CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON

Similar documents
BUYER S GUIDE: CUSTOMER IDENTITY & ACCESS MANAGEMENT (CIAM)

A UNIFIED APPROACH TO DELIVERING EXCEPTIONAL CUSTOMER EXPERIENCES

GETTING CUSTOMER IAM RIGHT

TOP 20 QUESTIONS TO ASK BEFORE SELECTING AN ENTERPRISE IAM VENDOR

E-BOOK SECURITY BY DESIGN HOW IDENTITY HELPS YOU BALANCE SECURITY AND CUSTOMER EXPERIENCE

INTEGRATING PING IDENTITY SOLUTIONS WITH GOOGLE IDENTITY SERVICES

BUYER S GUIDE: MFA BUYER S GUIDE. Evaluating and Getting Started with Multi-factor Authentication Solutions

IDENTITY IS THE CENTER OF OMNICHANNEL SUCCESSFUL BRANDS KNOW THEIR CUSTOMERS AND OPTIMIZE THEIR EXPERIENCE. WHITE PAPER

BUYER S GUIDE: MFA BUYER S GUIDE. Evaluating and getting started with modern MFA solutions

GETTING CUSTOMER IAM RIGHT

BUYER S GUIDE: MFA BUYER S GUIDE. Evaluating and getting started with modern MFA solutions

Identity is the Center of Omnichannel

Do More with Complete Mobile-Cloud Security from MobileIron Access

Identity Management Services

Identity and Access Managementas-a-Service: Protecting Digital Relationships

EXECUTIVE BRIEF Executive Summary HOW TO BALANCE PERSONALIZATION AND PRIVACY FOR OUTSTANDING CUSTOMER EXPERIENCES

SafeNet Authentication Service:

Streamlining Identity Management

Case Study: Broadcom Limited

THE MAROPOST GUIDE TO MARKETING AUTOMATION PLATFORMS

EXECUTIVE SUMMARY CLOUD READINESS. Securing Access to Your Private Cloud

THE FIVE BUILDING BLOCKS OF AN EXCEPTIONAL WEB EXPERIENCE. Your guide to winning the personalization race.

Your Guide to the Identity of Things

Office 365 Adoption eguide. Identity and Mobility Challenges. Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA 94107

WHITEPAPER. Mobile SSO & the Rise of Mobile Authentication

Case Study. How Gemalto s Trust ID Network is revolutionizing self-sovereign digital identities by leveraging R3 s Corda blockchain platform

BEST PRACTICES: 2015 Credit Card Mobile Sites and Apps

IMD Gives Students Easy Access to Executive Education with ForgeRock Access Management

Workspace ONE. Insert Presenter Name. Empowering a Digital Workspace. Insert Presenter Title

Commercialization of the Enterprise. An LDS white paper

Hubspan White Paper: Customer Integration

AND ACCESS MANAGEMENT

GIGYA: Connect, Collect, Convert

An Enterprise Architect s Guide to API Integration for ESB and SOA

The Future of Retail Banking

THE EVOLUTION OF CONSUMER IDENTITY 10 PREDICTIONS FOR 2015

A Retailer s Guide to Getting Omnichannel Customer Service Right

Recipes for Success in Creating Customer Identity. An API Approach To Building the Identity, and Identity Data, Ecosystem

Introduction 2 MARKETINGCLOUD.COM

ADVENT ONE. The Dynamic Demands of IoT in a Connected World

Delight Your Customers with HVAC Field Service Management

A BUYER S GUIDE TO CHOOSING A MOBILE MARKETING PLATFORM

FINACLE SERVICES: API MANAGEMENT USING CA API GATEWAY

8TIPS. for Successful CRM Implementation

Update Your Contact Center Today or Risk Losing Business Tomorrow. A Frost & Sullivan White Paper

UNIVERSAL IDENTITY ENFORCEMENT

GO BEYOND MOBILE DEVICE MANAGEMENT WITH A DIGITAL WORKSPACE WHITE PAPER

The 2015 State of Consumer Privacy & Personalization

SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?

TEXT SURVEY BEST PRACTICES

Yes, You DO Need Visual IVR Frequently Asked Questions

Modern Integration Powers Open Banking

Your guide to omnichannel customer support

EDI. Buyer s Guide. Finding the Best Total Solution for Your Business

Delight your customers. Optimizing customer experience in financial services.

