DOCSLIB.ORG

How Customer Identity & Access Management (CIAM) Is Different

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
How Customer Identity & Access Management (CIAM) Is Different Traditional IAM vs Customer IAM How Customer Identity & Access Management (CIAM) is different from traditional Identity & Access Management (IAM) www.janrain.com | Copyright © 2018 Janrain, Inc. All rights reserved. (ver.2018.02.08) | 1 Traditional IAM vs Customer IAM Understanding the differences between CIAM and IAM Digital identity is at the center of every company’s digital transformation. The value of the customer profile data that is linked to their identities has grown dramatically and is now one of the most crucial success factors for companies today. Customer profile data forms the foundation for analyzing, understanding and predicting consumer behavior and customer journeys from first contact to purchase decisions and long-term brand loyalty. It is a common misconception that the technology required for customer identity and access management (CIAM) is basically the same as that for traditional identity management, often also referred to as enterprise IAM, employee IAM, workforce IAM, or just IAM. These are the IT systems that ensure that only the workforce of a company can access the corporate computer network and its resources. IAM is typically well established in every larger company, leading to erroneous assumptions along the lines of ‘we have this technology in-house already, so it can’t be that hard to extend it to the outside world.’ This can lead to a drastic underestimation of the differences between workforce IAM and customer IAM and the complexity of managing customer identities for a company’s public-facing digital properties. Customer IAM has different and far more challenging requirements than workforce IAM. Attempting to repurpose workforce IAM solutions is generally a problematic approach, regardless of whether it is suggested by internal departments or by external IAM vendors entering the CIAM market. Traditional IAM is designed to manage the access of employees to the internal IT systems of a company. But it cannot provide insights into who these users are (in fact, it assumes that these are already known), what they do once inside and what influences their journey and behavior within the digital sphere – which are the types of data insights that enterprises require to understand their customers and compete in today’s digital markets. www.janrain.com | Copyright © 2018 Janrain, Inc. All rights reserved. (ver.2018.02.08) | 2 Traditional IAM vs Customer IAM Even at the biggest of corporations, traditional IAM systems might be charged with handling tens of thousands of employee identities at most, whereas high-profile brands have to manage tens or hundreds of millions of customer accounts, oftentimes simultaneously. Customers expect zero friction, so the identity solution needs to scale “out” as well as “up” in order to meet this workload with little to no perceptible latency. A study found that two seconds is the threshold in terms of an average online shopper’s expectation for a web page to load and 40 percent of shoppers will wait no more than three seconds before abandoning a retail or travel site. In other words, if your identity management system goes down or slows down because it cannot handle the load, your conversion rates and revenue will go down with it. Ironically, load peaks and increased customer traffic are typically caused by successful campaigns, meaning that a sluggish identity management system can stop that success right in its tracks. Dedicated customer identity and access management (CIAM) platforms, like the Janrain Identity Cloud, are designed and architected from the ground up to provide companies maximum value from customer profile data. They also enable seamless and frictionless customer experiences so that tasks like login, authentication, or preference management don’t get in the way and drive consumers towards the competition. Last but not least, CIAM solutions address the increased needs for security to protect sensitive personal data across public networks and enable global players to comply with a broad variety of privacy regulations that change often and are different from region to region. The following table outlines the major differences between traditional IAM and CIAM. www.janrain.com | Copyright © 2018 Janrain, Inc. All rights reserved. (ver.2018.02.08) | 3 Traditional IAM vs Customer IAM Traditional IAM vs Customer IAM Traditional IAM Customer IAM Manages employee identity within a corporation. Manages customer identity on digital customer-facing multi-channel sites (web, mobile, IoT). Users are being signed up by company, with key profile data Users sign up themselves and generate user-specific data being filled in by HR or IT. on their own. Authentication against internal directory services. Authentication against public services like OpenID and social media, as well as directory services. Users are known and captive: employees, contractors, Users are unknown (until registration) and may create multiple partners. Trust is assumed. and fake accounts. Trust cannot be