How Customer Identity & Access Management (CIAM) Is Different

Traditional IAM vs Customer IAM

How Customer Identity & Access Management (CIAM) is different from traditional Identity & Access Management (IAM)

Understanding the differences between CIAM and IAM

Digital identity is at the center of every company’s digital transformation. The value of the customer profile data that is linked to their identities has grown dramatically and is now one of the most crucial success factors for companies today. Customer profile data forms the foundation for analyzing, understanding and predicting consumer behavior and customer journeys from first contact to purchase decisions and long-term brand loyalty.

It is a common misconception that the technology required for customer identity and access management (CIAM) is basically the same as that for traditional identity management, often also referred to as enterprise IAM, employee IAM, workforce IAM, or just IAM. These are the IT systems that ensure that only the workforce of a company can access the corporate computer network and its resources. IAM is typically well established in every larger company, leading to erroneous assumptions along the lines of ‘we have this technology in-house already, so it can’t be that hard to extend it to the outside world.’

This can lead to a drastic underestimation of the differences between workforce IAM and customer IAM and the complexity of managing customer identities for a company’s public-facing digital properties. Customer IAM has different and far more challenging requirements than workforce IAM.

Attempting to repurpose workforce IAM solutions is generally a problematic approach, regardless of whether it is suggested by internal departments or by external IAM vendors entering the CIAM market.

Traditional IAM is designed to manage the access of employees to the internal IT systems of a company. But it cannot provide insights into who these users are (in fact, it assumes that these are already known), what they do once inside and what influences their journey and behavior within the digital sphere – which are the types of data insights that enterprises require to understand their customers and compete in today’s digital markets.

Even at the biggest of corporations, traditional IAM systems might be charged with handling tens of thousands of employee identities at most, whereas high-profile brands have to manage tens or hundreds of millions of customer accounts, oftentimes simultaneously. Customers expect zero friction, so the identity solution needs to scale “out” as well as “up” in order to meet this workload with little to no perceptible latency. A study found that two seconds is the threshold in terms of an average online shopper’s expectation for a web page to load and 40 percent of shoppers will wait no more than three seconds before abandoning a retail or travel site.

In other words, if your identity management system goes down or slows down because it cannot handle the load, your conversion rates and revenue will go down with it. Ironically, load peaks and increased customer traffic are typically caused by successful campaigns, meaning that a sluggish identity management system can stop that success right in its tracks.

Dedicated customer identity and access management (CIAM) platforms, like the Janrain Identity Cloud, are designed and architected from the ground up to provide companies maximum value from customer profile data. They also enable seamless and frictionless customer experiences so that tasks like login, authentication, or preference management don’t get in the way and drive consumers towards the competition. Last but not least, CIAM solutions address the increased needs for security to protect sensitive personal data across public networks and enable global players to comply with a broad variety of privacy regulations that change often and are different from region to region.

The following table outlines the major differences between traditional IAM and CIAM.

Traditional IAM vs Customer IAM

Traditional IAM Customer IAM

Manages employee identity within a corporation. Manages customer identity on digital customer-facing multi-channel sites (web, mobile, IoT).

Users are being signed up by company, with key profile data Users sign up themselves and generate user-specific data being filled in by HR or IT. on their own.

Authentication against internal directory services. Authentication against public services like OpenID and social media, as well as directory services.

Users are known and captive: employees, contractors, Users are unknown (until registration) and may create multiple partners. Trust is assumed. and fake accounts. Trust cannot be assumed.

Workforce users are typically tolerant to poor performance Customers and prospects have very low tolerance for and latency and can’t easily change. poor performance and have many choices of competitive alternatives.

Scalable to 10s to 100,000s users, one identity each. Scalable up to 100s of millions of users with up to billions of consumer identities.

Many heterogeneous IT systems, on a closed, Many heterogeneous IT systems, on public networks (Internet). corporate network.

Identity Provider (IdP) is typically one central internal Many decentralized Identity Providers – Social Login through IT system. Facebook, Google, LinkedIn, etc., and traditional login.

Employee profile data collected for administrative and Customer profile data collected for highly critical business operational purposes. purposes (transactions, marketing, personalization, analytics and business intelligence).

Integration with HR and ERP systems. Integration with a broad landscape of marketing and sales automation technology, analytics systems, and security and compliance solutions.

Management of personal data and user privacy/preferences/ Handling of personal data subject to a broad variety of consent happens only within a tightly controlled privacy and data protection regulations that differ between homogenous corporate environment. regions and require to enable users to view, modify and revoke preference and consent settings.

Further Reading

♦♦Janrain Sample RFP: Selection Criteria ♦♦CIAM Solutions in Data Architecture for Customer Identity and Access (video) Management Platforms ♦♦Buyer’s Guide – Customer Identity & ♦♦Janrain Identity Cloud Data Sheet Access Management (CIAM)

www.janrain.com | Copyright © 2018 Janrain, Inc. All rights reserved. (ver.2018.02.08) | 4 The Janrain Identity Cloud® is the first choice of Fortune 1000 enterprises for mission-critical customer identity and access management (CIAM). It provides real-time identity management, security, and activation capabilities that enable seamless and safe customer experiences – while providing you with deep customer insights.

Learn More

Contact us if you have question or would like to learn more about how we can make CIAM help you achieving your business goals.

US 888 563 3082 | Europe +44 208 973 2561 |  @janrain

About Janrain

Founded in 2002, Janrain pioneered Customer Identity and Access Management and is widely recognized by industry analysts as a global CIAM leader. The Janrain Identity Cloud provides identity management, security and activation solutions that enable seamless and safe customer experiences across their digitally connected world, while providing enterprise organizations with deep customer insights. Janrain’s identity capabilities include social and traditional login and registration, single sign-on, customer profile data storage and management, customer segments, customer insights and engagement solutions. The company manages 1.5 billion digital identities for 3,400 brands, including Pfizer, Samsung, Whole Foods, Fox News, Philips, McDonald’s and Dr Pepper. Janrain is based in Portland, Oregon, with offices in London, Paris and Silicon Valley. For more information, please visit www.janrain.com and follow @janrain.