Identity Management

Connect and Protect

Applications can be anywhere. Hosted in your own IT infrastructure, in your technology partner’s data centre, or in the cloud. Used by your customers ordering online and by any potential customer, with whom you want to start business. Used by your employees from within your own network or your mobile workforce accessing the office while on the road. By business partners who are part of your supply chain and business customers who you like to serve expeditiously.

The common denominators: identity, access, privacy and data protection. iWelcome provides the premium platform to securely connect identities and protect data.

Doelgroepen

The IDaaS platform for the enterprise

iWelcome provides state-of-the-art Identity and Access Management (IAM) as-a-Service (IDaaS) solutions to European enterprise, both for their consumers and employees.

Features for idaas

Companies are increasingly focused on offering their customers frictionless experiences. The customer registration process is vital herein as it can either be a facilitator or a bottleneck for customers to proceed. The paradigm here is that it should be as easy as possible, yet highly secure.

iWelcome unburdens organisations by offering three types of registration each of which offered via APIs or customer-branded UI:

  • Standard Registration with a set of mandatory and optional fields; validation is done via email (and optionally SMS);
  • Social Registration reduces the registration effort by removing the need for consumers to use usernames and passwords allowing them to engage more easily and quickly, using their existing social media identity. iWelcome is the only provider to offer this in a GDPR-compliant manner;
  • Flexible Registration and Activation allows clients to configure workflows with certain software components supporting a wide set of registration use cases.

Client benefits

  • Identity matching via RESTful API / Web service;
  • Multiple registration and login options;
  • Support for all standard federation protocols;
  • Customised registration process using BPMN 2.0;
  • Account linkage with smart matching.

In order to be successful in business nowadays, companies need to focus on building trust relationships with their consumers. And trust in relationships starts with honest interaction.

Under GDPR it is no longer possible to collect personal data in without explicit and unambiguous consent from the consumer for the use of each type of data. On top of that, consumers need to be granted access to their data and should be able to easily edit data and withdraw their consent as easy as it was given.

Getting a customer’s consent is one thing; to manage it through its entire lifecycle is something else. With iWelcome’s Consent Lifecycle Management (CLM) functionality, organisations are supported for all stages of consent:

  • Gather consent;
  • Gather parental consent;
  • View and edit data & consent;
  • Restrict & freeze processing;
  • Delete inactive data;
  • Port data.

CLM is offered as separate service and can be integrated with third-party authentication systems.

iWelcome is chairing the Kantara workgroup for CLM aimed to create guidelines and set market standards regarding this topic.

Client Benefits

  • Proper CLM is foundational for GDPR compliancy;
  • Less complexity for back-end infrastructure;
  • Allows organisations to put consumers back in control;
  • Offered via RESTful Consent API.

The best way for companies to deeply engage with their end-users – while being compliant to GDPR – is to set up a self-service domain where consumers can view and change their own personal data settings themselves.

iWelcome’s user-service functionality enables consumers and employees to access and change profile information and data attributes, add social login connects, request additional access, do password resets, give or withdraw consent, and much more. All 24/7.

User Self Service empowers the end-users to manage everything around their Identity, full stop. It will give them trust and control. GDPR itself also dictates the Right of Information and Access for the consumer.

User Self Service is, with consent management, 
necessary for User Managed Access (UMA).

Client Benefits

  • Fully in line with GDPR;
  • Available through branded UI and APIs;
  • User access to all functions and attributes;
  • Enable Consent, Profile, Preference management;
  • User control for DIY.

The key to being successful is to offer frictionless user experiences with the right levels of authentication.

iWelcome offers the following capabilities:

  • Single Sign-On allowing (end-)users to log in only once for access to multiple applications and/or services;
  • Multi-factor authentication based on the best industry standards Included push & swipe option for optimal customer experience or OTP via SMS or email;
  • Risk-based authentication allowing for real-time risk assessments based on certain parameters, to be configured per client;
  • Step-up authentication allowing for different levels of authentication required for different parts of your offering.

Client benefits

  • One Log-in for frictionless customer experience;
  • Customer-friendly yet strong MFA;
  • Add real-time ‘context’ to user profile;
  • Strongest authentication applied only when required;
  • Authentication is decoupled from actual service.

