Challenge: Consistent Identity Management for Mercedes-Benz in China
In addition to classic automotive engineering, connected, digital services are gaining more and more importance. These range from localizing the parking space with a cell phone and remotely checking the status of the vehicle to route planning from the sofa. All such services require that the user‘s identity and access rights can be verified quickly, securely, and unambiguously.
Digital Excellence for the Chinese Market
Mercedes-Benz claims that the quality of digital services must be as outstanding as the vehicles themselves – from finance and sales to after-sales measures and connectivity solutions. This is particularly true for important growth markets such as China. To ensure a first-class position in terms of both performance and integration into the Chinese digital ecosystem – especially the connection to the ubiquitous app „We Chat“ – a system centrally operated in Europe alone was no longer an option.
Local Adaptations & Integration
Instead, an additional local solution had to be found that would enable a connection to the central data center in Germany, as several essential services continue to run there. Cloning and operating these services in parallel in China would have compromised the smooth coordination of the overall system. What was needed was a globally consistent identity and access management for Mercedes-Benz: CIAM NextGen.
The provision of a dedicated CIAM platform in China not only enables delay-free use, but also creates a powerful, scalable basis for future expansions. It is hosted within a new hybrid cloud in China, which was built and scaled in parallel by Mercedes-Benz. One of the key requirements for the system was the highly automated, fast, and cost-effective integration of new services to enable rapid rollouts. In addition to the technical requirements, compliance with China‘s cyber security law played an important role. Given the importance of the Chinese growth market, the project was a very high priority for Mercedes-Benz. Expectations at management level were correspondingly high.
Solution: CIAM Next Gen
As of November 2018, a new, future-proof platform with the latest technologies was to be built, which can be installed regionally, synchronized worldwide and is capable of further scaling and mapping new functionalities. Even if the approach of radically cutting back old habits was the right one from a technical point of view, it still represented a major challenge. Even more so, as CIAM NextGen was to provide reliable access to more than 200 applications. The integration of WeChat alone, China‘s No. 1 app for communication, identification, cashless payment, etc., with millions of users simultaneously, promised an enormous load.
Strict Deadlines and High Expectations
iC Consult, which had been entrusted with the implementation, was well aware of this challenge and the tight schedule. The go-live in China was scheduled for July 31, 2019 and for the rest of the world on September 30, 2019. There was no leeway, as the launch of various series did not allow any postponement. So, there were only 9 months to complete the entire development and implementation.
Since the customer preferred its own Daimler Hybrid Cloud (DHC) for strategic and data protection reasons, public clouds such as AWS or Microsoft Azure were ruled out from the outset.
The choice fell on a managed Kubernetes solution with Service Layers, the managed service for IAM from iC Consult. This combination enables near-term deployment of the IAM cloud infrastructure and provides an industrialized approach to automated application integration. The use of the DevOps methodology with its very short deployment cycles also contributed to the shortened time to market.
Advantages of a Local Platform in China
The platform is operated in Mercedes-Benz’s data centers in China and Germany. The strength of Service Layers lies in its particularly quick and easy setup, use and customization. The Service Layers stack is scalable and can synchronize user data across multiple clusters in regional instances. Since both the infrastructure and the configuration are completely as code, all changes can be tracked and reliably replicated. Additional applications and services can thus be set up and delivered worldwide in a largely automated manner. The high level of standardization simultaneously reduces both costs and risks compared with independent new developments. Thanks to the close and very trustful cooperation with the DHC team, it was possible to implement the required environments despite the tight time schedule. The seamless cooperation between the various iC Consult sites during the integration of Service Layers also contributed decisively to a punctual start. Even after the implementation, iC Consult continues to support the project by ensuring operations and 24/7 support.
Result: Successful implementation of CIAM NextGen & WeChat-Integration
On the very first day, five applications – including the WeChat integration into Mercedes Me – were connected to the system. By the end of 2019, another 200 applications had been migrated to CIAM NextGen. In total, 8 million people use the Mercedes-Benz CIAM. Shortly after the launch, 2.7 million Chinese had already migrated to the new system and were benefiting from the enormous increase in performance. The system, which is partly responsible for the storage and processing of data in China, complies with the laws of the People‘s Republic and thus ensures legal certainty.
Improved Efficiency Through the DHC
The DHC as an on-premises solution has proven its worth. All in all, CIAM NextGen, with its automation capabilities, contributes significantly to implementing Mercedes-Benz’s „Twice as fast“ strategy in identity and access management as well. Whereas previously it could take up to six weeks from commissioning to the integration of an additional application, it now – thanks to standardized and automated processes – takes just a few hours to create client applications and provide the necessary infrastructure.
With CIAM NextGen, Mercedes-Benz now has a CIAM platform that can be efficiently deployed in different regions and data centers. The customer in the fastestgrowing automotive market thus benefits from locally available computing power and the resulting significantly improved user-friendliness, meeting current and future requirements. Market-specific adaptions such as the seamless integration of WeChat further increase acceptance.
Future-Proof IAM Infrastructure
Even more crucial from the operator‘s point of view is that, thanks to the Service Layers platform, up-to-date basic IAM products are now always available, as well as an extremely efficient infrastructure for the global provision of applications. Thanks to the flexibility of CIAM NextGen, the appearance can be adapted for other brands such as Mercedes-Benz Trucks or Smart without much effort.
