Digital Transformation is driving a diverse set of business initiatives today, including advanced marketing techniques, creating new consumer services, acquiring better customer information, and even deploying new identity management solutions. As organizations discover new and efficient methods for engaging customers, they often realize new and more profitable revenue streams.
At the intersection of identity and marketing, we find Consumer Identity and Access Management (CIAM) systems. CIAM is a relatively new but fast-growing area within the overall IAM market. As the name implies, Consumer IAM focuses on the consumer. This means that CIAM solutions feature:
- Self-registration, with options to use social network credentials
- Progressive profiling: collecting information from customers over a period of time through various interactions, rather than asking for a lot of information up front
- White-labeling for seamless branding
- Flexible authentication: username, mobile devices, social logins, and often 2FA or MFA methods
- Consent management: easy-to-use and understand opt-ins for data collection
- Identity and marketing analytics: data about consumers and their activities that can be transformed into business intelligence.
Many CIAM solutions were designed from the ground up to make the customer experience more pleasant. Other CIAM solutions have evolved from the traditional IAM systems we’ve used in businesses and governments for decades. Most CIAM solutions can be run from the cloud, either as a turn-key SaaS or as a solution your teams can administer inside IaaS.
The data generated from CIAM systems is inherently useful for marketing. There are two very different approaches for harvesting and using CIAM data: native tools or exporting to third-party programs.
The most feature-rich CIAM solutions build in identity and analytics capabilities into their platforms. Examples of reports that are possible in these types of solutions include:
- demographics such as gender, age, location, nationality;
- segmentation analysis such as generation, age range, income bracket;
- events including logins, registrations, social providers used;
- “likes” such as favorite TV shows, sports teams, books, music;
- social engagement including top commenters and time spent on site.
Most CIAM vendors permit programmatic access via REST APIs to integrate with a wide range of 3rd party market analysis tools as well, e.g. Google Analytics and Tableau. For enterprise or organizational customers, the data is there, but the choice for how to obtain it and analyze it depend on your organizational capabilities and preferences.
Much of this information produced by CIAM systems can be beneficial; however, with the EU General Data Protection Regulation (GDPR) on the horizon, the ability to collect informed consent from consumers about the use of their data becomes paramount. Among the many provisions of GDPR, the regulation will require that organizations that collect information about users to obtain clear and unambiguous assent for per-purpose processing. Fortunately, many CIAM vendors have proactively designed their user interfaces to facilitate GDPR compliance to some degree. In addition to collecting consent and allowing users to change their preferences, data processors will also need to be able to log consent, export or delete user data upon request, and notify users when terms change or when data breaches happen.
In conclusion, well-constructed and configured CIAM solutions can help customers acquire valuable information on their consumers, that, in concert with advanced techniques such as marketing automation, can lead to higher revenues and better consumer satisfaction. Information gleaned at the intersection of identity and marketing is subject to privacy and other regulations, and as such, needs to be protected appropriately.
Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.
The EU GDPR (General Data Protection Regulation), becoming effective May 25, 2018, will have a global impact not only on data privacy, but on the interaction between businesses and their customers and consumers. Organizations must not restrict their GDPR initiatives to technical changes in consent management or PII protection, but need to review how they onboard customers and consumers and how to convince these of giving consent, but also review the amount and purposes of PII they collect. The impact of GDPR on businesses will be far bigger than most currently expect. [...]