Companies are continually adopting new digital technologies to increase operational agility and add value for their customers. This means that core business processes must also adapt to different customer, employee, and partner segments. Likewise, there is a requisite adjustment period to new hosting models and devices to ensure secure access to systems and applications. This results in a more robust and defined Digital Identity adapted to the context and needs of the user. Therefore, Adaptive Digital Identity will be so important for companies as digitization becomes more prevalent.
Aspects to consider about Digital Identity
A user’s Digital Identity constitutes a Unique Digital ID marker within a defined environment of services and applications. This concept is fundamental to drive omnichannel experiences, although it can also support other aspects of any business:
Encouraging the use of applications and services in a secure way
Enabling more security around sensitive resources and information
Easier access to systems all up and down the hierarchy and marketing funnel
Now that we know how important a specific and robust Digital Identity is in today’s market, this is what must be considered while one is being built:
Synergy with a company’s legacy and values
High consideration of the customer experience (for example, password recover experience)
Tough and constantly improving security around internal access
The Digital Identity lifecycle
Like any other digital asset, Digital Identity has a lifecycle that is divided into several phases:
Provisioning – The first step will always be to create or provision this identity and incorporating it with all user touchpoints (for example, a single sign-on portal for all employees to access relevant applications and processes in a company)
Changes & Evolution – Each user’s access permissions, and therefore, their Digital Identity, changes as their relationship with the company grows (job or department changes, promotions, organizational changes, etc.)
Deprovisioning – When a user ends their relationship with the company, deprovisioning becomes necessary for security purposes, ensuring relevant credentials cannot be reused. This process looks different based on whether you’re dealing with an employee or end customer. The two variations are called IAM and CIAM.
IAM: When a new employee joins the company, user registration is generally automated, powered by a specific tool of the company’s Human Resources Department. From that registration comes the build of the user’s Digital Identity and appropriate credentials.
CIAM: When it comes to users or end customers, the relevant process is what we call onboarding (for example, a user who signs up for a service to make a contract). Although there are common tools for employees, the biggest differences are in the initial or provisioning phase.
Main trends in Digital Identity
There are six main trends in the field of Digital Identity:
Rise of biometric technologies (facial recognition, fingerprint, etc.). This type of technology is already widespread and available on most mobile devices
Centralization of user identity or Single Identity. There is a tendency to create single repositories fed by different sources or establish a hierarchy between different warehouses to identify the user even if their data comes from different origins
Performing risk analysis based on the end customer’s behavior and interaction with the services. In other words, the user’s usual behavior can be profiled to generate alerts if it is out of the ordinary (for example, if it is an unusual schedule, a location far away from their usual location or an unfamiliar device)
SaaS concept applied to identity. Identity-as-a-Service providers are advancing significantly. They can be a very good option for some companies, taking advantage of a SaaS model’s benefits.
Artificial Intelligence applied to identity. AI continues to drive the identity verification industry, and it can help take stronger security measures by mitigating fraud in the early stages of verification processes
One final trend: Adaptive Digital Identity.
The seventh trend, and one of the most relevant within the Digital Identity arena, is the emergence of the concept of “Adaptive Digital Identity.” This refers to the ability to vary a user’s interaction with the identification system to access a service based on definable parameters (context, preferences, risk level, etc.). Therefore, it must be possible to program this adaptability to define behavior based on parameters. In fact, in many cases it will be the user himself who decides and configures which authentication systems he prefers.
Even today, the logic of many authentication systems is programmed within the application itself. When introducing a new biometric method, multi-factor authentication, or a context analysis, this can be a problem. In these cases, if the logic is inside the application, the application will need to be recoded, and therefore, the product becomes more expensive and more challenging to maintain. This is something to be avoided at all costs since it is a brake on innovation, as mentioned above. It will be an obvious security problem in the medium term, given the difficulty of updating it.
The concept of Adaptive Digital Identity can make a number of processes much more painless, leading to improved user experience, innovation, and increased internal efficiency. However, as with any new concept, there are still challenges to overcome when considering proper implementation. To wit, solutions with a new approach to identity will be necessary to make this Adaptive Digital Identity a reality. In a future article, we will try to define these challenges, what needs companies have and how we can provide the best and most efficient solution.