Press Articles EN

Press Articles EN

Reliable “Digital Identities”: The key to digital transformation

In the age of digitalization and customer-centric business models, the protection and management of digital identities has become extremely important. Be it a small start-up, an established online retailer or a renowned insurer – every organization now operates a digital presence of some kind. This brings with it more and more logins and verification process and allows the number of digital identities to grow rapidly.

What is your guess? How many digital identities does a person have on average?

There are often more than 10! So it can be said that digital identities are the central element of current technology trends and are thus significantly involved in the digital value chain.

But what exactly are digital identities and why are they considered by companies to be the central asset for a fully digitalized value chain?

Digital identities require end-to-end identity management

Definition of “digital identity”: “Digital identity is a collection of electronic data to identify an Internet user with a physical identity. Data belonging to a digital identity are e.g. username, e-mail address, home address, account number, password, etc. and are referred to as attributes. A physical user can travel across the Internet with many different digital identities (different user name, different e-mail, etc.)” (technical report No. 114 of the Hasso Plattner Institute for Software Technology at the University of Potsdam).

However, a digital identity may not be just a physical person in the form of a customer, partner or employee; “things” such as machines and applications also have their own digital identities.

But they all have one thing in common – no matter whether man or machine – they all have to clearly verify themselves in order to be able to access digital services. Until a few years ago, the authentication of the digital person was almost exclusively based on an email password combination. But this is no longer adequate for the fast-paced and convenience-driven user. With the large number of diverse digital services and the associated “masses” of different passwords, users usually pull their own strings. If the time comes and the password is forgotten, the account owner needs a lot of patience. Resetting the password usually requires many individual action steps, during which it must always be ensured that it is the actual account holder. This is probably not the only reason why biometric methods have established themselves in recent years for accessing apps. Thanks to fingerprints, FaceID and the like, services can be accessed conveniently, quickly and above all securely, since the physical features cannot be forged.

Here, too, it shows:

Only those who maintain trust and reputation on the Internet can count on the trust of their customers.

This presents companies with three challenges:

  • To offer the user and his digital identity both the highest level of security and convenience
  • To maintain and manage digital identities in compliance with GDPR
  • To recognize customer potential through communication with the digital identity and to build long-lasting, trusting customer relationships, because the next provider is only a click away.

Customer Identity Management combines user convenience and security on a single platform

In this context, Customer Identity and Access Management (CIAM) solutions are becoming all the more significant.

Identity platforms merge the topics: Management of digital identities, data security, user comfort and their management in just a single software suite. Customers are supported throughout the entire customer journey, starting with convenient and short registration and login processes, user self services for account management, multi-factor authentication (MFA) for secure account access and single sign-on for a consistent experience across all channels.

The topic of authentication plays an important role in the secure storage of personal data, some of which is sensitive. It must be ensured at all times that the customer is actually the person he or she claims to be. Like in the “real” world, identity is the most unique characteristic of a person, organization, resource or service. However, while in the ” real ” world the verification of identity is done via the identity card and is therefore quite secure, the identification of a digital person is much more complex. As the numerous data glitches of the recent past show, traditional methods such as username-password are often not sufficient to protect customer data. However, authentication is a critical key to secure transactions and protect personal information.

Secure authentication of digital identities through two-factor queries

To identify a digital identity, CIAM tools offer a multi-factor identification, also known as two-factor identification. Multi-factor authentication (MFA) is used in today’s concepts and technologies in combination with fraud detection. By querying a second factor, a high level of security can be provided while simultaneously providing a high level of user comfort. The query of the second factor is adaptive, i.e. only in case of irregularities. Very common and secure authentication factors used in two-factor queries today are biometric features. The unique characteristics of a person such as fingerprints, face or iris are scanned and compared with the stored identity. At the same time, a Single Sign-On (SSO) can be implemented across all digital channels of a company using identity software. The customer remains logged on to all digital platforms of a company with just a single login. Authentication can be carried out using various devices. Identification via a Smart Watch is gaining popularity.

It is crucial that a company actively offers its users these diverse identification methods. Only if the user can choose his preferred method of authentication without any problems will he feel understood by the company in the interim.

GDPR Compliance via Customer Identity and Access Management

At the same time, the company must provide its users with convenient access to manage their own user data, as required by the GDPR. A good CIAM system comes along with these functionalities “out of the box”.

This also gives companies the opportunity to request users’ consent to receive tailored offers and personalised communications, in addition to requesting consent on general terms and conditions.

Another positive aspect for companies is that they are provided with the consent to process personal data (PII = personally identifiable information) required under Art. 7 (1) GDPR by the company at the push of a button. Companies are thus optimally equipped for the requirements of the EU GDPR and do not run the risk of committing data protection violations.

Even if the management requirements have become formally more demanding for companies as a result of data protection and other European regulations, they can be implemented with a corresponding CIAM tool without increased effort and, at the same time, they can even be managed in a marketing-oriented way, for example.

