Latest News

Prabath Siriwardena: Four Customer Identity and Access Management Predictions for 2021

By Prabath Siriwardena, VP and Deputy CTO – Security Architecture, WSO2

As businesses look ahead,  many anticipate that the rapid digital acceleration experienced this year will continue in 2021. We have already seen a surge in e-commerce customers, with transaction volumes from new online shoppers during the first half of 2020 at twice pre-COVID levels. Such digital interactions will remain important as restrictions on in-person shopping, dining, and other activities are set to continue until vaccines become widely available. Even then, the convenience of conducting business online means some customers may never return fully to brick-and-mortar establishments. As a result, businesses that have previously resisted launching digital customer channels will find that it is essential for survival. From multimillion-pound High Street retailers like Primark to local restaurants and artisan businesses, building a COVID-resilient business requires online channels.

As organisations pivot to serving customers digitally, they will face challenges as demands for ensuring customer trust and privacy pull against the importance of providing an exceptional user experience. These factors will have a profound impact on how businesses build, manage, and maintain relationships with customers. The following are four trends that we will see gathering momentum in 2021.

The mass pivot to offering online services will drive demand for intelligent customer identity and access management (CIAM) solutions.

Businesses that have previously operated only in the physical environment pride themselves on knowing regular customers as they walk through the door, putting a face to a name, and remembering their preferences. However, now they are faced with trying to achieve the same level of customer knowledge in the virtual environment through online ordering and delivery services. They will need to build customer profiles that turn anonymous website visitors into well-known, valued customers to whom they can offer personalised services.

Customer types will fall into broader subsets, too. Many are innately comfortable with buying online, but their expectations have been shaped by the highly sophisticated experiences delivered by Amazon, putting pressure on digital debutants to reach these high standards of user experience. On the other hand, many new online users will be unfamiliar with digital channels, so they need an intuitive, secure experience that safeguards their data privacy  if they are to build trust with the retailer.

This imperative will drive demand for high-performance, cost-effective customer identity access management solutions. These greenfield development projects will see strong demand for third-party cloud-based IAM solutions as businesses opt for this approach rather than developing proprietary systems.

Privacy concerns will impact demand for data sharing across service aggregation platforms.

As businesses aim to launch online services quickly, many are drawn to service aggregation platforms that allow them to reach an online customer base fast. Examples include Just Eat in the UK and Grubhub in the US, which enable restaurants to take orders and payments online. The trade-off for this simplified approach is that the business has less direct visibility into customer data.

Vendors using service aggregation platforms to provide an online channel for their business will want access to customer buying patterns and behaviour data so they can create personalised offers and identify key trends. However, this presents a problem for the platform provider around how they can share this data while preserving customer privacy and ensuring they do not infringe data protection laws. As a result, privacy and consent management delivered through CIAM solutions will be a priority for platforms that build and maintain profiles of customers.

The challenges around sharing data will be significant not just in geographies where privacy laws are advanced, like the UK, Europe, and the US, but also in developing areas. The global privacy gap will narrow and having a robust way to secure and manage customer consent for data handling will be critical for anyone with an online presence.

Adaptive authentication will emerge as a must-have.

As network boundaries are diluted, people will be accessing an organisation’s services from anywhere. It won’t be possible to authenticate users based on single factors, such as their location. Instead, authentication will be based on numerous interdependent factors, including behavior analysis, time of access, location, and more.

These will be analysed by a machine-learning algorithm that is furnished with large amounts of behavioural and network access data to calculate a risk score. Based on that score and the organisation’s risk posture, an automated decision is reached on how a particular user should be authenticated. This avoids the need to ask the user for multi-factor authentication every time and thereby creates a better user experience. This will be equally true for employees accessing multiple applications from home working environments in the new hybrid work set-up.

COVID-safe “no-touch” services will drive demand for online interfaces

Along with a general acceleration of digital transformation, the pandemic will have specific impact on the customer journey. Already, organisations have adapted their operations to be COVID-safe by limiting face-to-face interactions, and many of these adaptations are likely to remain long term due to the convenience they provide. Increasingly, we will see companies develop  approaches to serving customers with zero physical interaction and promote these “no-touch” services as a competitive differentiator.

Consider the example of car repair. The owner arranges the repair online, books an appointment, and provides details of what is needed. They leave the car at the garage, and they are updated on the progress with video and text alerts during the day. When the repairs are complete, they settle the bill online and pick up the car, without directly interacting with anyone.

As customers display a preference for safe and convenient services, businesses will be inspired to innovate to provide better experiences. This will require an initial investment in digital solutions, but that investment should pay off, not only in helping the business navigate immediate challenges but also by shaping future strategies. For example, a restaurant that finds it is taking most of its orders online could afford to reduce its real-estate footprint and alter its business model to become more cost-effective.

Building trust in an uncertain world

Ultimately, winning customer trust and confidence will be the key for all businesses launching or expanding online services. Against a backdrop of disruption, uncertainty, and the stress of having to constantly adapt to new situations and restrictions, customers want to be reassured.

This is a critical time for businesses as they aim to continue serving existing customers, while also capturing a share of the millions of new potential consumers. Customers who are trying out a new online service want it to be safe, secure, and effective. Consumers have Amazon-level expectations of every business, which means those launching new online offerings have a high bar to clear to gain wallet-share and loyalty. Organisations need to get CIAM right if  they are to protect their customers, deliver great services, and inspire confidence.