Customer Identity - Build vs Buy and Beyond… [January 2022]
by Joe Hedegaard Ganly

Information Security Adviser

Connect with Joe Hedegaard Ganly on Linkedin Connect with Joe Hedegaard Ganly on Linkedin

Making the Most of Customer Identity – Build vs Buy and Beyond…

We’ve all had those jarring authentication experiences as customers. A web page not letting us log in properly or timing out. MFA prompt not coming through in time. Self-password reset? Reset emails never arrive. Unfortunately, they’re not rare.

With a drive and focus on the importance of identity and access management within our organisations, something we’ve seen a sharp uptake of interest in is how to get the most out of customer identity. What do we mean by that?

For most businesses with a customer portal, loyalty program or login page – customer experience drives revenue. There are a few things that we’ve seen that often need to exist to maximise the revenue returns of a great customer experience.

  1. Security – making sure that customers feel like they’re being looked after, with options for MFA enrollment and other security features is important in building trust.
  2. Ease of use – leveraging smart self-password reset, well performing web pages and simple to use sign up pages, customers are 71% more likely to abandon account creation if faced with friction!
  3. Maximising identities once you have it – once you have a customer that’s authenticating, how are you maximising that data to ensure they feel looked after and given a premium customer experience? Leveraging smart identity features like preferences or the ability to self enroll into loyalty programs without another account creation helps.

The build vs buy discussion often comes up in the same conversation as the above. Which way is the right path to go down for your organisation? What are the facts? The total cost of ownership for legacy identity can be 3x that of the cloud and the average delay in development lasts six months for building an auth program.

Looking at thigs from a security perspective? The reality is that 93% of application vulnerabilities come from custom code. Broken identity comes 2nd on the OWASP Top 10 Most Critical Web Application Security Risks. Common weaknesses?

  • Permitting automated attacks like credential stuffing
  • Permitting brute force attacks
  • Uses weakly hashed passwords
  • Has ineffective multi-factor authentication
  • Exposes session ID’s in the URL

…You get the picture. Looking at a market leading identity solution to handle customer identity is a sensible option for any technology or security leader looking to ensure scale, security and longevity in a customer identity program.

Contact Us

Our solutions specialists are always on hand to run you through the results or provide a workshop on taking the results and turning them into meaningful action. Simply call us on +44 (0) 1494 216 061 or drop us an email on contact@saepio.co.uk alternatively, you can submit a form on our contact page.