Welcome’s identity validation allows companies to make sure a digital identity can be associated with a real person. Validated Identities enable high value and high-risk transactions on data to take place over the web. It is key for full digital transformation. iWelcomes can integrate with providers of identity validation (e.g. WebID) and digital alternatives (e.g. IDIN in NL or GOV.UK in UK).

Identity Proofing is about assessing the probability an identity claim is legitimate, as there is no such thing as absolute certainty.

Client Benefits

  • Increase trustworthiness of an identity;
  • Decreased risk on fraud;
  • Multiple identification means available;
  • Support for STORK levels of assurance.

iWelcome offers multi-level user management functionality that can be used to add users and groups and to assign users to groups. Delegation of user management is supported on several levels, where at every level a user manager can be assigned the role of delegated admin.

Among others, the following scenarios are supported:

  • User registration by delegated admin via a simple web-portal for (temporary) accounts;
  • Administration (e.g. disable, delete, etc.) by delegated admin of temporary accounts;
  • Delegated users/Guests can set and activate their own password via the self-service portal;
  • Delegated users/Guests can reset or change their password via the self-service portal in case the password has been lost.

Client benefits

  • Delegated users can (re)set/activate/change passwords;
  • Available via customer-branded UI or RESTful API.

To facilitate its clients’ customer care management, iWelcome offers a Service Desk application that is tailor-made for customer care and service desk operating teams. It provides these teams with all of the functionality needed to effectively help (end-)users with any access-related issues that may arise. The application is highly scalable as it is designed for serving large enterprises serving millions of users.

Client benefits:

  • Ability to quickly search users;
  • Full view of all identity-related information;
  • User timeline showing all relevant identity-related events;
  • Password reset initiation;
  • Overview of service disruptions to troubleshoot issues;
  • Can easily be integrated into other customer care system(s)

Provisioning refers to the creation, maintenance and deactivation of user objects and user attributes over multiple systems and applications allowing these to interact with business logic.

The iWelcome platform provisions and de-provisions’ user accounts and attributes from multiple source systems (e.g. CRM, HR or any other identity stores like Active Directory, Windows Azure Active Directory, Identity Management Systems, and/or Master Data Management) and/or LDAP directories to business applications (relying parties). Provisioning of groups can be arranged via both push and pull mechanisms.

Client benefits

  • Automated & efficient provisioning processes;
  • Group provisioning on pull- and push basis;
  • Supports open source frameworks as ConnID;
  • Standard connectors or API- and SCIM-based.

An interesting case within Identity & Access Management is when (mainly large) companies own different brands (and thus: market identities). With its multi-branding functionality, iWelcome is perfectly able to support these companies with one single identity infrastructure over multiple brands, while maintaining each brand’s own identity (and thus look&feel). This typically results in consistent corporate management and lower TCO.

Client benefits

  • Segmentation options over brands;
  • Multi-branding with single 360 view of the (end-)user;
  • Omni-channel by design & principle;
  • Delegation within brands

Today’s user experience is driven by user’s characteristics, also known as data attributes. As no business is the same, there is a strong need for valuable identity-related attribute information (ranging from relationship number till for instance the consumer’s shoe size). Attribute-Based Access Control (ABAC) and UMA are the future, with attributes as the fundament.

iWelcome offers organisations flexibility when it comes to gathering data attributes.

Client benefits

  • Metadata for every attribute (like validation level, data classification, expiration date);
  • Federation protocol and/or Rest API data exchange with customer environment;
  • Bi-directional data exchange;
  • Admin-UI to set UI attributes and/or disclosed by API.

KYC is the process of identifying and verifying the identity of its consumers and business partners. This functionality is to ensure that company resources are not misused for criminal activities as money laundering.

iWelcome’s progressive profiling helps organisations build profile information over time as the consumer’s trust increases. This unified profile of the consumer is important for any marketing or segmentation toward consumers, creating value. 

Identity Data is the heart of a CIAM program!

Client benefits

  • Increased trustworthiness of an identity
  • Decreased risk of fraud
  • Multiple identification means available

Customer identity information is more than interesting for every company’s marketing and sales organisation as it provides clear insights into your user population.

Via iWelcome, companies can easily extract complete and correct user intelligence. The following (and more) types of intelligence can be extracted:

  • Number of accounts, per attribute and / or preference;
  • Number of authentications, per geo / device/ browser / time;
  • Accounts with latest login and number of dormitory accounts;
  • Number of new account per period / category / geo;
  • Failed authentication attempts.

