Consumer IAM

Enhanced customer experience with passwordless authentication

One of the most used ways of logging in is the ‘Forgot password’ button. Considering the increasing complexity of passwords and the average consumer having up to 90 different online accounts, this doesn’t come as a surprise. Passwordless authentication is the solution to authenticate users by other means than a username/password combination. It tackles two problems at once: passwords are hard to remember and easy to hack.

iWelcome offers the option to log in with an email address on request or by invitation. With a magic link that is sent to the email account, users can securely log in, taking away friction for the user, resulting in an optimised customer journey.

(Social) Registration

Companies are increasingly focused on offering their customers frictionless experiences. The customer registration process is vital herein as it can either be a facilitator or a bottleneck for customers to proceed. The paradigm here is that it should be as easy as possible, yet highly secure.

iWelcome unburdens organisations by offering three types of registration each of which offered via APIs or customer-branded UI:

Standard Registration with a set of mandatory and optional fields; validation is done via email (and optionally SMS);
Social Registration reduces the registration effort by removing the need for consumers to use usernames and passwords allowing them to engage more easily and quickly, using their existing social media identity. iWelcome is the only provider to offer this in a GDPR-compliant manner;
Flexible Registration and Activation allows clients to configure workflows with certain software components supporting a wide set of registration use cases.

Client benefits

Identity matching via RESTful API / Web service;
Multiple registration and login options;
Support for all standard federation protocols;
Customised registration process using BPMN 2.0;
Account linkage with smart matching.

Consent Lifecycle Management & GDPR

In addition to providing consent confirmation, GDPR requires organisations to implement a detailed approach to Consent Lifecycle Management. Not only should consumers be asked for consent in all situations where there is no contractual basis, organisations must also be able to demonstrate that a consumer has consented to any form of processing of his or her personal data, and for which purpose(s). Additionally, the consumer should be able to withdraw consent at any time, just as easily as it was given. In conclusion: consent is not a unique event; it must have a lifecycle in order to build trusted relationships. iWelcome's, foundational implementation of these capabilities, is widely recognised and sets the industry standard.

Client benefits:

Give and revoke consent.
Multiple processing purposes.
Fine grained consent on attribute level.
Document consent with versions and languages.
Single-Soure-of-Truth for user consent.
Time line with consented data.
Consent API.

User Self Service

The best way for companies to deeply engage with their end-users – while being compliant to GDPR – is to set up a self-service domain where consumers can view and change their own personal data settings themselves.

iWelcome’s user-service functionality enables consumers and employees to access and change profile information and data attributes, add social login connects, request additional access, do password resets, give or withdraw consent, and much more. All 24/7.

User Self Service empowers the end-users to manage everything around their Identity, full stop. It will give them trust and control. GDPR itself also dictates the Right of Information and Access for the consumer.

User Self Service is, with consent management,  necessary for User Managed Access (UMA).

Client Benefits

Fully in line with GDPR.
Available through branded UI and APIs.
User access to all functions and attributes.
Enable Consent, Profile, Preference management.
User control for DIY.

Single Sign-On (SSO), (Strong) Authentication & Federation

The key to being successful is to offer frictionless user experiences with the right levels of authentication.

iWelcome offers the following capabilities:

Single Sign-On allowing (end-)users to log in only once for access to multiple applications and/or services;
Multi-factor authentication based on the best industry standards Included push & swipe option for optimal customer experience or OTP via SMS or email;
Risk-based authentication allowing for real-time risk assessments based on certain parameters, to be configured per client;
Step-up authentication allowing for different levels of authentication required for different parts of your offering.

Client benefits

One Log-in for frictionless customer experience;
Customer-friendly yet strong MFA;
Add real-time ‘context’ to user profile;
Strongest authentication applied only when required;
Authentication is decoupled from actual service.

Identity Validation, Proofing & KYC

iWelcome’s identity validation support allows companies to make sure a digital identity can be associated with a real person by validating against a 3rd Party trusted identity.

Validated Identities enable high value transactions and high-risk access to data to take place over the web. iWelcome can integrate with a many providers of identity validation (e.g. WebID) and digital alternatives (e.g. IDIN, eHerkenning, DIGID in NL or GOV.UK in UK).

Identity Proofing is about assessing the probability an identity claim is legitimate, as there is no such thing as absolute certainty.

Client Benefits

Increase trustworthiness of an identity;
Decreased risk on fraud;
Multiple identification means available;
Support for all STORK levels of assurance.

User Management (including delegated features)

iWelcome offers multi-level user management functionality that can be used to add users and groups and to assign users to groups. Delegation of user management is supported on several levels, where at every level a user manager can be assigned the role of delegated admin.

Among others, the following scenarios are supported:

User registration by delegated admin via a simple web-portal for (temporary) accounts;
Administration (e.g. disable, delete, etc.) by delegated admin of temporary accounts;
Delegated users/Guests can set and activate their own password via the self-service portal;
Delegated users/Guests can reset or change their password via the self-service portal in case the password has been lost.

Client benefits

Delegated users can (re)set/activate/change passwords;
Available via customer-branded UI or RESTful API.

Customer care & Service Desk

To facilitate its clients’ customer care management, iWelcome offers a Service Desk application that is tailor-made for customer care and service desk operating teams. It provides these teams with all of the functionality needed to effectively help (end-)users with any access-related issues that may arise. The application is highly scalable as it is designed for serving large enterprises serving millions of users.

