Customer IAM vs IAM

Exploring the reasons why traditional Identity and Access Management (IAM) systems are insufficient for managing customer identities.

The Difference Between IAM and CIAM Infographic

When considering extending your IAM system for your externally-facing application, ask yourself the following questions.

Which type of identities are you managing?

Internal or External?

  • IAM systems are designed to manage and protect internal, employee identities.
  • Customer IAM (CIAM) systems are designed to manage and protect external identities, such as customers, citizens, partners, contractors, APIs or things (think IoT) – and is therefore optimised for very different use cases.


User experience

How important is User Experience (UX)?

Are users trained on the systems? Or is intuitive UX critical?

  • In-house IAM systems need to meet certain expectations of user experience, but individual users will receive training on how to use the software properly.
  • For externally-facing Customer IAM systems, an intuitive UX is not a ‘nice-to-have’ – it’s a prerequisite to success.

How are you verifying user identities?

Do you need to make use of one or two identity providers, or several?

  • Managers of internal IAM systems can dictate to employees how they verify their identities.
  • Customer IAM systems allow for choice and flexibility when it comes to verification.

>> For more details, download the white paper.

identity providers

platform flexibility

How flexible should the system be?

Does it need regular changes?

  • Internal IAM doesn’t need to be updated regularly – and updates can be made over longer periods of time.
  • Customer IAM should be flexible enough to keep up with consumer trends.

How scalable does your system need to be?

Is your customer base larger and faster growing than your employee base?

  • Your customer base will already be larger and be growing much faster than your internal employee base, so Customer IAM systems should be more scalable than internal IAM systems.

>> Find more information in our free white paper.


identities managed by

Is manual management realistic?

Can you dedicate resource to manually adjusting customer accounts?

  • Due to slower growth, internal IAM systems are generally set up for manual management of identities.
  • A Customer IAM system should allow customers to manage their own identities and, in certain common use cases, delegate management of accounts to enable scalability.

Who owns the data?

How important is trust?

  • Internal employees generally trust their HR team with their data in work IAM systems.
  • Consumers want control over their own data and how it is used, and Customer IAM is set up for this purpose.

privacy, trust and data regulation


Are you hoping to make money from the IAM system?

Does it save you any money?

  • Internal IAM is not intended to generate revenue.
  • Customer IAM will create new revenue opportunities, and reduce costs for support and administration.

blog icon


You may already have an IAM system in place in your organisation, for example to manage internal/employee identities. So why can’t this be used for your customer-facing application?

>> Read the blog

white paper

White Paper

How user experience, platform flexibility, business performance, revenue, privacy, trust & data regulation and compliance (among others) are driving the need to adopt Customer IAM solutions.

>> Download the PDF

Get in touch