Are CIAM systems implemented only by large companies? Wrong! There are also great opportunities for mid-sized companies

Due to the many functionalities offered by CIAM software, the misconception often arises that only large companies can benefit from its use. Many medium-sized companies do not deal with the topic enough and often consider it to be too complex and too expensive. But that is wrong. The profitability of a customer identity system cannot be determined by the size of a company, but by the customer journey it offers its customers. The focus is therefore on both B2C and B2B customers, of course with different CIAM requirements.

But many midsize companies still focus on the protection of traditional end-points and neglect the support, management and protection of digital identity. These companies also sometimes have a large number of users on their digital channels, which are difficult to manage manually, and this number is increasing almost daily. In addition, there are positive aspects in addressing individual B2B customers, instead of contacting them via a collective e-mail address of their company (e.g. info@…), individual persons in the customer company can be identified and addressed.

Therefore, an identity management tool also offers medium-sized companies the opportunity to manage and actively use the identities of all involved persons quickly, securely and cost-effectively.

When choosing an identity tool, companies should consider the following:

  • Security for sensitive data through data encryption and integrated fraud and suspicion case detection
  • Scalability: continuous scalability based on the respective requirements
  • User-friendliness: simple user guidance an excellent user experience
  • Technical interfaces: the “everything is an API” approach allows the solution to be easily and seamlessly integrated into existing applications and processes via open interfaces.
  • Modern authentication methods to quickly and conveniently transform unknown visitors into known identities and to increase access security
  • Data governance: GDPR-compliant consent management for compliance with data protection regulations
  • 24/7 expert support and free initial consultation available

The question of whether the use of an Identity Management solution makes sense or not no longer arises today. Rather, it can be said that every company, regardless of its industry and size, needs a CIAM. Especially since the knowledge of customer data is becoming an increasingly important competitive factor. Modern identity platforms enable a significant advancement here and simultaneously balance the two appealing topics of data security and customer experience.

Dr. Sadrick Widmann – Master of Science at the Karlsruhe University of Applied Sciences, as well as key topics: Automation of Business As CPO since 2018 responsible for the product development of cidaas, a customer identity management solution of Widas IT, Germany.

Press Articles EN

Don’t be afraid to think BIG.

Interview with Sadrick Widmann: “Every company needs customer identity management – many have just not realized it yet
Cidaas is one of the first customer identity and access management systems developed and hosted in Germany. Many companies know little about this topic today. In this interview, the managing director and product manager, Sadrick Widmann, answers questions about why every company needs a CIAM.

Sadrick, please introduce yourself and your product to our readers.

Sadrick: cidaas is a cloud-based customer identity and access management software that centrally manages and uniquely authenticates the growing number of identities that access an organization’s digital services and applications on a single platform. A digital identity cannot just be a customer, partner or employee – in an industry 4.0 environment, an identity can also belong to a machine that automatically exchanges data and therefore needs to be authenticated.

cidaas is a product of Widas ID GmbH, which was formed from the WidasConcepts group of companies. It was founded in 1997 by my father Thomas Widmann and focuses on strategic business and IT consulting as well as on the development of customized software solutions based on Big Data and IoT technologies and their operation in hybrid or public cloud infrastructures.

I myself have been responsible for cidaas since 2017, as Managing Director and Product Manager, and support our customers in building identity-based business models.

What is the vision behind cidaas?

Sadrick: We see cidaas as the European answer to the established North American providers and guarantee with our technical and organizational measures that the users of cidaas receive the german quality and corresponding data protection. Cidaas is “Software made in Germany” – we are not only located in Germany, but also use local servers and thus offer the highest security standards. Of course, this does not mean that we want to restrict ourselves to the German or European market only. Today, we already serve international customers from other infrastructures.

It is our desire to enable a secure and trustworthy interaction between the digital and the real world with cidaas.

Because only when I am sure that my data is protected – be it as an employee, buyer, supplier or even in the interaction between machines – will communication develop further.

The key to a successful digital transformation therefore lies in the identification, management and interaction of the digital identities of the people involved.

With cidaas we connect the growing number of applications, devices, interaction channels and associated identities on one platform. Security, scalability, flexibility and user comfort are our top priorities.

How did you get the idea and what differentiates you from other CIAM providers?

Sadrick: The original idea developed from a customer project of WidasConcepts. At that time, a renowned German medical engineer was looking for a solution for his identity and authorization management, which not only allowed the management of identities but also their authentication and authorization on a central platform.

Following the evaluation of several software solutions, we came to the conclusion that no provider could map all requirements “out-of-the-box” and that major development efforts would be necessary to configure the solution as desired. So we developed the solution ourselves and cidaas was born.

One of our unique selling points is that we are one of the first German companies to offer customer identity management software. Most of the companies that currently offer this solution in the market today come from the USA, which is a critical factor, with regard to the stricter data protection regulations for European users. Our solution is not only “Software made in Germany”, but is also completely hosted in Germany – most of it even in our own data center “Widas Cloud”.

