The What and the Why of Any Modern CIAM Platform

Keith Graham
Keith Graham
  • Feb 18, 2021
  • 9 min read

When choosing a CIAM offering, there are many must-have capabilities which should be provided by the platform.

In this blog, we'll discuss what they are, why they're important to any digital transformation initiative, and most importantly, their importance / significance to the customer.


Self-Service Registration and Adaptive Multi-factor Authentication

The problems to be solved:

Customers want to use a website or application with ease, meaning with as little (registration or login) friction as possible. Customer accounts need protecting against attack (account takeover through stolen credentials) which can lead to identity and/or financial theft.

Why the customer cares:

Customers want to do as much for themselves as they possibly can – on their own schedule, without needing to interact or wait on another person, and without having to call a service center. They also want to have confidence that a brand is protecting their account and personal information and not at the expense of their experience.

Why a brand should care:

71% of customer loss is because of poor customer experience, but conversely 51% of enterprises have suffered some form of a breach of customer account information. Reconciling experience vs. security should not be an experiment at the expense of customer satisfaction or revenue.


Social Registration and Login

The problems to be solved:

The reality is that most individuals have existing accounts with one or more social platform providers, e.g., Facebook, Google, etc. Many websites and applications provide the option of social login, and so it's become a competitive requirement for ease of use, and an expectation.

Why the customer cares:

Customers already have too many accounts to manage, and when registering for a website or application they will want to use their existing (and trusted) social platform of choice. For the customer, this speeds their ability to get done what they need to do, whether it's accessing a service or transacting in some way.

Why a brand should care:

Any brand needs to avoid and reduce customer abandonment and make it easy for all customers to return. Competitors may offer this!


Single-Sign-On and Federation

The problems to be solved:

It's a reality that most organizations store customer data in more than one repository and/or offer more than one application or service. A single brand maintaining multiple customer accounts proliferates management and support costs and increases complexity. Furthermore, they hinder customer experience and loyalty.

Why the customer cares:

Customers simply do not want yet another account to access multiple applications or services from different brands from the same company.

Why a brand should care:

Maintaining multiple accounts, identity stores and data sets is expensive and it proliferates support and development costs. It can also lead to misconfiguration and provide an opportunity for attackers to exploit.


Consent Management

The problems to be solved:

Regulatory compliance standards are ever increasing as are the legal and customer expectations on the stewardship of customer information. Any brand needs to ensure that they are in compliance and may not have the in-house skills to know what this is shaped like.

Why the customer cares:

Customers want to know that they can trust a brand (and this is often directly connected to loyalty and repeat business). Customers want reassurance that their information is being used with their consent and they will look to see whether they can trust who they're doing business with.

Why a brand should care:

Brands not only need to ensure that they are in compliance, but well informed with the evolving guidelines of new regulations and not at risk of any regulatory fines or reputation damage.


Built On Standards, Not Proprietary

The problems to be solved:

Simply put, re-inventing the wheel can be expensive and prone to introducing security issues into your customer facing application or website. Leveraging standards-based approaches helps reduce maintenance and integration costs, and the dependency on ‘tribal knowledge' in how your application functions.

Why the customer cares:

Customers want simplicity and interoperability and trust that their accounts and personal information safe.

Why a brand should care:

Standards normalize interoperability and compatibility. Whether it's through standards-based authentication methods or proofing yourself against vendor lock in, it ensures a brand can plan for integration with the unexpected -- whatever/whenever that may be.


Preference Management

The problems to be solved:

Customers may have account settings and preferences (such as when to notify them about new products or promotions) that may need to be updated and managed.

Why the customer cares:

Customer information changes and their preferences and what they want will also change. It is the customers desire to update and maintain this themselves in a self-service fashion without talking to a call center.

Why a brand should care:

Customers want to do more for themselves. This benefits the brand through increased customer satisfaction (they're more willing to trust and use your services and buy your products). This in turn keeps the costs low of managing customer accounts, vs the expense of using a call center or the frustration that can be caused by automated phone systems.


