Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

CIAM: Conquering the Phygital Battleground with WSO2 Identity Server

156 views

Published on

This slide deck explores how WSO2 Identity Server gives you the ability to implement a lean, extensible, scalable, and developer-friendly solution that is able to meet the core requirements of CIAM.

Published in: Technology
  • //DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... //DOWNLOAD PDF EBOOK here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... //DOWNLOAD EPUB Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... //DOWNLOAD doc Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... //DOWNLOAD PDF EBOOK here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... //DOWNLOAD EPUB Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... //DOWNLOAD doc Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

CIAM: Conquering the Phygital Battleground with WSO2 Identity Server

  1. 1. 19th, July, 2018 Customer IAM: Conquering the Phygital Battleground with WSO2 Identity Server Johann Nallathamby Senior Lead Solutions Engineer @ WSO2
  2. 2. 2 THE DIGITAL BUSINESS LANDSCAPE Digital products, services, and business models, along with consumer demands are reshaping the landscape of many industries Focus on customer experience 1 Digital technologies are changing the game of customer interactions, with new rules and possibilities that were unimaginable only a few years back. 2 Optimizing operations Transforming the operational processes to increase both its efficiency and its innovativeness. Creating new digital products or delivering new digital services based on data related to the physical product. Evolving business models 3
  3. 3. 3
  4. 4. 4 BUSINESS OBJECTIVES ● More customer engagement ● Higher conversion rates ● Increased revenue per customer ● Increased customer loyalty ● Reduced customer churn ● Improved business agility and operational efficiency ● Security, privacy, and compliance ● Multiple channels ● Partnerships, mergers, and acquisitions
  5. 5. 5 EMPLOYEE IAM vs. CUSTOMER IAM Employee IAM Customer IAM Business Objective Reduce risk and improve efficiency Everything mentioned in previous slide User Profile All required information is acquired when hiring Progressive profiling Experience Generally tends to be not prioritized unless it detracts from efficiency Extremely important Personalization Almost non-existent Extremely important
  6. 6. 6 EMPLOYEE IAM vs. CUSTOMER IAM Employee IAM Customer IAM Privacy Organization centric policies Customer centric Security Known users, physical access to employees Unknown users, no physical access to customers Scale Could go into 100s of 1000s Could go into the millions Performance and Reliability Generally tends to be not prioritized Extremely important
  7. 7. 7 CUSTOMER IAM SOLUTION
  8. 8. EXPERIENCE
  9. 9. 9 CUSTOMER ONBOARDING Self-registration BYOID/Social Sign-Up
  10. 10. 10 SELF-SERVICE FEDERATED ACCOUNT LINKING ● Link on self-registration ● Just-In-Time linking ○ Just-In-Time account provisioning ○ Just-In-Time password provisioning ○ Fill missing attributes ● Link from self-service portal (Social connect) Johann
  11. 11. 11 SEAMLESS SINGLE SIGN-ON
  12. 12. 12 STRONG CUSTOMER AUTHENTICATION Johann
  13. 13. 13 IDENTITY PROOFING
  14. 14. 14 SELF-SERVICE ACCOUNT MANAGEMENT ● Password Management ○ Password reset ○ Password recovery ○ Account unlock ● Profile management ● Preference management ● Opt in/out settings ● Consent management ● E-mail address / mobile number verification ● Account linking
  15. 15. 15 MULTI-REGION DEPLOYMENT https://medium.com/@johann_nallathamby/multi-region-deployment-for-wso2-identi ty-server-part-1-a4405d52402a https://medium.com/@johann_nallathamby/multi-region-deployment-for-wso2-identi ty-server-part-2-1cdbc68db84f ● Low Response Time ● Disaster Recovery ● Compliance
  16. 16. 16 SCALABILITY
  17. 17. ENGAGEMENT
  18. 18. 18 OMNI-CHANNEL CUSTOMER EXPERIENCE ● Rise in use of
  19. 19. 19 SCIM 2.0 Custom API 1 SCIM 1.1 Custom API 2 UNIFIED CUSTOMER VIEW App 1 App 2 App 3 https://medium.com/@johann_nallathamby/identity-management-solution-patterns-54f8a3dee4f9
  20. 20. 20 HELP DESK ADMINISTRATION ● Help desk initiated password reset ○ One-time password reset link sent to email ○ One-time passcode send to email address / mobile number to login and reset password ● Customer account management ● Customer impersonation
  21. 21. SECURITY
  22. 22. 22 DYNAMIC ACCESS CONTROL Source: https://www.axiomatics.com/blog/xacml-reference-architecture/
  23. 23. Source: http://www.sid700.nl/securid/rsa-risk-based-authentication 23 IDENTITY ANALYTICS
  24. 24. 24 PASSWORD POLICIES ● Password patterns ● Password history ● Password expiry/rotation
  25. 25. 25 END-TO-END DATA SECURITY ● Security of data during capture ● Security of data in motion ● Security of data at rest ● Security of data when replication ● Security of while reporting and logging
  26. 26. 26 COMPLIANCE ● Regional regulations - E.g. GDPR ● Industry regulations - E.g. HIPAA ● Corporate policies ● Customer preferences
  27. 27. 27 GENERAL DATA PROTECTION REGULATION (GDPR) Privacy Principles Individual’s Rights
  28. 28. ● Consent Lifecycle Management ● Consent Design ● Customer self-managed profile, preference and consent ● Data Access Governance ● Managing Data Residency ● Privacy by design and privacy by default 28 GENERAL DATA PROTECTION REGULATION (GDPR) How CIAM Helps
  29. 29. OTHER REQUIREMENTS
  30. 30. 30 OTHER NON-FUNCTIONAL REQUIREMENTS ● Availability ● Interoperability ● Extensibility
  31. 31. 31 CIAM ECOSYSTEM Source: Fueling Digital Innovation with Customer Identities by Suresh Sridharan, Senior Director of Technology & Product Strategy at Gigya
  32. 32. 32 WSO2 IDENTITY SERVER An open source, hybrid IAM solution to federate identities and secure integrations across both on-premise and cloud service environments
  33. 33. 33 ● 100% open source as opposed to open core ● Freedom to make business decisions free from vendor lock-in, allowing extensibility; enabling customizability; and being completely configurable. ● Unlimited opportunity to download, deploy and test the same version that runs in production at no cost ● Open development process, which customers can observe and provide input into. WHY OPEN SOURCE?
  34. 34. 34 WHY OPEN SOURCE?
  35. 35. OPEN TECHNOLOGY FOR YOUR AGILE DIGITAL BUSINESS THANK YOU

×