Ubisecure Identity Platform

Individual ID & Organisation ID Management
IDaaS | On-Premises | Hybrid

Ubisecure Identity Platform

B2B & B2C User Experience

Simplify and improve how your B2B & B2C users engage with your digital services.

Simplified or automated user registration

  • Configurable best practice templates for registration and login, or complete customisation via API
  • Use existing reusable digital identities (verified/strong or regional eID, social login, professional, enterprise) for easy registration and return login authentication
  • Verification of customer’s real identity
  • Automated registration based on contract information queried from connected CRM(s)
  • E-mail and phone number via SMTP and SMS verification

Identity federation and business networks

  • Business customers Single Sign-On (SSO) to services from their own corporate network
  • Federate client identities to support partner networks and build new business streams
  • Verify weak identities with a strong multi-factor method or link to a 3rd party digital identity in any defined context
  • Protocol translation, e.g. from SAML to WS-Federation and vice versa
  • Supported standards: SAML 2.0 (independently tested), OpenID, OAuth 2.0, OpenID Connect OIDC, CIBA, Mobile Connect, WS-Federation, TUPAS, ETSI MSS (ETSI TS 102 204)

Reusable Identity for quick registration and improved retention

  • Out of the box support for reusuable Identity Providers 
  • Personal Identity Ecosystem – verified Individual IDs like BankID & NemID. Social IDs like Facebook, Apple and Amazon. Business IDs like LinkedIn and GitHub
  • Organisation Identity Ecosystem – verified Organisation IDs like Legal Entity Identifiers
  • New providers quickly added via Authentication Adapter microservice
  • Reduced PII risk
  • Simplifies initial registration and returning logins

Single Sign-On (SSO) across all connected services

  • Single identity for multiple applications
  • Centralised policy management delivers the right identity attributes to internal or external applications (GDPR)

Branding support

  • Completely brandable solution without any extra development / coding
  • Configurable interfaces for branded SSO

Security & Privacy

Minimise identity data breach risk. Ensure you meet security and privacy regulation for B2B users, customers, consumers, citizens, partners and internal and external employees.

Identity Attribute Broker Engine

  • Pseudonymisation of identity
  • Aggregate identity attributes from various sources, i.e. user database, CRM, 3rd party APIs
  • Minimal attribute set supports user privacy – granular control over which attributes are sent to target applications

Multi-factor authentication (MFA)

  • Contextual step-up authentication 
  • Broad support for MFA methods: bank applications, “pay” apps, passkeys, TOTP, SMS OTP, SMTP OTP, Certificates & PKI, biometrics , social identities.
  • Windows SSO, AD integration, SQL integration, LDAP
  • Biometrics

Step-up identity sources and step-up MFA

  • Step-up to additional MFA methods at the right time in the customer journey
  • Social: support for Sign in with… Apple, Facebook, LinkedIn, Google+, Github, Amazon, Yahoo, Mixi, VKontakte
  • Business: support for Microsoft O365, Google Apps for Business, Salesforce, Azure, Active Directory
  • Verified: support for Government eIDs, Bank IDs, Mobile IDs
  • Open standards: support for any OIDC, OAuth based identities via Authentication Adapter microservice
  • Build Identity Proofing & Identity Verification services into any decision workflow. Integrated Onfido support

Best practice basic credential management

  • Basic password policy & recovery/reset
  • Basic credentials (e-mail, phone number) verification

Authorisation management

  • Centralised authorisation policy management
  • Flexible authorisation policies per service
  • Role based access control (RBAC) and attribute-based access control
  • Authentication and authorisation policies can be quickly modified for one or more online applications using the administrative web interface
  • Zero or minimal policy development required for the connected applications

User Directory

  • Scalable and secure storage of identity data and attributes
  • Local geo-residency for identity data and attributes
  • Consolidate risky, overlapping identity data silos

Meet privacy and security regulation

  • Centralised access, modification / review, transfer and deletion of PII (GDPR)
  • Consent collection, management and revocation (GDPR)
  • Centralised policies for control of identity attribute release (GDPR)
  • Strong Customer Authentication (PSD2)
  • Extensive standards support: SAML Security Assertion Markup Language, OpenID Connect OIDC, OAuth, Mobile Connect, ADFS 2 & 3 (WS-Federation), TUPAS

Data Residency

  • Client-defined data geo-residency location for IDaaS
  • Local network data residency for Identity Server (software)
  • Hybrid approach supported – local data store connecting to IDaaS capabilities

Business Transformation Impact

Use digital identity to improve your organisation’s productivity, automate repetitive tasks and create self-service experiences for customers, partners, and suppliers.

Flexible deployment

  • IDaaS – Identity-as-a-Service with identity data and IAM functions managed in the cloud
  • Identity Server – on-premises software deployment with complete control over data residency
  • Hybrid CIAM – cloud-based IDaaS capabilities operate as SaaS, but connect to on-premises user directories and legacy applications

Delegated Authority – multi-tier identity relationship management and delegation of authority

  • Core scaling feature requirement for B2B, B2C and B2B2C IAM requirements
  • Allow external users to manage their own organisation’s (or family) user identities and delegate roles at a national scale (G2B, G2C)
  • Create new organisations, new users, invite external parties, authorise employees and more
  • Minimise the amount of outdated or incorrect customer data through self-management
  • Cost savings achieved in customer service operations by delivering self-service workflows for your external users

Right to Represent

  • Connect to and check company identity and mandated rights of individuals to represent their company in real time
  • Build into KYC (Know Your Customers) or onboarding workflows
  • Based on Legal Entity Identifiers (LEI) issued by Ubisecure as the #1 accredited GLEIF LEI Issuer

Self-service identity management

  • Self-service password management, reset, recovery and verification (SSPR)
  • Verification of email and phone number during registration
  • Self-service functions for authentication method management

Identity profile management

  • Link LDAP and SQL databases for a centralised view of customer data
  • Eliminating risky and expensive overlapping identity repositories and silos
  • Reduce the number of accounts / identities per user

Extensive SSO support for existing cloud applications

  • Enable SSO to cloud applications
  • Enable strong authentication for business critical cloud applications using any supported authentication methods

CRM integration/linking

  • IAM database master of identities, CRM master of contract information
  • Automate linking of customer identities to the CRM contract lifecycle
  • Increase efficiency in on-boarding by sending invitations directly from the CRM interface
  • Improve the accuracy of customer data and increase sales and marketing efficiency
  • CRM applications such as Salesforce.com and Microsoft Dynamics integrated via API

APIs & application integration

  • Quick application integration for WebSSO protocols such as SAML, OpenID Connect and WS-Federation
  • Other integration options: HTTP header injection (possible to also emulate SiteMinder, WebSeal, SelectAccess, etc.), HTTP basic emulation, Kerberos constrained delegation (requires TMG or Citrix Netscaler), IIS 6 impersonation (S4U impersonation)
  • RESTful APIs to embed identity management functions to own applications
  • SAML Attribute Query supports user attribute verification during a valid session

Out of the box and customisable workflows

  • Create your own workflows through simple configuration — no scripting or programming needed
  • Configure multiple workflows based on use case or business requirements
  • Automate workflows or approval processes
  • APIs to embed identity management functions into applications

Streamlined reporting and support for 3rd party enterprise tools

  • Simple BI integration
  • Exports to SIEM platforms
  • Provisioning through any ESB

Ready to get started?