Another aspect from which our customers benefit, and has been repeatedly proven in our projects, is that our solution is unbeatable in terms of technical functionality. Just to quote a few examples:

  • Modern and secure two-factor authentication options, including the use of biometric features
  • Everything is an API – cidaas can be connected to any existing infrastructure through API´s
  • Identity linking or de-duplication of users
  • GDPR-compliant consent management: Creation and implementation of Terms & Conditions and other data protection guidelines

And these are only a few of the features that cidaas brings “out of the box”. We have developed cidaas from the beginning in such a way that it can be integrated independently into the existing infrastructure in the shortest possible time and if sufficient internal IT know-how is available.

From the idea to the start, what were the biggest challenges you faced so far and how did you finance yourself?

Sadrick: In my view, there are two challenges that we have to face every day. The first is that digital identities and their management are still considered inadequately in most companies today. That’s striking because each of us has an average of about 30 different digital identities. However, companies are still hanging on to old security philosophies that relate to the protection of traditional endpoints. The fact that the management of access rights and information is equally important for a company’s external stakeholders as it is for its internal ones, is overlooked. Most new business models focus on the customer himself and his digital identity. And only those who know these and their needs and give them easy access to their own digital channels can do business today.

This means that we have a lot of learning and clarifying to do in our discussions.

In addition, as a medium-sized German company, we are in competition with major North American players who have long since discovered the subject of identity management and have access to a market that has developed in the meantime, and who, unlike us, often market the solution first and only then drive the development forward.

So far, we have been able to rely exclusively on private equity from the Widas Group for the financing of cidaas. However, since we have been able to attract many well-known companies in the recent months, we are convinced that we will soon be able to contribute an ever-increasing share to the success of the group.

Who is the target group of cidaas?

Sadrick: The target groups where cidaas can be used are extremely diverse. For example, “experimenta”, Germany’s largest science center, has just chosen cidaas for central user administration. This protects the data on the visitor portal from unauthorized access and the upstream processes such as registration, login and payment of tickets are now completely digital. Furthermore, cidaas makes it possible for the user to access the experiences saved in the user’s personal account again after visiting the exhibition world.

Another customer of ours is active in the field of medical technology. In this project it was important to provide seamless access across all platforms of the company through Single Sign-On (SSO), to relieve the users from the burden of authenticating themselves each time they access a different portal of the company and to give the administrators a holistic view of all customers of the company.

Our other customers are, for example, purely e-commerce companies, but also medium-sized mechanical engineers and a polymer processor.

cidaas can be used wherever a user or a machine has to identify itself and is provided with special information etc. As already indicated in the headline of the interview – every company, regardless of its size, needs cidaas. Many just don’t know it yet.

How does cidaas work? – What are the advantages? – What differentiates you from other providers?

Sadrick: cidaas is a cloud based CIAM solution. An easy-to-use dashboard allows the administrator to define how a user can identify himself and at the same time what the user can access. For authorization, biometric data, classic e-mail password queries or authentication via social login can be used, in which the existing data of the user’s social media accounts are used. In addition, dedicated roles and permissions can be assigned in cidaas, what the user can access and what actions can be performed. An example can be shown using the case of consent: The user can be provided with a service that allows him or her to change the consent he or she has given to the company’s Terms & Conditions, marketing services, etc.

In contrast to other providers, we can claim that no other customer identity management software is equipped with such a comprehensive feature set and we see another unique selling point in the fact that our data is hosted in Germany.

How’s the feedback?

Sadrick: Our users are excited. As I mentioned before, this is mainly due to the wide range of functions that cidaas brings “out of the box” and also because the usability is intuitive and the software suite integrates seamlessly into existing software architecture due to the “Everything is an API” approach. There is also no limit in terms of scalability, which means that the software adapts to the company and its growth at any time.

Cidaas – where is it headed? Where do you see yourselves in five years?

Sadrick: In five years we want to see cidaas established as one of the leading identity tools and be named in the same league as the global players.

Finally: What 3 tips would you give to aspiring businessmen?

Sadrick: Believe in your idea, maybe the time is not ripe yet, but this gives you the chance to be the ” First Mover “.

Keep a close eye on your competition and learn from it.

Don’t be afraid to think “BIG”.

Further information can be found here

We would like to thank Sadrick Widmann for the interview

Press Articles EN

Digital identity is the key to successful digitalization

The digitalization of processes is a challenging task. The topic of security in the digital space is primarily an important criterion for the further development of one’s own digital transformation. The protection and management of digital identities is therefore a central key function.

At the heart of the new, mostly digital business models lies the customer or his digital identity and direct contact with him. A digital identity cannot just be a customer, a partner or an employee. In Industry 4.0, too, the direct involvement of the customer and his devices takes centre stage in the business process. As a result, a machine or service also has a digital identity.

Many companies, especially medium-sized ones, continue to focus on the protection of classic end-points. The protection of the digital identities of users (such as customers, partners and employees) or “things” (such as machines and applications) is still neglected. The secure digital identity for man and machine is a key prerequisite for a complete digital transformation and to tap new business areas.

