For more than 20 years, I’ve helped clients implement identity and access management (IAM) systems that ensure only the right users have the right access to the right applications and data. Over that time, I’ve also seen organizations struggle to create online user experiences that make it easy for consumers to get information, solve problems and make purchases.

COVID-19-related shutdowns have brought these two trends together with a dramatic surge in demand for digital services (i.e., interactions between enterprises and their customers). Only those businesses that offer the smoothest online experience (and have the best understanding of their customers’ needs) will capture and retain customers during the pandemic. As a result, many of my clients are shifting their focus from IAM (which was largely focused on access for employees and business partners) to CIAM (customer identity and access management).

But while many vendors claim to offer CIAM solutions – adding customer-friendly features such as digital assistants and chatbots to traditional IAM capabilities that include multi-factor authentication (MFA) and fine-grained authorization – some of these platforms are only repurposed business-to-business IAM tools.

In Search of True Customer Identity Management

A true CIAM tool must address these five requirements:

  • Enhanced scalability and agility. Most businesses have a fairly consistent and predictable number of employees and business partners seeking access to their enterprise systems. This makes it relatively easy to size the servers, storage and networks needed to support likely usage levels. The number of customers seeking such access, though, is not only potentially much larger – it’s also more variable. Demand spikes can result from events like holiday shopping, new product introductions, promotional events and restrictions on movement imposed by health or other emergencies.

    To respond to these sudden increases in demand with sub-second response time, businesses need a cloud-based infrastructure that uses a serverless and containerized architecture to quickly add new capacity. CIAM systems can also meet the need for continuous change by using an application programming interface (API) strategy, which enables the customization required for optimized and personalized user journeys.

  • Enabling a seamless experience. The most common failure I see in digital customer experiences is inconsistent data as consumers move from a Web chat to a phone call or a mobile application to make a purchase or resolve an issue. They might need to, for example, repeat or reenter their name and account number, or see inconsistent information such as a scheduled repair time as they move across service channels.

    This lack of cross-channel consistency also makes it more difficult for employees to provide a seamless experience to customers, as it forces them to access multiple systems to get the most current information. Many businesses cannot easily consolidate data from systems such as customer relationship management, sales, service and credit scoring. Neither the consumer nor the employee trying to help them can easily get an overall view of all their interactions with the company. This raises customer service costs and makes it far more difficult to understand which products or services to offer each customer.

    A true CIAM solution should be built on an easily integrated, standards-based platform. This makes it much easier to use the customer’s context to gather data from all pertinent applications without costly, time-consuming custom integration.

  • Better event-driven personalization. The more information retailers have about their customers, the better they can target products, services and special offers to them. But few customers will take the time to fill out lengthy surveys the first time they visit a site, or even the first time they make a purchase.

    Look for CIAM platforms that support event-driven personalization techniques such as progressive profiling, which collects personal customer data incrementally over time. For instance, based on a customer’s happiness index (such as a successful support interaction or purchase), a retailer can prompt a customer for missing profile information by pairing the request with a special discount or product offer.

  • Strict compliance with privacy regulations. In many jurisdictions, laws and regulations give consumers far more control over their personal data than they give employees (think GDPR and CCPA). This means CIAM platforms must be able to manage customer consent for data use and data privacy, preferences for how and how often they receive communications, and their customer profile. These platforms should also provide audit capabilities to track where such data is stored and how it is used, and inform customers when their data has been misused or compromised. Customers must be given an option to withdraw consent to use their personal data, as well (the right to be forgotten).
  • Ultra-comprehensive security measures. A solid security architecture and roadmap should underpin any CIAM initiative. You’ll want to partner with a CIAM vendor that addresses (or is planning to address) new and emerging security requirements.

    Outmoded customer identity verification techniques use data from outside the enterprise (such as car registration or birth records) to verify a user’s identity without forcing them to submit formal documentation. A true CIAM platform will support advanced and seamless customer verification through techniques such as online identity proofing and BYOID (bring your own ID). Online identity proofing uses sophisticated digital techniques to validate government-issued proofs of identity against external sources such as Experian and LexisNexis. It’s essential to support adaptive access, which can restrict a user’s access based on context such as the type of network from which they are logging in (among other parameters).

Crisis: A Catalyst for Digital Change

We helped a higher education institution transition from a legacy IAM platform that suffered from scalability and performance issues and provided only fragmentary access to e-learning portals to students worldwide. We helped design, develop and deploy a highly-scalable and agile CIAM platform that makes it easier to onboard new students and enables them to easily find the online applications they seek. It also automated much of the access and identity management process and produced significant cost savings.

We provided similar benefits to an insurer that needed to provide frictionless access to customer claim services. We helped deliver a modernized CIAM platform that improved customer service and reduced costs by eliminating manual effort and the need for many help desk calls.

Given the prolonged pandemic and increased threat vectors that have resulted from the surge in remote work, we expect customer identity and access management to be at the top of many IT organizations’ security wish lists for the foreseeable future.

To learn more, please visit the Cognizant Security section of our website.

Sudhakar ChinnaswamyKamalanathan

Sudhakar ChinnaswamyKamalanathan

Sudhakar Kamalanathan is a Principal Architect within the Security Practice of Cognizant Infrastructure Services. In his 18 years at Cognizant, Sudhakar has... Read more

X Close