C H E Q U I N G O U T include validating legal documents like passports, national IDs and driving licences. These processes may even incorporate Know Your Customer( KYC) protocols and integrate with device fingerprint services and biometric verification to prevent fraud.
C H E Q U I N G O U T include validating legal documents like passports, national IDs and driving licences. These processes may even incorporate Know Your Customer( KYC) protocols and integrate with device fingerprint services and biometric verification to prevent fraud.
For B2B companies, registration often involves the onboarding of entire organisations. This can be initiated through a sales-led approach, where an account manager facilitates interactions and negotiations, eventually triggering the provisioning of the organisation once the service agreement is finalised. This often includes invitation-based registration flows. The registration process must be user-friendly and straightforward while also ensuring security. When collecting valuable customer identity data, the onboarding process must be designed to avoid identity fraud, such as registration with synthetic or stolen identities. These factors must be carefully balanced, ensuring that the registration process aligns with security requirements and user experience expectations.
2. Authentication
Authentication is the second pillar of CIAM, ensuring that users possess the required credentials to access customerfacing applications. Strong authentication prevents account takeovers, password
snooping and password stuffing, keeping unauthorised users out through robust authentication policies. In consumerfacing applications, providing single sign-on( SSO) and passwordless login options such as email links and mobile one-time passwords( OTPs) enhance the authentication experience.
Adaptive authentication, which steps up security based on situational risk factors such as attempting access from a new device, logging in from an unusual geographical location or after a prolonged period of inactivity, balances user experience with security needs. For high-value services like financial applications or government services, additional layers like biometric verification and liveness checks provide higher levels of assurance and meet regulatory demands for more stringent measures.
Malithi Edirisinghe, Director, Architect – IAM, WSO2
68 www. intelligentfin. tech