Digital Identity as a central asset for a fully digitalized value chain

In Technical Report No. 114 of the Hasso Plattner Institute for Software Systems Engineering at the University of Potsdam, digital identities are described as follows: “Digital identity is a collection of electronic data to characterize an internet user with a physical identity. Data belonging to a digital identity are e.g. user name, e-mail address, home address, account number, password etc. and are referred to as attributes. A physical user can exist on the Internet with many different digital identities (different username, different e-mail, etc.)”.

Digital identities are required so that users or machines can access services. This requires that persons or objects uniquely identify themselves.While in the real world this can be done via an ID document for example, in the virtual world it is much more difficult to ensure that the digital identity belongs to the corresponding physical user.

Secure authentication of digital identities through Two-Factor-Authentication

So how can the misuse of digital identities be prevented?

Authentication can be performed based on knowledge, ownership or biometrics. The former represents the classic known username/password query. Since both, companies and consumers, are becoming more and more afraid of identity theft and too simple or identical passwords often favour this, the latter two methods are becoming more and more established. In biometric queries, fingerprint, face or iris in the eyes of real people are scanned and compared with the stored identity. Since these are unique to each person and very difficult to forge, this type of authentication is the safest.

For convenience purposes, it is recommended to use an adaptive 2FA. The additional factor is only queried if particularly sensitive data is accessed or if access appears unusual, for example outside normal times or from an unusual location.

Digital identities require end-to-end identity management

Digital identity is a key element of the new technology trends and is significantly involved in the digitalization of the value chain. By placing identities at the heart of your business, you can acquire new customer segments and make existing processes within a company more efficient.

As a result, Customer Identity and Access Management (CIAM) is becoming increasingly significant. With a modern CIAM solution, the aspects of data security, user comfort and knowledge of the customer and his behaviour can be combined on one platform.

A customer identity and access management system can form the basis for customer-oriented digitalization efforts. It enables end-to-end identity management, helping to manage millions of users.

These aspects can thus be controlled centrally:

  • Data security through secure authentication procedures (also passwordless)
  • Simple and convenient onboarding into all channels and services (e.g. through social login)
  • GDPR-compliant consent management
  • Personalized marketing communications in real time

In a nutshell: A good CIAM solution brings IT, marketing and sales together and contributes significantly to the success of the company. The future also presents new challenges for medium-sized businesses and the complexity of the data is increasing. Targeted identity management is therefore an essential requirement for any organization that has a digital presence in any form.

Press Articles EN

SECURITY FOR DATA IN THE DIGITAL AND REAL WORLD

18.12.18 | Author : Sadrick Widmann
Published in “Digitale Welt”

A prerequisite for the secure handling of data, as also required by the GDPR, in both the digital and the real world, is that users should be able to authenticate themselves. Data can only be successfully protected if the identity of a person, service or machine is clearly established and their associated roles and access to data are defined via authorization management. The use of modern customer identity and access management tool (CIAM) ensures this.

A CIAM software enables e-Commerce, healthcare, e-commerce or banks to act GDPR-compliant and the identity of the users – be it humans or machines – to be determined unambiguously. The latter also meets the Payment Services Directive PSD2 – which requires strong authentication via multi-factor authentication (2MFA).

In the context of GDPR, the identification of users must also be taken into account, that the user has sovereignty over his data at all times, therefore he can actively give his consent to allow the use of his data and revoke this consent at any time. The observance of the new data protection regulation, which according to Art. 5 para. 1 d) requires that personal data must be factually correct and, if necessary, up to date, can be implemented quickly and legally by a CIAM system. Among other things, the customer can manage his data directly via a user self-service function. Through simple user management, customer profiles can also be deleted easily, if necessary also directly via Self Service by the customer himself, and thus the right to deletion (Art. 13 EU-DSGVO) can be complied with.

However, it must also be borne in mind that the control and management of digital data for both employees and customers extends not only to the virtual world but also includes access control and monitoring of premises in the real world, such as server and administration rooms.

IDENTITIES ARE THE KEY

In both worlds, the authentication of identities is the key to security.

Authentication is the process of logging on to a system, be it digitally to a bank account, online shop or employee portal. Or also physically to a business premises, where the identity of the user is determined and verified. Especially in the digital world, passwordless authentication is becoming more and more important. Identity is the unique identifier for a person, organization, resource or service. A modern Customer Identity and Access Management (CIAM) software based on Big Data technology not only manages the data, but also offers the corresponding authentication options and enables, for example, the distribution of roles and access rights in employee administration.

But even while protecting access to online shops, so-called “strong authentication” must be ensured. The basic EU data protection regulation (EU-GDPR) does not directly prevent authentication with user name and password. However, it is explicitly demanded that personal data must be protected from unauthorized access. At the same time, user-friendliness is becoming increasingly important.

Multi-factor authentication in combination with behavior-based fraud detection and biometric factors ensures the high level of security required by Art. 32 of the EU-GDPR.

Biometrics is the safest way to uniquely identify people. The biometric characteristics of each person are unique and therefore very personal. Recognition methods that use biometrics for personal identification are not new, as Francis Galton laid the scientific foundation for the use of fingerprints in 1892. Today, fingerprint scanning is the most commonly used biometric method worldwide.

