Ubisecure offers a full stack platform, API and toolkits to build secure, seamless experiences for customers. We simplify the most complex customer identity, delegation and security challenges faced when building applications.
Ubisecure offers highly innovative services built on the Identity Platform for specific identity related challenges. The Identity Platform can also be deployed to the Cloud for Customer IDaaS projects.
The Industry’s most powerful Delegation solutions
What Industry experts say about Ubisecure
The Ubisecure Identity Platform is delivered as a single integrated IAM suite that provides both Web Access Management and Identity Federation capabilities with a fully integrated database and application server.
The Ubisecure Identity Platform is a critical component of the eHealth service as its functionality provides Swedish citizens with very easy to use process for accessing their health records.
CTO and Head of Cloud Services Capgemini
The Ubisecure Identity Platform has helped us realise a unified IAM solution for both consumers and corporate customers, creating an environment where you only need one identity.
Director of IT-production DNA
Latest from the Blog
- Simon Wood, Ubisecure CEO, “You can’t have security without identity” – Podcast Episode 2June 24, 2019https://media.blubrry.com/identitypodcast/p/content.blubrry.com/identitypodcast/Ubisecure_Podcast_Edit.mp3Podcast: Play in new window | DownloadSubscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | Spotify | RSS | MoreLet’s talk about digital identity with Simon Wood, CEO of Ubisecure. In episode 2, Oscar interviews Simon Wood about his passion for digital identity and touches on some of the ways that Ubisecure is tackling challenges in the industry. Also hear about Right to Represent – the brand new, pioneering Ubisecure service enabling advanced delegation between all combinations of individuals and organisations – and its value for organisations. Read more about Right to Represent here – www.ubisecure.com/right-to-represent/ Links mentioned in the podcast: www.ubisecure.com www.linkedin.com/in/simonwood www.linkedin.com/company/ubisecure twitter.com/ubisecure About Simon Wood As Group CEO at Ubisecure, Simon is responsible for planning, communicating and delivering Ubisecure’s overall vision and corporate strategy to enable the true potential of digital business through modern identity management solutions. Simon is a dedicated and uncompromising technology business leader, grounded in sophisticated high performance solutions. Previously, at GlobalSign, Simon led the strategic and technical growth of the company and during his tenure has overseen, from inception, the transition to high volume operations, providing world record performance, both technically and commercially. At QuantumWave Capital Simon led the Venture Building practice, engaging, signing and working with deep technology early stage companies, preparing them for exit to large acquirers. Responsible for top-line performance Simon transformed the engagement model delivering a stable pipeline with predictable recurring revenue. Prior to this Simon held a number of development leadership roles for software companies specialising in high-performance, real-time communications capture, analysis, and distribution, including highly secure military radio, aircraft black box analysis, Formula 1 telemetry and ECU management systems. Simon graduated with a Bachelor of Engineering in Electronic Engineering from Southampton University. He holds multiple patents in the field of mobile internet software systems design. About Ubisecure Ubisecure provides feature rich customer identity management software and services. The company provides a powerful Identity Platform and Identity Cloud to connect customer and citizen digital identities with customer-facing applications. The platform consists of productised Customer Identity & Access (CIAM) middleware and API tooling to enable single digital identity benefits across multiple applications. Features include single sign-on (SSO), multifactor authentication (MFA), authorisation workflows, user identity management, and pre-established connections to dozens of third-party identity providers (social, mobile, and verified). Find out more: www.ubisecure.com/about...
