In the age of digitalization and customer-centric business models, the protection and management of digital identities has become extremely important. Be it a small start-up, an established online retailer or a renowned insurer – every organization now operates a digital presence of some kind. This brings with it more and more logins and verification process and allows the number of digital identities to grow rapidly.

What is your guess? How many digital identities does a person have on average?

There are often more than 10! So it can be said that digital identities are the central element of current technology trends and are thus significantly involved in the digital value chain.

But what exactly are digital identities and why are they considered by companies to be the central asset for a fully digitalized value chain?

Digital identities require end-to-end identity management

Definition of “digital identity”: “Digital identity is a collection of electronic data to identify an Internet user with a physical identity. Data belonging to a digital identity are e.g. username, e-mail address, home address, account number, password, etc. and are referred to as attributes. A physical user can travel across the Internet with many different digital identities (different user name, different e-mail, etc.)” (technical report No. 114 of the Hasso Plattner Institute for Software Technology at the University of Potsdam).

However, a digital identity may not be just a physical person in the form of a customer, partner or employee; “things” such as machines and applications also have their own digital identities.

But they all have one thing in common – no matter whether man or machine – they all have to clearly verify themselves in order to be able to access digital services. Until a few years ago, the authentication of the digital person was almost exclusively based on an email password combination. But this is no longer adequate for the fast-paced and convenience-driven user. With the large number of diverse digital services and the associated “masses” of different passwords, users usually pull their own strings. If the time comes and the password is forgotten, the account owner needs a lot of patience. Resetting the password usually requires many individual action steps, during which it must always be ensured that it is the actual account holder. This is probably not the only reason why biometric methods have established themselves in recent years for accessing apps. Thanks to fingerprints, FaceID and the like, services can be accessed conveniently, quickly and above all securely, since the physical features cannot be forged.

Here, too, it shows:

Only those who maintain trust and reputation on the Internet can count on the trust of their customers.

This presents companies with three challenges:

  • To offer the user and his digital identity both the highest level of security and convenience
  • To maintain and manage digital identities in compliance with GDPR
  • To recognize customer potential through communication with the digital identity and to build long-lasting, trusting customer relationships, because the next provider is only a click away.

Customer Identity Management combines user convenience and security on a single platform

In this context, Customer Identity and Access Management (CIAM) solutions are becoming all the more significant.

Identity platforms merge the topics: Management of digital identities, data security, user comfort and their management in just a single software suite. Customers are supported throughout the entire customer journey, starting with convenient and short registration and login processes, user self services for account management, multi-factor authentication (MFA) for secure account access and single sign-on for a consistent experience across all channels.

The topic of authentication plays an important role in the secure storage of personal data, some of which is sensitive. It must be ensured at all times that the customer is actually the person he or she claims to be. Like in the “real” world, identity is the most unique characteristic of a person, organization, resource or service. However, while in the ” real ” world the verification of identity is done via the identity card and is therefore quite secure, the identification of a digital person is much more complex. As the numerous data glitches of the recent past show, traditional methods such as username-password are often not sufficient to protect customer data. However, authentication is a critical key to secure transactions and protect personal information.

Secure authentication of digital identities through two-factor queries

To identify a digital identity, CIAM tools offer a multi-factor identification, also known as two-factor identification. Multi-factor authentication (MFA) is used in today’s concepts and technologies in combination with fraud detection. By querying a second factor, a high level of security can be provided while simultaneously providing a high level of user comfort. The query of the second factor is adaptive, i.e. only in case of irregularities. Very common and secure authentication factors used in two-factor queries today are biometric features. The unique characteristics of a person such as fingerprints, face or iris are scanned and compared with the stored identity. At the same time, a Single Sign-On (SSO) can be implemented across all digital channels of a company using identity software. The customer remains logged on to all digital platforms of a company with just a single login. Authentication can be carried out using various devices. Identification via a Smart Watch is gaining popularity.

It is crucial that a company actively offers its users these diverse identification methods. Only if the user can choose his preferred method of authentication without any problems will he feel understood by the company in the interim.

GDPR Compliance via Customer Identity and Access Management

At the same time, the company must provide its users with convenient access to manage their own user data, as required by the GDPR. A good CIAM system comes along with these functionalities “out of the box”.

This also gives companies the opportunity to request users’ consent to receive tailored offers and personalised communications, in addition to requesting consent on general terms and conditions.

Another positive aspect for companies is that they are provided with the consent to process personal data (PII = personally identifiable information) required under Art. 7 (1) GDPR by the company at the push of a button. Companies are thus optimally equipped for the requirements of the EU GDPR and do not run the risk of committing data protection violations.

Even if the management requirements have become formally more demanding for companies as a result of data protection and other European regulations, they can be implemented with a corresponding CIAM tool without increased effort and, at the same time, they can even be managed in a marketing-oriented way, for example.

Are CIAM systems implemented only by large companies? Wrong! There are also great opportunities for mid-sized companies

Due to the many functionalities offered by CIAM software, the misconception often arises that only large companies can benefit from its use. Many medium-sized companies do not deal with the topic enough and often consider it to be too complex and too expensive. But that is wrong. The profitability of a customer identity system cannot be determined by the size of a company, but by the customer journey it offers its customers. The focus is therefore on both B2C and B2B customers, of course with different CIAM requirements.

But many midsize companies still focus on the protection of traditional end-points and neglect the support, management and protection of digital identity. These companies also sometimes have a large number of users on their digital channels, which are difficult to manage manually, and this number is increasing almost daily. In addition, there are positive aspects in addressing individual B2B customers, instead of contacting them via a collective e-mail address of their company (e.g. info@…), individual persons in the customer company can be identified and addressed.

Therefore, an identity management tool also offers medium-sized companies the opportunity to manage and actively use the identities of all involved persons quickly, securely and cost-effectively.

When choosing an identity tool, companies should consider the following:

  • Security for sensitive data through data encryption and integrated fraud and suspicion case detection
  • Scalability: continuous scalability based on the respective requirements
  • User-friendliness: simple user guidance an excellent user experience
  • Technical interfaces: the “everything is an API” approach allows the solution to be easily and seamlessly integrated into existing applications and processes via open interfaces.
  • Modern authentication methods to quickly and conveniently transform unknown visitors into known identities and to increase access security
  • Data governance: GDPR-compliant consent management for compliance with data protection regulations
  • 24/7 expert support and free initial consultation available

The question of whether the use of an Identity Management solution makes sense or not no longer arises today. Rather, it can be said that every company, regardless of its industry and size, needs a CIAM. Especially since the knowledge of customer data is becoming an increasingly important competitive factor. Modern identity platforms enable a significant advancement here and simultaneously balance the two appealing topics of data security and customer experience.

Dr. Sadrick Widmann – Master of Science at the Karlsruhe University of Applied Sciences, as well as key topics: Automation of Business As CPO since 2018 responsible for the product development of cidaas, a customer identity management solution of Widas IT, Germany.