Customer Identity and Access Management (CIAM) is specific twist on IAM, focused on customer identities. Where traditional workforce identity and access management (IAM) strategy is focused on security, productivity and compliance, CIAM aims to improve the customer sign-up and login experience as well as reduce the risk of account takeover, which is rampant in the consumer space because of password reuse. CIAM isn’t just limited to consumers, but can also apply to other businesses, such as a company’s enterprise customers, partners or vendors.
Scale is also an important factor in CIAM. Whereas even large enterprises with a few exceptions only have employees in the hundreds of thousands, some companies have tens or hundreds of millions of customers. Consequently, CIAM solutions must be able to scale extremely well.
In the identity space there are both vendors that specialize in CIAM and vendors that handle both customer and workforce identities. Regardless of which type of vendor you choose for your CIAM project, it’s useful to keep in mind the key benefits that a CIAM solution should provide.
IAM and CIAM requirements are similar when it comes to scalability, security, and accessibility. Both must include these three components to guarantee a great user experience, whether for internal employees or business partners. The ways in which CIAM goes beyond the traditional IAM approach are:
Scalability: A CIAM solution must be able to handle increased Internet traffic both in terms of volume and frequency. Unlike IAM for employee use, your customer portal must be able to support millions of users. It also has to be able to handle rapid spikes in traffic. Use of the portal is unpredictable, but there will be peak times when many people are hitting your system at the same time and the CIAM must be able to handle those peaks.
Security with minimal friction: In the past, companies only gave consumers one option for signing in: username and password. Now that multi-factor authentication is commonplace, apps often require two or more factors before granting users access. To ensure that adding MFA factors is not discouraging users from creating accounts CIAM must be implemented in smart ways so as to not slow down or block customers. To keep the barrier of entry low, companies also often lean towards using social media identity for passwordless authentication. You want to have options in how you secure authentication, so be sure your CIAM solution offers enough flexibility to support your particular business.
Accessibility: CIAM provides high accessibility of your company’s brand and products to existing and potential customers. Your customers should be able to get what they need on any device at any time with a consistent and seamless experience. Having a consistent brand across many channels, whether a website, mobile app or store kiosk, and having consistent accessibility regardless of which format a customer chooses is important for creating a successful and personalized user experience. This is key to creating loyal and repeat customers.
Companies often need to let business partners access some of their applications, such as order management or inventory systems. As increasingly more businesses have IAM solutions in place for their employees, it makes sense to just establish trust between the respective IAM solutions so that the partner’s employees can single sign-on to the inventory system instead of having to use a password. This not only increases security, but also improves usability.
Consumers have to remember a lot of passwords. Facebook, Twitter, Instagram, YouTube, Yelp, banks, car and home insurance, pharmacies, their grocery store, online streaming services, Uber, and so on. The number quickly adds up and it’s humanly impossible to give each service a unique, strong password. As consumer services are breached around the world, hackers accumulate more and more credentials, which they use for password stuffing attacks via massive bot networks.
This puts consumers who reuse passwords at risk. With CIAM, you can give the consumer the option to add a second authentication factor or sign in with their social identity, which provides a much greater protection against account takeover.
According to Gartner, CIAM is an essential component to building solid customer trust. In fact, by 2020, companies that implement digitally trustworthy customer solutions will generate 20 percent more online profit than those that do not. With a Trusted Experience Platform™, companies can build a strong foundation for customer identity, while minimizing operating costs and maximizing revenue and user experience with a robust CIAM solution.
Give customers the trusted experience they demand while providing the security that customer transactions require. One customer identity management solution for your many channels.Read More
Learn how OneLogin’s CIAM solution can help you avoid exposing your customers’ personal information.Read More
Single sign-on (SSO) is the ability for users to log in just one time with one set of credentials to get access to all corporate apps, websites, and data for which they have permission.Read More