Mobile, Convenient, and Secure: CIAM as a Business Driver

Systems for managing user data open up improved possibilities for customer contact – they are also indispensable in the networked IoT world of the future

Apr 15, 2021 9:00:00 AM - 3 min.

Zurich, 15 April 2021 – CIAM systems are an integral part of the business cycle 4.0. They make it possible for companies to effectively manage user data while maintaining compliance with data protection regulations and offering users a broad spectrum of self-service options, from changing an address to managing newsletter settings. But CIAM does so much more. When used with a secure login system, it ensures uniform, convenient, and safe access across all touchpoints. Nevis, the IT specialist for secure logins, has put together the most important business drivers for the integration of modern CIAM solutions.

1. Digital Business Transformation

Many companies are focused on digital transformation. CIAM systems serve as an intermediary between end customers and backend applications like online shops and payment systems in banks. A FIDO-compliant SDK and an access app facilitate passwordless authentication. Among other things, the solution consists of an access gateway in the backend that enables modern authentication, also with traditional web applications. It also includes an authentication server, which permits multiple authentication processes – from passwords to physical tokens. It also supports authentication protocolos like OpenID Connect, SAML, WS-Trust, and WS-Federation as well as the OAuth 2.0 authorization protocol. The final key component is a user directory where all customer identity data is managed. CIAM solutions help increase customer interactions across different channels and apps and support customization and customer security.

2. Data security and Compliance with Data Protection Regulations

Identity focused security in the form of so-called digital identities extends beyond the protection of customer data. It helps protect data everywhere it is used. With the help of user behavior analytics, it’s possible to detect certain user data patterns, which either indicate normal or unusual behavior. Dynamic identity aspects like geolocation, device information, time, and user behavior – like keystroke dynamics, touchpad and mouse movement – are collected and compared to previous interactions. A risk threshold can then be determined based on matches and deviations using user behavior analytics. Should this threshold be exceeded, it is possible to e.g. abort transactions in real-time or carry out additional identity checks by integrating step-up authentication. This extensive level of protection is a prerequisite for the data protection-compliant storage and processing of user data.

3. Mobile Applications

Nowadays, smartphones are always at hand – which means that access to e-commerce and service provider websites is right at our fingertips. These added touch points offer companies an opportunity to intensify contact with customers and interested parties. At the same time, providers are obligated to create as comfortable a user experience as possible. An integral part of this is a login process that is as secure as it is seamless, be it on an app or on their own website. Modern CIAM systems help integrate login and the management of user data into a tightly interconnected system. State-of-the-art security architecture with multi-factor authentication, extensive user self-service functions, and compliance with all applicable data protection guidelines are integral features of such a solution.

4. Introduction of IoT Devices

More and more companies are integrating IoT devices into their system environment. Every machine and every device in a networked factory has its own identity and is separately secured. Since machines and devices transfer and receive data with the help of IoT, they have to be recognizable to one another in order to be trustworthy, both before and while they interact with one another. Identifying and classifying users who should only have access to the IoT data they need is equally important. There are currently no generally recognized standards for the authentication and management of IoT devices, which makes every IAM/CIAM project that integrates IoT a unique project with no replicable characteristics. As soon as standards for different classes of devices emerge in IoT, integration with IAM and CIAM systems will rise rapidly.

5. Partnerships, Mergers, and Acquisitions

Company restructuring in the course of e.g. acquisitions and mergers offers countless opportunities – not least because of the migration of user data. In this context, it is especially important to offer a seamless customer experience during the transition phase, even when processes are being adapted behind the scenes. CIAM solutions help ease the burden during this period by consolidating customer data under a common umbrella and providing seamless access across multiple brands.


About Nevis

Nevis develops security solutions for the digital world of tomorrow. Its portfolio encompasses passwordless logins, which are intuitive to use and offer optimal protection for user data. Nevis is the market leader for Identity and Access Management in Switzerland and secures over 80 percent of all eBanking transactions. Public authorities, leading service providers, and industrial enterprises worldwide rely on Nevis solutions. The authentication specialist has locations in Switzerland, Germany, and Hungary.

Press Contact

LEWIS Communications GmbH
Ingo Geisler,