Client benefits:

Ability to quickly search users.
Full view of all identity-related information.
User timeline showing all relevant identity-related events.
Password reset initiation.
Overview of service disruptions to troubleshoot issues.
Can easily be integrated into other customer care system(s).

Progressive profiling & preferences

To personalise the interaction with consumers you need information about the consumer. iWelcome provides the tools to progressively grow the user profile and store user preferences. Consumers typically share this information, not just during the on-boarding, but during the customer journey when the relationship grows. Websites and apps capture this (consented) information and add these to the iWelcome Identity store, the Single-Source-of-Truth for customer identity data, and key component in your IT infrastructure,

Provisioning

Provisioning refers to the creation, maintenance and deactivation of user objects and user attributes over multiple systems and applications allowing these to interact with business logic.

The iWelcome platform provisions and de-provisions’ user accounts and attributes from multiple source systems (e.g. CRM, HR or any other identity stores like Active Directory, Windows Azure Active Directory, Identity Management Systems, and/or Master Data Management) and/or LDAP directories to business applications (relying parties). Provisioning of groups can be arranged via both push and pull mechanisms.

Client benefits

Automated & efficient provisioning processes.
Group provisioning on pull- and push basis.
Supports open source frameworks as ConnID.
Standard connectors or API- and SCIM-based.

Multi-branding & Omni Channel

An interesting case within Identity & Access Management is when (mainly large) companies own different brands (and thus: market identities). With its multi-branding functionality, iWelcome is perfectly able to support these companies with one single identity infrastructure over multiple brands, while maintaining each brand’s own identity (and thus look&feel). This typically results in consistent corporate management and lower TCO.

Client benefits

Segmentation options over brands.
Multi-branding with single 360 view of the (end-)user.
Omni-channel by design & principle.
Delegation within brands.

Attribute Flexibility

Today’s user experience is driven by user’s characteristics, also known as data attributes. As no business is the same, there is a strong need for valuable identity-related attribute information (ranging from relationship number till for instance the consumer’s shoe size). Attribute-Based Access Control (ABAC) and UMA are the future, with attributes as the fundament.

iWelcome offers organisations flexibility when it comes to gathering data attributes.

Client benefits

Metadata for every attribute (like validation level, data classification, expiration date).
Federation protocol and/or Rest API data exchange with customer environment.
Bi-directional data exchange.
Admin-UI to set UI attributes and/or disclosed by API.

KYC, profiling & auditing

Know Your Customer (KYC) is the process of identifying and verifying the identity of its consumers and business partners. This functionality is to ensure that company resources are not misused for criminal activities as money laundering.

iWelcome’s progressive profiling helps organisations build profile information over time as the consumer’s trust increases. This unified profile of the consumer is important for any marketing or segmentation toward consumers, creating value.   Identity Data is the heart of a CIAM program!

Client benefits

Increased trustworthiness of an identity.
Decreased risk of fraud.
Multiple identification means available.

Marketing Analytics & Intelligence

Customer identity information is more than interesting for every company’s marketing and sales organisation as it provides clear insights into your user population.

Via iWelcome, companies can easily extract complete and correct user intelligence. The following (and more) types of intelligence can be extracted:

Number of accounts, per attribute and / or preference.
Number of authentications, per geo / device/ browser / time.
Accounts with latest login and number of dormitory accounts.
Number of new account per period / category / geo.
Failed authentication attempts.

Client benefits

Integrated with main CRM and MA providers.
Logs are stored in secure locations.
Possibility to run reports at all times.
Multiple formats available for extracting.
ELK (ElasticSearch, Logstash, Kibana) stack is supported.

Awesome information your visitors need, just a click away

Edit this rich-text to provide the visitor with all appropriate information. You might add images, calls-to-action, horizontal rules, videos, quotes, etc. All this and more can be done through the text editor.

Awesome information your visitors need, just a click away

Consumer IAM & GDPR compliance

An important feature of a modern Consumer Identity & Access Management solution is a strong focus on data security, fuelled by regulations such as GDPR.

With iWelcomes CIAM platform, organisations can build trusted relationships with their customers while complying to privacy regulations. Consumers can view, edit and delete their personal data, give and withdraw consent and easily download an extract of their data.

To provide you with an overview of how an Identity Platform can support your organisation, we have identified eight important GDPR topics that organisations should address with CIAM to be GDPR compliant.

Solutions

Full Solutions

On-Top Solutions

Industries

About Us

Resources

Solutions

Full Solutions

On-Top Solutions

Industries

About Us

Resources

Consumer IAM

Customer acquisition and on-boarding

Identity, Privacy & Consent

Mandating families, friends and things

Easy social, high secure access & KYC

Learn all about CIAM and its most important features

Download our CIAM Buyer Toolset

Customer acquisition and on-boarding

Identity, Privacy & Consent

Mandating families, friends and things

Easy social, high secure access and KYC

Enhanced customer experience with passwordless authentication

iWelcome's Consumer IAM Key Features

FAQs

Basic

Pro

Consumer IAM & GDPR compliance

Blogs on Consumer IAM

Solutions

Industries

About Us

Resources

Support

Follow iWelcome