Client benefits

  • Integrated with main CRM and MA providers
  • Logs are stored in secure locations
  • Possibility to run reports at all times
  • Multiple formats available for extracting
  • ELK (ElasticSearch, Logstash, Kibana) stack is supported

Consumers

Omnichannel and Digital transformation are key words in today’s businesses. Identity Management is a pre-requisite for these customer facing services, however traditional IAM does not suffice. iWelcome’s Customer Identity & Access Management (CIAM) Platform provides all the capabilities to acquire and interact with customers across all devices during all the phases of a customer’s life cycle. iWelcome improves registration rates and user experiences and directly fuels top line growth. Proof is delivered on a daily basis for millions of consumers in all kinds of industries: healthcare, media, publishing, retail and logistic services.

Features for consumers

Companies are increasingly focused on offering their customers frictionless experiences. The customer registration process is vital herein as it can either be a facilitator or a bottleneck for customers to proceed. The paradigm here is that it should be as easy as possible, yet highly secure.

iWelcome unburdens organisations by offering three types of registration each of which offered via APIs or customer-branded UI:

  • Standard Registration with a set of mandatory and optional fields; validation is done via email (and optionally SMS);
  • Social Registration reduces the registration effort by removing the need for consumers to use usernames and passwords allowing them to engage more easily and quickly, using their existing social media identity. iWelcome is the only provider to offer this in a GDPR-compliant manner;
  • Flexible Registration and Activation allows clients to configure workflows with certain software components supporting a wide set of registration use cases.

Client benefits

  • Identity matching via RESTful API / Web service;
  • Multiple registration and login options;
  • Support for all standard federation protocols;
  • Customised registration process using BPMN 2.0;
  • Account linkage with smart matching.

The best way for companies to deeply engage with their end-users – while being compliant to GDPR – is to set up a self-service domain where consumers can view and change their own personal data settings themselves.

iWelcome’s user-service functionality enables consumers and employees to access and change profile information and data attributes, add social login connects, request additional access, do password resets, give or withdraw consent, and much more. All 24/7.

User Self Service empowers the end-users to manage everything around their Identity, full stop. It will give them trust and control. GDPR itself also dictates the Right of Information and Access for the consumer.

User Self Service is, with consent management, 
necessary for User Managed Access (UMA).

Client Benefits

  • Fully in line with GDPR;
  • Available through branded UI and APIs;
  • User access to all functions and attributes;
  • Enable Consent, Profile, Preference management;
  • User control for DIY.

The key to being successful is to offer frictionless user experiences with the right levels of authentication.

iWelcome offers the following capabilities:

  • Single Sign-On allowing (end-)users to log in only once for access to multiple applications and/or services;
  • Multi-factor authentication based on the best industry standards Included push & swipe option for optimal customer experience or OTP via SMS or email;
  • Risk-based authentication allowing for real-time risk assessments based on certain parameters, to be configured per client;
  • Step-up authentication allowing for different levels of authentication required for different parts of your offering.

Client benefits

  • One Log-in for frictionless customer experience;
  • Customer-friendly yet strong MFA;
  • Add real-time ‘context’ to user profile;
  • Strongest authentication applied only when required;
  • Authentication is decoupled from actual service.

Welcome’s identity validation allows companies to make sure a digital identity can be associated with a real person. Validated Identities enable high value and high-risk transactions on data to take place over the web. It is key for full digital transformation. iWelcomes can integrate with providers of identity validation (e.g. WebID) and digital alternatives (e.g. IDIN in NL or GOV.UK in UK).

Identity Proofing is about assessing the probability an identity claim is legitimate, as there is no such thing as absolute certainty.

Client Benefits

  • Increase trustworthiness of an identity;
  • Decreased risk on fraud;
  • Multiple identification means available;
  • Support for STORK levels of assurance.

iWelcome offers multi-level user management functionality that can be used to add users and groups and to assign users to groups. Delegation of user management is supported on several levels, where at every level a user manager can be assigned the role of delegated admin.

Among others, the following scenarios are supported:

  • User registration by delegated admin via a simple web-portal for (temporary) accounts;
  • Administration (e.g. disable, delete, etc.) by delegated admin of temporary accounts;
  • Delegated users/Guests can set and activate their own password via the self-service portal;
  • Delegated users/Guests can reset or change their password via the self-service portal in case the password has been lost.

