KuppingerCole Report
Advisory Note
By John Tolbert

Consumer Identity and Access Management for “Know Your Customer”

Consumer Identity and Access Management systems and services provide new technical capabilities for organizations to know their customers better. Implementing CIAM can provide better user experiences, generate additional revenue, and enhance brand loyalty.

1 Management Summary

Consumer Identity and Access Management (CIAM) is a sub-genre of traditional Identity and Access Management (IAM) that has emerged in the last few yea ...

Login Free 30-day Select Access Get full Access

2 Highlights

  • Creating new ways to engage customers online is a mandatory business strategy.
  • Consumers want a pleasant digital journey when interacting with you ...
Login Free 30-day Select Access Get full Access

3 CIAM Components

CIAM services and systems share many characteristics with the more familiar IAM systems. Both types can provision users, store attributes about the u ...

Login Free 30-day Select Access Get full Access

3.1 Provisioning

The first encounter with a CIAM system is usually during the provisioning process. All CIAM systems allow users to create accounts with usernames and ...

Login Free 30-day Select Access Get full Access

3.2 Identity proofing

Identity proofing is the process of verifying a person’s identity and associating it with a digital credential. In the physical world, this often i ...

Login Free 30-day Select Access Get full Access

3.3 Identity repositories

IAM systems have long been built on the foundations of LDAP directories, derived from x.500. In order to scale to millions and even hundreds of milli ...

Login Free 30-day Select Access Get full Access

3.4 Authentication

Username/password is a standard authentication mechanism available in all CIAM products. Most users suffer from password fatigue and would prefer oth ...

Login Free 30-day Select Access Get full Access

3.5 Authorization and access control

Authorization in CIAM systems is largely dependent on varying authentication mechanisms via policy. CIAM tenant administrators can implement policies ...

Login Free 30-day Select Access Get full Access

3.6 User analytics

CIAM services are architected to collect potentially large volumes of data about individual users managed by the system. The data can be dissected an ...

Login Free 30-day Select Access Get full Access

3.7 APIs and OOTB integration kits

Most CIAM vendors have APIs that allow developers to dig into historical data to create highly customisable reports. It is also possible to integrate ...

Login Free 30-day Select Access Get full Access

3.8 Consumer generated content

The most robust CIAM vendors facilitate direct consumer engagement with the tenants’ implementation. Building upon the notion of online user forums ...

Login Free 30-day Select Access Get full Access

3.9 Consent management

Through registration to CIAM systems and subsequent usage of sites, consumers create a lot of data. While the information processed by these systems ...

Login Free 30-day Select Access Get full Access

4 Deployment considerations

Organizations contemplating deploying an identity and access management solution for consumers will need to consider a number of issues, including, cu ...

Login Free 30-day Select Access Get full Access

4.1 IAM or CIAM?

Most organizations already have an investment in IAM infrastructure today. Some IAM solutions are growing to meet the requirements imposed by marketi ...

CIAM FEATURES

Login Free 30-day Select Access Get full Access

4.2 Sponsorship and organizational structure

CIAM initiatives are sometimes driven by IT shops, but in other enterprises, we see Marketing departments making the initial push for solutions. Hist ...

Login Free 30-day Select Access Get full Access

4.3 Security

While there are numerous benefits to businesses that implement CIAM, tenants and operators of CIAM solutions must always be mindful of security risks ...

Login Free 30-day Select Access Get full Access

4.4 Privacy

The notion of consumer privacy, or the right of consumers to have control over which bits of their personal information that they share with service p ...

Login Free 30-day Select Access Get full Access

4.4.1 EU General Data Protection Regulation

The EU Commission adopted the General Data Protection Regulation (GDPR) on 27 April 2016, and it comes into force on 25 May 2018. The GDPR will harmo ...

Login Free 30-day Select Access Get full Access

4.4.2 User Managed Access (UMA)

UMA is a Kantara Initiative specification that defines a user consent protocol for allowing access to electronic resources, particularly consumer and ...

Login Free 30-day Select Access Get full Access

4.5 KYC

CIAM systems can provide an excellent means to Know Your Customer, as shown above. CIAM can generate detailed information on individuals and groups f ...

Login Free 30-day Select Access Get full Access

4.5.1 KYC for AML

KYC begins with identifying the customer and verifying their identity by vetting reliable and independent documents for the customer on-boarding proce ...

Login Free 30-day Select Access Get full Access

4.5.2 CIAM and KYC as competitive advantages in the post PSD2 world

Within 2 years of 25 November 2015, the Revised Directive on Payment Services (PSD2) comes into effect across the EU6. PSD2 defines the business en ...

Login Free 30-day Select Access Get full Access

5 Conclusions and Recommendations

Login Free 30-day Select Access Get full Access

5.1 Summary

CIAM can significantly improve your users’ experiences, add value, increase brand loyalty, and generate revenue. For businesses that need to intera ...

Login Free 30-day Select Access Get full Access

5.2 Recommendations for those contemplating a CIAM technology insertion

  • IT teams should welcome the opportunity to work with Sales and Marketing to transform IT into a revenue producing service.
  • Inventory existing IAM ...
Login Free 30-day Select Access Get full Access

5.3 Recommendations for CIAM tenants and operators

  • Exploit built-in reporting and analytics capabilities to their fullest to obtain maximum value.
  • Utilize APIs and 3rd party tools to extend functio ...
Login Free 30-day Select Access Get full Access

5.4 Recommendations for CIAM solution providers

  • Support UMA for consent management.
  • Accept FIDO UAF & U2F authentication.
  • Provide a rich set of adaptive authentication techniques.
  • Build in ...
Login Free 30-day Select Access Get full Access

Copyright

©2020 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarksTM or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole Analysts, founded in 2004, is a global analyst company headquartered in Europe focusing on Information Security and Identity and Access Management (IAM). KuppingerCole stands for expertise, thought leadership, outstanding practical relevance, and a vendor-neutral view on the information security market segments, covering all relevant aspects like: Identity and Access Management (IAM), Governance & Auditing Tools, Cloud and Virtualization Security, Information Protection, Mobile as well as Software Security, System and Network Security, Security Monitoring, Analytics & Reporting, Governance, and Organization & Policies.

For further information, please contact clients@kuppingercole.com.

top