Secure Identity Storage

The problems to be solved:

Customer accounts and any corresponding Personally Identifiable Information (PII) need to be stored securely and in a structured manner that is accessible to the CIAM platform. The need may exist to enable any integrations with the customer data in the identity store, and other systems that the brand may own such as CRM and marketing platforms.

Any brand that is investing in a CIAM platform should ensure their customer data (that they own and they're responsible for) is not stored in proprietary ways (no vendor lock-in) and can be accessed in a performant and timely way.

Data Sovereignty and Data Residence requirements may require a brand to ensure that its customers' data is stored within countries or regions for regulatory and compliance purposes.

Why the customer cares:

It's a recurring theme that an element of customer trust is based on the assurances that a brand can provide in how a customer's information is secured and where (the location) that customer information resides.

Due to the raised awareness of breaches and data loss, customers are more informed and more conscious than ever before about how and where their data is stored. A brand choosing a CIAM platform must ensure it knows where customer information lives and how it is secure (e.g., safely encrypted and not in clear text!).

Why a brand should care:

Brands need to ensure that their customer data is adequately secured and stored and accessible to the CIAM platform and any other systems that may need access to customer account information.

Brands should look for a CIAM offering that provides secure identity storage that's built in and offered natively. This approach reduces any further need for specialist directory/database skills and helps save implementation and operational time that may be needed if investing in another third-party system.

Brands should look to avoid security and compliance issues that are commonly caused through misconfiguration of an identity store which may become yet another place to audit, monitor and secure.


Enterprise Integration

The problems to be solved:

Rarely is customer identity a green field problem that brands need to solve for. Brands will have other investments such as in CRM systems or Marketing hubs or other identity stores that may contain customer information. Additionally, visibility into the security of the customer account lifecycle aids security teams in their detection of security events and anomalies. Seamless integration of any CIAM platform into other investments and solutions is required to achieve any of this.

Why the customer cares:

Customers will want a single view of all their information. While this ties into preference management and consent management, the enablement of those capabilities is wholly dependent on enterprise integration for any brand that may have multi-silos of customer account information.

Why a brand should care:

Homegrown glue is expensive, i.e., building customer connectors between your customer facing portal or application and other systems.

Any brand looking for a CIAM platform that has other silos of customer data should look for a highly integrated and flexible offering that doesn't require the development and maintenance of custom code for that integration. Homegrown code and integrations can cause bottlenecks and create more places for things to break. A net effect is brands need to ensure that integration doesn't come at the expense of reliability and can avoid any data consistency issues between systems.


Scalability And Reliability

The problems to be solved:

Any CIAM platform needs to be able to scale to the levels necessary to support the growing customer base for any brand – not just across geographic regions but also across time zones. It can also be difficult to size this appropriately and estimate its costs.

Why the customer cares:

Customers want access to your website or application and for it to be available every time they need it. Customers expect it to perform well (i.e., not be slow to use).

Why a brand should care:

A brand's reputation and ability to do business can depend on being able to provide continuous and uninterrupted access to a service or application. Using a native cloud-based CIAM offering can provide the automated elasticity needed to scale to the change or growth in customer access – ensuring any customer facing application using it is always available with appropriate response times. This saves brands from the necessary investment in site reliability and infrastructure skill set(s) that would be needed.


Compliance and Audit

The problems to be solved:

Simply put, brands need to ensure that they are compliant with any regulatory or industry standards, and where appropriate be able to provide proof during any auditing activities. Compliance, and proof of compliance, can mitigate and avoid any penalties and fines from non-compliance.

Why the customer cares:

Compliance requirements give customers access to their specific data which may be held by a brand. Customers are more informed than ever and demand transparency, and access to the information that a brand may hold on them.

Why a brand should care:

Compliance with regulatory requirements and industry standards provides for smoother audits and mitigation of reputation damage and/or regulatory fines. Using a CIAM platform, application owners can more easily satisfy internal and/or external audit requirements – reducing spend and time spend on this activity. Any demonstration of compliance helps also promote customer confidence and strengthens customer-brand relationships.


This blog is an excerpt taken from the whitepaper, "An Evaluator's Guide to Buying or Building CIAM" and discusses the top reasons to consider using a CIAM platform.

More articles from this author