assumed. Workforce users are typically tolerant to poor performance Customers and prospects have very low tolerance for and latency and can’t easily change. poor performance and have many choices of competitive alternatives. Scalable to 10s to 100,000s users, one identity each. Scalable up to 100s of millions of users with up to billions of consumer identities. Many heterogeneous IT systems, on a closed, Many heterogeneous IT systems, on public networks (Internet). corporate network. Identity Provider (IdP) is typically one central internal Many decentralized Identity Providers – Social Login through IT system. Facebook, Google, LinkedIn, etc., and traditional login. Employee profile data collected for administrative and Customer profile data collected for highly critical business operational purposes. purposes (transactions, marketing, personalization, analytics and business intelligence). Integration with HR and ERP systems. Integration with a broad landscape of marketing and sales automation technology, analytics systems, and security and compliance solutions. Management of personal data and user privacy/preferences/ Handling of personal data subject to a broad variety of consent happens only within a tightly controlled privacy and data protection regulations that differ between homogenous corporate environment. regions and require to enable users to view, modify and revoke preference and consent settings. Further Reading ♦ Janrain Sample RFP: Selection Criteria ♦ CIAM Solutions in Data Architecture for Customer Identity and Access (video) Management Platforms ♦ Buyer’s Guide – Customer Identity & ♦ Janrain Identity Cloud Data Sheet Access Management (CIAM) www.janrain.com | Copyright © 2018 Janrain, Inc. All rights reserved. (ver.2018.02.08) | 4 The Janrain Identity Cloud® is the first choice of Fortune 1000 enterprises for mission-critical customer identity and access management (CIAM). It provides real-time identity management, security, and activation capabilities that enable seamless and safe customer experiences – while providing you with deep customer insights. Learn More Contact us if you have question or would like to learn more about how we can make CIAM help you achieving your business goals. US 888 563 3082 | Europe +44 208 973 2561 | @janrain About Janrain Founded in 2002, Janrain pioneered Customer Identity and Access Management and is widely recognized by industry analysts as a global CIAM leader. The Janrain Identity Cloud provides identity management, security and activation solutions that enable seamless and safe customer experiences across their digitally connected world, while providing enterprise organizations with deep customer insights. Janrain’s identity capabilities include social and traditional login and registration, single sign-on, customer profile data storage and management, customer segments, customer insights and engagement solutions. The company manages 1.5 billion digital identities for 3,400 brands, including Pfizer, Samsung, Whole Foods, Fox News, Philips, McDonald’s and Dr Pepper. Janrain is based in Portland, Oregon, with offices in London, Paris and Silicon Valley. For more information, please visit www.janrain.com and follow @janrain. www.janrain.com | Copyright © 2018 Janrain, Inc. All rights reserved. (ver.2018.02.08) | 5 .
Load more

Recommended publications
  • Signing Me Onto Your Accounts Through Facebook And
    Signing Me onto Your Accounts through Facebook and Google: a Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services Rui Wang Shuo Chen XiaoFeng Wang Indiana University Bloomington Microsoft Research Indiana University Bloomington Bloomington, IN, USA Redmond, WA, USA Bloomington, IN, USA [email protected] [email protected] [email protected] Abstract— With the boom of software-as-a-service and social extensive commercial deployments as what happen on networking, web-based single sign-on (SSO) schemes are being today’s web, thanks to the increasing popularity of social deployed by more and more commercial websites to safeguard networks, cloud computing and other web applications. many web resources. Despite prior research in formal verification, little has been done to analyze the security quality Today, leading web technology companies such as of SSO schemes that are commercially deployed in the real Facebook, Google, Yahoo, Twitter and PayPal all offer SSO world. Such an analysis faces unique technical challenges, services. Such services, which we call web SSO, work including lack of access to well-documented protocols and code, through the interactions among three parties: the user and the complexity brought in by the rich browser elements represented by a browser, the ID provider (a.k.a, IdP, e.g., (script, Flash, etc.). In this paper, we report the first “field Facebook) and the relying party (a.k.a, RP, e.g., Sears). Like study” on popular web SSO systems. In every studied case, we any authentication scheme, a secure web SSO system is focused on the actual web traffic going through the browser, and used an algorithm to recover important semantic expected to prevent an unauthorized party from gaining information and identify potential exploit opportunities.
