Customer identity and access management (CIAM) fulfills a dual role for retailers and consumer-facing enterprises. On the one hand, CIAM functions in much the same way as its employee-facing cousin identity and access management (IAM); it protects against credentials abuse and identity theft by hackers. On the other hand, CIAM must provide customers with a smooth and pleasant transactional experience to best facilitate purchases and prevent cart abandonment.
What are the top CIAM capabilities? What should enterprises look for in their customer-facing identity security solutions?
We came up with the 5 CIAM key capabilities. They are:
1. Social Sign-On
CIAM key capabilities must walk a difficult balancing act between protecting consumers’ accounts and providing them a seamless and frictionless customer experience. Experts argue the latter truly makes CIAM distinct from traditional IAM.
Part of providing a seamless customer experience is making the login process as smooth and natural as possible, which can be achieved through social sign-on. Social sign-on allows users to login into their accounts through their social media credentials. Often, the users’ browsers already have their social media credentials saved, making the sign-on process even easier.
While unthinkable for employee logins, customers’ relatively low-level of access to your network allows them to enjoy the freedom of social sign-on. Additionally, CIAM can enable account creation through customers’ social media accounts, allowing the onboarding process to be as pleasant as the overall customer experience.
Ping Identity, a prominent CIAM solution provider, released the “2018 Consumer Survey: Attitudes and Behavior in a Post-Breach Era.” This survey uncovered some critical findings:
- 78% of consumers won’t engage with a brand online if the brand experienced a data breach.
- 36% would stop patronizing the brand altogether even if they had previously been a returning customer.
This highlights the importance of security when discussing CIAM key capabilities. Consumers must feel secure when engaging in their online transactions, much in the same way they must feel secure when going to an analog store.
CIAM provides enterprises’ options to deploy multifactor authentication and risk adaptive authentication. The former can incorporate increasingly popular biometric authentication methods like fingerprint scanning on mobile devices; this has the added benefit of being convenient to use.
The latter facilitates different authentication scenarios; a request for a password reset should not have as many identity security barriers as financial transfers, for example.
Importantly, identity security works to your benefit and your customers. Consumer confidence means more online sales, and more security means more consumer confidence. The safer you are, the more profit you can expect.
3. Password Reset Self-Service
In a normal IAM scheme, your employees can contact your IT security team and ask them for help in retrieving their passwords. This, of course, often proves sub-optimal; it stresses your already thinly-stretched IT team by adding to their workload. Furthermore, it delays business processes significantly as employees wait for help.
Adding consumers’ password reset requests to the mix is a recipe for disaster, for both your IT team and your customer experience.
Therefore, self-service remains one of the CIAM key capabilities. Through CIAM, consumers can retrieve or reset their passwords relatively quickly and effortlessly through email or SMS messaging. They can thus return to their cart and their transaction quickly, improving the experience and ensuring their peace of mind concerning cybersecurity.
4. Customer Data Collection and Secure Storage
CIAM doesn’t just allow users to securely log in and conduct their business. It can also provide your enterprise with crucial information such as shopping preferences, behaviors, and individual interests.
This customer data can significantly contribute to your marketing efforts, as it allows to you to target your marketing messages—and even individual coupons and promotions—to specific individuals.
Additionally, this customer information can improve your personalization, allowing you to tailor the customer experience to the individual and therefore optimize their transactions.
CIAM must thus securely collect and store this information in a database which follows regulatory compliance mandates such as GDPR.
5. Other IAM Capabilities
Of course, you may consider calling attention to the other IAM capabilities in a list of CIAM key capabilities cheating. Granted, that is a fair stance to take.
However, CIAM is a branch of the identity management tree, and its capabilities can help both secure consumers’ identities and provide them with a pleasant online shopping experience. These capabilities do not lose their relevance simply because of the focus shifting from employees to customers.
Key IAM capabilities to consider in your CIAM include:
- Single Sign-On.
- Active Directory.
- Granular Authentication.
- Access Rights Management.