Client benefits

  • Delegated users can (re)set/activate/change passwords;
  • Available via customer-branded UI or RESTful API.

To facilitate its clients’ customer care management, iWelcome offers a Service Desk application that is tailor-made for customer care and service desk operating teams. It provides these teams with all of the functionality needed to effectively help (end-)users with any access-related issues that may arise. The application is highly scalable as it is designed for serving large enterprises serving millions of users.

Client benefits:

  • Ability to quickly search users;
  • Full view of all identity-related information;
  • User timeline showing all relevant identity-related events;
  • Password reset initiation;
  • Overview of service disruptions to troubleshoot issues;
  • Can easily be integrated into other customer care system(s)

Provisioning refers to the creation, maintenance and deactivation of user objects and user attributes over multiple systems and applications allowing these to interact with business logic.

The iWelcome platform provisions and de-provisions’ user accounts and attributes from multiple source systems (e.g. CRM, HR or any other identity stores like Active Directory, Windows Azure Active Directory, Identity Management Systems, and/or Master Data Management) and/or LDAP directories to business applications (relying parties). Provisioning of groups can be arranged via both push and pull mechanisms.

Client benefits

  • Automated & efficient provisioning processes;
  • Group provisioning on pull- and push basis;
  • Supports open source frameworks as ConnID;
  • Standard connectors or API- and SCIM-based.

An interesting case within Identity & Access Management is when (mainly large) companies own different brands (and thus: market identities). With its multi-branding functionality, iWelcome is perfectly able to support these companies with one single identity infrastructure over multiple brands, while maintaining each brand’s own identity (and thus look&feel). This typically results in consistent corporate management and lower TCO.

Client benefits

  • Segmentation options over brands;
  • Multi-branding with single 360 view of the (end-)user;
  • Omni-channel by design & principle;
  • Delegation within brands

Today’s user experience is driven by user’s characteristics, also known as data attributes. As no business is the same, there is a strong need for valuable identity-related attribute information (ranging from relationship number till for instance the consumer’s shoe size). Attribute-Based Access Control (ABAC) and UMA are the future, with attributes as the fundament.

iWelcome offers organisations flexibility when it comes to gathering data attributes.

Client benefits

  • Metadata for every attribute (like validation level, data classification, expiration date);
  • Federation protocol and/or Rest API data exchange with customer environment;
  • Bi-directional data exchange;
  • Admin-UI to set UI attributes and/or disclosed by API.

KYC is the process of identifying and verifying the identity of its consumers and business partners. This functionality is to ensure that company resources are not misused for criminal activities as money laundering.

iWelcome’s progressive profiling helps organisations build profile information over time as the consumer’s trust increases. This unified profile of the consumer is important for any marketing or segmentation toward consumers, creating value. 

Identity Data is the heart of a CIAM program!

Client benefits

  • Increased trustworthiness of an identity
  • Decreased risk of fraud
  • Multiple identification means available

Customer identity information is more than interesting for every company’s marketing and sales organisation as it provides clear insights into your user population.

Via iWelcome, companies can easily extract complete and correct user intelligence. The following (and more) types of intelligence can be extracted:

  • Number of accounts, per attribute and / or preference;
  • Number of authentications, per geo / device/ browser / time;
  • Accounts with latest login and number of dormitory accounts;
  • Number of new account per period / category / geo;
  • Failed authentication attempts.

Client benefits

  • Integrated with main CRM and MA providers
  • Logs are stored in secure locations
  • Possibility to run reports at all times
  • Multiple formats available for extracting
  • ELK (ElasticSearch, Logstash, Kibana) stack is supported

Business

A single identity makes customer portals work. Identity is the glue for providing functionalities in multiple applications, offered in customer portals. At the same time one central Identity and Access Management platform reduces the burden on administrators trying to keep identities, attributes and access rights in sync. Delegated management and federated access are key elements of the identity system for connecting businesses. Every business can rely on a trusted relationship and secure access.

Features for business

The best way for companies to deeply engage with their end-users – while being compliant to GDPR – is to set up a self-service domain where consumers can view and change their own personal data settings themselves.

iWelcome’s user-service functionality enables consumers and employees to access and change profile information and data attributes, add social login connects, request additional access, do password resets, give or withdraw consent, and much more. All 24/7.

