's on-premises.
That is, you've got to procure the hardware. SAS has made this much, much easier. Many organizations have lots of line of business applications that they need to somehow plumb into the CIM and the web front end. And without enough API exposure, it can be difficult to do that. They also want to be able to have seamless, consistent branding. And API exposure within the CIM solution can help organizations build a more consistent user experience, as well as one that's much easier to administer. Need to be able to have support for what we might call legacy apps.
That was always a problem with earlier generation CIM solutions. We have needed to get identity and marketing analytics tied to CIM. Some of the early gen CIM programs had some basic identity and marketing analytics built in. Now we see many organizations preferring to use other programs that they already have, or other services that they're already using, and be able to export or integrate that directly into their CIM. And that's because CIM had become a silo, which, as we know in this business, is not ever really a good thing. Scalability of on-prem solutions.
It's not only difficult to procure hardware, or costly, but think of retail or e-commerce businesses where they may have one or two extremely high traffic days per year. The only way to really scale up for that is to make sure that you have tons and tons of hardware that is mostly idle 363 days of the year. So cloud-delivered solutions almost always offer better scalability. Those early gen CIM solutions were pretty much password only, and I don't have to tell you how bad passwords are, and not only from a security, but usability perspective.
They often didn't have really, really good consent collection and management interfaces, which made it difficult to comply with all the different privacy regulations that are out there. And if anything, over the last five or six years, post-GDPR, we've seen many more privacy regulations come into effect in all sorts of places around the world. And they're not all harmonized. So having ways to help you comply with those regulations is a big driver in looking for new CIMs today.
And then lastly here, it might not sound like it's terribly innovative, but different vendor solutions have varying kinds of licensing or subscription costs. And I think many organizations today really want predictability out of the cost. So there have been changes, in many cases for the better, in how CIM solutions are licensed. I mentioned fraud. I think we all know cybercrime seems like it's sort of getting out of control. We have two major fraud types that we want to talk about here today.
ATO fraud, or account takeover, and account opening fraud. ATO fraud mostly comes from breached passwords, passwords discovered on the dark web. They use bots to do credential stuffing attacks. Then the brute force password attacks still happen. And these are used for any kind of value transfer. Anytime there's money involved or something that could be converted into money, then those are the kinds of attacks or accounts that might be attacked. Account opening fraud, they're looking for your PII. They get this from school, work, health care records.
That really explains why there are so many attacks against educational institutions and health care providers, because they want that PII. And they can use that for even bigger kinds of financial fraud, getting lines of credit, mortgages, use it for mule accounts to move money from one illicit activity to another. So these are reasons why consumer and customer identity accounts are often attacked. We always say the best mitigations here to prevent ATO fraud or multi-factor authentication and risk-based authentication, and to prevent account opening fraud, identity proofing.
So some of the things I've seen in just the last couple of months since I restarted the research cycle on CIM, even more interest and need for identity verification. There are anti-money laundering laws that are in effect. Know your customer regulations and initiatives at many organizations, all about reducing account opening fraud reduction. And many businesses that aren't necessarily subject to regulations in this area want identity verification services just to reduce the fraud, even if they're not legally required to, they find this to be very expedient because fraud's skyrocketing.
And consumer-facing organizations really need to do everything they can to prevent fraud. And this includes integrating with fraud reduction intelligence platforms. There's the privacy regulatory compliance. Like I said, there's more laws in more places. We talk about passwords. We really want passwordless authentication. And now we're here. There are many, many good passwordless authentication solutions out there. You can check our other research on that subject. Things like Passkeys, it makes it so much easier to log in, much better usability, and better security.
We need to integrate and interoperate with lots of different kinds of applications. This is driving the whole API-first approach. I mentioned briefly IoT device identities and consumer account linking. Think about any time you go to the store, you buy an electronic good, or a home automation device, or connected cars, they almost always have to be connected to some sort of an account. So CIM solutions are really ramping up what they can do in the area of managing devices that are associated with accounts. And B2B and B2B2C use cases have greatly expanded.
Almost every vendor surveyed reports that this is a real area of growth. So I wanted to highlight some of the areas where CIM solutions need integrations. This is what's being reported up through research today. Consumer data platforms, I thought I'd just briefly describe those for you. These are generally third-party systems that CIM systems can interoperate with. And in the case of CDPs, they take information from CIM, but also from CRM, Customer Relationship Management.
