Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

HSBC - ForgeRock Identity Summit 2017 Dusseldorf


Published on

ForgeRock Identity Summit 2017 - Dusseldorf

Published in: Technology
  • Be the first to comment

  • Be the first to like this

HSBC - ForgeRock Identity Summit 2017 Dusseldorf

  1. 1. Customer Identity Management Democratised and Commoditised PUBLIC May 2017 Ian Sorbello - Head of Product Technology (Security)
  2. 2. 2 PUBLIC Overview • HSBC Global – geography and markets • One Strategy – global rollout, different needs • Access Management • Designed for variance • Biometry • APIs • Identity Management • Your organisation’s developers are your customers
  3. 3. 3 PUBLIC HSBC Global – Retail and Wealth • 37 markets across 70 countries • 37M customers • 3 geographic IT points of presence (NA, EU, AP) –many localised sub PoPs covering geopolitical and regulatory boundaries • One solution, globally. • Deploy to PROD, which PROD?
  4. 4. 4 PUBLIC Access Management • Maturation of security standards - OIDC / OAuth2 / UMA / SSO • Strong desire to USE these • Zero desire to CODE these • Subsume underlying identity repositories • Using ForgeRock Access Management and ForgeRock Identity Management • Security commoditised ForgeRock Access Management IDP RETAIL COMMERCIAL PRIVATE
  5. 5. 5 PUBLIC Access Management Market 2 Market 3 PoP ForgeRock Access Management Instance 2 App Y ForgeRock Access Management Instance 1 Market 1 App X Journey A Journey B GEOPOLICTICAL AND BUSINESS LINE INSTANCING Piloting – A/B • Extreme multiplicity requires variation to be at the heart of the solution… Security democratised LOGICAL / REALMS GEOGRAPHIC INSTANCING
  6. 6. 6 PUBLIC Access Management - Biometry • Biometrics – growing in capability and usefulness • Build biometrics on top of a solid foundation • They are just new credentials (inherence factor) • Assume rapid change in this space • Build to pivot – add or jettison is a steady state ForgeRock Access Management ForgeRock Access Management Knowledge ForgeRock Access Management Possession ForgeRock Access Management Inherence Broker Biometric 2 Biometric 1
  7. 7. 7 PUBLIC Banking APIs • A polarised conversation: Should banks enable “programmatic” access? • In the UK this decision was made for us: YOU MUST • CMA OpenBanking initiative, authenticated journeys Q1 2018 • HSBC ready and primed for OIDC and OAuth to publish carefully curated APIs / Services • Because we use ForgeRock Access Management and this is what ForgeRock Access Management does…
  8. 8. 8 PUBLIC Identity Management • HSBC has identity data on clients globally • Immediately, this helps the digital bank (internal) • Further, capacity to participate in identity data markets ForgeRock Access Management Customer Data Customer Data ForgeRock Access Management IDENTITY as a SERVICE Internal Systems Internal Systems Internal Systems
  9. 9. 9 PUBLIC Look After Your Developers • Developers love to build, but they need permission: • To innovate, to challenge, to execute (securely) • They need a way forward: via security platforms, patterns and architectural guardrails • Publish usable security capabilities to your organisation. (hint: ForgeRock). Your Devs will take care of your clients.
  10. 10. 10 PUBLIC Thank you … Ian Sorbello Head of Product Technology - Security | HSBC Digital Solutions (HDS) HSBC Operations, Services and Technology (HOST) | HSBC Holdings plc Level 7, 110 Southwark St, London SE1 0SU, United Kingdom E-mail: Website: