Digital identity management in business

Digital identity management is an important part of any business, so what does a successful digital transformation look like?

What is a digital identity?

When we interact with online services, applications, or retail sites, we need to represent ourselves in a secure and transparent manner. Your digital identity is really just a collection of attributes that help to make up that relationship between ourselves and the service provider, by allowing us to share just enough information in order to complete a transaction or access information.

The most obvious types data in a digital identity are things like personal information (name, address), demographic information (age, marital status), health data (ongoing medical conditions, history), and financial information (bank account details, credit history etc.).

However, in many cases it can also consist of observed behavioural information such as shopping habits, social media usage, or personal interests, the location you're accessing the service from or the specific device you're using.

Digital identity management in business is changing

Historically, identity management was often focused on internal users – those users that a business can control – be it employees, contractors, or those within the supply chain. Identity was about ensuring these users had the correct levels of access needed to perform their jobs. There was a security and automation driver for example, for compliance purposes if the business was within the financial services sector for example. The number of users being managed was typically small – rarely above 100,000, but the interactions, workflows and use cases were often quite complex and intricate.

Today however, the ability to understand and harness the power of external digital identity is pivotal to effective digital transformation. Those who achieve it are able to deliver what customers want, when they want it, through the medium most suitable to them. But achieving this goal requires a consistent, clear, and secure identity management strategy that brings the customer to the centre, rather than IT concerns.

Businesses are now focusing on external user-centric identity platforms that provide the tools to build comprehensive customer profiles across multiple channels.

The main focus is bringing the external users closer to their business – increasing engagement, personalising content, providing simple and secure sign-up and sign-in services, in order to drive revenue or improve user satisfaction.

In doing so, they can develop a digital picture of each customer and their habits, helping to guide the development of new, more meaningful products and services. As a result, customers receive instantaneous, relevant delivery of digital and physical services. Importantly, they also benefit from intelligent security, based on dynamic characteristics such as location, device, time of day and familiarity.

Effective digital transformation

Effective digital transformation means transforming the way a business interacts with its customers, by providing personalised interactions and security for millions of users on devices, in the cloud, via mobile, and across the Internet of Things (IoT).

Scalable and flexible digital identity ecosystems are a critical component of this transformation. These systems identify the needs and wants of users, providing them with the personalised experience they have come to expect in the 21st Century.

Ultimately we're seeing organisations – be it bank branches, insurance brokers, government offices – moving from delivering content physically to delivering that content digitally, across a range of channels.

What if our current approach to identity management isn’t working?

There are several symptoms that may indicate an organisation needs to rethink its approach to identity management. An identity strategy that is too inwardly focused or leveraging home grown solutions that no longer scale, will prove ineffective for an organisation in the long run, as will multiple siloes within the organisation not sharing or collaborating on user data effectively.

A poor end-user experience – exacerbated by IoT and growing number of devices/platforms – would cause further detriment and should prompt an organisation to consider the ways in which it utilises an identity management platform. All of this, of course, should be considered with the ongoing need for better data security and user privacy.

How an effective strategy can change this

An effective customer Identity and Access Management (cIAM) strategy will work for a multitude of different use cases from user profile management, privacy, and data sharing, to managing personal preferences and identity storage.

An effective solution will provide a wide platform of features, delivered via modular services and accessible using modern and rapid deployment approaches. This approach can provide near instant ROI when it comes to customer and device identity management.

What can we do to better protect customer information?

Organisations need to understand is that behind every online identity and digital profile is an actual human being. As such, they need to start thinking about how to give their customers more control over their personal data in order to form trusted digital relationships.

This is even more time-sensitive for U.S.-based enterprises and government organisations with ties to Europe. The European Parliament will soon enact the General Data Protection Regulation (GDPR), which requires companies to give customers the right to better direct their privacy and data protection.

What's more, the reform includes a clause that sets a high bar for individual consent: organisations must give customers the genuine and free choice to accept and approve, or refuse and withdraw their consent.

The role of privacy

Privacy could certainly become a far more important commercial driver. Data gathering has become central to many businesses, but not everyone wants to share a multitude of private and personal details just to sign up for a service of even just buy a gadget or pair of boots. As a result, companies that aren’t so intrusive may well gain a competitive advantage.

For instance, say you were choosing between two very similar products at similar prices. Option one requires you to disclose your name, telephone number, email address, and home address. Option two only requires your name and email address. You may well choose option two in these circumstances – purely for the benefit of privacy.

Mike Ellis, CEO of ForgeRock

Image Credit: Shutterstock/Den Rise