Building the customer relationship with identity and access management
January 17, 2019
Andy Cory, IAM lead consultant at KCOM, demonstrates how to build the customer relationship with identity and access management.
From a security perspective, sign-in processes and log-in pages can seem like a necessary evil. Companies are required to do all they can to protect customer identities and their data. Forcing customers to input passwords and security questions is a blunt but very common way to do this. It is also a method that is rapidly becoming discredited.
YOU MAY ALSO LIKE:
Frictionless authentication, a process that needs little or no direct involvement from the customer, has become a reality. With an expected 20bn IoT-connected devices by 2020, new technologies are enabling an invisible sign-in experience that is both satisfying and secure. Such experiences allow companies to deepen their customer relationships, but only when supported by a joined-up and integrated identity and access management system.
Nowadays, users expect consistency and brevity when they deal with a brand. The experience should be seamless and fast with no clear break between online and offline interactions. If they open a bank account online then the staff in their local branch should know who they are and the details of their account when they next visit. Creating a single digital identity for users and customers, recognised regardless of device or location, makes this possible.
To be competitive and successful, a business depends on customer data. A digital identity is far more than just a credential that gives someone access to the online services they desire. It’s a digital fingerprint that can tell businesses a great deal about their customers, their personalities and their preferences. If managed the right way, data opens the door to hyper-personalisation - the ability to serve highly relevant and timely engagements to customers based on the individual.
For those able to achieve this, the rewards are immense. If you can make your online customer experience easier, simpler and more convenient, then the customer will be back. Not only will this mean more sales in the long term, but more data generated on that customer. The more they use your platform, the better you will know their habits and preferences and the greater your ability will be to upsell and entice them with more relevant deals.
However, the technology that supports effective identity and access management does not exist in a vacuum. Organisations must have an integrated and innovative approach. This can be achieved through systems that collect user data from every interaction, and an engine that consolidates it into a single view of the customer.
Identity and access management used to be a cost of business. Now it is a decisive competitive differentiator, but only when done right. From data collection to content delivery, the identity and access management platform should form the foundation of any customer lifecycle.
The pace of change is quickening. More and more companies are embracing frictionless methods of customer authentication and reaping its rewards. Last year, Amazon posed a challenge to the high-street with the opening of its checkout-free grocery store Amazon Go. Supported by a range of IoT cameras and sensors – and a strong underlying identity and access management system – customers’ purchases are automatically charged to their credit cards, eliminating the need to queue.
Those who are not innovating to keep pace will quickly fall behind. Organisations should always be keeping track of where others are innovating. In 2019, there are plenty of options open to companies serious about delivering a frictionless customer experience. New technologies including AI, enhanced biometrics and single sign-on are driving a better, more competitive user experience.
The area of identity and access management where we are seeing the most rapid adoption is biometrics. The ability to sign in with only a fingerprint or face scan makes sign-in easy, and consumers are gradually being normalised to the technology through their phones and other devices.
Biometrics-enabled processes are secure and relatively painless for users. However, if your objective is to provide the least intrusive customer experience possible, continuous authentication is a good strategy. More organisations are moving away from the standard username and password method to a system where customers are only asked for their details if their behaviour changes significantly.
The granular nature of data collection allows organisations to build highly detailed profiles for their customers; with data on how fast they scroll, how long on average they spend on a page and even how they swipe or how much pressure they put on their phone touchscreen. The solution relies heavily on the data available, but it’s great at delivering reliable authentication and a seamless experience.
These innovations are supported by the wider adoption of single sign-on solutions. These allow customers to access digital services across all devices after only signing in once on one of them. The benefit here is that it allows customers to quickly pick up where they left off and at any time they want. This is especially convenient if they have been watching a video or filling out an online form.
So much of identity and access management happens behind the scenes, invisible to the customer. Every one of these new technologies relies on a high standard of data management running in the background. An identity and access management platform, integrated across every gateway and customer access point is crucial. It is the key to delivering a truly seamless experience, where a customer is recognised by their digital identity no matter where they are or which portal they use.
Elevated privileges demand elevated accountability. I recommend pre-empting the inevitable problem of admin credentials misuse by training users that they’re held to a higher professional standard. One of the aphorisms …
Even though 78 percent of organisations across the globe now have privileged credential protection as part of their cyber security policies, over half of all organisations lack complete visibility over …