CIAM – Customer Identity & Access Management Solutions
Protect against breaches.
Elevate customer experience.
Quickly build secure access, verification, & digital identity
management into your applications.
How organisations use Ubisecure
Rapidly build innovative Customer IAM (CIAM) and B2B IAM capabilities into applications and services. Choosing Ubisecure means your organisation avoids data breaches, offers a consistently excellent user experience, reduces costs associated with manual processes, and keeps your development team focused on your core business.
Give customers one digital identity and set of credentials to connect to all your services and applications.
Enhance security with additional factors of authentication without the usual friction, and employ context-based step-up authentication when needed.
Protect resources with fine-grained user permissions and access rights.
Create, store, and manage users, and identity and privacy data, at scale.
Anchor users to their existing digital identities (social, enterprise, verified) and remove friction during registration & login.
Prove a user’s real identity at the start of your onboarding or KYC process.
Manage how organisation, family or individual users delegate their rights to others to act on their behalf.
Register your own G20 endorsed high assurance organisation identities, or utilise the global LEI database for KYC & onboarding.
Successfully operate remotely, protect against increased attacks, and gain operational efficiencies
Enterprises need to adapt to the new norm where everything is remote, and everything is digital. Identity management is at the heart of going digital-first. The lines between internal users and external users have become blurred, and effective management of all users (employees, customers, and partners) is essential for business continuity and operational cost control.
>> Learn More
What experts are saying about Ubisecure
The Ubisecure Identity Platform is a critical component of the eHealth service as its functionality provides Swedish citizens with very easy to use process for accessing their health records.
The Ubisecure Identity Platform is delivered as a single integrated IAM suite that provides both Web Access Management and Identity Federation capabilities with a fully integrated database and application server.
The Ubisecure Identity Platform has helped us realise a unified IAM solution for both consumers and corporate customers, creating an environment where you only need one identity.
subtenants / orgs in single
customers on a single
average users per
organisations using Ubisecure
Legal Entity Identifiers
Citizens rely on Ubisecure
mobile consumer identities
Identity Management is evolving. Keep up with the latest…
- Welcoming new RapidLEI Registration Agent partner: LEI PassAugust 6, 2020Today RapidLEI, Ubisecure’s Legal Entity Identifier (LEI) issuance service, announced a partnership with Sweden-based LEI Registration Agent, LEI Pass. The partnership empowers LEI Pass to issue LEIs using RapidLEI’s pioneering technology. Read the full press release here. Kim Andersen at LEI Pass said, “the LEI presents so many opportunities for enhanced trust in transactions, with tangible value for the banking and payments industries. To fully realise this potential, registering an LEI should be fast and easy. With RapidLEI’s technology, it is. We’re making it easier for customers to focus on what they do best while leaving LEI management to us.” Chris Hudson, Director of Channel Sales at RapidLEI, said, “we have long envisioned the value that LEIs bring to a variety of use cases. It’s great to partner with LEI Pass as they share this vision and will bring their experience as seasoned entrepreneurs to innovate alongside us.” Find out more about RapidLEI’s partnership programs at rapidlei.com/partners....
- Privacy, contact tracing apps and facial recognition with Debbie Reynolds – Podcast Episode 25August 5, 2020https://media.blubrry.com/identitypodcast/p/content.blubrry.com/identitypodcast/Ubisecure_Podcast-Debbie_Reynolds.mp3Podcast: Play in new window | DownloadSubscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | Spotify | RSS | MoreLet’s talk about digital identity with Debbie Reynolds, Founder, CEO, and Chief Data Privacy Officer at Debbie Reynolds Consulting LLC. And we’re back with series 2! Kicking us off is Debbie Reynolds, looking at privacy in contact tracing apps around the world. Debbie walks us through the potential issues with contact tracing apps with regard to regional laws, security risks which must be mitigated against and the practical effectiveness of the apps themselves. Debbie and Oscar also dive into the world of facial recognition – including the importance of accuracy and transparency around public practices and relevant regulations (GDPR, CCPA, BIPA etc.). “For me, contact tracing is a profession, not an app” Debbie Reynolds, “The Data Diva,” is a world-renowned technologist, thought-leader, and advisor to Multinational Corporations for handling global data privacy, cyber data breach response, and complex cross-functional data-driven projects. Ms. Reynolds is an internationally published author, highly sought speaker, and top media presence about global data privacy, data protection, and technology issues. Ms. Reynolds has also been recognised as a Technology Visionary and as a top leader in the Data Privacy industry worldwide. Find out more about Debbie at www.debbiereynoldsconsulting.com and connect with her on LinkedIn. We’ll be continuing this conversation on LinkedIn and Twitter using #LTADI – join us @ubisecure! ...