However, compared to other biometric methods, they represent a comparatively insecure biometric method, since the features are easier to forge or replicate. In addition, moisture, dirt or simple hand cream, for example, can influence the accuracy of the measurements. But when compared to the input of PINs, for example, this recognition method is much more reliable.

The advantage of futuristic identity and access management using biometrics is that unauthorized persons have significantly more difficulty in accessing digital data or, for example, a physical location, a computing device, a network or a database.

For identification and authentication, various methods can be used and combined via CIAM software.

  • Speech recognition: Identification via voice
  • TouchID, FaceID or Android Fingerprint: Identification via device-specific authentication methods
  • Pattern: Identity using a pattern drawn by the user.
  • Push notification: Identification via accreditation only on the device used
  • TOTP: A unique, time-limited code used for identification.
  • Back-up code – In case a user does not have his mobile phone at hand
  • FIDO U2F USB-based technology for security
  • Email
  • SMS
  • IVR – Verification codes sent by voice call

MULTI-FACTOR AUTHENTICATION FOR MAXIMUM SECURITY

Software solutions based on Big Data technology and hosted in Germany typically offer a wide variety of authentication methods that are scalable and include both access management for digital and real spaces.

With a comprehensive user identity and access management tool, identities are not only verified through authentication, but access rights are also granted to customers, employees or suppliers based on their roles. These rights can include physical spaces (e.g. access to doors) and/or online spaces (e.g. access to an online shop or CRM system). All-access to data and physical spaces is comprehensively documented.

In the case of physical spaces, classic methods such as access via keycards can continue to be used, but new biometric authentication methods can also be utilized.

If the face is used as a unique identification feature for access controls, IP cameras are installed on the corresponding doors; this is a minimum manual effort. These are then configured via the central administrator dashboard. Administrators have the ability to scan images of the personnel and assign users or user groups to specific doors or areas. Based on access permissions, the access of personnel can now be allowed or restricted with the IP camera. Moreover, face recognition can also be used for authentication to digital access points in the company.

The integration into the existing IT architecture and existing security systems for doors and rooms is possible without problems with a modern Customer Identity and Access Management (CIAM) software solution.

Which authentication method is used and if multi-factor authentication is used – i.e., the combination of two or more identifiers varies by requirement. A two-factor authentication (2MFA) – for example, finger or face recognition with a password – offers a high level of security and is essential in the banking insurance sector, for example.

At the same time, the increased number of technical authentication options is accompanied by user demands for increased user comfort and scope of functions – something that plays an important role, especially in online shopping, since the user should not be diverted in the buying process. This can be achieved by using a SMART MFA. Through continuous fraud detection, based on the analysis of user behavior (behavior-based clustering), suspicious behavior is detected and a SMART MFA is triggered, i.e. a two-factor authentication or confirmation of identity is only requested if necessary.

The requirements for the protection and management of data in digital as well as real spaces, including the management of declarations of consent, for example from customers, can be easily and cost-effectively implemented by using customer identity and access management from the cloud – even for mid-sized companies.

CIAM REQUIREMENTS

When deciding on a tool, various points should be considered:

  • Scalability – so that the software can be effortlessly adapted to corporate development.
  • Cloud software hosted on German servers for GDPR conformity and quick automated updates
  • Standards such as OAuth2 and OpenID with Social Login or Single Sign-On should also be part of the product scope.
  • Can be used in the digital world as well as in the real world – to have a comprehensive system. Data fraud is often carried out by employees.
  • Simple integration into the existing security and IT architecture.

The author: Sadrick Widmann completed his Master of Science at the Karlsruhe University of Applied Sciences. He has already lectured on topics such as business process automation and programming. And he has demonstrated his management skills as the managing director of CarbookPlus GmbH. Sadrick Widmann has been CPO since the beginning of 2018 and is therefore responsible for the product development of cidaas – the customer identity management solution developed by WidasConcepts.

Press Articles EN

Industry 4.0: Protecting endpoints effectively with Customer Identity and Access Management

22.08.18 | Author / Editor: Yael Widmann / Melanie Krauss
Published in MM Maschinenmarkt

Each interface adds new risks to a network. However, one way to securely take advantage of the benefits of Industry 4.0, is through customer identity and access management systems that guarantee a clear authentication and authorization.

The fourth industrial revolution, Industry 4.0, includes both self-regulating systems, communicating machines and the automation of production, as well as the digitalization of customer contacts and services. In all areas, whether man to machine or machine to machine, data is increasingly being exchanged automatically. This intelligent networking of product development, production, logistics and customers offers companies – also in the SME sector – the chance of higher productivity.

At the same time, the multitude of emerging endpoints creates new risks that companies have to deal with. Each endpoint gives rise to new vulnerabilities. Last but not least, it is these risks that make many medium-sized companies cautious about Industry 4.0, especially in Germany. In order to benefit from the advantages of Industry 4.0, new control mechanisms and reliable protection of accesses are needed. Professional user management integrated in the processes is extremely important for data security, as well as for process automation and user-friendly administration.

