KuppingerCole Report
Executive View
By John Tolbert

Widas ID GmbH cidaas

Widas ID GmbH offers a complete cloud identity and access management solution: cidaas. cidaas is developed and hosted in Germany. cidaas contains most standard and many innovative features, such IoT integration and consent management. It is based on a micro-services architecture which enables continuous deployment of service enhancements.

1 Introduction

Consumer Identity and Access Management (CIAM) continues to be a fast-growing area in Identity and Access Management (IAM) that has emerged in the recent years to meet evolving business requirements. CIAM solutions are designed to meet evolving technical requirements for businesses and other organizations that deal directly with consumers and citizens. They are designed to provide better digital experiences for and gather more information about the consumers who are using their services. Enterprises want to collect, store, and analyze data on consumers to create additional sales opportunities and increase brand loyalty.

Consumer IAM systems are designed to provision, authenticate, authorize, collect, and store information about consumers from across many domains. Unlike workforce IAM systems though, information about these consumers often arrives from many unauthoritative sources. Information collected about consumers can be used for many different purposes, such as authorization to resources, or for analysis to support marketing campaigns, or Anti-Money Laundering (AML) initiatives. Moreover, CIAM systems must be able to manage many millions of identities, and process potentially billions of logins and other transactions per day. SaaS delivery of CIAM services is trending upwards and will likely remain the default choice for most organizations.

CIAM systems can aid in many types of regulatory compliance, e.g., when banks and financial service providers are required to put into place mechanisms for "Knowing Your Customer" (KYC). EU-GDPR requires collecting clear and unambiguous consent from consumers for the use of their data. Many CIAM solutions provide this capability, plus offer consumers dashboards to manage their information sharing choices. Moreover, CIAM systems can help corporate customers implement consistent privacy policies and provide the means to notify users when terms change and then collect acknowledgement.

The top features CIAM services provide are

  • Social logins
    Allow users to login via Facebook, LinkedIn, Twitter, Google, Amazon, etc.

  • Multi-factor authentication (MFA)
    Email/phone/SMS OTP, mobile biometrics, behavioral biometrics, mobile push apps, FIDO, risk-adaptive and continuous authentication, etc. Simple SMS OTP is not secure and is not recommended.

  • Risk adaptive authentication
    Evaluation of runtime environmental parameters, User Behavioral Analytics (UBA), and fraud/threat/compromised credential intelligence to match the appropriate authentication mechanism to the level of business risk or as required by regulations.

  • Account recovery mechanisms
    When consumers forget passwords, lose credentials, or change devices, they need ways to get access to their accounts. Account recovery techniques include Knowledge-Based Authentication (KBA; but it is recommended to avoid this method as it is usually even less secure than password authentication), email/phone/SMS OTP (also not recommended), mobile push notifications, and account linking.

  • Inclusion of 3rd-party fraud and compromised credential intelligence
    Runtime evaluation of internal or external cyber threat or fraud information, such as known bad IP addresses/domains, compromised credentials, accounts suspected of fraud, fraud patterns, botnet behavior, etc., for the purpose of reducing the risk of fraud at the transaction level.

  • Identity analytics
    Dashboards and reports on common identity attribute activities including failed logins, consumer profile changes, credential changes, registration tracking, etc.

  • Business intelligence for marketing
    Transformation of data about user activities into information for marketers.

  • Privacy and consent management
    Explicit user consent must be received for the use of their information. Consumer account dashboards are common mechanisms for providing users with consent monitoring, granting, and withdrawal options. Compliance with EU GDPR, Canada's PIPEDA, and California's CCPA are notable drivers.

  • IoT device identity association
    As IoT devices increase in popularity, consumers and business customer users will have greater need to associate their IoT devices with their digital identities. These identity associations between consumer and IoT objects will allow for more secure and private use of smart home, wearables, medical, and even industrial devices.

Widas ID GmbH, as part of the WidasConcepts group, develops and operates cidaas, a secure cloud identity and access management solution headquartered in Europe. cidaas was launched in 2015 and was able to achieve continuous growth to around 120 employees.

2 Product Description

cidaas is a full-featured CIAM SaaS solution by Widas ID GmbH. The solution is fully multi-tenant. cidaas offers various plans for businesses, which i ...

Login Get full Access

3 Strengths and Challenges

cidaas provides an easy-to-deploy CIAM or IDaaS solution. It offers many of the basic features required by many kinds of businesses today. The product ...

Login Get full Access


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.