Consumer Identity and Access Management (CIAM) is now a well-established specialty in Identity and Access Management (IAM). Many businesses and public-sector organizations are finding that they must provide better digital experiences for and gather more information about the consumers who are using their services. Enterprises want to collect, store, and analyze data on consumers to create additional sales opportunities and increase brand loyalty.
To reduce money laundering, cyber-crime, terrorist financing, and fraud, regulators are requiring banks and financial service providers to put into place mechanisms for “Knowing Your Customer”. CIAM solutions are an enabler for KYC and AML.
CIAM systems can aid in other types of regulatory compliance. When GDPR took effect in 2018, collecting clear and unambiguous consent from consumers for the use of their data became mandatory. CIAM solutions have expanded their capabilities to offer consumers dashboards to manage their information sharing choices. Moreover, CIAM systems help corporate customers implement consistent privacy policies and provide the means to notify users when terms change and then collect acknowledgement.
The Revised Payment Service Directive (PSD2) in the EU requires banks, financial institutions, and other payment service providers to offer strong customer authentication (SCA) and perform User Behavioral Analysis (UBA) to authenticate and authorize monetary transactions. PSD2 also involves collecting consent from the account holders and/or consumer on data exchange between the different parties defined under PSD2. Sophisticated CIAM solutions can provide these necessary functions. Additionally, the improved customer experience possibilities that CIAM offers will facilitate brand loyalty and give a competitive advantage to those financial companies that deploy it.
Common features of CIAM solutions include:
- User self-registration capabilities, including interoperability with social network credentials, and national digital ID systems, eIDAS, and Bank IDs
- Consent capture and management mechanisms for consumers to select which types of information they want to share and with whom.
- Capabilities for interoperating with other applications, such as CRM and marketing systems. Interoperability is best achieved via the use of well-documented APIs and webhooks
- Management of consumer users, including associated directory services and profile databases, supporting high-scalability requirements, often in the millions of users, events, and logins. Many vendors have moved or are moving to micro-services architectures to achieve optimum scalability
- Support for Single Sign-On, allowing seamless connections with business partners and cloud services using industry standard protocols such as OAuth, Open ID Connect, and SAML
- Authentication services, including support multiple forms of MFA and risk-adaptive authentication; especially mobile authentication features, such as the provision of SDKs for customer app development and support for FIDO.
iWelcome is a leading CIAM solution provider, headquartered in the Netherlands. The company is focused on helping clients building frictionless B2C and B2B customer journeys for omni-channel on-boarding and authentication while complying with strict privacy regulations like EU GDPR. With its roots in enterprise identity and security, iWelcome has a strong customer base in regulated industries, like finance, insurance and utilities. Their offerings are developer friendly, cloud-based, scalable solutions hosted in 14 data centers across the EU, with two additional data centers in the USA and two more in the APAC region.