“Everything is an API” in a networked world. Because as how networking puts it, machines and products send and receive data to communicate with each other. Via interfaces, also API, connections to other systems is established. Each interface represents a potential security risk – and hence more important is to secure the interfaces.

Customer Identity and Access Management (CIAM) software therefore manages, protects and monitors portals and Web APIs through security standards such as OAuth2 or OpenID Connect. In the process, defined authentication flows are implemented. In order to be able to authenticate devices, they must be known to each other because devices must be trustworthy, before and while they interact with each other. In a clever device management system, all machines can be centrally registered, and their permissions could be managed.

Authentication and authorization

In addition to the devices, people who operate, maintain and sort out the machines play an important role, as do the decision-makers who determine the further course of production. Their unique identification and authorization is therefore a critical protective shield. Biometric authentication over face or voice is modern and efficient. In combination with intelligent fraud and anomaly detection, the opportunities of the networked system can be used without second thoughts.

The detection is based on various information available, such as access histories, logon attempts, or device information. Once a suspicious activity is detected, the fraudster can be recognized by an additional factor of authentication and, any further fraudulent transaction could be averted. Each channel is already largely secured – through strong authentication.

The second side of the coin represents the authorization. Channels and their resources require individual protection. This will require dedicated permission management of each channel, as well as an individualized authorization profile. Hence the keyword is: A defined and automated role and group management. By means of efficient allocation and control over roles and permissions, companies can, for example, have different groups of people – including customers or suppliers access their system, because in a (partially) automated and self-controlling value-added chain, a successful supply chain management and a smoothly functioning collaboration are very important.

Digitalisation focuses on the identity of the persons involved. Computers, wearables or machines provide the content context-specific to the person using the device or standing in front of it.

A customer identity and access management system enables companies to take advantage of the multiple opportunities offered by digitization, streamline processes and drive innovation in a secure and reliable ecosystem. Cloud-based, scalable software that is hosted in Germany can also be used to introduce appropriate software step by step and at a manageable cost.

* Yael Widmann is responsible for the business development of Cidaas at Widasconcepts in 71299 Wimsheim.

Press Articles EN

Know your customer and grow your business

Customer Identity Management
Only those who know their customers, can grow their business
Identity Management is indispensable in E-business. Dealers and service providers recognize customers and make targeted offers. Modern recognition systems do away with the age-old user log-in.
Article by Sadrick Widmann IT-Magazine

E-BUSINESS AND digitalization lead to an erosion of customer or user identity. The customers no longer contact companies in person, and a face-to-face conversation is missing. However, customer feedback is still of utmost importance and identity recognition is therefore indispensable. Only those who know their customers can grow their business.

One who has access to information related to past transactions in real-time, can address the needs of customers in a personalized manner. The ability to quickly analyze data and translate it into appropriate action points gives companies the necessary competitive edge.

A social media account is used for registration

Identity recognition is required, for example, in portals for employees, customers, suppliers and partner portals. However, traditional access control via user logins is outdated because it no longer meets today’s demands on security and user experience. An alternative to this is provided by cloud-based identity management solutions such as Cidaas. Solutions of this kind provide comprehensive security across all digital end-devices. Users will also have easy access to their portals, web shops or mobile apps. The registration can be made using a social media account such as Amazon, Facebook, Google, LinkedIn, Microsoft Office 365, Paypal, Xing or Yahoo.

Additional security is provided by multi-factor identification via a second channel. The users confirm their identity with a one-time code, which they receive, for example, via an instant message or a call. Face recognition, voice or the fingerprint recognition can also be used for identity confirmation. In the event of suspicious activities, login attempts are blocked, and both users and companies receive alert messages. User identification systems can be integrated into existing IT systems via secure interfaces. The access rights can be regulated by the companies in detail. Modern solutions also support programming interfaces to the company’s own apps.

Additional services increase customer loyalty

Customer identity management helps to build secure and personalized customer contacts. Based on this, companies could offer additional services on their products and manage customers, dealers or suppliers more reliably and faster. The service package of the cloud solution from WidasConcepts includes ergonomic logins as well as unique user identification. Companies could use it to evaluate customer behavior and data in web shops, apps or other sales channels in detail.

Users actively decide which information they would want to reveal about themselves. Each detail, for example, gives a retailer the opportunity to create offers specially tailored to the customer. He can also derive measures to positively influence customer loyalty. Each signed up user is supported personally and across channels. When satisfied customers become loyal business partners, they are usually prepared to share further details about themselves – because they realize the advantage of having a personalized business engagement.

Digital devices now represent the User

Considering the development of Technology, it is evident, that in the future, not only the Customer but also all his devices that represent him will have to be recognized. A printer that reorders its own ink and a refrigerator that calls the delivery service when its content runs out will soon become a reality. In such scenarios, it is important to associate the individual devices to the respective customers and define their permissions in detail. The fridge should eventually buy the right foods and nothing that the customer does not want. It will not be long before companies realize the benefits of Customer Identity Management and implement appropriate solutions.