Email, social media, all sorts of different channels. Put it all together. It allows you to resolve the identities from all these different kinds of accounts, unify them, get the 360-degree view, as they often like to say. And then segment that data by demographics, or preferences, or behavior. Why? So you can do personalization, recommendation, really to be able to use it for marketing, and again, to increase revenue. It also gives you the opportunity to manage data, integrate with CPM, Consent and Privacy Management solutions, which is up on the next slide.
And then facilitate multi-channel customer activations. This is using web, mobile, IoT, social media, all sorts of things. So you can have a unified view and a unified presentation to your customers. Consent and Privacy Management. I've said that many CIM solutions have pretty good Consent and Privacy Management capabilities within them. But some organizations have bought third-party CPM solutions that kind of span the gamut of different kinds of applications that they use. And the CIM solution ideally would be able to integrate with third-party CPM solutions.
So the things they do are collect and manage Consents from multiple sources, including the CIM, giving the ability to present different privacy policies in terms of services to different audiences, create data subject access request portals, offer preference management, and then help you with audits, like doing PII inventories, mapping data flows, managing cookies. And again, this is something that while many CIM solutions do this well, there are third-party Consent and Privacy Management solutions that your CIM would need to integrate with. Chatbot and Payment Service Integration.
This is a real area of innovation that we find in CIM today. Not all that many vendors are offering this directly today, but there are a lot of AI-powered chatbots that are out there available today. And many organizations want to take advantage of it. They want to simplify the user experience, and often they want to reduce support costs. So being able to build that in or have it work with your CIM is definitely a competitive advantage from their perspective. And like I said, not too many of them are providing these integrations directly just yet. Then there are payment services.
This is really big for companies in retail and e-commerce that want to be able to closely tie together their CIM solutions with payment service providers. It's an integration that definitely makes sense for those kinds of industries. And right now, a few CIM solution providers are offering these kinds of integrations. B2B CIM. Here again, this is business to business. Think about a complex supply chain where maybe you have a primary and then maybe even 50 secondary companies that are part of a big supply chain.
The primary has to ultimately control access, but they need to delegate that access control to the 50 members of their supply chain. And the 50 members of the supply chain probably use other contractors themselves, or they may have other business partners.
Now, if everybody needs to collaborate and work on one big project or get access to ERP or PLM system or something like that, then you need a really, really robust B2B oriented CIM solution. And what businesses are looking for here are the ability to do identity proofing. But this is a little bit different than consumer facing identity proofing.
Here, you may need to look at HR information sources to be able to do background checks, sanction screening, look for PEP lists, politically exposed persons. Make sure you're not allowing your partners to sign up people who are on one of these lists. You most likely need to do compromise credential checks to make sure that a member of the supply chain's credentials haven't been compromised, such that they would get access that they certainly don't need in that case. You might want to be able to offer communications per organization or per audience.
Let's say you need to, there's only one company in the supply chain, but you want to be able to send out a message to them or pop up a message in the application portal. A B2B CIM solution can help you with that. Or you might want to identify just contractors that are not a member of any of these 50 organizations and to be able to send them a message or give them a pop up when they log into an application. You probably need to be able to offer different terms of service for every application and for every audience.
Again, not everybody has the same access, so you'll need to be able to pop up different terms of service for them to see and consent to. I mentioned the hierarchical delegated administration.
I mean, this is some of the most complex identity relationships come from these sophisticated supply chains that we're talking about. If you've got a prime and 50 different secondaries, you want to be able to, I mean, the person working at the prime doing access control can't know every single individual out there, so you need to allow the people at each individual company who are authoritative to decide who gets access to what. You might need to offer time-limited accounts.
Again, create an account maybe based on a SAML token, and maybe that should only be good for eight hours. That's kind of a more advanced feature that we see in B2B CIM. Self-service portals, again, a little bit different from what you would see on a pure consumer IAM solution. This way you would manage credentials, not necessarily just passwords, and make requests for applications. You'll need a centralized admin console for the primary contractors, but you'd probably want admin consoles for each of the delegated admins, of course.
You need to be able to offer granular authentication policies for each different audience or organization, perhaps. And then you'll need to be able to get identity analytics per entity, per member of the supply chain to see what the risks are for each member of the supply chain, because we're all rightfully concerned these days about supply chain security risks. So trying to finish up here. We do see in CIM, not surprisingly, there are a lot of good MFA options out there, but they're not still being widely used by CIM customers.