    [Show full text]
  • CIAM Platforms LEADERSHIP COMPASS
    KuppingerCole Report LEADERSHIP COMPASS by John Tolbert December 2018 CIAM Platforms This report provides an overview of the market for Consumer Identity and AcCess Management and provides you with a Compass to help you to find the Consumer Identity and ACCess Management produCt that best meets your needs. We examine the market segment, vendor product and service functionality, relative market share, and innovative approaChes to providing CIAM solutions. by John Tolbert [email protected] December 2018 Leadership Compass CIAM Platforms KuppingerCole Leadership Compass CIAM Platforms By KuppingerCole Report No.: 79059 Content 1 Introduction .................................................................................................................................... 6 1.1 Market Segment ...................................................................................................................... 7 1.2 Delivery models ....................................................................................................................... 9 1.3 Required Capabilities .............................................................................................................. 9 2 Leadership .................................................................................................................................... 12 3 Correlated View ............................................................................................................................ 20 3.1 The Market/Product Matrix .................................................................................................
    [Show full text]
  • Customer Relationship Management (CRM) Chapter Leads to the Most Arguments About Placement Whenever We Update This Book
    Retain › Introduction Introduction to Retain By this stage of the book you’ve probably realised that getting your customers’ attention through digital channels is only part of the battle. Holding on to that attention in order to build a long-term customer relationship is the next essential step. We’ve covered planning, building and driving traffic to carefully developed digital assets. The next few chapters deal with methods and tools for retaining the stream of potential and existing customers by building relationships with them and leading them to conversions. The Customer relationship management (CRM) chapter leads to the most arguments about placement whenever we update this book. A core approach in taking care 14 of and converting customers, CRM can be a core business strategy as well as an approach and should be considered at all stages of the customer journey. Content marketing lays out the building blocks for effectively using content, not advertising, to reach audiences. With users becoming increasingly blind to adverts Customer and wary of blatant promotional material, there is a strong need for brands to provide value in the forms of good content to engage and retain their audience. Being chosen as a customer’s preferred brand often hinges on how favourably you relationship are seen by others in the market. Being well represented on Social media, and implementing a sound Social media strategy, is important for brands marketing online. Monitoring sentiment around your brand, using online monitoring tools, will management help you to understand how digital communities perceive brands. Video marketing is another excellent tool for engaging and capturing your audience’s (CRM) attention.
    [Show full text]
  • Getting to Know Your Customers: the Emergence of CIAM Abstract
    Getting To Know Your Customers: The Emergence of CIAM Abstract Ten years ago identity and access management (IAM) solutions were rarely deployed beyond the company firewall, providing permissions and access rights to enterprise resources to employees and contractors. When available, the management of customer and partner access to a generally limited set of resources was often poorly coordinated. Today, however, a very different social, technology and business environment demands that enterprises make their customers’ online experience as sleek and personalized as possible. And to do this, enterprises are embracing a new breed of consumer or customer identity and access management (CIAM) solutions from their IAM vendors. The investment and commitment to CIAM are being driven by an ever- increasing sophistication of customer expectation in terms of a ‘joined up’ user experience and real-time availability of relevant resources accessible anywhere, anytime and from any device. Alongside the need to protect the ‘disappearing perimeter’ with adequate security is measured the need to address competitive advantage and maintain customer loyalty. Boosting transparency between marketing and lines of business has the potential to deepen the customer relationship. In this report, we investigate this emerging trend, what the major players are doing, and what should be the next steps for TechVision Research clients. This report covers: • The CIAM value proposition and business rationale for the enterprise • Getting the balance right between enterprise IAM (EIAM) and CIAM • TechVision Research’s shortlist of CIAM vendors • Eight steps an enterprise should take to best leverage CIAM Author: David Goodman, D. Phil Principal Consulting Analyst [email protected] Getting To Know Your Customers: The Emergence of CIAM David Goodman Table of Contents Abstract .............................................................................................................................................................................
