25 May, 2020 | 3 min read

CIAM for Customers With Varying Levels of Experience

  • Gomathy Kumarakuruparan
  • Technical Writer - WSO2

Customer identity and access management (CIAM) is not a new concept anymore but some of us have the tendency to confuse it with our traditional identity and access management (IAM) solutions. CIAM is not the cherry on top of IAM. It’s a cake by itself.

Yes, your CIAM solutions are still going to solve identity and access related issues. However, how and who you’re going to design these solutions for will and should vary. The IAM solutions you designed for the employees of an organization are paid (enough or not) to learn to use them. Your customers also know that these employees are smart enough to handle your product and any mishap is going to only cause a wasted number of man-hours.

As serious as it may sound, this latency is nothing compared to what a malfunction or inefficiency in your product when exposed in front of their customers, can do to their business as a whole. There are a whole lot of things that you need to consider when your client wants to use your IAM solutions for a customer base. However, the primary one is that unlike the employees or your client, this customer base is external and would look for convenience and privacy at the least.

To explain the importance of catering to customers' needs and requirements, I will use some LUDO references throughout this blog.

Every business strives to meet the expectations of its customers. In our game, our customers will be the players and we will only support their mission. Remember that our customers are also no different. Your customer is not your soulmate and will not surprise you with an “I know I deserve better, but I just can’t let go”. When your customers leave you, most of the time it is because their customers and stakeholders did not find you useful. If you were sensible enough, you would have known this for much longer. Customers are outspoken, they know their options and their rights. It’s just a matter of asking yourself a few questions.

  • Is somebody else doing what you are doing in a better way?
  • Is somebody else doing what you are doing at a better price?
  • When your customer frowns, do you have enough people who know what they’re doing, to turn it into a smile?
  • When the world changed did you help your customer change with it?
  • Knowing your customers is a given, but do you know their customers?

Rate yourself out of 5. If you are not sure what’s a "yes" and what’s a "no", then you might need to go back to a more basic game which I’d like to call “brainstorm-the-blunders”. Your customers could already have reached an advanced level. Just make sure you give them the right bonuses depending on their levels. Also remember that with the customer progressing to a different level, you may need to level up on the support you give them too.

Level - 1 >>> Compete

These customers are the newbies. They are not quite sure why they need a CIAM solution. They are competing with giants with a comparatively lower investment. However, the market is broad enough and there are businesses that need the said services at a lower cost. The concern here is that your customer is not the only bloomer in the given business.

It’s a race after all.

However, identifying the must-haves in CIAM is not wizardry. These are the aspects of your customers’ first super-six to begin their business journey with CIAM.

  1. Single Sign On
  2. The customers have a lot on their hands already. Logging into hundreds of applications every day would be an unnecessary hassle to them. Imagine having to remember all those credentials. Phew. Using SSO, the customer will be able to experience a smooth sign in since the customer will be able to access multiple applications using a single log in.

  3. Multi Factor Authentication
  4. This is a tricky advantage because when overdone, it can prove to be a menace. Multi factor authentication (MFA) makes sure that the users who try to access data are the legit ones. This is a security enhancement. The most commonly used additional factor in MFA is the one time password (OTP) usually sent to the customer’s registered email or mobile number. Some customers are not very keen on using this since it involves multiple steps.

  5. Adaptive Authentication
  6. To ease customers from the tediousness of multi factor authentication, the adaptive authentication was brought into the scene. The administrators can decide on how many authentication factors are required, or if MFA is required at all, based on multiple factors like the user’s role, risk factor, and IP address the user is using to access the resources.

  7. Social Logins
  8. SSO made access convenient and secure. However, this experience needed further enhancement. Using social logins, the user can access applications with no registrations required via social identity providers such as Twitter and Facebook.

  9. Passwordless Authentication
  10. This is another recent addition to the authentication enhancements. Passwords can be risky when exposed to the wrong eyes. It can also be extremely cumbersome to remember and keep an audit. Using this, there is no need to remember a password. Instead, single-factor authentication is all that takes to authenticate the user, but it still proves to be secure enough. Wanna know how WSO2 Identity Server handles this with the help of FIDO2? See this article for more details.