Instead, we still see lots and lots of password usage. The most innovative solutions are using things like FIDO2 and WebAuthn. They've been around for a while. I'm glad to see the uptake is finally where it should be, and passkeys are slowly starting to rise much more popular. We see increased offering and use of remote onboarding apps. These are the apps that might be using an SDK or a vendor-provided app to allow you to do a selfie and match that to an authoritative identity document for remote onboarding.
Not seeing so much decentralized identity use outside of just a few regions, apparently due to low customer demand. IoT device identity management continues to grow in importance for all the reasons we've been talking about. But ultimately, customer organizations are not really making the best use of the CIM products that they have, or connecting them to fraud reduction intelligence platforms the way they should. Ultimately, that leads to lost revenue, potentially lost consumers.
And then, like I've said, B2B CIM use cases are on the rise. So with that, I'd just like to remind you, if you have any questions about what we're talking about today, feel free to enter them into the CMAT control panel, and we will take them at the end of our session here. And with that, I'd like to turn it over to Cooper.
Thanks, John. So from my side, certainly I wanna walk through some best practices from our perspective talk about some common issues that we see in customer identity, and then how we solve those issues. What are we doing to break apart those problems and offer some solutions to customers that might be interested in customer identity, especially. So I'll talk about client touchpoint effectiveness, abandonment rates, downstream APIs, so some integration type discussion there, and then end user engagement and revenue.
And then we'll talk about just a couple of testimonials before we get onto the polls for everybody. So definitely send some questions in, we'll be happy to chat about those as well. So from a touchpoint effectiveness, some of the challenges, some of the issues we see here, definitely some problems with implementation of CIM, some in-house systems and some third party as well, some vendor led.
So these can usually be broken down into a few different sections like issues with security, maybe having partners run their support channels and some breaches resulting of that, maybe some just generally poor user experience, maybe some complexity in registration forms, you know, kind of some confusing steps in the user flows, something like this, or maybe lack of options for authentication. And this, you know, kind of is a result of limited adoption.
You know, there's some resistance occasionally to using a vendor, maybe fears of security issues, fears of outsourcing that type of work or moving away from an existing in-house solution that we see that too. And some inefficient processes there.
So, you know, kind of similar to the poor user experience, but a little bit different too. So, you know, this is kind of like system availability issues or API efficiency issues. These types of things cause problems for users or users will abandon the registration or the authentication process in those cases. And we'll talk a little bit more about that too. And then finally here, finally here, yeah, lack of integration.
So, you know, not having that customer data that you're gathering through customer identity or through your CIAM platform, not connecting that to your other third-party tools, like a CDP that John mentioned, or a CRM, an analytics platform, these types of platforms. And then also, you know, in the really worst cases, maybe not even integrating with an e-commerce platform or booking platform, something where the user has to log in a second time.
So, lack of federated single sign-on between the customer identity platform and the third-party system. So, that's kind of like the worst case scenario right there.
So for us, yeah, we, you know, kind of take in these different issues or we review these issues on an ongoing basis. Certainly, you know, we think that customer identity, of course, is an answer to a lot of these problems.
You know, offering a modern approach to authentication, you know, going away, moving away from that traditional password, you know, email and password-led authentication and offering some different options there for your users. Even that alone can, you know, get rid of a lot of these problems that we talked about.
You know, advancing some features on the security front, offering tools like risk-based authentication. I'm sure we'd all be familiar.
You know, you log in from an unusual location, an unusual device. It sends you an email saying, hey, was this you?
You know, confirm this action, something like that. So, using some more modern type of technology, that's gonna, you know, help things on the security front, protect these end-user accounts. That's always a big deal. And then lastly here, so client touchpoint effectiveness.
You know, this is the integration. So, making sure that all of your existing, you know, digital properties, maybe your various websites, your mobile sites, and then all of your third-party applications as well.
So, like I talked about, you know, connecting those, maybe an e-commerce platform or a booking platform or, you know, something else that's going to ingest that customer data, making sure that we have that interconnectivity set up and you're making the most out of that data, getting the most out of that customer information. And at the same time too, right, you're providing a good customer experience for those users.
They can, they log in once, they're automatically logged in on the website and they logged in on the third-party platform as well. So, offering that single sign-on experience is a nice to have too.
So, second here, abandonment rights. So, you know, a lot of issues related to authentication, you know, forms being complex, maybe requesting too much information on that first registration, you know, first name, last name, location, preferences, date of birth, you know, tons and tons of maybe check boxes on the form as well.
You know, the more fields that you have on that registration form, the more likely people are going to abandon. And we know that this abandonment rate can be, you know, 30% to 50% depending on the industry.
