UBISECURE CUSTOMER SURVEY ORGANISATIONAL VIEWS ON: STRONG CUSTOMER AUTHENTICATION, CUSTOMER EXPERIENCE & GDPR

Transcription

1 UBISECURE CUSTOMER SURVEY ORGANISATIONAL VIEWS ON: STRONG CUSTOMER AUTHENTICATION, CUSTOMER EXPERIENCE & GDPR SURVEY REPORT Connecting Identity. Transforming Digital Business.

2 INTRODUCTION Online services, applications, need to authenticate their users properly. Authentication is a process where the identity of the visitor is established. In an optimal situation this identity will travel with the user both within the application and can be transferred to another application through technology called federation. In a survey conducted by Ubisecure in August 2017, 5 different claims were presented, and the respondents were asked to indicate if they disagreed or agreed with the statements. A range of 1 to 5 was used, 1 indicating complete disagreement and 5 indicating total agreement. The 5 claims were related to 3 themes: Strong (customer) authentication (1 claim) Customer experience (2 claims) GDPR (2 claims) Answers were collected from representatives of companies from different verticals and sizes. The respondents represented different roles from technical to business (of online services). The respondents were familiar with the concepts of customer identity and access management through deployment experience, running and integrating CIAM to their services or investigating CIAM solutions for their services. Majority of the responses were collected during an event arranged by Ubisecure. Additional responses were collected through an anonymous online survey form in August. 2 info@ubisecure.com

3 STRONG AUTHENTICATION Perhaps the most unanimous response came to the claim on strong (customer) authentication from the respondents. The respondents mostly operate in the Scandinavian and Baltic markets with a few truly multinational respondents. In the Scandinavian region bank and mobile network operator based digital identities have been in use for over a decade and citizens are well accustomed to using strong, third party issued digital identities across a wide array of online services. The strong response is also understandable when we consider the reporting of breaches and large-scale identity thefts and the roles of the respondents. In most cases it is their job to make the life of a customer easier and at the same time make sure their information is properly protected. 64% of the respondents completely agreed and 32% somewhat agreed with the statement, leaving only 4% to be neutral about the claim. Strong customer authentication will grow in importance Strong customer authentication will grow in importance % % 3 info@ubisecure.com

4 CUSTOMER EXPERIENCE To evaluate customer experience two claims were presented. The first one is not directly related to customer experience but tries to get feedback from existing and future CIAM deployments about their experience or assumptions. The second claim is obvious. However, there are subtle differences between the claims as the first one is stronger and calls for a more definite answer. The second claim leaves room for interpretation as customer experience itself is a subjective matter. In the claim about cost savings 35% of the respondents completely agreed and 5 somewhat agreed. 11% felt neutral and 4% somewhat disagreed. IAM-solutions enable / have enabled cost savings in customer service with self-service workflows 10 IAM-solutions enable / have enabled cost savings in customer service with selfservice workflows 75% 5 33% 49% 25% 15% 3% Responses about user experience followed a similar pattern with 54% completely agreeing and 32% somewhat agreeing. 14% responses were neutral. None of the respondents disagreed with the claim. 4 info@ubisecure.com

5 An IAM-solution can improve customer experience 10 An IAM-solution can improve customer experience 75% 5 44% 41% 25% 15% 5 info@ubisecure.com

6 GDPR Perhaps the greatest surprise out of the survey became when analysing the responses to the two following claims; The first one is a claim regularly presented by the EU. It is one of the so called selling points of the regulation. The second question is a truly strong one with the word impossible. GDPR is mostly about the processes of an organisation and only partly technology. However, the companies responding to the survey all have a wide array of online services and businesses for both consumer and business customers, and they all have their respective GDPR projects ongoing. The respondents were aware of the regulation and the role CIAM plays in the picture. For the trust question 15% completely agreed and 44% somewhat agreed. 37% felt neutral about the claim and 4 % somewhat disagreed. GDPR will improve customers trust towards online services 10 GDPR will improve customers trust towards online services 75% 5 42% 42% 25% 13% 3% Now for the bombshell. Out of the respondents 15% and 33% completely or somewhat agreed that it s impossible to achieve GDPR compliance without a centralised IAM solution. 33% felt neutral about the claim. 15% somewhat disagreed and 4% completely disagreed. 6 info@ubisecure.com

7 It will be impossible to reach GDPR compliance without a centralised identity management solution (one customer identity to all services and channels) 10 75% It will be impossible to reach GDPR compliance without a centralised identity management solution (one customer identity to all services and channels) 5 34% 32% 25% 16% 11% 8% 7 info@ubisecure.com

8 CONCLUSIONS Social identities are handled here as a separate category, even though most of them are based on passwords. The reason is that social identities fall into the category of 3rd party identities. The identity Although the survey was very short it does give us information about the usefulness of Customer IAM. Considering that the majority of the respondents were familiar with the technology itself and had direct experiences or good understanding of the capabilities CIAM can deliver, we can safely state that CIAM solutions clearly Allow for cost savings and improve customer experience Need to support a wide variety of authentication mechanisms, especially strong authentication methods Help organisations on their path towards GDPR compliance, in almost half of the cases making possible instead of impossible 8 info@ubisecure.com

9 Ubisecure is a pioneering European b2b and b2c Customer Identity & Access Management (CIAM) software provider and cloud identity services enabler dedicated to helping its customers realise the true potential of digital business. Ubisecure provides a powerful Identity Platform to connect customer digital identities with customerfacing SaaS and enterprise applications in the cloud and on-premise. The platform consists of productised CIAM middleware and API tooling to help connect and enrich strong identity profiles; manage identity usage, authorisation and progressive authentication policies; secure and consolidate identity, privacy and consent data; and streamline identity based workflows and decision delegations. Uniquely, Ubisecure s Identity Platform connects digital services and Identity Providers, such as social networks, mobile networks, banks and Governments, to allow Service Providers to use rich, verified identities to create frictionless login, registration and customer engagement while improving privacy and consent around personal data sharing to meet requirements such as GDPR and PSD2. Ubisecure is accredited by the Global Legal Entity Identifier Foundation (GLEIF) to issue Legal Entity Identifiers (LEI) under its RapidLEI brand, a cloud-based service that automates the LEI lifecycle to deliver LEIs quickly and easily. The company has offices in London and Finland. To learn more about Customer IAM and Company Identity solutions visit or contact us at sales-team@ubisecure.com 9 info@ubisecure.com