September 2019 - Blockchain | Identity Management

How to Manage Customer Digital Identities – What’s the Best Way?

Volker Zinser from Ubisecure looks at how best to implement customer ID management sustainably and how to leverage the process for greater business success.

How to Manage Customer Digital Identities - What’s the Best Way?

© marchmeena29 |

It’s no secret that a great customer experience is a competitive advantage for any business. And effectively managing customer identities online is an integral part of this. So let’s look at how best to implement ID management sustainably and how to leverage the process for greater business success.

Use an IAM system that is purpose-built for external identities, not a legacy internal system

If your organization has an Identity and Access Management (IAM) system in place for managing internal employee identities, you may be wondering whether the same system can be used for your customer- (or other external, e.g. partner-) facing applications. After all, you’re still identifying people online.

However, these internal IAM solutions have been mostly developed with just security in mind, with less regard to intuitive usability, scalability, and performance – all key components of successful customer experience.

A Customer Identity and Access Management (CIAM) system extends far beyond internal IAM solutions, in terms of both functionality and usability. While specific features and configuration will depend on a company’s requirements and the service provided, those who capitalize on the potential of CIAM can deliver requested services accurately, at the right time, and through the most appropriate medium.

The power of choice for individuals

Customers want control over how they verify their identity online – give them authentication options and you’re onto a winner. Depending on the sensitivity of the data you store, you can offer log in options from password and social sign-on, to biometrics and OTPs.

The best method is to allow the customer to ‘Bring Your Own Identity (BYOID)’, which means using a set of third-party credentials they already own (e.g. a bank ID) as opposed to creating yet another identity that they have to remember (like a username and password). Preferred third-party IDs will change between geographic areas and generations etc., but a good CIAM system will allow you to offer options here.

Compliance with regulation

Global regulations around data security and privacy are increasingly becoming central cost and risk drivers for companies, and attempts to tackle these developments with standard registration and data management technologies that were not built to meet today’s demands are ending in failure.

To meet all requirements of new regulations, companies must adopt point solutions that manage their own identities, implement their own approach to the user experience, and exist separately from other systems. 

Make use of data

With user-generated profiles and content, you’re sitting on a pile of data. With data now continually touted as the world’s most valuable resource, don’t let it go to waste!

As data is collected through different channels, it often gets stuck in different silos within the organization. This makes it impossible to create consistent overall user profiles, and results in customers having to repeatedly enter information in various areas. There is also no guarantee that they will be able to give their explicit consent as to what data may be collected about them and how it may be used. 

The analysis of data for non-technical decision makers and the integration of this information into existing marketing and business systems also weigh heavily on the IT department. A cloud-based or on-premise CIAM platform can act as a link between IT, marketing, and sales and have a major impact on the company's success.

Stay ahead of trends

Staying ahead of digital identity trends will ensure you’re not outperformed by the competition. Let’s look at three important ones to watch out for in 2020.

1. Threat of biometric data theft

There is no need for the presence of the physical person if their biometric data files are stolen. Theoretically, there are millions of those fingerprints that are now permanently compromised. It’s time to rethink the usefulness of biometric data, as it may provide a false sense of security that is not warranted for network-wide deployment.

2. Blockchain and self-sovereign identity

Blockchain technology applied to identity and access management attempts to address the problems with maintaining identification information in a centralized system. As demonstrated with known breaches of biometric databases, having all the identification information in the hands of a third-party creates the risk that they will not adequately protect the information.

This ties into the concept of self-sovereign identity – the idea that the identity information of a person is their own property that only they should control.

One proposal is to use blockchain technology to encrypt data in a decentralized distributed network, and to create a smart contract-based IAM system that allows users to control their identities and associate them with certain attributes in order to achieve the goal of self-sovereign identity.

3. Context-based identity and artificial intelligence

Context-based identity management correlates data about an individual user that is relevant for the identity being authenticated. AI-based machine learning systems can get to know a person so well that all the data collected about them, combined with multi-factor authentication, will securely identify most people.


Customer experience begins and ends with effective digital identity management. One of the first steps to building a seamless and secure user journey is to invest in a CIAM system (not your existing internal IAM system) that suits your current and potential future needs. It should be flexible enough to scale with your business and adapt to future trends.


Volker Zinser has 20+ years of experience in the IT Security business. He is currently leading Ubisecure's growth phase in the DACH region, which began in 2019. Prior to joining Ubisecure, he served as Director of Sales, Cyber Security Solutions at CA Technologies.


Please note: The opinions expressed in Industry Insights published by dotmagazine are the author’s own and do not reflect the view of the publisher, eco – Association of the Internet Industry.