Content of Figures
1 Management Summary
Consumer Identity and Access Management (CIAM) is a sub-genre of traditional Identity and Access Management (IAM) that has emerged in the last few yea ...Login Get full Access
- Creating new ways to engage customers online is a mandatory business strategy.
- Consumers want a pleasant digital journey when interacting with you ...
3 CIAM Components
CIAM services and systems share many characteristics with the more familiar IAM systems. Both types can provision users, store attributes about the u ...Login Get full Access
The first encounter with a CIAM system is usually during the provisioning process. All CIAM systems allow users to create accounts with usernames and ...Login Get full Access
3.2 Identity proofing
Identity proofing is the process of verifying a person’s identity and associating it with a digital credential. In the physical world, this often i ...Login Get full Access
3.3 Identity repositories
IAM systems have long been built on the foundations of LDAP directories, derived from x.500. In order to scale to millions and even hundreds of milli ...Login Get full Access
Username/password is a standard authentication mechanism available in all CIAM products. Most users suffer from password fatigue and would prefer oth ...Login Get full Access
3.5 Authorization and access control
Authorization in CIAM systems is largely dependent on varying authentication mechanisms via policy. CIAM tenant administrators can implement policies ...Login Get full Access
3.6 User analytics
CIAM services are architected to collect potentially large volumes of data about individual users managed by the system. The data can be dissected an ...Login Get full Access
3.7 APIs and OOTB integration kits
Most CIAM vendors have APIs that allow developers to dig into historical data to create highly customisable reports. It is also possible to integrate ...Login Get full Access
3.8 Consumer generated content
The most robust CIAM vendors facilitate direct consumer engagement with the tenants’ implementation. Building upon the notion of online user forums ...Login Get full Access
3.9 Consent management
Through registration to CIAM systems and subsequent usage of sites, consumers create a lot of data. While the information processed by these systems ...Login Get full Access
4 Deployment considerations
Organizations contemplating deploying an identity and access management solution for consumers will need to consider a number of issues, including, cu ...Login Get full Access
4.1 IAM or CIAM?
Most organizations already have an investment in IAM infrastructure today. Some IAM solutions are growing to meet the requirements imposed by marketi ...
CIAM FEATURESLogin Get full Access
4.2 Sponsorship and organizational structure
CIAM initiatives are sometimes driven by IT shops, but in other enterprises, we see Marketing departments making the initial push for solutions. Hist ...Login Get full Access
While there are numerous benefits to businesses that implement CIAM, tenants and operators of CIAM solutions must always be mindful of security risks ...Login Get full Access
The notion of consumer privacy, or the right of consumers to have control over which bits of their personal information that they share with service p ...Login Get full Access
4.4.1 EU General Data Protection Regulation
The EU Commission adopted the General Data Protection Regulation (GDPR) on 27 April 2016, and it comes into force on 25 May 2018. The GDPR will harmo ...Login Get full Access
4.4.2 User Managed Access (UMA)
UMA is a Kantara Initiative specification that defines a user consent protocol for allowing access to electronic resources, particularly consumer and ...Login Get full Access
CIAM systems can provide an excellent means to Know Your Customer, as shown above. CIAM can generate detailed information on individuals and groups f ...Login Get full Access
4.5.1 KYC for AML
KYC begins with identifying the customer and verifying their identity by vetting reliable and independent documents for the customer on-boarding proce ...Login Get full Access
4.5.2 CIAM and KYC as competitive advantages in the post PSD2 world
Within 2 years of 25 November 2015, the Revised Directive on Payment Services (PSD2) comes into effect across the EU6. PSD2 defines the business en ...Login Get full Access
CIAM can significantly improve your users’ experiences, add value, increase brand loyalty, and generate revenue. For businesses that need to intera ...Login Get full Access
5.2 Recommendations for those contemplating a CIAM technology insertion
- IT teams should welcome the opportunity to work with Sales and Marketing to transform IT into a revenue producing service.
- Inventory existing IAM ...
5.3 Recommendations for CIAM tenants and operators
- Exploit built-in reporting and analytics capabilities to their fullest to obtain maximum value.
- Utilize APIs and 3rd party tools to extend functio ...
5.4 Recommendations for CIAM solution providers
- Support UMA for consent management.
- Accept FIDO UAF & U2F authentication.
- Provide a rich set of adaptive authentication techniques.
- Build in ...
- http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=en, clause 7.
- http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=en, clause 19.