The Growing. How consumer dependence on ratings and reviews continues to evolve Power of Reviews 1

Fairfax Media Adopts SaaS Apps Quickly While Enhancing Security

Reimagine: Healthcare

5 Tips for Improving Collaboration

Aconite Smart Solutions

Your Printers Matter More Than You Think. How Smart Printers Drive Change and Improve Your Bottom Line

Seven Ways to Create an Unbeatable Enterprise Mobility Strategy

CREATE AN API PROGRAM TO DRIVE DIGITAL TRANSFORMATION

Case Study. Overview. Background GUIDEWELL OBJECTIVES

Digital transformation

Case Study: Eurostar

Secure information access is critical & more complex than ever

8 simple steps to offering a superior customer experience

Elastic Path Commerce for Telecoms. A Solution Overview

power up your business DIGITISE YOUR BUSINESS PROCESSES Entry Level

Payments Innovation Alliance Spring 2018 Meeting Recap

SECURE SSO TO OFFICE 365 & OTHER CLOUD APPLICATIONS WITH A CLOUD-BASED AUTHENTICATION SOLUTION

Intelligent Assistants for CX

The Best Solutions for You. The Best Experiences for Them.

EMBEDDING THE PAYMENTS PROCESS: 3 STEPS FOR INTEGRATION AN EBOOK BY

Realize More with the Power of Choice. Microsoft Dynamics ERP and Software-Plus-Services

Extending Access Control to the Cloud

5 Tips for Improving Collaboration

An Introduction to Oracle Identity Management. An Oracle White Paper June 2008

Identity and Access Management

Hubspan White Paper: ecommerce Integration

To win over grocery shoppers, rethink your technology and embrace a unified commerce approach

Reaching Customers Across Multiple Channels

Integrate Powerful Communications into Your Apps and Services

Collaboration Delivering Real Business Outcomes

THE MOBlLE APP. REVOLUTlON. 8 STEPS TO BUlLDING MOBlLE APPS FAST ln THE CLOUD

Reimagine productivity with Microsoft Dynamics 365

10 QUESTIONS TO ASK BEFORE BUYING UNIFIED COMMUNICATIONS AS A SERVICE FOR YOUR BUSINESS

5 Must-Haves to Look for in. Salon and Spa Management Software

THIRD-PARTY REMOTE ACCESS: CHALLENGES FOR ENTERPRISES AND TECHNOLOGY VENDORS

R O EVIE NL 1 INE WS Why They Matter

Mobilize the Customer Journey. Connect every experience with Salesforce

DIGITAL TRANSFORMATION PART 3: BUILDING A MOBILE FOUNDATION TO DRIVE DIGITAL TRANSFORMATION

Liberty Alliance Project: Impact on Web Services Application Architectures

BBM Enterprise SDK CPaaS (Communications Platform as a Service) Build Powerful Communications Experiences, Safely and Securely

Making a cloud and mobile-first world more secure for customers

Optimizing Active Directory to Better Suit a Hybrid Environment. Gary Savarino Solution Consultant Active Directory Subject Matter Expert

WHITEPAPER ANSWERS ARE FINE, RESOLUTIONS ARE BETTER. by Dave Morfas, Product Marketing Manager.

Planning and Implementing Enterprise Identity Management: Why we did it, what we did, and how we did it

Transcription:

E-BOOK CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON (BUT IT DOESN T END THERE)

03 ANSWERING HIGH EXPECTATIONS WITH CUSTOMER SSO 05 EXCEED EXPECTATIONS WITH CUSTOMER SSO 07 SSO IS WINNING THE CUSTOMER EXPERIENCE BATTLE TABLE OF CONTENTS 10 12 TODAY S STANDARDS & WHY THEY MATTER SSO AND YOUR MOBILE CUSTOMERS 15 STEP-UP AUTHENTICATION 17 CIAM SOLUTIONS GO BEYOND SSO

ANSWERING HIGH EXPECTATIONS WITH CUSTOMER SSO

ANSWERING HIGH EXPECTATIONS WITH CUSTOMER SSO CUSTOMER EXPECTATIONS ARE HIGHER THAN THEY VE EVER BEEN. This is true not only as it relates to the quality and relevance of products and services, but also for the quality and relevance of your customers experience with your brand. They expect secure, seamless and consistent interactions, regardless of the channel or application they re using. Authentication is an easy place to fall short, since your customers have to sign on and authenticate every time they interact with your digital properties. If a customer has to create and remember multiple login credentials to access the various channels, applications or services you offer, they ll quickly get frustrated. Many companies begin their customer identity and access management (customer IAM or CIAM) journey by providing single-sign on (SSO). Single sign-on is a great first step and critical to making your customers authentication experience as convenient as possible. But SSO is just one small piece of the puzzle. Your enterprise will likely outgrow the need to only provide SSO to in-house applications. As you integrate with more and more internal and third-party apps, you ll quickly find that managing access on your own is no longer realistic and hinders your speed to market. Implementing a federated SSO solution allows you to accelerate new offerings, while also delivering consistent and secure experiences to your customers. The Ping Identity Platform does this and more with its standards-based, customer IAM platform. E-BOOK CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON 4

