White Paper

CIAM Success Hinges on Experience and Security

Strike the delicate balance between usability and security

Contents

Introduction
Why it’s Time for a Purpose-built CIAM
What to Look for in a CIAM Solution
How to Deliver Security & Privacy

Introduction

In today’s digital first world, businesses are accelerating initiatives to meet consumers “where they are” and to make engagement for customers convenient, secure, and seamless. The competitive landscape across many industries from financial services to healthcare is changing as the voice and expectations of the customer becomes critical to business success. Gartner notes that 86% of organizations say they will be competing on the basis of customer experience by 2021. The focus on the customer experience creates a requirement for organizations to deliver an exceptional digital experience for users. The expectations of customers – and meeting those expectations – are driving the need for businesses to deploy a purpose-built CIAM solution to attract and retain customers.

Consumers are a click away from engaging with an e-commerce site, leveraging digital services or simply engaging with a brand online. According to Statista, in 2020 retail e-commerce sales worldwide amounted to 4.28 trillion US dollars. And e-retail revenues are projected to grow to 5.4 trillion US dollars in 2022. Purchasing goods and services online has become a standard practice around the world and is changing the dynamic between consumers and businesses. Regardless of the reasons why consumers are transacting purchases online, the reality is the number of digital buyers is on the rise. Businesses need to pivot and adapt with new strategies and digital initiatives to not only remain relevant to consumers but to also create competitive advantage.

Gartner notes that 86% of organizations say they will be competing on the basis of customer experience by 2021

Due to the changes in consumer behavior, Consumer Identity and Access Management (CIAM) solutions are transitioning from a ‘nice to have’ to a ‘must have’ for business to successfully engage and attract new customers. User adoption and interaction is critical for any CIAM solution to deliver true business value. The user experience (UX) is often cited as the most important element of a CIAM solution. Overall ease of use is extremely important for engagement and retention from a customer’s perspective. However, beyond a great UX is the need to ensure the solution directly addresses issues of privacy and consumer data protection. If existing or potential customers are not confident their personal data is safe and secure, they will opt-out and move on to other services or brands that meet their privacy requirements resulting in lost revenue and potential brand damage.

A great CIAM solution will exceed customer expectations with respect to usability and personal data protection enabling businesses and their brands to develop long-lasting relationships with customers.

Following are common objectives noted by organizations looking to implement a CIAM solution:

  • Improve conversion rates
  • Replace homegrown solutions
  • Enable digital business initiatives
  • Create a 360 view of customer
  • Enable a singular login experience
  • Unify the user experience
  • Streamline operations

The requirements for a successful CIAM implementation differ from that of a workforce identity and access management solution. The underlying reality of these differences is in the core assumptions about workforce versus customer relationships. The reality is workforce users are paid employees required to use an organization’s systems in their day-to-day jobs. But customers in contrast can, and most likely will, simply walk away if their experience does not meet their expectations.


Why it’s Time for a Purpose-built CIAM

An agile feature rich CIAM solution is a core requirement in today’s modern digital world. The ability to enable businesses with intelligence and visibility throughout a customer’s lifecycle is invaluable. Deploying a purpose-built CIAM solution is a strategic initiative that requires engagement, feedback and input from multiple stakeholders throughout the business. The selection of a CIAM solution should not rest only in the hands of the marketing department or a singular business unit. Stakeholders throughout the organization from marketing, product, services, security, IT, and the IAM team must collaborate to define requirements and identify use cases that must be supported to ensure organizational alignment and commitment. For organizations to truly put the customer first, a purpose-built CIAM solution is critical… but so too is a culture throughout the business championing the customer.

The primary objective of a CIAM solution for any organization is to drive engagement and accelerate revenue growth. In order to drive the desired growth, organizations utilize the intelligence generated by the CIAM platform to build and nurture deeper customer relationships via collection of unique user information – being sure to always protect the data and ensure its privacy.

The privacy and security of each customer’s data is crucial, as the safeguarding or lack thereof can have a direct impact on an organization’s brand, revenue and reputation. Therefore, it’s imperative your CIAM solution is compliant with the requirements outlined in various regulations and laws (i.e. GDPR or CCPA) protecting user data and rights. Regulations may specify different residency requirements with respect to the physical location of the protected data or user rights such as the ability to invoke the Right to be Forgotten. It’s vital to fully understand your use cases and how and where your user data will be used and stored.

CIAM and workforce IAM initiatives are primarily based on the same functions:

  • Identity verification
  • Identity storage
  • User authorization
  • Identity administration
  • User authentication
  • Audit and reporting
Frictionless User Experience
The implementation of these functions is very different because the relationships are not the same. With an employee, an organization vets and verifies the identity of the user as part of the hiring process. But at the beginning of a customer relationship, an organization knows very little if anything about the user, or even whether the user is truly a person or not.

A CIAM solution applies a different approach to genuinely Know Your Customer (NYC) and enables a different process compared to a workforce IAM solution to understand the user and deliver a great user experience throughout the user’s lifecycle.

