Your Customer Identity and Access Management (CIAM) solution sits at the core of your security, user experience and regulatory compliance strategies. But the best results are possible when your CIAM solution shares common standards with your other externally purchased APIs, and in-house built technologies. This saves your developers time trying to get these tools to talk to each other, instead requiring simpler configuration to avoid identity data siloes and enable single sign-on (SSO). This principle has led to key focus areas around extensibility and interoperability in our latest Identity Platform software release cycle – 2021.2. Here’s a taste of what’s new:
Integrate with more authenticators using CIBA
Ubisecure’s Identity Platform is built on identity standards like OpenID Connect (OIDC), OAuth 2.0 & SAML – in many cases contributing expertise to the evolution of these standards – to make it interoperable with your tools and technologies. One such standard that Ubisecure has been a contributor to, and an early adopter of, is CIBA ‘Client initiated Backchannel Authentication (Flow)’, which enables a standards-based interface for integrations to a wide variety of authenticators – typically where the authentication is performed on a different device to the one you are trying to access.
Swedish BankID & Freja eID
We have tested and verified that the latest Swedish BankID and Freja eID authenticators can be safely integrated and supported in this way – which, as Swedish customers will know, are two highly popular authentication methods, with Freja eID in the form of a mobile app.
With this release, the Identity Platform is up to date with the final CIBA specifications provided by the OpenID Foundation, and will provide future possibilities for you to develop your own CIBA-based authenticator for use with the Identity Platform, effectively future-proofing your solution. We’re one step closer to a passwordless future!
Stepping up user experience in step-up authentication
Unlike multi-factor authentication (MFA), which requires more than one authentication method for a user to sign into a service, step-up authentication introduces a second authentication factor only for certain resources. This provides added security where needed, for example to your more critical applications that handle highly sensitive data, without compromising on user experience.
With our extended CIBA support in 2021.2, you can now use an external authenticator (like Swedish BankID) as a step-up authentication method for your registered users, allowing you all the security and user experience benefits of a verified identity provider.
OpenID Connect–ing the dots
The OpenID Connect standard is a connection workflow for integrating two or more apps. Using OpenID Connect for modern mobile applications and single webpage applications helps to ensure security while keeping connections smooth and responsive.
Ubisecure has supported the OpenID Connect standard for many years. To demonstrate that we follow the specification and adhere to the OpenID Connect standards, we have completed the conformance test with our 2021.2 release and applied for formal certification with the OpenID Foundation.
We’re also making it easier for administrators to view and configure their OpenID Connect methods in one simple interface, helping them to set up and debug OpenID Connect methods in their systems.
Deeper insights for accounting & statistics
We’ve expanded our Accounting & Statistics service to include more detailed information that can be collected from your accounting records within the PostgreSQL database. Now, an administrator can access near real-time information that displays the configured methods and which applications are being accessed. This information can be used to see the most active applications during a day or during certain hours. The output can then be utilised in your monitoring system to detect any anomalies.
And don’t worry – this great new feature is still GDPR-friendly. The user IDs will remain pseudonymised, so the privacy of individual users is protected while still being sure that you are seeing total unique user counts on each integrated application.
Identity Platform 2021.2 is available now! Check out more details of enhancements in our 2021.2 release, plus where to download this latest version in our technical announcement.