So, for sure, streamlining those, that registration can go a long way. User experience, yeah, so this gets into the API efficiency, you know, interfaces being confusing for users or, you know, the page load times are slow, the API response times are slow. This is a big issue as well. And this again is going to cause a lot of folks to abandon. They might think that, oh, this link is broken or I've done something wrong. They might go to refresh and then they have to start the process over again or, you know, something gets disrupted there.
So, for sure, we see a lot of that. Customers have those types of issues and they're looking for a vendor like LoginRadius to solve it. Social login options.
You know, this, not just social login, but other login options too, you know, offering a variety of options for the users. So maybe you want to maintain that, you know, that old school approach of email and password, but you also want to offer something more modern like passwordless or social login.
You know, something that's going to be, you know, two clicks and then they're logged in, maybe three clicks at the most, you know, that's going to reduce a lot of friction. Something as silly as, you know, someone having to log in, type in their email address and they make a mistake on their email address.
You know, that right there can be a huge abandonment rate. So, you know, even just a human error reduce the chances of that by offering a social login option or a passwordless option that can go a long way. So technical glitches.
This, a little bit on the API efficiency and response times, but leaning now more into system availability. So, you know, folks visit your website or your digital properties. They expect to be able to log in, you know, quickly and easily. Any kind of system availability disruption can really throw a wrench in all of that.
You know, they may never return to your site if they face some downtime or they're not able to access their account. They might feel that, oh, there's, you know, some security breach going on.
So, you know, they lose trust instantly. So a lot of these types of issues can be avoided, especially if you've got, you know, a highly available customer identity platform.
For us, we guarantee four nines, 99.99% system availability on a monthly basis. And we've actually overachieved on that. I think it's been over three years. We've had 100% system availability. So definitely having a strength there and offering, making sure that that platform is available to the end user, you know, that goes a long way in continuing to, you know, maintain that trust. And then of course, you know, we know every second of downtime, this can be very costly, especially for an e-commerce or a travel and tourism customer, a media customer.
You know, you can't serve that person ads anymore. They're gonna go somewhere else to make a purchase that they might go somewhere else to view some content.
So, you know, this is a really big deal that really can't be understated at all. So it's a big issue.
And then, you know, lastly here, cumbersome authentication. So, you know, the multiple steps related to authentication, not just on the form, you know, not just a lot of fields, but, you know, they fill out that form and then they have to go through another page and, you know, agree to some terms and conditions. Then they have to confirm their email address.
You know, this is now getting into three or four steps. And again, every step is gonna increase the chance that that person abandons that whole workflow or that whole registration.
So really, you know, trying to deal with that is, or trying to reduce that is kind of a big issue. So like I talked about already, streamlining that registration process.
You know, we really promote progressive profiling. John mentioned that earlier.
So, you know, maybe you register with a more limited set of fields, maybe just a first name and last name email address and, you know, agreeing to receive emails from the brand or from the business. And then later, maybe when they're making a purchase, that's when we wanna ask them for more information about their account. Maybe that's when we wanna get, you know, some of their favorite color. Maybe we wanna get their birth date, something more relevant to the purchase.
We can, you know, offer up these different fields in a very customizable way based on any kind of event or trigger. Usually, you know, a purchase is a common one, but it could be something more simple too. Like they visited the website five times.
Okay, now we feel that the user has built up a level of trust with that brand. Now we're gonna serve them a request for more data and let them fill out their profile a bit more. So this is an example of progressive profiling.
Yeah, offering those other social login options like I mentioned, definitely passwordless login, I think is a big one. And this is gonna be demographic based as well, right?
You know, you have maybe an older population that's more likely to write down their passwords on a pen or, you know, with a pen and a notepad, like my parents, you know, definitely we wanna avoid that, you know, eliminate any issues of password resets or, you know, lost passwords. Again, right, we're introducing more friction in that registration process if we're forcing someone to reset a password or they, you know, have to walk around the house and try to find the notepad with the password written down.
So utilizing something like social login or passwordless login, yeah, we can really, you know, skip that, offer a really smooth way for them to log in. Yeah, simplifying the authentication.
Yeah, so this gets into, you know, the connections with the third-party platforms offering some single sign-on. So the user doesn't have to log in a second time.
Again, a big disruption and evenly to offer some confusion, you know, I'm already on the website, why am I being asked to log in a second time? And so a lot of clear instructions can avoid that type of confusion. But of course, having that connectivity to the third-party tools through federated single sign-on or web single sign-on even. Lastly here, enhanced user experience.