    [Show full text]
  • 10 Best Practices to Drive On-Site Engagement.Pdf
    10 BEST PRACTICES TO DRIVE ON-SITE ENGAGEMENT Contents Introduction 3 Leverage Existing Social Identities 4 Define Reasons to Register 5 Provide a Welcoming Return Experience 7 Encourage Users to Link Multiple Social Accounts 8 Encourage Social Sharing 9 Drive Engagement by Including Friends 10 Optimize for Mobile Browser Experiences 11 Reward Participation and Loyalty 12 Offer Ratings and Reviews 13 Test, Learn and Iterate 14 Conclusion 15 tm Introduction Introduction Today’s connected consumer has a number of fundamental expectations about what they should be able to do online Regardless of the type of website (media, entertainment, retail, consumer brand, etc ), people increasingly expect an element of social interactivity This shift in behavior creates new acquisition and engagement opportunities, and thankfully the tools that enable marketers to step up to this challenge are continually improving This paper explores best practices for incorporating social technologies into your site, including key considerations for how, when, why and where to integrate social components to maximize the experience as well as your return, along with some real-world examples We’ll cover these opportunities to integrate social: • Social Login • Social Sharing • Leveraging the Social Graph • Loyalty and Rewards • Mobile and Tablet Consideration Copyright © 2013 Janrain Inc All rights reserved On-Site Engagement | www janrain com | 888 563 3082 PG3 tm 1 Leverage Existing Social Identities When people arrive at a website, many of makes the process quick
    [Show full text]
  • On the Security of Single Sign-On
    On the Security of Single Sign-On Vladislav Mladenov (Place of birth: Pleven/Bulgaria) [email protected] 30th June 2017 Ruhr-University Bochum Horst G¨ortz Institute for IT-Security Chair for Network and Data Security Dissertation zur Erlangung des Grades eines Doktor-Ingenieurs der Fakult¨atf¨urElektrotechnik und Informationstechnik an der Ruhr-Universit¨atBochum First Supervisor: Prof. Dr. rer. nat. J¨org Schwenk Second Supervisor: Prof. Dr.-Ing. Felix Freiling www.nds.rub.de Abstract Single Sign-On (SSO) is a concept of delegated authentication, where an End- User authenticates only once at a central entity called Identity Provider (IdP) and afterwards logs in at multiple Service Providers (SPs) without reauthenti- cation. For this purpose, the IdP issues an authentication token, which is sent to the SP and must be verified. There exist different SSO protocols, which are implemented as open source libraries or integrated in commercial products. Google, Facebook, Microsoft and PayPal belong to the most popular SSO IdPs. This thesis provides a comprehensive security evaluation of the most popular and widely deployed SSO protocols: OpenID Connect, OpenID, and SAML. A starting point for this research is the development of a new concept called malicious IdP, where a maliciously acting IdP is used to attack SSO. Generic attack classes are developed and categorized according to the requirements, goals, and impact. These attack classes are adapted to different SSO proto- cols, which lead to the discovery of security critical vulnerabilities in Software- as-a-Service Cloud Providers, eCommerce products, web-based news portals, Content-Management systems, and open source implementations.
