Reduce attack surface
Utilise proven IAM capabilities optimised for B2B scenarios and supply chain security
Improved user and administrator experience
Provide an exceptional admin experience and a fully branded user experience
Highly flexible B2B IAM platform
Agile solution designed to support extensible schemas and evolving business needs
Establish & manage user identities
Industry leading delegation capabilities, support for existing IdPs, integration into CRM
Ubisecure provides B2B CIAM services that support customers, supply chain and external users with IAM capabilities such as access management, multi-tier delegation, strong authentication and self-service identity management.
The Identity Platform is proven across many B2B use cases, including large deployments of multi-tier delegation, managing over 400k organisations.
B2B CIAM – Multi-System Authorisation, Authentication & Identity Proofing
- Maintain accurate user accounts and entitlements that reflect the actual current users and appropriate access and authorisation roles and rights across multiple applications
- Provide stronger identification of users without sacrificing a low-friction experience
- Rely on more than just the basic Username/Password combo. Integration with 3rd party MFA
- Acceptance of validated third party identity credentials, both those with identity proofing (i.e. BankID, regional eID) and those without (social, professional)
- Support for internal enterprise directory identities or CRM based identities
- Step up Auth – low friction method like social identity to register, step up to other IdPs as needed
- Built on B2B IAM Standards (OpenID Connect OIDC, OAuth2, SAML, CIBA Client-Initiated Backchannel Authentication Flow)
Governance & Federation
- Maintain accurate user accounts, attributes, and entitlements that reflect the actual current users and appropriate access rights.
- Identity Directory – eliminate risky, overlapping identity data silos by using Ubisecure’s proven, highly scalable and secure storage solution for identity data and attributes
- Enable logins from the partner’s IdP (internal or run by external 3rd party).
- Technical implementation of federation can match the business terms
- Outbound federation enables existing identity data pools to be utilised for outbound Single Sign-On to external sites. Gain new ROI on KYC investments and extend use of identities associated with your brand
- Built on Standards (OpenID Connect OIDC, OAuth2, SAML, CIBA Client-Initiated Backchannel Authentication Flow)
Establish trusted B2B relationships through trusted Organisation Identity
Manage and use organisation identity as a primary identity class.
- Varying organisation identity assurance levels – social groups to verified corporations
- Benefit from extensible schemas for organisation identity attributes, rights and roles
- Start with a foundation of trust – utilise G20 endorsed Legal Entity Identifiers as verified organisation attributes
- Digitally tie an individual identity to a verified organisation identity
- Right to Represent – utilise registry-based ability to check representation rights/authorisations of individuals
B2B CIAM for Delegation & Identity Relationship Management
The most powerful delegated authority solution for what is the most common way to manage identity relationships and create user accounts for B2B IAM and supply chain security scenarios.
- Flexible user account schemas
- Granular control of user access to applications and resources
- Support for multiple administrators
- Well suited to seemingly complex multi-tier hierarchies – org to org, org to individual, individual to org, individual to individual
- Onward delegation reduces Administrator touch points and management overheads
- Centralised authorisation server allows electronic power of attorney function and auditability
- API based solution
Registering Accounts & Managing Identities
- Leading support for large scale numbers of Subtenants / Sub-Organisations to isolate partner data pools and optimise delegation workflows – see Finnish Government case study (422k subtenants)
- Email invite triggers sent by Admins, from system, bulk upload or CRM. No need to be involved in onward delegation unless workflow dictates. Supports large numbers of users
- API support to link registration to CRM based ‘contracts’ to better manage triggering and termination of user lifecycle
- API to connect to 3rd party provisioning services
- Connect Identity Providers – allows use of existing strong reusable identities (BYOI, or bring your own identity), including verified (BankID, NemID and more), Europe-wide regional IDs, or social identities
- Consent – comply with privacy regulation (GDPR) by giving appropriate visibility and self-management controls for personal data
- Self-service – improve customer satisfaction and reduce support overheads by allowing customers to self-manage identity credential management.
How B2B CIAM works
Cloud Managed Service (IDaaS), On-Premises or a hybrid of both – your data, your location
Scalability – 100k average users per instance
Omnichannel – any device, same experience
Integration into world class BI, CRM
API first
Ubisecure Customer IAM solutions are API-first to give you:
- Total control over interface branding
- Configurable workflows, definition and management of attributes
- Enhanced security – identity data is a breach target
- Reduced time to market for your application – building identity management in-house is time consuming
- Years of Ubisecure experience implementing identity and consent standards, as well as our experience in the European identity ecosystem, where we specialise in delivering against evolving best practices
- Interoperability and support for internal and external applications
- The scalability and reliability needed for large customer-based deployments
Pick the CIAM integration that’s right for you
Ubisecure typically deploys larger scale on-premise and complex IDaaS solutions through our Certified Partner network. Partners have local and vertical specialisation – find the right partner in our directory and contact us to discuss requirements.
Identity Server
Full stack, modular CIAM software configured and deployed locally on-premise at your own data centre(s). Connect identity silos, applications, and services.
Hybrid Approach
Maintain the core user directory on-premises, but run IAM capabilities from a SaaS infrastructure.
B2B IAM Use Cases
Insurance
Manage complex networks of brokers and agents.
Government
Manage org to org, org to individual, individual to org delegations required engagement with Gov services
Supply chain / Automotive
Define granular control and auditability of user access to applications and resources
SaaS Applications
Solve the internal Build vs Buy conundrum, focus on developing the application not the identity management infrastructure
Resources
KUPPINGERCOLE WHITEPAPER
B2B CIAM & Supply Chain Identity Management
Considerations to better secure B2B and B2B2C users at scale with modern IAM functionality.
ANALYST EXECUTIVE SUMMARY
By KuppingerCole
An overview of the Customer Identity and Access Management (CIAM) industry & an impartial high level description and analysis of the Identity Platform.
>> Read More
WHITE PAPER
Build vs Buy: Identity Management
What are the benefits of using existing IAM solutions? And should your organisation build using your existing internal resources, or buy a proven solution?
>> Read More