By Neil Chapman - Senior Vice President & Managing Director EMEA / International, ForgeRock
The “Age of the Customer” is really the “Age of the Internet;” the internet has taught customers that they no longer need to “settle”. Instead, they can now go online to seek—and likely find—exactly what they are looking for, exactly when they want it. This unprecedented competitive pressure is driving the pace of business innovation faster than ever before. Companies are racing to develop new revenue streams and increase loyalty by rolling out more personalised and more dynamic services. Car companies are adding telemetric features, banks are scrambling over each other to offer the latest mobile app, and retailers and service providers are dreaming up new perks and services to shore up loyalty. Even organisations that do not focus on the top line are innovating: governments are turning to new channels to offer convenience and cut bottom-line administrative costs.
But one huge hurdle in this headlong race to innovate is how to connect customer and citizen identities to these offerings. It is a paradox of openness and restriction: companies need to provide easy, seamless access across platforms and services including the cloud, the Internet of Things, mobile devices, customer portals, social platforms, and the Web. At the same time, they must protect customer security and ensure that customers get exactly—and only—what they pay for. Businesses should reassess their approach to identity management in order to prosper in this new, fast-paced environment.
The new approach to identity management: not just access, but a relationship
“The industry is undergoing a huge shift from identity and access management to identity relationship management,” says Alex Ott, owner and founder of CrossContinentalVentures, a global provider of advisory services to entrepreneurs. “Identity relationship management extends the value of identity where legacy vendors have failed to innovate, supporting organisations in developing seamless and secure customer-focused services across users, applications, devices, and things.”
Traditional identity and access management (IAM) tools enable or deny access based on a few criteria, and only for a few thousand users, typically just employees and partners. Companies looking to support innovative services for customers can leverage identity relationship management (IRM) platforms instead. These can instantly support multiple devices, react to context, and scale up to accommodate millions of users at a time without any performance degradation or service disruption.
Support all devices with login anytime, anywhere
Companies have to support a huge array of devices, applications, and users, as well as the numerous relationships between them, while providing customers the same experience across all their touchpoints. Today’s IRM can link devices— including laptops, phones, touchpads, and even cars—and new mobile and social apps to a single security platform that enables identity synchronisation and single sign on (SSO). This can take place anytime, anywhere, on premises or off in the cloud.
Deliver context-aware services
But today’s SSO isn’t a simple yes/no. Multiple factors should determine whether or not a user gets access, and if so, how much and to what. If someone logs in from a new device or a different country, for example, a business might set up its IRM system to adjust to the circumstances and ask for additional authentication.
Contextual intelligence and awareness add value to digital services. For example, with the Toyota in-car portal, the system “knows” which car and which driver is accessing the Toyota platform, and where they are. This allows the system to recommend gas stations, find a parking spot, and offer real-time traffic information and automatic rerouting. Other services can leverage a wide range of contextual data—such as location, time, customer record, temperature, device, and virtually anything else—to customise interactions with users.
Because IRM systems control access to customer-facing services, they must be able to accommodate thousands or millions of identities simultaneously, quickly verifying identities and privileges. As more people, devices, and things are assigned identities across networks, IRM helps companies avoid uncontrolled growth in credentials and keep access seamless and responsive.
Look under the hood of successful IRM
A good IRM solution is designed from the ground up as an integrated, cohesive stack that is purpose-built to handle complexity. Open-source solutions are well-suited to addressing the paradox of delivering both openness and security on a unified, massively scalable IRM platform. They can connect with virtually any device and keep up with new versions of each. Experienced architects also report that these open source solutions are more secure, because they allow developers to identify and fix security-related bugs faster than legacy, closed-source platforms.
Harness identity to power reinvention and innovation
As consumers demand more personalised services, companies must harness the power of identity to transform visionary ideas into applications that they can deliver to millions of customers, anywhere, using any device.
“The winners and losers in today’s digital world will be determined by how they approach the issue of identity as they develop new offerings,” says Warren Weiss, general partner, Foundation Capital. “Those that utilise the right identity platform can quickly respond to the needs of their business, reinventing themselves to roll out new services to any device or thing more quickly than their competitors—and to seize a distinct advantage in the market.”