  11. Self Registration
  12. Customers do not need a customer care agent to create an account on their behalf. This reduces the waiting time from the customer’s end and the overhead from the client’s end. The customer care portal should be highly user friendly.

Level - 2 >>> Imitate

The customers who have reached this level, are the ones with awareness about CIAM and are now looking for more ways in which they can attract customers. This is a level where influence from a competitor is acceptable and even appreciated. There are always the first movers and the late movers in any business segment. If your customer is not someone who invests a lot in research and development, then they probably belong to the second category. This can be an advantage at times. Since they are now a stable organization, they can look at what more the competitors are doing and act accordingly. This can never become a competitive advantage but would help the company not fall behind in the race.

The yellow coin waits and observes while the others compete

To help your customer through this phase, you, as a CIAM solution provider, should know what the trends are. More importantly, you should know what you are supposed to comply with. Customer information is worth billions and if unfairly distributed or carelessly handled, can lead to intense breaches and the dissatisfaction of customers, ruining your brand reputation. As a product that handles critical data, any CIAM product is expected to comply with certain regulations that are in place for the sake of customer safety.

Data privacy is crucial. You cannot collect or handle customer data without their clear cut consent. They have the right to know what is their data used for at all times and your solution should be able to audit all of it. The customer has the right to ask questions, request to be deleted, and perform more such actions under these regulations.

If your product lacks these offerings, then it is better to halt and get an idea of what the others are doing to satisfy the conditions mentioned in the regulation and develop your product with those safety measures before moving on to the feature developments. GDPR and CCPA are two very important regulations in place today. You can find hundreds of articles online about compliance with these regulations. WSO2 handles more than just these regulations in a very serious manner. Read more on these regulations here.

Level - 3 >>> Advance

Now your customers’ coins have all been launched. They trust themselves, and they trust that you would safeguard their identities and accesses no matter what. Now is the time that the copying and following mentality ends. It is time to do something more than your competitors and identify the gaps in the market segment that you serve and make a significant difference by overcoming those barriers. Your clients will do their part, identifying and resolving gaps in their respective industries. You, as a CIAM service provider, are supposed to massively improve your products and services in this stage to retain your customers who are working towards exponential growth.

Customer satisfaction is key. This is the stage where you find what you lack, and what you can do to surpass all your competitors. With higher convenience comes higher loyalty. Customer loyalty and retention is a key advantage of a good CIAM product. Make sure that your product supports deployments in on-premise, cloud, and hybrid environments, and the transitions are smooth and speedy. Integration with other products should be a pleasant experience. Especially, as a CIAM product, it should be able to interact with your customer’s ERP or content management systems with ease.

Any business would be considered going and growing, unless and until specified otherwise by the board of directors of that business. Going by this logic, any strategic plan for your product should be made remembering that your existing customers would all grow significantly in just a few years and your products should support that growth. A CIAM solution should be scalable and the performance should be monitored and improved on a regular basis.

Your customers should be able to access all user information with ease without having to wander around. Information in the system should be up to date and precise under all circumstances. On the other hand, this access to customer information should be restricted to only those who are concerned about it and necessary authentication measures should be taken to confirm the right accesses. The product should be capable of handling several endpoints and extend itself for better security, convenience, or for a specific use case.

Level - 4 >>> Mould

Congratulations! You’ve helped your customers with all their CIAM needs. Like you know, businesses don’t end with satisfying needs. Now search for better ways in which you can contribute to the CIAM community and rock on!

Creative ways of managing security audits, centralizing globally available user-based data, automating precise user reports with no assistance from the customer service representatives, securing all the endpoints from brute force attacks and other phishing attempts, and providing easier biometric scanning options as a single-factor, yet a secure option for signing in are a few examples of what we can do. An uncomplicated customer portal is a must.

It might look as if we are all running this race alone, but in the end it is us against all the security threats that are spreading at a threatening rate. We can do more as a community than ever before. We at WSO2 believe in supporting each other. When everybody wins, there’s no master!

Learn more about using WSO2 Identity Server for CIAM here.