User Self Service empowers the end-users to manage everything around their Identity, full stop. It will give them trust and control. GDPR itself also dictates the Right of Information and Access for the consumer.

User Self Service is, with consent management, 
necessary for User Managed Access (UMA).

Client Benefits

  • Fully in line with GDPR;
  • Available through branded UI and APIs;
  • User access to all functions and attributes;
  • Enable Consent, Profile, Preference management;
  • User control for DIY.

The key to being successful is to offer frictionless user experiences with the right levels of authentication.

iWelcome offers the following capabilities:

  • Single Sign-On allowing (end-)users to log in only once for access to multiple applications and/or services;
  • Multi-factor authentication based on the best industry standards Included push & swipe option for optimal customer experience or OTP via SMS or email;
  • Risk-based authentication allowing for real-time risk assessments based on certain parameters, to be configured per client;
  • Step-up authentication allowing for different levels of authentication required for different parts of your offering.

Client benefits

  • One Log-in for frictionless customer experience;
  • Customer-friendly yet strong MFA;
  • Add real-time ‘context’ to user profile;
  • Strongest authentication applied only when required;
  • Authentication is decoupled from actual service.

iWelcome offers multi-level user management functionality that can be used to add users and groups and to assign users to groups. Delegation of user management is supported on several levels, where at every level a user manager can be assigned the role of delegated admin.

Among others, the following scenarios are supported:

  • User registration by delegated admin via a simple web-portal for (temporary) accounts;
  • Administration (e.g. disable, delete, etc.) by delegated admin of temporary accounts;
  • Delegated users/Guests can set and activate their own password via the self-service portal;
  • Delegated users/Guests can reset or change their password via the self-service portal in case the password has been lost.

Client benefits

  • Delegated users can (re)set/activate/change passwords;
  • Available via customer-branded UI or RESTful API.

To facilitate its clients’ customer care management, iWelcome offers a Service Desk application that is tailor-made for customer care and service desk operating teams. It provides these teams with all of the functionality needed to effectively help (end-)users with any access-related issues that may arise. The application is highly scalable as it is designed for serving large enterprises serving millions of users.

Client benefits:

  • Ability to quickly search users;
  • Full view of all identity-related information;
  • User timeline showing all relevant identity-related events;
  • Password reset initiation;
  • Overview of service disruptions to troubleshoot issues;
  • Can easily be integrated into other customer care system(s)

Provisioning refers to the creation, maintenance and deactivation of user objects and user attributes over multiple systems and applications allowing these to interact with business logic.

The iWelcome platform provisions and de-provisions’ user accounts and attributes from multiple source systems (e.g. CRM, HR or any other identity stores like Active Directory, Windows Azure Active Directory, Identity Management Systems, and/or Master Data Management) and/or LDAP directories to business applications (relying parties). Provisioning of groups can be arranged via both push and pull mechanisms.

Client benefits

  • Automated & efficient provisioning processes;
  • Group provisioning on pull- and push basis;
  • Supports open source frameworks as ConnID;
  • Standard connectors or API- and SCIM-based.

An interesting case within Identity & Access Management is when (mainly large) companies own different brands (and thus: market identities). With its multi-branding functionality, iWelcome is perfectly able to support these companies with one single identity infrastructure over multiple brands, while maintaining each brand’s own identity (and thus look&feel). This typically results in consistent corporate management and lower TCO.

Client benefits

  • Segmentation options over brands;
  • Multi-branding with single 360 view of the (end-)user;
  • Omni-channel by design & principle;
  • Delegation within brands

Employees

Organisations are challenged to provide access to employees in a constantly changing world. Employees are mobile. The number of co-workers increase. Applications are on-premise and in the cloud. New eHRM and eLearning services are being introduced. Devices are no longer controlled by the company and are by default mobile. Two factor authentication has become mainstream. Single Sign-On and self-service are demanded by end-users. iWelcome’s IDaaS platform is designed for this constantly changing world. 

With our IAM platform we offer a cost effective cloud based identity management infrastructure which can be integrated with your on-premise IAM functionality too.

Get in better control of Shadow IT while reducing the number of passwords and being compliance. We provide a full featured Identity and Access management capability to implement access management for all of your applications and provide SSO to all of your employees. Your users will then have only one password to remember and Single Sign-On access to all their applications. They are also provided with self-service functionality to view and manage their identity information, change or reset their password and request additional access.