- ‘Sign in with Apple’ – should Apple really ‘think different’ on identity standards?June 18, 2019At Apple’s recent Worldwide Developer Conference (WWDC), Apple software chief Craig Federighi announced to the world a new way for end-users to sign in to applications – Sign in with Apple. The Good Familiar to existing buttons “Sign in with Google” and “Sign in with Facebook”, and numerous other regional specific sign-in methods, Apple finally will start to capitalise on the amazing asset that they have – the identity and login information for every registered Apple user. Apple was able to put a great spin on their service around privacy – a way to differentiate it from other existing services. The value of privacy and security is slowly being better understood by wider audiences. It will certainly offer a smooth user-experience for Apple users. It will be very interesting to see how quickly and widely the service is adopted – beta testing is starting this summer. The Bad Not following standards. Period. Apple’s keynote was light on details, however their developer portal opened up more information about how the service works. Rather than following industry standards, Apple again has decided to make their own unique implementation decisions. Hans Zandbelt has initiated a collection of deviations from the standard. How Sign in with Apple differs from OpenID Connecthttps://t.co/lIjJL5GROV please provide input by adding comments. — Hans Zandbelt (@hanszandbelt) June 16, 2019 Many of the choices made seem very hard to justify – what advantage is there to not just following the specification? The OpenID specification are, as the name suggest, open, and do not require licensing fees or licensing agreements. This is unfortunate, as it makes integration to thousands of existing products and services more than just a configuration matter – it requires service-specific exceptions and behaviour tailored for Apple’s flavour. Implementations against Apple’s service will require additional testing as existing internal and standard test frameworks will not represent the behaviour of their service. Apple was thinking differently again. The Ugly Privacy concerns One celebrated innovation in the Sign in with Apple service is the fact that the email address of the end user can be hidden from the connected service, and instead a persistent pseudonymous mail forwarding address will be used. This received a long round of applause. They forgot to mention on stage that neither Facebook login nor Google login actually require that the user shares an email address with services that request it. When a service requests an email address, the user is presented with a dialog to “Share my Email” – sending your actual email address or “Hide my email” – to create a service specific forwarding address, such as email@example.com. Of course, this function requires that all email sent to the relay address are going through Apple’s servers, even if your original AppleID is using a non iCloud email address . Is that really privacy-protecting? Forced adoption As a condition of publishing an app in the Apple App Store, applications that offer other third-party sign in methods will be required to also offer “Sign in with Apple” as an option. For many apps, this will require developers to rethink how to present additional sign-in methods, how to remember what has been used before and careful evaluation and testing of the new method. For apps that have never used third-party sign-in, expect your users to more vocal about requesting the addition of the “Sign in with Apple” service and consider adding also alternative login methods at the same time. Easing the change Through IdP Connect, Ubisecure offers solutions that can help companies offering online services to offer third-party login services and allow their users to connect one or more to their online accounts. We shield applications from a lot of the related complexity and protect user privacy by keeping the data close to the application and under the control of the service provider. We also help large enterprises with existing users and accounts to offer login services to their users – that is the ability offer their own branded “Sign in with” button, based on open standards. Talk to us today about IdP Connect, our services that connect the identities from identity providers to service providers....