So, you know, making sure that customer identity is working well with your mobile apps or your mobile web view, you know, trying to reduce those page load times and having an efficient API. This avoids that abandonment of the registration.
And then, you know, just having a nice user experience, a more modern user experience. People feel a little bit more comfortable.
You know, even something as seems as minor as the visual aspect of the forms that can build a lot of confidence for the users. You know, something that's got CAPTCHA enabled.
Okay, well, they're protecting my data. And, you know, this brand has a modern approach. Their security is trustworthy. So something as silly as that can not go a long way, I think. Deploying downstream APIs.
Yeah, so this is an integration issue. We do see a lot of data silos, like John talked about that a little bit too.
Yeah, just customer data, of course, is everywhere. Every time a customer interacts with your brand, that's, you know, an opportunity, or, you know, it does generate data, whether it's, you know, just visiting your website, you know, Google Analytics is capturing that data.
Or, you know, they make a purchase. Okay, now we're into the e-commerce platform.
You know, there's data in the CRM, CDP platforms, these kinds of things. So, but we do see, you know, even still today, there's a ton of that siloing of data, separation of data.
And, you know, most customers don't even know how many users they've got. You know, how many monthly active users do we have? How many people are visiting our pages? How many people are visiting our website? How many people are visiting our pages? How many people are making purchases? Simple analytics like this, which, you know, every business, you know, can place a high value on that type of data. They lack that insight into their own users. So this can be a big problem. Lack of integration.
Yeah, so, you know, not being able to connect that customer data from those third-party tools into their C customer identity and access management platform, or, you know, between their other tools, you know, they maybe lack the ability to use API, or, you know, the API connectivity from that third-party tool is limited. So, you know, they might have to approach that from a different way, maybe a federated connector, something like that. But we see a lot of, you know, disconnection here between these different systems.
You know, and I think, you know, just generally this, you know, reduces the kind of information that you're gathering on those users. You know, those insights on those customer preferences, what pages they're visiting, what types of purchases they're making, and tying that back to a user account.
You know, you really end up losing a lot of that type of insight into users. They know what type of content are they interested in, what type of media pages are they viewing, or, you know, information on my sites that they're viewing. So without unifying all of that content, without, you know, bringing all that data back into the customer identity platform, really difficult to get that type of insight.
So for us, yeah, the being flexible and connecting the customer identity platform, being able to, you know, really easily move that data back and forth between third-party tools, this is a big deal for us, and something I think is a best practice for everyone, all businesses.
So, you know, connecting that data in a seamless way, you know, making sure, you know, you're bringing across as much of that data as possible, you're not losing anything, being able to centralize that data, whether that's in your customer identity platform or in a CDP, whatever that might be, but, you know, allowing that consolidation of that data to a user, tying that to an actual human person and an identity, that's a big deal.
You can really get to know what that person's preferences are, what their interests are, you know, and for sure your marketing teams will thank you for that, and then you can start to get value from that data. So this is a big selling point for customer identity. The identity resolution, yeah, so this is the consolidation here of the data, unifying it, you know, maybe based on a unique identifier, like an email address or a phone number, and then from there, you know, you can enhance those customer profiles.
So this gets into maybe the progressive profiling or, you know, maybe making sure that you're integrated with, you know, all of those third-party tools that you are using that gather customer data. So, you know, making sure that we have as much of that data connected to that profile as we can. And all of this too, you know, especially if you are dealing with GDPR or, you know, CCPA in California, you know, any other kind of regulations that require that proper management of that data, you know, this makes things easier on that front as well.
Yeah, and user engagement and revenue. So again, that simplified registration, easy to access the different websites that you might be offering or mobile sites.
Yeah, so, you know, that's just going to increase engagement. They're less likely to go somewhere else for that type of entertainment or information or making their purchases somewhere else. We want to keep them on your site.
So, you know, definitely that increases engagement, making sure that that registration is easy. You know, they're not going to abandon reducing those barriers.
Yeah, so social media, social login options, you know, that can often make it even easier because there's just one or two clicks and they're logged in. And that progressive profiling.
So, you know, you're asking for more data from them and making sure that they're, you know, keeping their profile up to date on their interests and gathering all of that data. So just overall, just increasing that engagement. And when we do see where customers deploy customer identity generally in the first year, a three to 4% increase in revenue, that's pretty typical that we see, you know, and that's, you know, totally separate from all of the costs reduced from managing an in-house customer identity as well. So those are kind of the main piece I wanted to cover.