Features for employees

The best way for companies to deeply engage with their end-users – while being compliant to GDPR – is to set up a self-service domain where consumers can view and change their own personal data settings themselves.

iWelcome’s user-service functionality enables consumers and employees to access and change profile information and data attributes, add social login connects, request additional access, do password resets, give or withdraw consent, and much more. All 24/7.

User Self Service empowers the end-users to manage everything around their Identity, full stop. It will give them trust and control. GDPR itself also dictates the Right of Information and Access for the consumer.

User Self Service is, with consent management, 
necessary for User Managed Access (UMA).

Client Benefits

  • Fully in line with GDPR;
  • Available through branded UI and APIs;
  • User access to all functions and attributes;
  • Enable Consent, Profile, Preference management;
  • User control for DIY.

The key to being successful is to offer frictionless user experiences with the right levels of authentication.

iWelcome offers the following capabilities:

  • Single Sign-On allowing (end-)users to log in only once for access to multiple applications and/or services;
  • Multi-factor authentication based on the best industry standards Included push & swipe option for optimal customer experience or OTP via SMS or email;
  • Risk-based authentication allowing for real-time risk assessments based on certain parameters, to be configured per client;
  • Step-up authentication allowing for different levels of authentication required for different parts of your offering.

Client benefits

  • One Log-in for frictionless customer experience;
  • Customer-friendly yet strong MFA;
  • Add real-time ‘context’ to user profile;
  • Strongest authentication applied only when required;
  • Authentication is decoupled from actual service.

iWelcome offers multi-level user management functionality that can be used to add users and groups and to assign users to groups. Delegation of user management is supported on several levels, where at every level a user manager can be assigned the role of delegated admin.

Among others, the following scenarios are supported:

  • User registration by delegated admin via a simple web-portal for (temporary) accounts;
  • Administration (e.g. disable, delete, etc.) by delegated admin of temporary accounts;
  • Delegated users/Guests can set and activate their own password via the self-service portal;
  • Delegated users/Guests can reset or change their password via the self-service portal in case the password has been lost.

Client benefits

  • Delegated users can (re)set/activate/change passwords;
  • Available via customer-branded UI or RESTful API.

To facilitate its clients’ customer care management, iWelcome offers a Service Desk application that is tailor-made for customer care and service desk operating teams. It provides these teams with all of the functionality needed to effectively help (end-)users with any access-related issues that may arise. The application is highly scalable as it is designed for serving large enterprises serving millions of users.

Client benefits:

  • Ability to quickly search users;
  • Full view of all identity-related information;
  • User timeline showing all relevant identity-related events;
  • Password reset initiation;
  • Overview of service disruptions to troubleshoot issues;
  • Can easily be integrated into other customer care system(s)

Provisioning refers to the creation, maintenance and deactivation of user objects and user attributes over multiple systems and applications allowing these to interact with business logic.

The iWelcome platform provisions and de-provisions’ user accounts and attributes from multiple source systems (e.g. CRM, HR or any other identity stores like Active Directory, Windows Azure Active Directory, Identity Management Systems, and/or Master Data Management) and/or LDAP directories to business applications (relying parties). Provisioning of groups can be arranged via both push and pull mechanisms.

Client benefits

  • Automated & efficient provisioning processes;
  • Group provisioning on pull- and push basis;
  • Supports open source frameworks as ConnID;
  • Standard connectors or API- and SCIM-based.

An interesting case within Identity & Access Management is when (mainly large) companies own different brands (and thus: market identities). With its multi-branding functionality, iWelcome is perfectly able to support these companies with one single identity infrastructure over multiple brands, while maintaining each brand’s own identity (and thus look&feel). This typically results in consistent corporate management and lower TCO.

Client benefits

  • Segmentation options over brands;
  • Multi-branding with single 360 view of the (end-)user;
  • Omni-channel by design & principle;
  • Delegation within brands

Today’s user experience is driven by user’s characteristics, also known as data attributes. As no business is the same, there is a strong need for valuable identity-related attribute information (ranging from relationship number till for instance the consumer’s shoe size). Attribute-Based Access Control (ABAC) and UMA are the future, with attributes as the fundament.

iWelcome offers organisations flexibility when it comes to gathering data attributes.