- Here’s what you missed at APIdays Finland 2019June 12, 2019Towards the end of the 19th century, the technology world was focused on electricity generation, and in Vanhakaupunki (the old settlements of Helsinki at the Vantaa river rapids) the city’s first hydropower plant was built. Nearly 150 years later, this place (now the Museum of Technology and Koskenranta) hosted a conference discussing a catalyst of today’s technology and business: APIs (Application Programming Interfaces). APIdays Finland 2019 took place on Tuesday 4 and Wednesday 5 June. The event — organised for the second time in Finland — was part of a series of conferences APIdays has been running since 2016. Here’s what you missed — unless you were there this year! Broad range of use cases Vesa Pirinen, VP Strategy, Paving, from construction company YIT delivered the opening keynote and presented on how IoT is helping to gather data from industrial equipment to help streamline operations. The use case focused on improving the efficiency of aggregate crushing plants. His talk highlighted that in commodity markets, the level of efficiency of the team work can mean the difference between today being a profitable day or not. Collecting and aggregating data from the field in almost real-time is key to this process. HiQ CTO Aspo Urpilainen demonstrated a taxi service API and showed how FRENDS can use JWT (JSON web token) attributes from an OpenID Connect session to ensure the business logic works as expected, such as to prevent the same user from accidentally calling two taxis. FRENDS is a powerful integration tool and works with the various standards-based APIs that the Ubisecure Identity Server publishes. Other interesting use cases follow… Petsofi CEO Laura Laakso showed how society can benefit from a platform that brings together researchers who treat rare animal cases with veterinary clinics and animal owners. In her talk, I learned that the animal business is a larger market than cybersecurity, but is underserved by investors. Sensotrend CEO Mikael Rinnetmäki shared his story about creating a self care platform for people with diabetes, and some experiences from the FIHR-based Finnish Kanta PHR (personal health record) ecosystem. Isabelle Reusa talked about APIs in the media business and showed the three levels of APIs in media from less to more open: The Guardian, the Financial Times and the Getty Images model. Her core message for all media companies: open API or die. Technical sessions Ubisecure VP Customer Success Keith Uber gave a talk about the Finnish Trust Network. First, he shared two personal stories: the day he became a Finnish citizen and the day he got married. Both happened in Finland, and in the two cases the procedure and issued certificate were paperless – fully digital. Indeed Finland is one of the world-leading digital societies thanks to the use of strong verified identities, in which bank authentication (TUPAS) has been prevalent for years. In order to follow international standards in cybersecurity and digital identity, from October 2019 Finland will require commercial services to use the Finnish Trust Network (Luottamusverkosto) for strong authentication. Right after the talk, Keith and I hosted a hands-on workshop “Connect your application to Finnish Trust Network” with around 20 very engaged participants. In the workshop, the participants installed a single page application on their own laptops that connected to Finnish Trust Network using OpenID Connect. We even were able to help one of the workshop attendees connect their integration tool, Integromat, to the Finnish Trust Network. Janne Nieminen from Digia presented a powerful presentation summarising their experience of API management in modern infrastructure. He gave examples of multi-cloud environments, highlighting that often a common platform across clouds is required. As important as making it easier to publish new APIs, is the importance of monitoring the quality. Companies also need to consider automated ways of enforcing both technical and non-technical requirements of APIs: automated checking of the published documents, checking if the API ships full documentation, checking if there is a well-identified owner and if it meets all of the agreed style guide rulesets. As a takeaway, Janne recommended using the API audit checklist from apiopscycles.com to validate APIs. And it is good to see OpenID Connect and JWT support on that checklist! The API economy There were a few insightful talks about the API Economy, including Alan Glickenhouse (IBM), Allan Knabe (KONE) and Mohan Naidu (Avanade). However, the best mix of ideas came from Marjukka Niinioja, organiser of this event and co-author of the book API Economy 101. Marjukka’s first shared confession was “I wish someone had given me a magic API wisdom pill 10-20 years ago.” But today she is the one giving the wisdom pill to many of us building APIs. Unlike the common practice, Marjukka argues that organisations must embrace the equation: API = All People are Important. In other words, all roles in an organisation (CEO, design, business development, operations, marketing, information security, etc.) must work together to design and plan the APIs, not only the developers. She remarked on the importance of tools and methods like API Business Model and API Canvas to achieve results. The highlights of APIdays Finland 2019 Broad range of use cases from different industries: construction, media, animal business, journalism, banking, real estate, mobility, healthcare, e-government, and more. Both technical and business-oriented topics, plus hands-on workshops. Emphasis on the importance of the API Economy. The presence of the European Commission, which also gave a workshop on digital government APIs. Want more? Attend some of the upcoming APIdays conferences: APIdays Amsterdam on June 18 & 19, APIdays San Francisco on July 16 & 17, APIdays Melbourne on September 19 & 20, and the list continues. If you missed Ubisecure’s workshop and want to learn more about migrating from TUPAS authentication to the Finnish Trust Network, please get in touch....