cidaas utilises the most modern and future-oriented technologies. Companies benefit from transparent and predictable costs, fast implementation and high flexibility and scalability.
Technical integration Whitepaper
Our whitepaper will help you get started with the integration of cidaas into your business processes and related CIAM functionalities.
Fraud and Anomaly detection
cidaas uses predictive factors and Big Data analytics to verify customers and detect Fraudsters. It provides built-in tools to detect anomalies and stop malicious attempts to access your application. Anomaly detection can alert you and your users of suspicious activity, as well as block further login attempts. You can set your preferences on the notifications that get sent and you can decide whether to block a suspicious IP address or not.
Social login & registration
Users can easily register using their preferred social network account
The cidaas social media registration feature allows the end-user to register for a cidaas identity using his trusted social media account. This means much more comfort for the users: not having to create one more userId / password combination, the registration is automatically filled out and even the confirmation by e-mail is no longer necessary.
The list of Social Providers cidaas currently supports:
- Amazon
- Foursquare
- Github
- GooglePlus
- Google GSuite
- Microsoft (Live)
- Microsoft Office365
- Paypal
- Salesforce
- WordPress
- Yahoo
If additional social providers are wanted, they can easily be added.
Multifactor authentication
Additional security not just in cases of suspicion of a malicious access attempt -for your services and the end users. The cidaas 2 factor authentication verifies the users identity through a second channel.
Your users confirm their identity with a one-time code transmitted by message or phone call, or much more securely with face, voice or fingerprint recognition.
Multi-factor authentication has become increasingly important, therefore cidaas offers an even stronger, password-free user authentication with a free cidaas Authenicator App. A significant advantage for even more user-friendly access to your services. Additionally, cidaas also supports the Google Authenticator App.
Single Sign-On (SSO)
Users are able to sign in to all of the client’s services using one single identity.
The cidaas SSO enables the user to access all content and services of the provider in different portals after a single login without having to log in again.
If the user switches to another service of the provider, access is checked by the cidaas SSO. If the request is successful, the user is granted access to these resources.
User de-duplication
Our Big Data analytics tools learn from the user profiles and recognize duplicate user profiles, during the registration itself. Only a single identity of the user is stored.
Passwordless Authentication
With cidaas biometric authentication, passwords become obsolete and customer login becomes much more convenient. By sending a one-time password (OTP) to the registered email or mobile phone number, the end user gets access to a selection of different biometric authentication options on the cidaas Authenticator.
This improves the user experience at all levels, since users will only need an email address or phone number to register for your application.
This means, your application will not need to implement a password-reset procedure and users avoid the insecure practice of using the same password for many purposes.
The access authentication chosen by the user is automatically validated and set for future authentications.
Password Management
Password policies can be defined in cidaas where you can customize the level of enforced complexity for passwords entered during user sign-up for classic registrations. cidaas offers 5 levels of security to match OWASP password recommendations and further options such as “prevent personal Info” for e.g that enhances the policy and ensure that users have more secure passwords.
Optional Integration into your existing AD/LDAP systems
cidaas offers the possibility to integrate LDAP systems as login provider. Initially you have the option to integrate your employees and legacy systems and finally get a smooth transition to the de facto Standard OpenId-Connect and OAuth2.
Individual protection of all channels of your company
Create dedicated authorization profiles for each channel, there by protecting your resources, which are then integrated using cidaas authentication and authorization mechanisms.
A clearly designed user interface simplifies the management of all security settings for administrators.
Device Management
Recognize the user as well as his devices. In the era of the Internet of Things and a rapidly increasing number of networked devices, your customer uses many devices, also simultaneously. cidaas recognizes these devices and informs you about them. The perfect accelerator for your digital transformation.
E-mail opt in
Automatic Email verification after registration.
The cidaas E-mail opt-in provides an additional layer of security towards validating a user’s authenticity. After registering successfully the user will be informed that an E-mail with further instructions has been sent to the registered E-mail address. This Mail contains a link that the user is prompted to click in order to verify his contact information.
This e-mail contains a unique link from the cidaas system which, once clicked, takes the user to a pre-configured landing page and sends a confirmation message to your cidaas system.
After successfully completing the registration process, an end user will receive an opt-in mail from our system. If the included activation link is not activated within a specified time frame, cidaas sends a reminder with the request to complete the registration process.
Client specific custom fields in user data
cidaas offers a variety of freely definable user fields, which can easily be added specific to your company requirements.
These additional data fields can be entered during registration or when editing the user profile. Through the OpenID-Connect, authorized “clients” can request this information from cidaas.
User Self Services
Registered users can manage their own account/account in a dedicated cidaas user page.
This allows you to reset passwords, to change passwords, to set up 2-FA settings and to edit your own address if necessary. To a certain extent more can be changed in the corresponding database entry.
Secure your Portals and Web-APIs by using OAuth2 -Keyword PSD2
cidaas provides comprehensible and reliable OAuth2 services to protect, manage and monitor your APIs.
cidaas B2B – Expand and secure your customer base many folds!l
The new cidaas B2B module enables you to manage your business partners. Furthermore, your partners and suppliers can also manage their users and business partners. This way, all participating users have efficient control over assignments, roles and authorizations. You, on the other hand, learn more about your partners’ and customers’ employees with the help of this cidaas module.
Consent Management
Now, with the cidaas Consent Management function, companies can give their customers full control over their personal data. cidaas enables users to view and edit their consent preferences – in compliance with EU-GDPR – or to revoke or confirm the consent given, thus limiting the use and possible misuse of their data by third parties. Companies ensure transparency in data management and effectively communicate changes in data protection guidelines and general terms and conditions to their customers, which are recorded in an audit trail.
Physical Access Control
Increase the security of your business facilities with minimal manual intervention and strike the right balance between security and convenience by seamlessly integrating cidaas into your surveillance systems. With cidaas, you can now constantly monitor the entry and exit of personnel into and from your organization’s premises, minimizing unauthorized entry, controlling suspicious activity and protecting sensitive areas. An unlimited number of doors/areas integrated into your surveillance system can be hosted with cidaas and access rights for authorized personnel can be defined and controlled at any time. Receive alerts and notifications of any security breaches/incidents in real-time, not only on the web but also on your configured devices, regardless of your location.
Real World Identification
By linking real and digital identities, you can now improve personalized customer interactions and leverage all potential business opportunities. cidaas helps companies send business-related messages, promotional content and alerts to registered customers as they enter defined surveillance areas around the business facilities, based on signals received from installed beacons and cameras. This feature facilitates customer engagement and can also be used to manage employee communications and employee access to the premises.
Integration of cidaas in your business processes
New technology and high security standards – smoothly integrate cidaas in your businesses processes
Businesses today are in direct contact with several players, exchanging sensitive information over different channels in their business environment. Employees accessing using mobile devices, inquiries from customers and partners, or third-party public interfaces make the corporate networks vulnerable to data theft. Secure API interfaces and unique user identification are of utmost importance here. For the APIs, our customer identification and access management ideas uses identity standards such as OpenID Connect and OAuth 2.0.
A unique identity for each user is established using the most advanced multi-factor authentication and Big Data technology. With these high security standards, cidaas can be deployed seamlessly and easily in any organization. Whether customer portals, partner and employee portals, equip your company for the future with our intelligent customer identity solution tailored to your needs for B2C, B2B and B2E.
Our cloud service offers you fast and easy integration through existing components for social login, registration and single sign-on.