The author, Sadrick Widmann, is the Product Manager of the cloud-based Identity Management System Cidaas at WidasConcepts GmbH, founded in 1997.

Press Articles EN

Customer Identity Management in the times of industry 4.0 and digitization in the context of the new Data Protection Act (GDPR)

Wimsheim, 19. Juni 2018

The digitalization of production has the highest priority in many companies. The identification of the customer is one of the most important building blocks. Through a unique user identification, specific customer movements and information in Web shops, apps or other sales channels can be optimally evaluated and, at the same time, customer-friendly log-ins and services can be provided. In addition, cases of fraud and suspicion are detected at an early stage.

Data protection regulation as a challenge

Even though the digitalization of processes offers a significant potential for small and medium-sized enterprises, in order to be competitive, there are still a number of challenges involved. In particular, the new EU-GDPR has left many companies insecure, as the new Data Protection Regulation requires the implementation of technical and organizational measures (TOM) to protect customer data. The background to this is the right to informational self-determination of the individual, which forms the basis of the EU Data Protection Regulation.

Industry – 4.0 Strategy and the new Data Protection Ac

An industry 4.0 strategy that meets the requirements should utilize appropriate cloud based software solutions as Customer Identity Management (CIM) systems. These offer a number of functions that allow companies to immediately provide an EU-GDPR compliant Consent Management System for their customers.

One of these solutions is cidaas. Systems like cidaas can be easily implemented with secure interfaces into existing channels, e.g. employee, customer, supplier and partner portals. Medium-sized companies such as CAMLOG, Germany’s leading manufacturer in the field of dental implantology, have recognized this. “Modern software is intelligent, innovative and easy to use. We at CAMLOG use cidaas as the central user identity management for our shops and portals – our customers benefit from the simple operation and optimum service. – This is how Karl-Heinz Klein, Head of e-Business at CAMLOG, describes the advantages.

Give the user control over his data

Complying with the new data protection regulation, which according to Art. 5 para. 1 d) requires personal data to be factually correct and, if necessary, up to date, must be implemented quickly and in a legally compliant manner by a CIM system. With User Self-Service, similar to that offered by cidaas, companies can give control over the data back to the user and ensure that the data is up to date.

With the coming into force of the EU-GDPR, companies are also increasingly obliged to provide information on the collected data. Here, too, a relevant software solution is helpful and, thanks to simple user management, customer profiles can be easily deleted and thus the right to deletion (Art. 13 EU-GDPR) can be adhered to.

Security through multi-factor authentication

In addition, cidaas offers multi-factor authentication and thus ensures high security with processes such as two-factor authentication and biometric login methods, as required by Art. 32 of the EU-GDPR.

The use of cloud software for operation minimizes maintenance costs, as regular updates are covered by the service package offered. This greatly reduces the daily workload on medium-sized companies. The provisioning and processing of the software via German servers also ensures the highest level of security.

A selection of the software according to requirements and therefore a fair pricing is guaranteed by different service packages. At cidaas this ranges from the free version to enterprise solutions.

Press contact cidaas: Nicole Bräuner, +49 (0) 7044 95103-162, Mail: nicole.braeuner@widas.de

Press Articles EN

CUSTOMER IDENTITY MANAGEMENT

In the age of Industry 4.0 and digitalization in the context of the new Data Protection Act (DSGVO)
Article by Yael Widmann SQ-Magazine Edtion 47

Digital services separate the wheat from the chaff. The better the digital services a company offers to its customers, the more successful it will be. Satisfied customers will almost certainly come back. That’s why identifying customers and their specific behavior when using services is so important. This not only serves the company, but also the users. By evaluating and processing the collected information and improving the web shops, apps, collaboration portals or other customer interaction channels used, companies can offer them customer-friendly log-ins and even better and more personalized services.

Customers are much more accessible by means of digital tools and special programs than traditional methods. In the future, the management of customer contacts will prevail as authorization management under the name of “Customer Identity Management” (CIM).

Depending on the application, the CIM is part of a powerful customer relation management system (CRM) or implemented as a stand-alone solution in the IT landscape of a company. In any case, such a CIM facilitates or simplifies the internal processes by means of delegated authorizations, for example for orders – this makes the tasks of the customer organization more transparent and can be more effectively distributed. Another important factor is the early detection of fraud and suspected cases.

DATA PROTECTION REGULATION AS A CHALLENGE

For small and medium-sized businesses, digitalization holds significant potential to succeed in the increasing competition. However, there are a number of challenges involved. In particular, the new EU General Data Protection Regulation (DSGVO) unsettles many companies. The new data protection legislation requires the implementation of various technical and organizational measures to protect the integrity and confidentiality of personal data. Against this background, many companies have to review their collected data records and, if necessary, adjust or even delete them – this does not come without its problems.

