Secure Customer Identities in the Cloud:

How the Australian Subsidiary of a World-leading Insurance Provider Delivers Scalable, Secure, and International CIAM Services with iC Consult and Ping Identity

At a glance

Industry: Finance

Region: Global

About the customer

A well-known global insurance provider with its branch in Australia is one of the continent’s largest insurance companies: More than 3 million satisfied customers use the services of the Sydney-based subsidiary of the multinational Group, both privately and professionally – from health and pension plans to life and annuity insurance to comprehensive protection for everyday life.

Challenge

Deliver a secure, easy-to-use and compliant Customer Identity & Access Management solution that enables Australian customers to access the insurance company’s services through online portals and mobile apps.

Products & Services

PingOne Advanced Identity Cloud

Results

  • Centralized CIAM solution for insurance customers
  • Innovative Cloud solution based on PingOne Advanced Identity Cloud
  • Cost-effective solution without compromising security and compliance
  • SSO interfaces and federation capabilities to integrate external IdPs
  • Representative model project to serve as an example for other national subsidiaries

By moving the CIAM solution to the Cloud, the Australian subsidiary now benefits from a secure and extremely flexible solution that can be seamlessly integrated into the application landscape thanks to its open APIs and SDKs, and can be flexibly combined with the existing gateways, messaging services, SIEM solutions or PAM functionalities.

Dr. Eva Lippert-Stephan
Lead Consultant at iC Consult

While face-to-face interactions are still important, communication with customers is increasingly moving to digital channels. For this reason, the Group recently embarked on a comprehensive modernization of its customer portal – implementing an innovative Cloud-based solution for Customer Identity & Access Management together with iC Consult and Ping Identity.

Embracing Digital Transformation in Insurance

The digitalization of the insurance industry is progressing rapidly: Providers around the world are under increasing pressure to make their insurance products and services available online – enabling customers to take out new policies, make contract changes, or report claims from the comfort of their own home using a computer, tablet or smartphone. However, convenient digital communication via an online portal is not without its technical pitfalls: After all, customers’ sensitive personal data must be available at all times, reliably protected, and processed in a compliant manner – a challenge in more ways than one, even for a global insurance group.

On the one hand, Customer Identity & Access Management (CIAM) must meet the most stringent security and compliance requirements. On the other hand, the Group’s IT solutions must be flexible enough to meet the different needs of all its national subsidiaries. The solution must integrate seamlessly with existing systems, be cost-effective to deploy and operate – and scale reliably as needed.

Challenge: Searching for the Global Blueprint

“When the Australian daughter company started to implement a new CIAM solution a few years ago, they were well aware of these high requirements, both locally in the national subsidiary and in the Group IT,” explains Dr. Eva Lippert-Stephan, Lead Consultant at iC Consult. “Given the exemplary nature of the project within the Group, the IT managers at the Munich site decided to develop a representative, economical, and flexible CIAM solution that could also serve as a blueprint for other national subsidiaries in the future – and called in iC Consult as a consulting and implementation partner.”

The goal of this ambitious project was to provide Australian customers with easy and convenient online and mobile access to the insurance group’s existing and future services, including secure contract management while meeting all security, privacy, and consent management requirements. To ensure seamless integration with external systems and partners, the solution should be federated and provide convenient single sign-on access to the resources provided by the Group (such as APIs, policy offerings, and renewals) without requiring users to re-register.

Solution: First Choice Ping Identity

Given that the insurance company had already had positive experiences with Ping Identity’s Identity and Access Management solutions in the past, the vendor was also the first choice for CIAM integration in Australia. However, to achieve the required flexibility, cost-effectiveness, and scalability of the solution, the project team quickly decided to move away from the on-premises platform and instead move to a fully Cloud-based environment based on the new PingOne Advanced Identity Cloud product. PingOne Advanced Identity Cloud is an innovative SaaS service that enables the Australian subsidiary to manage customer identities entirely in the Cloud. The solution combines Ping Identity’s proven Identity-as-a-Service platform with the Identity Cloud Express developer tool to deliver highly scalable IAM services from the Cloud with flexible deployment options – helping customers efficiently manage identities in hybrid environments.

Customer Portal Integration

PingOne Advanced Identity Cloud has been seamlessly integrated into the customer portal of the Sydney-based daughter company, providing the insurance provider with a simple and personalized enrollment process for existing and new customers. Because passwords are rightly criticized for being insecure and overly complicated, the team opted for a passwordless solution that uses one-time passcodes for convenient authentication: Users simply log in to the portal with their email address and automatically receive a confirmation code to verify their identity. They can then use the customer portal to access a wide range of services, book new services, or contact the team.

Important for look and feel: The Cloud-based Ping Identity solution could be fully customized into the corporate design of the international insurance group to match the front end of the customer portal. This meant there were no disruptions in the user’s customer journey, and the solution scored well in many other areas as well: The PingOne Advanced Identity Cloud uses OIDC, an established standard that is compatible with all major web technologies and familiar to most developers. The insurer did not have to reinvent the wheel – and benefits from a long-term, future-proof solution.

Cost-Effective Cloud Model

“By moving the CIAM solution to the Cloud, the Australian subsidiary now benefits from a secure and extremely flexible solution that can be seamlessly integrated into the application landscape thanks to its open APIs and SDKs, and can be flexibly combined with the existing gateways, messaging services, SIEM solutions or PAM functionalities,” said Dr. Eva Lippert-Stephan. “Such a Cloud solution also offers several cost benefits: Instead of large capital investments in software and hardware, there are manageable monthly fees that correspond exactly to the level of service required and can be quickly replicated and offered by Ping Identity in other parts of the world as needed – which is both economical and transparent.”

Conclusion: Future-Proof CIAM Architecture for Global Adaptation

With the Cloud-based Ping Identity environment, iC Consult has developed an exciting CIAM reference architecture for the Australian subsidiary, which could be adapted to many other national subsidiaries in the future with manageable effort. The solution offers many customization options, high scalability, and flexible growth potential – and its open SSO interfaces and federation capabilities enable easy and seamless integration with external IdPs. The solution is also popular with users thanks to its simple and convenient self-service capabilities and innovative passwordless authentication.