- How to navigate CCPA compliance: advice learnt from experience with Europe’s GDPRAugust 4, 2020The US’s California Consumer Privacy Act (CCPA), effective since the beginning of 2020, has brought much comparison to Europe’s General Data Protection Regulation (GDPR), effective since May 2018. Both regulations set limitations on how companies deal with customer data, giving customers greater privacy and control over how their data is used. Owing to the similarities between these regulations, US companies have been, and still are, looking to Europe for lessons learned from navigating GDPR compliance to help with their own CCPA compliance initiatives. As an identity management software vendor with customers throughout Europe, Ubisecure has been at the forefront of several projects enabling GDPR compliance – working with organisations on systems security and giving consumers greater control over their own data, often within complex IT environments. From this perspective, here are a few lessons that we’ve learnt along the way to help you with your own CCPA compliance projects. Start ASAP and continue evaluating your CCPA compliance The IAPP-EY Annual Governance Report 2018, released seven months after the GDPR came into effect, reported that “fewer than 50% of survey respondents report they are “fully compliant” with the GDPR”. At a similar timeframe, six months into CCPA, one survey reported that just 14% of respondents were fully CCPA compliant. So, if you’re reading this blog because you’re panicking about not being CCPA compliant, you’re not alone. However, you should start your compliance project now. As of 1st July, CCPA is enforced and you can be fined for not complying. At time of writing this in late July, there have been no (public) CCPA fines, but you can bet they will start soon if GDPR is anything to go by. Fines were similarly slow to appear immediately after GDPR enforcement, though are now a regular occurrence with the largest fine to date going to British Airways at €204.6 million. But what about organisations that are CCPA compliant? Well, aspects of both regulations and how they work in practice may not be felt until they are in full swing, meaning that companies may feel they are compliant now but will need to continuously adapt to stay that way. You’re never really “done” with GDPR or CCPA compliance… Keep coming back to CCPA compliance On that note, it’s important to keep talking about CCPA. It has become second nature to us to talk about GDPR with every new IT or marketing venture, both for our clients and for ourselves. CCPA compliance must also be a key condition for every new solution. Further, while CCPA may be permanently on your radar, it may be easier for your colleagues outside of the obviously ‘relevant’ departments (IT security, marketing etc.) to forget new procedures and keeping the conversation going will be a good reminder for them not to slip up. And it’s not just businesses for whom CCPA will be front of mind – consumers are getting more and more knowledgeable about their rights and will (often publicly) criticise/stay loyal to brands based on how they deal with data and privacy. This is particularly the case since COVID-19 contact tracing procedures have attracted attention globally, with their privacy implications under scrutiny. So it’s in your interest as an organisation to remain CCPA compliant, not just to avoid fines but to stay competitive as well. Think of the positives If CCPA compliance feels like a massive chore and something you’re doing just to avoid a non-compliance fine, try to think of it as the perfect time to review your IT architecture and implement data best practices. Lots of organisations that we’ve spoken to found that the GDPR was an excellent excuse to review data silos and update their IT systems. Both CCPA and GDPR are positive steps to be able to maintain trust in digital business and really just formalise best privacy practices that we should all be following anyway. Further, the steps you take to CCPA compliance will likely end up creating far more efficient operations in the process, creating a better user experience and avoiding the risk of a data breach – it’s really a win all round. The threat of a non-compliance fine is just another point to get buy in from your CFO! Customer Identity and Access Management (CIAM) is key Just before GDPR came into effect, we conducted a survey amongst enterprises which showed that 50% of participants said achieving GDPR compliance without CIAM would be “impossible”. And the same applies to CCPA – CIAM, data privacy and data protection go hand in hand. CIAM verifies an individual’s claim of identity and determines what access the individual should have to areas of online services, and covers a wide range of capabilities that directly support data security and privacy by design. A few examples of those capabilities: Consent management – allow users to manage their own consent related to their data and increase transparency around their current settings. Self-service account management – enable users to set their own privacy settings and communication preferences, plus any other account settings relevant to your service. Directory/integrating identities from your online service with your CRM – create a single, centralised view of the customer, making it much easier to automatically (or manually) show the customer everything you know about them if they ask, and delete that data if they request to be forgotten. Conclusions More than two years since the GDPR came into effect, it is still a hot topic in the identity industry and we’re likely to see CCPA follow the same pattern. It’s not just hype – it’s here to stay. And remember, if you’ve tackled compliance to GDPR, it doesn’t necessarily mean that you’re compliant to CCPA. There are plenty of differences between the two regulations – a topic for another blog post! Ubisecure has been providing CIAM since 2002 and has a wealth of experience helping our customers to achieve their compliance goals. Our CIAM solutions can be deployed as IDaaS (SaaS-delivered IAM), private cloud or on-premises, to suit your business needs and get you CCPA compliant ASAP. Let us know if we can help....