Client benefits

  • Metadata for every attribute (like validation level, data classification, expiration date);
  • Federation protocol and/or Rest API data exchange with customer environment;
  • Bi-directional data exchange;
  • Admin-UI to set UI attributes and/or disclosed by API.

Customer identity information is more than interesting for every company’s marketing and sales organisation as it provides clear insights into your user population.

Via iWelcome, companies can easily extract complete and correct user intelligence. The following (and more) types of intelligence can be extracted:

  • Number of accounts, per attribute and / or preference;
  • Number of authentications, per geo / device/ browser / time;
  • Accounts with latest login and number of dormitory accounts;
  • Number of new account per period / category / geo;
  • Failed authentication attempts.

Client benefits

  • Integrated with main CRM and MA providers
  • Logs are stored in secure locations
  • Possibility to run reports at all times
  • Multiple formats available for extracting
  • ELK (ElasticSearch, Logstash, Kibana) stack is supported

eRecognition (Dutch: eHerkenning)

eHerkenning: The Dutch eID scheme for authentication and authorisation

eHerkenning is a standardized digital login system allowing government institutions to securely make their services accessible online to companies, civil servants and consumers. Users log in to a web service using their eHerkenning token, which allows them to manage their digital affairs. The eHerkenning scheme will then check whether the person who is using the service is actually who he or she claims to be and whether this person is authorised to act.

Why is eHerkenning a huge success?

Formerly, government organisations used a variety of parallel authentication and authorisation solutions. This yielded a multiple set of digital keys and caused poor user experience. The ensuing weak user adoption stunted the growth of eBusiness and eGovernment.

With eHerkenning, each business is issued with a single login token that can be used for various services. Thus, the multiple set of digital keys is replaced with one digital ‘master key’. This will accelerate adoption, since user habits are formed by reusing the same authentication mechanism for various online services.

iWelcome processes 70% of all eHerkenning transactions

iWelcome is the main broker for eHerkenning services in the Netherlands. Amongst other a variety of Dutch ministries, large municipalities and the Dutch Chamber of Commerce make use of iWelcome’s trustworthy services.

 

eherkenning

Features for eherkenning

iWelcome heeft de RFC voor ondersteuning van Single Sign-On binnen eHerkenning geschreven. Deze RFC is sinds versie 1.7 onderdeel van eHerkenning. Activeren van SSO kan eenvoudig worden geconfigureerd waarna een toetredingsprocedure wordt doorlopen.

iWelcome levert lichtgewicht adapters voor de aansluiting van Diensten op eHerkenning.

Indien uw dienst niet beschikt over een standaardkoppelvlak, zoals gespecificeerd binnen eHerkenning is het aan te raden om deze standaard integratie adapters te gebruiken.

Momenteel zijn deze adapters beschikbaar voor het ASP.NET-platform en Java-omgevingen.

iWelcome zorgt ervoor dat de generieke adapter steeds wordt aangepast aan de laatste specificaties van eHerkenning.

Met een ketenmachtiging kunnen organisaties andere organisaties machtigen om namens hen een online dienst af te nemen met eHerkenning. Ketenmachtigingen zijn vooral praktisch voor organisaties die via een intermediair (een extern bureau) gebruik willen maken van bepaalde diensten die met eHerkenning toegankelijk zijn. De eerste versie van de Ketenmachtging is in 2012 door iWelcome ontwikkeld. Op basis van deze implementatie is het koppelvlak beschreven.

De iWelcome eHerkenningsmakelaar levert (gevalideerde) attributen door die bij de authenticatiedienst en/of machtigingenregister staan geregistreerd. Dit stelt de dienstverlener in staat om de klant meer persoonlijk te benaderen en voorkomt dat de klant dezelfde informatie tweemaal moet opvoeren. De eindgebruiker kan zelf bepalen of hij een attribuut meegeeft of niet. Bij het attribuut worden de bron en de datum waarop het attribuut voor het laatst is gecontroleerd meegeleverd bij eHerkenning.

Our facts and numbers

13

iWelcome datacenters ensuring data residency in 9 European Countries. With multi data center coverage in UK, Germany and Switzerland.

60000

Employees accessing 250 applications 24×7 a day, at only 1 customer!

99.99

% Service Availability for April 2018 
Affecting 1 customer

81

% of eHerkenning traffic handled by the iWelcome eHerkenning broker