EXCEED EXPECTATIONS WITH CUSTOMER SSO

EXCEED EXPECTATIONS WITH CUSTOMER SSO SSO DRIVES CUSTOMER EXPERIENCE & REVENUE Eliminating the need for repeated user sign-ons is one of the top reasons to implement a customer IAM platform. SSO increases user satisfaction and enhances security by eliminating password sprawl. It can also have a direct impact on improving the customer experience and driving revenue, according to Ping Identity Platform users. FASTER TIME TO MARKET FOLLOWING M&A ACTIVITY Many Ping Identity customers mention the ability to more quickly deploy revenuegenerating applications following mergers and acquisitions. One customer says: If we have an application serviced by an external INCREMENTAL REVENUE FROM IMPROVED CUSTOMER ENROLLMENT RATES The Ping Identity Platform offers federated SSO, as well as many other customerspecific identity management capabilities. Leading enterprises praise its ability to enable more seamless enrollment into customer-facing applications. One Ping customer explains: third party, we can integrate the application using Ping, so the customer never knows that there s a third party involved, and the interface has the look and feel consistent with the rest of our website. This would be extremely challenging to do in-house on our own. We re a diversified company and have certain applications for which it would be unacceptable for the customer to fill out their information every time they wanted to initiate access to a specific product or service. We couldn t make our customers re-enter that information every time. With Ping, we ve been able to quickly integrate applications. Several customers called out the ability to quickly integrate and then whitelabel applications with revenue impact as a notable benefit of the Ping Identity Platform. For example, an enterprise can align with a business partner to offer services under a revenue-sharing arrangement, while maintaining its branding on the product. Other customers noted that integrating customer enrollment applications enabled them to decrease their sales cycle. E-BOOK CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON 6

SSO IS WINNING THE CUSTOMER EXPERIENCE BATTLE

SSO IS WINNING THE CUSTOMER EXPERIENCE BATTLE In this age when customer experience is king, customer IAM is critical. If your customers can t easily register, sign on for services or conduct transactions, then it really doesn t matter how your website, mobile app, services or support channels are built. And if your customers aren t satisfied with their interactions with your brand across channels, they can and will move on to your competition. If there s one thing customers hate it s managing passwords. The fatigue of trying to remember dozens of login credentials can lead customers to write passwords down, reuse passwords across multiple sites and take part in other insecure practices. Aside from this all-too-common reality, relying on passwords alone can also increase your abandonment rates, leading to lost revenue. There s a real possibility your customers may not complete transactions if they can t remember their login password. Or they may not register at all if they don t want to create yet another password they ll have to remember. This is where federated SSO really shines. It plays a critical role in delivering a seamless authentication experience across all of your digital properties. It can even include features like social login that allow your customers to leverage their credentials from sites like Facebook and Google. Providing these capabilities for your customers speaks volumes. It says you want to make things simple, convenient and secure. That makes for happy customers. On the other hand, not investing in customer IAM and federated SSO can jeopardize your relationship with your customers. Their tolerance for clunky, disjointed experiences is dwindling as more and more companies including your competitors are providing the seamless experiences customers expect. By not providing federated SSO, you may be sending the unintended message that the customer experience isn t important to you and unwittingly aiding those same competitors. E-BOOK CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON 8