The last thing here, scalable infrastructure. So for us, a big selling point is our scalable infrastructure, our ability to, you know, handle large numbers of user volume or like big user events, you know, hundreds of, or sorry, tens of thousands of logins per second.
You know, this is a specialty of ours. So we have servers that auto scale based on that type of activity.
So again, right, you know, you don't have these types of features set up. This can lead to, you know, your service is going, you know, experiencing some downtime. Users can't log in, especially in a very critical moment. Maybe it's a Black Friday sale or something Christmas related, a big event that you have hosting on your sites.
Yeah, so this is a, you know, at your most sensitive time and your system is going to go down, your customer identity is going to go down. That's, you know, that's the worst case scenario. So we've built Login Radius to be scalable and to be able to manage that type of high volume for users. And definitely we've been very successful on that front.
We offer, you know, an industry best SLA. We guarantee that uptime. And like I said, we've exceeded that SLA over the past three years. And of course, you know, data being hosted locally for privacy regulation purposes.
Yeah, we host all over the globe, primarily with AWS, but we're flexible, you know, for some unique requirements, maybe in China, something like that. We've got different hosting options and hosting partners all over the place. So definitely a ton of experience with that. Ease of implementation, yeah.
So, you know, once you get, maybe pick a vendor for customer identity, you know, being able to quickly and easily deploy that tool, that's a big deal. You know, having a tool that's API driven is, you know, obviously going to be critical, being able to connect that data to those third-party tools, having deployment options like SDKs and libraries that are, you know, going to work with your programming language for your different sites. That's something, offering that is huge for us. And a lot of our customers get a lot of value out of that. And then the plug and play infrastructure.
So, you know, we set up the infrastructure for you. You know, it's just a matter of deploying the actual forms or tools on your sites. And that can really speed up a lot of implementation as well.
So you're, you know, you're getting to market faster, you're getting value out of the customer identity platform faster. CLI capabilities, yeah. Being able to, you know, interact with the platform, a lot of those automated workflows, again, speeds up the implementation. You don't have to customize those user journeys or, you know, they might be pre-built. And of course we, our customer service is quite strong on this front as well.
You know, they've seen tons of different deployments, all types of different verticals and they can offer, you know, best practices. Okay, what, you know, what's the best practice for authentication options for travel and tourism, right? They've got that, those types of insights and they're always happy to share that. So that type of knowledge base and being able to share that with customers, you know, that can really help them guide their implementation and speed things up.
So they don't have, you know, 10 internally meetings about what type of social login options to offer, something like that. So from a testimonial perspective, yeah, I think, you know, we work with customers all across the globe, all kinds of different industries. So we've got Harry Rosen here on the e-commerce side, we've got Health Vision and the healthcare industry and Aurora WDC, so an analytics intelligence, but we have customers in travel and tourism. We have actually a big pickup in the government sector.
So, you know, cities, municipalities or provinces, states, allowing authentication, you know, or allowing citizens to authenticate. Definitely we've got a big customer base in the news and media world.
So, you know, these are all kind of big industries for customer identity in general, but definitely for login radius. So I'll take a pause there. We've got the poll, we've got two polls actually. And so I'll quickly walk through the poll questions and we'll get you to interact with those. So the first one here, what are the main factors influencing your preference for customer identity and access management architecture, CIAM architecture?
Some of the options here, so security considerations, ease of deployment and management, reliability and uptime, data privacy and compliance requirements, and finally scalability and flexibility. So what are the main factors influencing your preference for CIAM architecture? That's the first poll. And the second poll, so while investigating a customer identity and access management platform, you know, where do you plan to seek assistance?
You know, where do you look for help? So use outside CIAM industry influencers and analyst experts.
So, you know, something like Kuping or Cole. Turn into your own internal team, IT team for research and recommendations. Look for a customer identity SaaS solution provider to share best practices and sample use cases from other successfully deployed clients. Or finally here, look at GSI for the entire lifecycle assistance. I think that's it for me, John. Happy to take any questions, of course, though. Okay. Let's take a look at the poll results.
So yeah, thank you for participating in that. Let's look here.
We have, again, the first question was, what are the main factors influencing your preference for CIAM architecture? Here, we've got a tie for the top two, security and then ease of deployment and management. I think that's actually a very good split and that kind of maps to what I've been hearing as I've been doing my latest round of research on this. What are your thoughts on that, Cooper?