    [Show full text]
  • 80061 Leadership Compass Consumer Authentication 2019
    KuppingerCole Report LEADERSHIP COMPASS by John Tolbert September 2019 Consumer Authentication This report provides an overview of the market for Consumer Authentication products and services and provides you with a compass to help you to find the Consumer Authentication product or service that best meets your needs. We examine the market segment, vendor product and service functionality, relative market share, and innovative approaches to providing Consumer Authentication solutions. by John Tolbert [email protected] September 2019 Leadership Compass KuppingerCole Leadership Compass Consumer Authentication Consumer Authentication Report No.: 80061 By KuppingerCole Content 1 Introduction ................................................................................................................................. 6 1.1 Market Segment ....................................................................................................................... 7 1.2 Delivery models ........................................................................................................................ 7 1.3 Required Capabilities ................................................................................................................ 7 2 Leadership.................................................................................................................................. 11 3 Correlated View ......................................................................................................................... 19 3.1 The Market/Product
    [Show full text]
  • Customer Identity and Access Management, Q2 2017 Top Eight Providers That Matter Most and How They Stack up by Merritt Maxim June 15, 2017
    FOR SECURITY & RISK PROFESSIONALS The Forrester Wave™: Customer Identity and Access Management, Q2 2017 Top Eight Providers That Matter Most And How They Stack Up by Merritt Maxim June 15, 2017 Why Read This Report Key Takeaways In our 20-criteria evaluation of customer IAM Gigya And Janrain Lead The Pack (CIAM) providers, we identified the eight most Forrester’s research uncovered a market significant ones — Auth0, ForgeRock, Gigya, in which Gigya and Janrain lead the pack. Janrain, LoginRadius, Microsoft, Ping Identity, Salesforce, ForgeRock, and Ping Identity offer and Salesforce — and researched, analyzed, competitive options. Microsoft, LoginRadius, and scored them. This report shows how each and Auth0 lag behind. provider measures up and helps security and S&R Pros Want Secure, Seamless Digital risk professionals make the right choice for their Experiences For Customers digital businesses. The CIAM market is growing because more S&R professionals increasingly trust CIAM providers to help solve key customer IAM challenges and support customer-centric digital transformation initiatives. Every vendor in this Forrester Wave™ is tracking toward this goal. Analytics, Customer Data Management, And Geographic Coverage Are Key Differentiators As home-grown, disparate technologies for managing customer identity and access become more expensive to administer and less effective, improved customer analytics, customer data management, and the ability to service customers in multiple geographies will dictate which providers will outpace their competitors.
    [Show full text]
  • The Value of Social Login Solving the Engagement Gap Insights from Consumer Research
    The Value of Social Login Solving the Engagement Gap Insights from Consumer Research tm + As marketers we endeavor to communicate meaningful and authentic dialogues with consumers. But 98% of people say the information we’re trying to share is misaligned. Almost all 10% Q the time Frequently 48% “How often do companies send 98% are information, promotions, etc. mistargeted not relevant to you?” Infrequently 40% Never 2% Q1. How often, if at all, have you experienced a situation where a company has sent you information, promotions, etc. that are not relevant to you? n=593 Why are we having this problem? We need to know who we’re talking to in order to be relevant. Site registration aims to solve this problem. But why doesn’t it always work? For one, people are account fatigued, and more resistant to registering. 53% have 5+ usernames 57% have 5+ passwords *** Q *** “How many 29% have 4—5 usernames *** di!erent *** usernames and 26% have 4—5 passwords *** *** passwords have *** you created 15% have 2—3 usernames *** *** online? 16% have 2—3 passwords *** 3% have 0—1 usernames 1% have 0—1 passwords Q6A. You may not use, let alone remember, all of the di!erent username and passwords that you have created online. However to the best of your knowledge, how many di!erent usernames have you created online for sites that require a username and password? n=593 Even after they’ve created an account, many have forgotten login information and decide to leave sites. Q 92% “How often have 61% have left instead of Qyou gone to a A Few resetting or recovering ? Times website, forgotten login information.
