Insurance Companies: Passwordless Account Access With CIAM

Insurers are going digital. As they expand their online business, it is vital to secure sensitive customer data. This is where CIAM systems come in.

Oct 11, 2021 - 2 min.

The competitive pressure on insurance companies is rising as increasing numbers of new providers crowd the market. With their agile business models, they promise customers favourable conditions thanks to lean corporate structures and the virtual absence of personal consulting. And policyholders’ priorities have also changed in recent years. Most of them already take care of their insurance needs online and regardless of whether they’re logging into their insurance account in a PC browser or on their smartphone, they want convenience and quick overviews of their products. On top of that, customers demand optimal security to protect their confidential data against unauthorised access. Traditional insurers are also under pressure to meet these expectations in order to reduce costs, increase revenues and boost customer loyalty. What’s the key to meeting all these requirements? Modern customer identity and access management (CIAM).

CIAM systems act as an intermediary between the customer and the insurer’s back-end applications. Thanks to its multi-client capability, a CIAM user directory allows separating people into groups – such as private and business customers, brokers, insurance advisers, business partners and in-house employees – for administrative purposes. The CIAM system has a dedicated interface that enables customer data to be processed further in other systems. 

Here is how it works in practice: When a person registers for the first time, the CIAM system creates an account in its own customer repository. At the same time, the interface forwards the data to another system. For example, the new customer might have an account opened for her automatically in a CRM system such as Salesforce so that the company’s own customer service department can look after her. Ideally, the CIAM software provides a flexible, event-driven system for replicating any customer information in third-party systems, and it can be customised to each insurer’s specific business needs.

Secure log-in processes

Insurance is all about trust. So it’s all the more serious if a data breach or cyberattack results in sensitive policyholder data falling into the wrong hands. When that happens, it is not only the people directly impacted who lose their trust in the company; the public reputational damage can be even more consequential, potentially jeopardising existing customer relationships and discouraging new business. In order to prevent the illegal outflow of data, CIAM solutions secure the login process using state-of-the-art technology. To verify customers’ identity, they employ methods such as passwordless authentication via fingerprint or face ID, which work with an access app installed on the customer’s smartphone.

The capacity of CIAM to protect against even the most aggressive forms of attack is perfectly illustrated in this example of a “security meltdown”. What happens when a Trojan is installed on a smartphone? Despite the serious potential threat, the answer is: the policyholder’s sensitive data is safe. The CIAM system’s access app is specially designed so that it cannot be easily hacked. Rather than letting hackers in, it collects data about the attempted attack and reports it to the CIAM system server.

The server evaluates information about the smartphone attack along with other indicators such as the IP address, geolocation and behavioural biometrics like typing behaviour. The result of this identity check is known as the “user risk score”. Depending on this score, the authentication component reacts automatically by either asking for additional verification, changing the authentication procedure or blocking the session altogether. The client is then automatically warned of suspicious activity via email or other channels.

Reaping the benefits

When insurance companies can process online transactions securely, they save money. That’s because the customer accounts stored in the CIAM system are the key to comprehensive self-service functionality. For example, the steps that are required in order to buy an insurance policy or report a claim can be automated to such an extent that customers do not need personal assistance. At the same time, having a clearer overview of their own insurance portfolio boosts customer satisfaction.


Security meets customer experience – the benefits of CIAM