Yeah, same for us. Yeah, I think security, especially, you know, data privacy and protecting those user accounts, you know, that's always been front of mind or has been front of mind for a long time. That's always gonna be, you know, a showstopper for a lot of folks or, you know, it's gonna be a, they've maybe faced a breach or they're hearing about somebody else in the industry and they've got a partner that faced a breach.
You know, they're gonna want to plug those holes and, you know, what can we be doing better from a customer identity perspective to, you know, up our game on security front. So for sure that maps for us. We see that a lot. And then the ease of deployment, you know, this is, you know, when customers are picking a vendor, you know, they don't wanna be spending, you know, eight, 12 or more months deploying that solution.
You know, they want something that, hey, we know we've got a problem. We wanna be able to fix it in a timely manner, right?
So, you know, this is a big factor in picking a vendor and yeah, yeah, for sure we see a lot of that. And yeah, well, that's why we've kind of placed that emphasis on those deployment tools and making sure it's, you know, we offer those best practices and it's easy to deploy the platform.
You know, before we move to the next poll question, I was previewing some of the questions that came in and one of them was about is more or less B2B CIM, you know, really, really a thing. Why can't you just do that with identity federation and I assume your enterprise IAM. And I think it ties very closely to what you're saying here about ease of deployment.
If you're, you know, again, in a big complex supply chain scenario and you've got a whole bunch of different vendors, it can be very difficult to, you know, expand your enterprise IAM system, you know, all the way down to like the LDAP schema to accommodate a whole bunch of different suppliers. In many cases, it can be easier to set up a brand new CIM system that's focused on B2B and then establish the identity federation relationships there. Any thoughts on that one, Cooper, as maybe being a driver for ease of deployment, being a driver for the B2B CIM push that we see?
For sure, yeah. And yeah, a lot of these type of, these B2B use cases, you know, they get so complex, you know, they've got, you know, different layers of partners that they're working with. They've got, you know, within those partners or within those businesses, they need different controls for, you know, allowing their employees access and managing their end users.
So, you know, these things can really quickly get complicated if the deployment is difficult or, you know, you run into some issues on the deployment. So for sure that, you know, that ease of setup can really smooth things out or, you know, maybe, you know, approaching the implementation in a different way, not trying to, you know, boil the ocean to use the phrase, right?
You know, okay, we'll do one section of our business first, you know, bring on like two or three of our B2B customers and then we're going to, you know, do another two or three in a few months and trying to like break down the implementation that way. So, yeah, being flexible from a vendor perspective, being flexible to support those types of deployments that can, you know, really make or break a project. Great. Let's take a look at that second poll question response. While investigating a CIM platform, where do you plan to seek assistance?
Industry influencers and analysts, 8%, your own internal IT team, 33%. Look for a CIM SaaS solution provider to share best practices and sample use cases from other successfully deployed clients, 59%. That's a pretty good place to look, but feel free to talk to analysts as well.
Yeah, I think, John, you know, a lot of the customers that I talk to, you know, they are doing all three of these actually, right? So, you know, they might, and if I can suggest an order, they'll do B, A, and then C. So they'll turn to their internal IT team and that team will end up doing a lot of research with industry influencers and analyst experts like yourself, like you, Pinker Cole, and they'll, you know, review those, that content from those experts. And then they'll go to a vendor and, you know, start finding out more about, okay, what is the, you know, what do the costs look like?
What do the feature sets look like for the different vendors? You know, what are the differences, you know, between the different vendors? What do they offer or not offer? So I think it's a combination of all three of these. That's what I see at least. Yeah.
Yeah, and again, we've got a new version of our CIM leadership compass coming out in probably the next one to two months. And this is probably the largest one yet.
There are, you know, over 24, 25 vendors that we'll be reviewing there. So lots of new things and even some new vendors that we haven't reviewed before. So really fascinating topic.
Okay, we've got still quite a few questions to look at here. So let me try to squeeze in as many as we can before the end of our time.
Thoughts, recommendations on using SDKs versus direct API integration for CIM implementations? You know, I think API is definitely the modern way of doing it, but I know many solution providers offer SDKs, especially for mobile app integration. I think that's still an area where we see SDKs being used, but yeah, mostly businesses are interested in connecting things via APIs. Would you agree or disagree on that, Cooper?
Yeah, I think more and more customers, businesses are moving towards the API deployment, but you know, this is also dependent on their expertise. You know, do they have the team members familiar with API that can do that type of deployment?
