In the delivery of IT services to large customer (B2C) communities the challenges for identifying users, securing their access and managing the ongoing digital relationship that a customer has with the business are continually evolving.
Market drivers today mean that Identity and Access Management (IAM) solutions need to fulfill more than their traditional role of establishing security controls and meeting compliance obligations alone. New IAM solutions must satisfy a broad range of delivery criteria and support the business in driving more value from the customer relationship. For example a common set of success criteria for an IAM solution in a B2C context may now require that it satisfy the following wider set of business-oriented goals
1. Improve the customer experience.
Simplify the journey that a customer undertakes when interacting with digital services. Provide access to multiple services through a single consistent identity and interactive experience
2. Enable revenue growth and enhance business agility.
Support business goals to return more value from online services by enabling the delivery of intelligent and personalised user content. Also support the competitive goals of the organisation by enabling the rapid rollout of new and improved services to wider audiences.
3. Improve operational efficiency and enable consolidation.
Support the assimilation of disparate service operations under a single centralised service. Reduce workloads for support and operational teams by providing improved and more secure administrative functions alongside customer self-care facilities
4. Build for the future.
Provide a flexible foundation for the delivery of additional customer services and related IAM functions in the future. Avoid service delivery lock-in and promote best-of-breed framework based technology models that can adapt and grow as requirements and markets evolve without the need for significant infrastructure upheaval or customer impact. Provide a platform that is fully scalable for anticipated future demand.
Additionally B2C service providers need to recognise and react to other key forces that are shaping IT delivery processes today.
These include the increasing adoption of cloud-based services and Software-as-a-Service (SaaS) delivery models, the rise and rise of social media services (recognising their increasing influence on the commercial world), and the use of advanced mobile computing for application and service access. While each of these areas is fundamentally impacting how IAM solutions for B2C are implemented each also provides unique opportunities for service providers to lean on IAM to realise more business value from the digital experiences they provide.
In reacting to these challenges IAM vendors and systems integrators must carefully evaluate how their solutions are designed and deployed within any B2C environment. The most successful approaches today are built around three core areas of focus – these being:
Business process integration – Ensuring that identity and access are aligned to business processes and that it can adapt as business requirements change
User experience management – Ensuring that a first class user experience is delivered for all system touch points. Actively promoting the use of new identity and access services to drive new business value
Technical integration
- Building the informa
tion flows between directories, databases, applications, and systems (both onsite and cloud-based) that ensure identity and access controls can be enforced across a heterogeneous estate.
Through adopting these principles solution providers may exploit a set of best-practice IAM user journeys for common B2C scenarios. Examples of the type of functions that an optimised IAM service for B2C would provide are shown in the table below:
| B2C IAM Function | Example |
| User migration | Migrate details of existing customers from legacy systems to new service platforms, while providing a seamless integration and customer experience at login time. |
| User registration | Register new online customers through the provision of clear, efficient, and simply orchestrated user journeys. |
| User authentication | Verify the identity of a user through mechanisms that are commensurate with the risk that is associated for the transaction being executed. |
| User self-care | Provide services to allow users to reset their personal password. Allow forgotten user IDs to be retrieved through completion of the security Q&A process and a link to a previously registered details. Also allow authenticated users to update their personal account details. |
| User administration | Provide central identity administration interfaces and support a single view of the customer. |
| User experience management | Provide an interface that shows content that is branded and personalised in a manner that is appropriate for the user accessing the system. Support for different national languages and brand variations as required. |
| Identity and Access Intelligence | Integrate user identity/tracking services with existing enterprise services for Business Intelligence. Provide identity and access insight that supports the business in making better decisions regarding the provision of future services. |
At Pirean we are continually working with our customers on innovations that ensure that business objectives for B2C can be better enabled through the solutions we deliver. You can find out more about our approach to enabling B2C solutions with IAM through our recent IBM Redguide publication . The guide describes our solution approach to IAM for B2C, built on the Pirean Access: One framework and provides a detailed view to help the reader to: learn how Identity and Access Management solutions can help organizations deliver better services to more customers; ynderstand approaches for optimising the user experience and integrating with business and technical processes; gain insight into real world Identity and Access Management solutions for B2C.
Colin Miles is CTO of Pirean
