Consumer identity and access management solutions have emerged in the recent years to meet evolving business requirements. CIAM is bringing value to the organizations regarding higher numbers of successful registrations, customer profiling, authentication variety, identity analytics, and marketing insights. Companies and public sector organizations with deployed CIAM solutions can provide better digital experiences for and gather more information about the consumers who are using their services.
In order to reduce cyber-crime, fraud or other illegal activities, government agencies are imposing strong regulations on banks and financial service providers to put in place mechanisms for “Knowing Your Customer.” These mechanisms would utilize analytics to develop baseline patterns for all their customers and to be able to spot behavior anomalies and investigate and block suspicious activities. Having an IAM infrastructure designed for managing consumer identities can significantly help the KYC effort.
CIAM systems are typically collecting and managing massive amounts of personal information and thus must take the customers’ privacy concerns very seriously. When the EU’s General Data Protection Regulation takes effect in May 2018, penalties for compliance violation will be considerably increased, going up to €20M or 4% of global revenue (whichever is higher). This makes the task of designing and deploying a CIAM system especially daunting, since companies now have to redesign their existing infrastructures to minimize the amount of collected personal data, put much stricter access controls into place and, most importantly, implement user consent management mechanisms.
In the first part of the webinar, John Tolbert, Lead Analyst at KuppingerCole, will provide an overview of major differences between classic IAM and consumer-oriented CIAM systems and will talk about current and future challenges the CIAM solution market is facing.
In the second part, Ivan Djordjevic, Senior Director, EMEA Consulting at Janrain, will discuss some of the specific approaches and examples for solving security and compliance challenges imposed by the GDPR.