    [Show full text]
  • Quarterly Review of the Software & Internet Sector
    Quarterly Review of the Software & Internet Sector Q4 2014 Member: FINRA / SIPC About Navidar Navidar is an investment banking firm providing companies and investors in dynamic industries with strategic M&A advice, capital raising solutions, vital insights and breakthrough opportunities. ■ Big Firm Experience Combined with Senior Banker Attention ■ Global Relationships with Top-Tier Investors and World-Leading Companies ■ Greater Creativity and Customized Solutions ■ Focused on the Middle Corridor of the United States Past Transactions Executed by Navidar October 2014 September 2014 June 2014 April 2014 Has been acquired by Has acquired Has been acquired by Has been acquired by Buyside Advisor Sellside Advisor Sellside Advisor Sellside Advisor March 2014 December 2013 October 2013 December 2012 Has been acquired by Has acquired Has been acquired by Private Equity Placement Sellside Advisor Buyside Advisor Sellside Advisor October 2012 August 2012 February 2012 February 2012 Has been acquired by Has been acquired by NOL Shareholder Rights Capital Structure Review Plan Sellside Advisor Sellside Advisor October 2011 July 2011 January 2011 January 2011 January 2011 Has been acquired by Has been acquired by Debt Placement Sellside Advisor Sellside Advisor Private Equity Placement Debt Placement July 2010 July 2009 November 2010 January 2009 Has acquired World Golf Systems Group PLC Private Equity Placement Recapitalization Private Equity Placement Buyside Advisor Note: Transactions above only represent a sample of past transactions executed
    [Show full text]
  • Archive for March, 2010 Authenware Joins Openid Foundation
    Archive for March, 2010 Authenware Joins OpenID Foundation Posted at 4:44 pm on March 12, 2010 by jfe Authenware today announced its membership in the OpenID Foundation – an industry organization aimed at protecting identities and intellectual property through the bolstering online security. Through its membership, Authenware becomes part of a community of IT powerhouses that seeks to collectively build awareness of the emerging digital security pandemic. “The exploitation of security vulnerabilities creates a major obstacle for the expansion of the Internet as a trusted vehicle for communication and commerce,” said Tom Helou, president of Authenware. “For such a reason, we sought membership within the OpenID Foundation and are proud to partner with a broad spectrum of online leaders who share our values of security, privacy and strong identification.” This entry was posted on Friday, March 12th, 2010 at 4:44 pm and is filed under News, Press Releases. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site. theSocialWeb.tv on the launch of the Open Identity Exchange Posted at 11:48 am on March 9, 2010 by Chris Messina theSocialWeb.tv visits Citizen Space in San Francisco during the RSA Conference to sit down with Don Thibeau of the OpenID Foundation and Drummond Reed of the Information Card Foundation to discuss the launch of the Open Identity Exchange, the result of a year-long collaboration between the two foundations. John McCrea and Chris Messina dive into the details of this announcement and what it means for the social web.
    [Show full text]
  • Beyond Marketing: Why Digital Disruption Requires a Deeper Transformation
    Beyond Marketing: Why Digital Disruption Requires a Deeper Transformation By: Tim Walters, Ph.D. Highlights 3 5 9 12 Understanding How digital disrupts Beyond marketing: Conclusion: Grasp the disruption Coming to terms with true meaning of the digital disruption “consumerization of IT” Sponsored by Executive Summary The forces of digital disruption have toppled established business models, magnified the significance of digital channels and competences, and initiated the “customer-centric era.” Chief marketing officers (CMOs) and their marketing organizations would seem to be ideally positioned to lead the organizational response to these disruptions. Marketing typically owns the customer relationship and has developed sophisticated methods for understanding and communicating with customers. Indeed, many of the vendors and service providers who aim to help companies with customer experience management (CEM) have focused their attention on marketing professionals and processes. Surprisingly, however, CMOs are rarely at the forefront as companies tackle the digital innovations necessary to attract and retain empowered consumers. Accenture recently surveyed C-level executives in 20 countries and found that the CEO was responsible for such initiatives in 35% of the organizations, followed by the CTO (23%) and the CIO (22%). The CMO? Virtually invisible at 1%.1 Such results do not indicate a lack of will or skill on the part of CMOs and marketing professionals. Rather, they show that the forces at work in digital disruption have not only granted consumers unprecedented voice and choice — they have also fundamentally transformed the business environment and the capabilities required for business success. Digital is so disruptive because it radically accelerates and warps not only the customer relationship but also the entire process from product innovation to customer satisfaction.
    [Show full text]