by Martin Sandren
If you have been working in the IAM space for a while it is quite interesting to see how some trends are born, gather momentum, and break through to the mainstream, while other trends fizzle out at some point in their lifecycle.
Back in 2015 one strong emerging trend was social registration and login. The basic concept was to make it easier for potential customers to sign up for your product by leveraging the fact that the customers already had provided key info to their social network of choice. Instead of typing the same info into your interface the customer could simply share the already provided information. The customer could also leverage their social network to facilitate the login through social logins which meant that they did not have to remember a separate password. The most important social data providers varied in different markets but Google, Facebook, and Twitter were important in most European markets.
In 2015, many enterprises bought entire CIAM platforms whose core functionality was social registration and social login. The conventional CIAM players struggled to incorporate social features in their products to compete with the newer platforms and there were even projects where social logins were built as custom additions to conventional CIAM platforms by professional services teams.
A few years later, the lure of social login and registration was significantly diminished. Consumers are less interested in sharing information between different platforms and in many markets, such as in Germany, the business may feel that sharing information with the American FAANGS may have dangerous privacy implications.
Meanwhile, there has been a budding movement for self sovereign data where the individual consumer has control of their own data in some form of a data wallet on their smartphone. The consumer makes the choice of what data they want to share with whom through consent flows.
This movement did not really take off due to the simple chicken and egg challenge that in order to make it attractive for providers to support the setup you needed a significant consumer population, and in order to make it attractive for consumers to bother with installing and populating the wallet you needed a significant service catalogue.
In some markets there were digital identity solutions that were successful i.e. the BankID solution in Sweden and Norway and the DigID solution in the Netherlands. These solutions managed to create a significant penetration into the consumer market and achieve critical mass amongst the service providers.
Over the last couple of years the self sovereign identity movement has morphed into the decentralized identity approach and has gotten support from a number of important regional and global players. One example of an important regional player is Datakeeper from Rabobank in the Netherlands and the strongest global proponent is probably Microsoft. The European Union is also a strong proponent of an interoperable European Digital ID.
Over the next year we will see if the decentralized approach manages to reach critical mass in any significant markets and become an interesting proposition for consumers, and therefore a must have integration for service providers and CIAM vendors.
Domain Architect IAM, AholdDelhaize
Martin Sandren is a security architect and delivery lead with over twenty years of experience of various information security related roles. Primarily focused on security architecture and digital identity including global scale customer, privileged and employee IAM systems using Microsoft Azure Active Directory, Sailpoint, Saviynt, Forgerock, IBM and Oracle security stacks.
Experience includes architect, onshore and offshore team lead as well as individual developer. Wide international experience gained through having lived and worked in Sweden, Germany, UK, USA and the Netherlands. Martin is a frequent speaker at international conferences such as Consumer Identity World, MyData and European Identity and Cloud Conference.
In my role as IAM engineering manager I lead our global team of IAM engineers and BAs who continuously strives to provide quality IAM services to our 750 000 associates in 20+ opcos.
Martin Sandren is a board member of the IdNext foundation, founder of the Digital Identity Amsterdam meetup and active within IDPro.
Learn more and sign up at: https://www.meetup.com/Amsterdam-Digital-Identity-Meetup-Group/
IDPro is a professional organization for practitioners of Identity and Access Management
Register now for the @idsalliance and #IDPro joint webinar, “Helping Organizations Succeed in an Identity-Centric Security World” – Feb. 23 at 9:00am PT/12:00pm ET http://bit.ly/3HwTYmq
The sixth annual IDPro® Skills, Programs & Diversity Survey is open! It aims to measure the diversity, goals, interests, skills and trends among identity professionals and the enterprises that employ them. Take the survey: https://www.surveymonkey.com/r/IDPro_2023_Skills_Survey
To help solve the #IAM skills gap, #IDPro has created the #CIDPRO which can expand candidates' #digitalidentity knowledge and fill experience gaps. Learn more by reading our CIDPRO webinar recap blog: https://bit.ly/3Idk5jj
The Internet Identity Workshop (#IIW) XXXV took place from November 15-17 and provided an excellent opportunity for #digitalidentity experts to convene and discuss #IAM topics. Learn more about this recent event by reading our recap blog: https://bit.ly/3WtmGdd
The #IDPro webinar covering Issue 10 of the Body of Knowledge (#BoK), featuring an overview of the three new articles and six refreshed articles, is starting now. Join the webinar: http://bit.ly/3HbxY0c