You know, if they don't, then they might lean on an SDK a little bit more. So I think that's kind of the break point.
You know, and I think the other thing too, it's gonna depend on the size of the customer. The larger the company, the more likely they are to have that expertise, you know, or have that comfort with API. And so they're gonna go direct to, you know, with that approach.
Yeah, that makes sense. Let's see, the next one is, can you share best practices on prioritization, most critical customer workflows in the registration process versus the next phase critical customer workflows? I assume this is probably talking about progressive profiling and what information do you need to collect first and what can wait? What would your suggestions be on that, Cooper?
Yeah, the type of information to collect up front, as little as possible. You know, only what's, you know, and it's gonna be different from business to business.
You know, what's, you know, what a media company might wanna gather would be maybe just an email address and a password, or, you know, just the authentication, the social login steps and nothing else. You know, maybe a checkbox to say, hey, yeah, we agree to receive emails.
You know, even anything more than that, I would say, you know, to save that for a progressive profiling step later on. You know, I think the, for, you know, trying to be as frictionless as possible, if I could use that term, making sure you get people in the door, that's the most important thing.
And then, you know, when they make a purchase or, you know, they built that trust with the brand, you know, they're gonna be coming back. That's a good time to ask for, you know, other types of information that might be important to your business.
And again, it's gonna be different from industry to industry. Okay. Let's see the next one. What are some of the strategies to obtain Five9's resiliency from a CIM implementation? Multi-cloud, multi-region?
Well, definitely, definitely cloud-based. Look for a CIM solution provider that will tell you where their data centers are.
You know, we see some use of multi-cloud, but, you know, even if you're running in a tier one infrastructure as a service provider, you need to make sure that you've selected the right regions. And, you know, if you're not operating in a given region, there's probably no benefit of, you know, retaining a data center there, but using redundancy within your own region. But multi-cloud is now becoming more popular too. And it's definitely something to consider.
Oh, as well as single tenant. We see more use of single tenant instances across industry as well. What would you like to add to that, Cooper?
Yeah, certainly, for sure. Yeah, local hosting close to you, the better. And obviously you're going to have privacy regulations driving that as well.
But, you know, we have a pretty unique approach to our infrastructure with failbacks, you know, within the region, failbacks to a secondary cloud provider. So yeah, we've put a lot of time and effort into making sure that those servers are scalable and highly available. Definitely the single tenant issue is coming up more and more. And I think that's going to depend on, you know, the number or the user volume.
You know, if you've got, you know, millions of monthly active users, you know, you should be looking at a single tenant environment. And, you know, that's going to offer you the most stability.
You know, you're going to be able to manage those influx of users for big events. And definitely we recommend that for those larger customers. Okay.
Yeah, we'll take one more here. That is, what are your thoughts on using SAML or OIDC-based federation for B2B use cases? I would say I'm all in favor of that. Many of the, well, pretty much all CIM solution providers today accept SAML and OIDC.
I mean, there may be one or two that don't, but those are certainly just as common in the CIM world as the IAM world. And there are some solution providers that really act as a federation hub. That's kind of their specialty. So it's definitely something that can help with deployment, help with ongoing maintenance, probably in most cases, increase security because you get a little bit of that delegated administration as a result from just relying on identity federation. What are your thoughts on that, Cooper?
Yeah, yeah, that's right, John. Yeah, I think, especially on B2B, you know, you know, they're all SAML or they're all a federated connector driven.
You know, whether one connector is better than the other kind of depends on, you know, what type of tools you're offering and what type of connectivity you're offering. You know, picking a vendor based off of, you know, what connectors they offer. I think that, yeah, that those offerings are pretty universal. All I can say is for us, yeah, we try to be as flexible as possible.
You know, we allow JWT, you know, OpenID, SAML 2, you know, all these types of different connectors and yeah, we just have to be flexible and we see all kinds of different use cases, historic systems and new systems. So yeah, we try to be flexible.
Well, great, thanks. We got to the bottom of our question list and I wanted to thank everybody for participating today.
Great, great work on the polls and thanks for your questions and watching and thanks to Cooper for all your insights today. Any parting comments?
No, thanks, John. Definitely appreciate the opportunity to present and certainly we're happy to answer any other questions offline and feel free to reach out to myself or anyone else at Login Radius for those types of questions.
Yep, and if you have any questions about CIM in general, feel free to get in contact with me. All right, thanks everyone. Have a good rest of your day. Thank you.
