Customer Identity and Access Management

Customers accessing your online services seek frictionless security and great experience. They want to access your services using different channels, devices and use social media credentials on your platform. They are also looking for innovative ways of gaining more value and want control of their data, who to share it with and ways to revoke that consent. GDPR, POPI, PCI compliance policies and legislations are at the front door of any organisation that has a digitised B2C business model.

 

CIAM primary concerns

Digital Identity Ownership

 

This is the antidote of “Data is the new Gold” which most corporates have taken up to, in order to own and control large customer data for profit.

 

 

h

Privacy and Consent

 

If the customers do not own nor have control over their identities and the attached data, it becomes very difficult to guarantee privacy as well as ensuring that the data is only shared after consent has been given.

CIAM ODIP Solution

CIAM Open Digital Identity Platform (ODIP) is built with privacy in mind. Customer registration is seamless and identity verification occurs at external trusted parties such as KYC platforms or Government institutions. Customers can login using their social logins, U2F tokens, Mobile Apps with push notifications and so forth to ensure that an organisation can fully engage, acquire, incentivise a customer to ensure loyalty and enable Click-to-buy. With AI, ODIP provides intelligent analysis and tailored CX.

Identity Assurance

Customer registration should be done at speed and scale with ease. The identity system should also be able to ensure that registered identities are of the person, device, code or clone that it says it is.

To prevent fraud and misuse, ODIP employs strict identity assurance by verifying PII data against Government systems, 3rd party KYC platforms and also AI to ensure that similar data is not used more than once. We rank identity assurance from a scale 1 to 4 depending on the verifiable evidence at the time of registration. 

To enhance your customer engagement and acquisition, prospects can use their social identities to register. This enables you to build anonymous data for analysis on what prospects “like” or prefer on your site before conversion.

Customer preferences can also be recorded and mined later to enhance your offerings and tailor those offerings on a per user basis. This is the beauty of customer identity management. It enables you to build a relationship with your customers.

The identities are then provisioned to your Customer Relationship Management and eCommerce platforms. The identity systems also maintains these identities and the relationships thereof, be it between a customer, the devices they use and perhaps stores (in case of a retailer) they frequently visit or their wearable tech. ODIP builds trust between an organization and its customers.

 

Privacy & Consent

CIAM ODIP is built with privacy in mind. Customer registration is seamless and identity verification occurs at external trusted parties such as KYC platforms or Government institutions. Customers can login using their social logins, U2F tokens, Mobile Apps with push notifications and so forth to ensure that an organization can fully engage, acquire, incentivize a customer to ensure loyalty and enable Click-to-buy. With AI, ODIP provides intelligent analysis and tailored CX.

Federation

Identity federation allows businesses to connect and share critical information with its partners. It is the “interdependent glue” that allows an enterprise, application, service, or a smart thing to trust one or more other entities and/or things. This occurs immediately, allowing secure authorised access from anywhere on the globe. Identities need to control their privacy as well as their authorisations in a centralised fashion in a federated environment.

Enterprises that are authoritative for an identity and/or its attributes are referred to as the Identity Provider (IdP). The IdPs authenticate the identity and send them on to other enterprises that trust the identity information and then authorise the user into their service, referred to as the Service Provider (SP). This is all based on a comprehensive Legal Agreement between the parties involved and consent from the user, referred to as the Principal. That is:

  • IdP deals with assurance (identity, credentials)
  • SP deals with protection of federated identity
  • The principal (end user) is concerned about whether they have control on who can access or share their data.

There are risks and liabilities in a federation. Consider the following:

  • If your organization is an SP, it trusts and accepts that the provided identities are properly proofed, registered, managed, authenticated, and authorised .
  • On the other hand if you are an IdP, you conversely accept the risk for proofing, registering, managing, authenticating, and authorising identities.
  • Federation uses the Internet, which in a way is insecure, potentially opening up the enterprise to new forms of attacks.
  • Federation shares technical environments with other parties. These environments need to be maintained and operational according to the legal agreement. All of the above carries potential liabilities to the enterprise.
  • The legal agreement needs to mitigate your organization risk by assigning liability to the partner wherever possible. We can help you set this contract up to ensure your protection.

The ODIP platform federation capabilities and our nuance in identity platforms enables your organization to federate in a legally binding, secure, scalable and robust federation circle of TRUST. It supports (SAML 2.0, OAuth 2.0, OpenID Connect, Shibboleth)

Credential Management

Due to the rapid adoption of two-factor authentication (2FA), customers can use different mechanisms to further secure the log in process. Also, these customers have to be in control of who or what can access their information and be able revoke that consent whenever. To do this organisations need a self-service portal for end-users to manage authentication and authorisation data for their account.

The ODIP platform allows customers to:

  • Enrol, delete and manage 2FA credentials for their account (e.g. FIDO security keys, mobile apps, phone numbers, etc.)
  • Turn 2FA on and off
  • View and manage which external apps have been authorised to access what personal data
  • View and manage trusted devices

We specialize in cyber-security solutions across different industry verticals. Our core value proposition is our ability to deliver robust, transformative and visionary identity platforms to enable and secure your digital transformation strategies.

Address

55, Spaces Broadacres, Willow Wood Office Park Cnr 3rd Ave &, Cedar Rd, Broadacres Park, 2021

}

Business Hours

Mon – Fri  9 am – 5 pm

Phone

Office: +27 (0) 11 065 9362
+27 (0)71 602 7492
+27 (0)72 727 8371

Email

info@icurity.co.za