Capturing accurate data is essential for an organization to provide each customer a great experience. As new strategies drive investment in digital initiatives focused on creating value for the customer, the need for a robust CIAM solution becomes a business imperative. The ability for a CIAM solution to provide progressive user profiling or seamless integration with a CRM platform will create extraordinary value for the business. Deploying a purpose-built CIAM solution will help organizations realize deeper user insights and quickly gather a better understanding of each customer to successfully provide a secure, unified and compelling customer experience.

Key aspects of a CIAM solution include:


What to Look for in a CIAM Solution

As your organization assesses the requirements and overall drivers for a CIAM solution, your team should consider the balance between immediate needs and your long-term ongoing strategy with your CIAM practice. Even though a handful of core identity and access management capabilities are fundamental for all user types, managing and nurturing a customer relationship is different. Taking a pragmatic approach to designing and implementing your CIAM solution is critical to reaching your milestones and business objectives for both your users and your business.

Customers versus a paid employee are much less tolerant of a poor user experience. An employee will tolerate friction to get the job done. Whereas a customer will likely abandon a cart or terminate a relationship if their experience is deemed bad. To avoid these scenarios, your CIAM solution must differ from your IAM workforce solution. CIAM institutes a user first focus with an emphasis on gaining a better understanding of the customer to meet their needs and exceed their expectations while securely protecting their identity and data.

Following is a brief list of trending user expectations to consider during a CIAM assessment:

Deliver an intuitive, intelligent and complete (end-to-end) customer experience

  • Omnichannel is becoming the norm and the expectation
  • Data unification is essential to manage identity and profile data
  • Customers expect more control of their journey
  • Frictionless login accelerates on-boarding and improves retention

Evaluate privacy and user protection features and functionality

  • Identity proofing capabilities improves user confidence
  • Fraud detection and prevention creates customer trust and loyalty
  • Support for BYOI (Bring your own identity) improves engagement
  • Self-management for privacy and security preferences improves experience
Providing the best possible customer experience is key for a successful CIAM deployment. In general terms, the experience is the sum of a user’s interactions with a company across all customer touch points. These touch points include mobile applications, on-line portals, web sites, e-commerce sites, marketing outreach, sales initiatives, customer support, services and more. Each of these elements has the potential to provide either a positive or negative experience. As an example, a bad self-service registration UI may lead to high abandonment rates and low conversion rates. A poor customer support process may result in a lost sale or permanently lost customer. Organizations that strive to embrace a customer first culture in every aspect of the business, along with their CIAM solution, will provide the omnichannel experience customers expect improving engagement and retention.

How to Deliver Security and Privacy

Privacy and compliance capabilities are a foundational requirement for any CIAM solution. A strong CIAM solution will provide multiple features to protect the customer and their personal data. Organizations must adhere to a growing number of consumer protection laws and regulations which can become difficult to manage for organizations operating in multiple jurisdictions.
Organizations must strive to deploy a CIAM solution that deeply support privacy in all process flows, rather than settling for superficial compliance.

Establishing a strong security architecture is a must to properly support a CIAM solution. Utilizing a layered approach to security is key to confidently protect customer information and maintain user trust. Providing the ability for customers to select their own security preferences, such as MFA options from Push-to-Accept to SMS or even email, will set the stage for a strong customer relationship. Enabling the Right to be Forgotten via a simple key stroke is another essential component of a good CIAM solution. Customers will value the ability to erase their personally identifiable information (PII) with the click of a button – no emails or phone calls… just a simple and easy online submission.

Organizations must adhere to a growing number of consumer protection laws and regulations which can become difficult to manage for organizations operating in multiple jurisdictions.
Organizations must ensure protection from bad actors looking to compromise accounts and execute identity fraud. In a scenario such as a customer conducting a high-value or sensitive digital transaction, some friction (such as MFA or identity proofing) may be a welcomed experience for the customer. Enabling a customer with the ability to set their preference for an additional identity verification step creates confidence and trust. For example, some customers may opt-in to have an additional verification step in place for purchases exceeding $500.00. This additional friction is deemed acceptable by the customer and improves protection against potential fraud further strengthening trust with the customer.
CIAM is all about making things easier for the customer.
CIAM is all about making things easier for the customer. For many organizations, a first step is to provide a unified experience for the customer. This can include enabling single sign-on (SSO) across all relevant user interfaces and allowing customers to leverage an existing social login when initially engaging with the organization. Throughout the customer’s lifecycle, your CIAM solution will provide valuable data for your business to analyze and interpret to meet customers ‘where they are’ and ultimately create the relationship your customers desire. By starting with an approach to make things seamless, easy and convenient for the customer, your business will create a competitive advantage that results in healthy customer relationships, brand ambassadors and revenue growth.

Get Started

To learn more about how the SecureAuth Identity Store CIAM solution helps businesses enable a fully digital customer experience check out our Identity Store.

Request a Demo

Complete the form below to request a personalized demo of SecureAuth’s CIAM solution