INDUSTRY 4.0 STRATEGY AND THE NEW DATA PROTECTION LAW

An Industry 4.0 strategy that meets digital requirements (including those of data protection) can access appropriate cloud-based software solutions as a Customer Identity Management (CIM) system. There are many providers of CIM systems. The system from cidaas is an example that provides in addition to the digital and automated support of customer management, an EU-DSGVO-compliant Consent Management System.
This and other systems have secure interfaces. In addition, they can be implemented in existing IT environments. For e.g.: employee, customer, supplier or partner portals.

“Modern software is smart, innovative and easy to use. We use a central user identity management system for our shops and portals – our customers benefit from the ease of use and optimal service, ” says Karl-Heinz Klein, Head of e-Business at CAMLOG, a medium-sized company in the healthcare industry.

GIVE THE USER CONTROL OF HIS DATA

Compliance with the new data protection regulation, which according to Art. 5 (1) (d) requires personal data to be factually correct and, if necessary, up-to-date, will be implemented quickly and in accordance with the law through a CIM system. With the User-Self-Services, companies can give control over the data back to the user and make sure the data is up-to-date.
With the EU GDPR coming into effect, companies are also increasingly obliged to provide information about the data collected. Here, too, a corresponding software solution helps and, thanks to the simple user management, customer profiles can simply be deleted and thus the right to delete (Art. 13 EUDSGVO) can be met.

SAFETY THROUGH MULTI-FACTOR AUTHENTICATION

Intelligent multi-factor authentication also ensures high security through user profiling and biometric factors. This is also required in Art. 32 of the EU GDPR.

About the author, Yael Widmann, Business Development at cidaas
She completed her bachelor’s degree in business informatics at the University of Karlsruhe and was honored for her excellent performance during the graduation with the Frauenförderpreis of the University and the Karlsruhe city Prize. She completed her Masters in International Business Development at the ESB Business School in Reutlingen

Press Articles EN

Identity Management thought through

Article by Thomas Widmann, for the Finance Magazine, gi Geldinstitute Edition 02/2018

 

Wimsheim, May 2018                   Following the opening of the banks to third-party providers through the PSD2 standards, additional access channels are created for customers. Third parties must be able to access bank accounts and make payment transactions on behalf of the customer. The time is right to tackle customer identity management with a new approach.  

One account – many authentication channels. This is how customers identify themselves or authorize their transactions today. Looking at the authorization procedures, the list is much longer. These procedures are tedious for customers. True that the procedures have evolved over time. And many banks are struggling to move from account-based access to customer-focused access. If you think of the Master Card (EC card), it quickly becomes clear that basically it can only access one account and when the customer has several bank accounts he needs several cards to make transactions.

Digitalization is bringing about lots of changes

At some point, the anonymous money is replaced by digital money, that it is not so fast in Germany, is essentially because the initiatives were long lacking. Today, the EU is trying to do a lot with PSD2 and Instant Payments, as well as the fintechs and Internet giants – banks are not really the drivers of innovation here. Customers want to pay conveniently and securely, and anywhere. The Service and payment flows will in future occur in sync so that the payment link is not lost. In the meantime, aggregators analyze the financial situation of the customer and provide tips for saving, depositing, investing, or safeguarding. If the customers still have their accounts (wallets) with a bank, then the access path “Bank API” becomes a new one and at the same time one of the most important ones.

Opportunities for the finance industry

When so much is changing already, why not make the authentication procedures uniform, easier and at the same time secure? Though the authentications become overall more complex, but easier for the user. Biometric methods are becoming standard. An intelligent authentication requires a second identity check only if there are doubts about the identity, and secure processes require confirmation of the identity. Overall, today only a customer identity management, such as cidaas, should be sufficient to secure all channels: the online banking portal, the third party app after PSD2, which accesses a customer account on behalf of the user during the branch visit of the customer, to the ATM or statement printer. The transition from the anonymous user, to a prospect right up to becoming the customer is successively achieved with a modern Customer Identity Management through progressive profiling.

 

Press Articles EN

cidaas gets the OpenID certificate

The OpenID Foundation enables implementations of OpenID Connect to be certified to specific conformance profiles to promote interoperability among implementations. cidaas v2.0 implementation is now listed in the OpenID website as one the global certified providers. The certification is also registered by OIXnet at: http://www.oixnet.org/openid-certifications/widasconcepts-gmbh/

The innovative Customer Identity Management software cidaas, developed by WidasConcepts GmbH (Germany), provides complete security for all digital endpoints. This means that users have convenient and secure access to their portals, web shops or mobile apps. They can register using their own social media account, login without password and apply a smart multifactor authentication. Additionally, users manage access by user self-services.

As part of the requirement, the product had to undergo a series of tests conducted by the OpenID Foundation. Only such products that successfully conform to the specific profiles are awarded. “It is a joy to receive the certificate and this is only the beginning. With growing number of businesses going digital, there is a huge demand for the best CIAM systems and with the certificate we provide this assurance.”, says, Vimal Prakash, Lead Architect of cidaas. The certificate is a mark of the team’s commitment to upholding the highest software quality standards.

google-site-verification: google4b32b596721707c5.html