SSO IS WINNING THE CUSTOMER EXPERIENCE BATTLE BASIC SSO Commonly known as password replay, basic SSO is based on two concepts. The first is password vaulting. This is the storage of the user s password in a directory or password vault, that s usually cloud-based. It s risky, because if that vault is ever compromised, all of the passwords become vulnerable, even if they re encrypted. FEDERATED SSO Federation is the ability for a user to authenticate (or prove they are who they say they are) just once, and then use that authenticated session to access all of the applications they re authorized to use. For federation to work, a trust relationship between an organization and an external third party, such as an application vendor or partner, must be established through standard protocols. The second concept is password replay, where passwords are retrieved from the vault and replayed to the web application. While convenient, this approach isn t as secure as federated SSO. Keeping the passwords synchronized across all of the applications can be problematic and expensive, particularly when manual password resets are involved. Plus, the practice of password reuse is still possible, presenting additional security risk. This method has one critical advantage over password replay. Rather than storing and forwarding many usernames and passwords, federated SSO replaces passwords with signed assertions or tokens. Using identity standards, like Security Assertion Markup Language (SAML), OAuth, OpenID Connect and SCIM, federation allows for the secure transmission of user access and provisioning information. This safeguards web and mobile applications, as well as the APIs that support them. E-BOOK CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON 9

TODAY S STANDARDS AND WHY THEY MATTER

TODAY S STANDARDS & WHY THEY MATTER Identity federation standards are an essential part of implementing scalable and secure federated identity across an organization. Not only do they reduce the integration efforts between multiple organizations when sharing applications and data, but they also bring security to any device, browser or client that s accessing information from applications. For this reason, embracing standards is also key to reducing time-to-market for new applications. Each standard uses a different approach to sharing and managing customer identity data, scopes, credentials and more. So your CIAM solution should provide support for multiple standards, including: SCIM The System for Cross-domain Identity Management was developed in 2011, using modern protocols like REST and JSON in order to reduce complexity and provide a more straightforward approach to user management. The adoption of SCIM allows easier, more powerful and standardized communication between identity data stores. SAML SAML is an open XML standard for exchanging authentication and authorization of data between an identity provider and a service provider. It enables federation so that organizations can safely share identity information across domains. OAUTH 2.0 OAuth 2.0 is the industry-leading standard for enabling access to APIs. Simply put, it s a standard framework that allows an application to securely access resources on behalf of the user without requiring their password. This open authorization also lets the user understand what kinds of access and information the application is requesting, and then provide consent. OPENID CONNECT OpenID Connect adds an identity layer to OAuth 2.0 and simplifies existing federation specifications. It enables identity federation, as well as delegated authorization, and it includes other features and mechanisms that enhance dynamic interoperability. E-BOOK CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON 11

SSO AND YOUR MOBILE CUSTOMERS

SSO AND YOUR MOBILE CUSTOMERS When addressing customer experience, you must consider the mobile experience, too. Customers expect to do more and more with their mobile devices including making purchases and other revenue-generating activities. They don t want to fuss with remembering passwords and won t tolerate clunky login procedures. And regardless of how many separate development teams it took you to develop your mobile app and other digital properties, your customers expect their authentication experiences to be consistent across all of them. WORLDWIDE MOBILE APP REVENUES IN 2015, 2016 AND 2020 (IN BILLION U.S. DOLLARS) To be relevant in a mobile channel requires speed. People immediately reach for their phones when they want something and expect immediate gratification. If you provide a fluid, seamless and secure user experience with SSO, customer engagement is yours for the taking. But if your mobile authentication experience is poor or different from that of your other channels, your customers won t stick around. It s that simple. High-profile retailers, like Wawa, Starbucks and Chick-fil-A, say that the SSO capability in their customer IAM solutions is critical to providing a good mobile experience and driving increased customer engagement. These leaders are paving the way with best practices for SSO mobility. Source: Statista E-BOOK CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON 13

SSO AND YOUR MOBILE CUSTOMERS Before they launched their mobile app, Wawa had primarily one-sided communication with its customers. As a top convenience retailer, Wawa worked hard to ensure that convenience translated to its mobile application; multiple sign-ons were not an option. While the initial rollout goal was 350,000 users, the end goal is 2 million fully engaged WAWA: A (MOBILE) CUSTOMER SSO SUCCESS Wawa is a 100-year-old, $9.3 billion convenience store retailer on the East Coast who decided to meet its customers where they are on the road in search of gasoline and snacks. Eric Barnes, Wawa s applications manager, says that customers had been asking for a loyalty program and a more convenient way to pay for purchases. A mobile app was just the ticket, but it had to be easy to use. We have a very strong customer following. With mobile engagement, we wanted to interact with customers on a more personal level and give them more capabilities, including the ability to check gas prices and find the nearest Wawa. - ERIC BARNES, Wawa Application Manager mobile customers. We needed to make sure there was a simple authentication method, basically some sort of user ID and password, with [federated] tokens, so users don t have to always sign on to the app, says Barnes. For example, if a user just wants to jump on to find a store location, no sign-on is necessary. But if they want to add a credit card or change information in their profile, there s a secure yet seamless method for that. As consumers use all the different features, they are constantly authenticated back within the application. The user has one set of credentials and signs on to the app just once. But on the back end, the CIAM solution manages multiple credentials, including those from third parties, like Wawa s loyalty program provider. We have ease of use, single sign-on for the front end of the customer. And it s very fast in responding, says Barnes. For Wawa, customer SSO is the very foundation of an engaging mobile experience. E-BOOK CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON 14

