Our client is a Fortune 100 US-based finance and insurance corporation operating in 80+ countries, with core businesses of general insurance, life and retirement and technology enablement. They were using different systems across their many business units to handle various products being offered, leading to disparate identity systems and a lack of data standardization, over-proliferation of ungoverned data and mismanagement of login objects. HCLTech built and operated a custom enterprise Identity-as-a-Service (IDaaS) platform, leveraging a combination of best-of-breed technologies to meet their growing business requirement.
The Challenge
Fragmented identity systems and disconnected profiles led to poor customer satisfaction
- Multiple business units with different systems led to fragmented identity management and inconsistent data handling, resulting in ungoverned data and mismanaged login objects
- Disconnected consumer-facing systems with disparate identity profiles made it difficult for the enterprise to get a consolidated view of consumers across various business lines, negatively affecting customer satisfaction (CSAT) due to the need for multiple login credentials
- Rapid growth in digital engagements and online transactions outpaced the existing legacy security architecture, making it difficult to meet security and fraud detection goals for consumer-facing apps
- End users had to manage multiple login credentials for different products, causing frustration and lowering overall satisfaction with the enterprise
The Objective
Centralize identity management and next-gen authentication for enhanced security and simplification
- Establish one unique ID system for user credentials
- Remove unmanaged or locally created identity/login objects within business applications
- Centralize identity management across business units
- Build a next-gen authentication system to provide added layers of security
- Provide customer service and system owners a simplified business-aligned administrative access
- Reduce attack surface through data standardization
The Solution
Integrated identity system with single sign-on (SSO), multi-factor authentication (MFA), mobile API access and self-service portals
- Designed and deployed RadiantLogic Virtual Directory Server for the unification of disparate identity systems into one platform.
- Integrated SiteMinder and RSA for enabling SSO and MFA, RadiantOne Logic platform for unification of heterogeneous data and AEM for serving as a front-end user-facing platform for hassle-free user experience.
- Exposed the rest of the APIs to extend the existing functionality to mobile users and applications. Mobile users and applications were able to use APIs to successfully authenticate their users (browser-less authentication).
- Self-service admin portals were created to help customer service and business/system owners access various functions of the IDaaS platform for user management tasks.
- Built and maintained the platform to provide additional functionalities.
The Impact
Unified identity platform with SSO, adaptive authentication and enhanced user experience
- Implemented digital identity in a utility model for internal business units, with the Identity-as-a-platform service
- Onboarded consumer-facing products for participating business units into the platform, providing unified authentication and authorization to about 1.5M users at peak usage
- Enhanced user experience with SSO, seamless digital access and adaptive authentication
- Gained a unified view for management of all users across the organization due to tool consolidation under one platform