STEP-UP AUTHENTICATION

STEP-UP AUTHENTICATION STEP-UP AUTHENTICATION BALANCES SECURITY WITH CONVENIENCE Multi-factor authentication (MFA) and federated SSO go hand-in-hand in delivering an optimal user experience. To provide the simplest experience with the least amount of friction, many leading digital businesses utilize social login or require a username and password as a first means of authentication. This is a great entry point for access to lowrisk applications, services and activities. As the customer moves along their journey, adaptive authentication offers a way to evaluate the risk associated with additional interactions and step up authentication only when needed. Adaptive authentication uses data points like IP addresses, geolocation, transaction details, risk-based authentication (RBA) and other behavior patterns to determine the level of risk. Then, it matches that level of risk to the level of assurance attained during authentication. A username and password may have a low level of assurance, while MFA may yield a higher level of assurance. Furthermore, authenticating via SMS has been deemed insecure by the National Institute of Standards and Technology (NIST), as SMS messages can easily be intercepted by hackers. When providing MFA for customers, it s most desirable to offer a solution embedded into your own mobile application. This is not only secure and on brand, but it also adds value to your mobile app by turning it into a secure additional factor. Going a step further and using contextual, adaptive authentication with multi-factor authentication helps to mitigate risk without inconveniencing customers, providing the optimal balance between security and customer experience. For example, if a customer signs on to an investment application to simply browse public stock information, their credentials alone may be enough to get them access. However, if they attempt to sell or purchase stock, that riskier transaction can trigger a requirement for MFA to attain a higher level of assurance about the user s identity. If they then try to sell another stock a few minutes later and from the same device, MFA likely won t be required because that higher level of assurance will still exist. This is just one example, but it illustrates how adaptive authentication allows you to selectively step-up authentication using a risk-based approach. Selecting what MFA method/s to offer is an important decision. For customers, standard MFA simply won t work. Customers aren t willing to download a third-party MFA application. E-BOOK CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON 16

CIAM SOLUTIONS GO BEYOND SSO

CIAM SOLUTIONS GO BEYOND SSO As crucial as SSO is to your customer experience, it s only the first step. Your customer expectations for a secure and seamless experience extend well beyond their initial sign on. If your customers update a preference or detail on one channel, they expect it to apply or be accessible to any other channel. You accomplish this through a unified customer profile. Purpose-built customer IAM solutions can work with your enterprise s existing infrastructure to help you create a secure, scalable unified profile through bidirectional synchronizations and migrations of your existing customer data. Your customer data also needs to be secured from authentication to the data layer. You must provide a convenient and secure MFA solution for customers that doesn t require them to download a third-party app, because they usually won t. You must also secure access to resources, encrypting customer data end to end and providing other security capabilities to protect your customer data and prevent breaches. Aside from allowing you to deliver an exceptional customer experience, CIAM facilitates your ability to meet the requirements of increasingly diverse privacy regulations. A modern solution will provide attribute-by-attribute data access governance, enforcing customer consent and giving customers control over and insight into who their data is being shared with. It will also be flexible to address the scale and performance requirements needed to support thousands or millions of users, while providing the flexibility to support changing and unpredictable user behaviors. All of these customer IAM capabilities are critical for today s customer-facing enterprises and can help ensure your competitive advantage for years to come. To learn more about CIAM solutions, read our Ultimate Guide to Customer IAM. E-BOOK CUSTOMER ENGAGEMENT STARTS WITH SINGLE SIGN-ON 18 Ping Identity envisions a digital world powered by identity. As the identity security company, we simplify how the world s largest organizations prevent security breaches, increase employee and partner productivity and provide personalized customer experiences. Enterprises choose Ping for our identity expertise, open standards leadership, partnership with companies like Microsoft, Amazon and Google, and collaboration with customers like Boeing, Cisco, Disney, GE, Kraft Foods, Walgreens and over half of the Fortune 100. Visit pingidentity.com. #3005 08.17 v01

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback