What is Customer Identity and Access Management (CIAM)?

August 28, 2017

*Blog content updated March 8, 2019.


Customer identity and access management (CIAM) enables organizations to securely capture and manage customer identity and profile data, and control customer access to applications and services.


Strong CIAM solutions usually provide a combination of features including customer registration, self-service account management, consent and preference management, single sign-on (SSO), multi-factor authentication (MFA), access management, directory services and data access governance. The best CIAM solutions ensure a secure, seamless customer experience at extreme scale and performance, no matter which channels (web, mobile, etc.) customers use to engage with a brand.

These solutions can be delivered via software that can be deployed on premises or in private clouds, or via API-first IDaaS platforms. API-first platforms are geared toward development teams who want to embed customer identity and access management services into their applications using REST APIs. Regardless of how they’re delivered, the goal is to turn simple customer experience into true customer engagement.

Why is customer IAM important?

Customers have the freedom to choose who they do business with, and they're not afraid to go elsewhere if the experience isn't up to their standards. A great customer experience is no longer just nice to have--it's a critical differentiator. According to a CEI survey, 86% of buyers will pay more for a better customer experience, but only 1% of customers feel that vendors consistently meet their expectations.


Customers also care deeply about security. Data breaches are well-publicized and severely damaging to customer trust. A recent Cisco report stated that 22% of breached organizations in 2016 lost customers--40% of them lost more than a fifth of their customer base. Customer IAM is all about balancing customer experience and security, and being careful not to sacrifice one in pursuit of the other.


Almost all companies have an IAM solution for employees, but these are often inadequate for the requirements of managing customer identities. Employee IAM solutions typically lack features that balance the security and convenience of a great customer experience, and they're too limited to handle the scale, performance and other customer-specific needs such as consent and privacy management. Here are some of the unique product requirements and business drivers of CIAM:

Seamless customer experiences

Customer access isn't just about web apps anymore. It's grown to include mobile, IoT, partner applications and many other channels. CIAM enables simplified access and unified customer profiles so that organizations can engage their customers with consistent omnichannel experiences and personalized interactions.

Security requirements

The increased scale and frequency of data breaches has left many organizations unsure of their ability to protect their most valuable customer data. CIAM solutions offer powerful security from authentication down to the data layer to reduce the risk of losing revenue, reputation and customer trust.

Performance and scalability

As the number of customers, applications, websites and services continues to grow, the data collected on each customer is also increasing exponentially. In addition, many customer-facing industries and vertical markets experience extreme peak customer demand due to seasonality or other reasons. This poses unique scalability challenges that a robust CIAM solution can help address. And since each customer expects instant, frictionless access to your apps and services, the speed and performance of CIAM must never lag, even during peak usage times.

Privacy and regulatory compliance

It's no longer unusual for digital screens to greet customers by name. Users are sharing more and more information with organizations and their partners to make interactions easier and more personalized. But that doesn't mean that their concern about data privacy has lessened. CIAM must give customers insight and control over where their data is being shared and enforce customer consent to adhere to new privacy regulations like GDPR in the UK.

What does customer IAM do?

Customer IAM solutions accomplish three main things for customers:

Let them in

If customers have to provide their credentials over and over for each application, or if they can't get access to what they need, it's easy for them to walk away--straight into the arms of your competitors. SSO allows customers to access all your applications with a single login screen and a single set of credentials--even partner apps that you don't own or apps in the cloud. Social login capabilities even allow them to use their credentials from social media providers to authenticate.


Access must also be carefully governed based on user attributes, to ensure authorized customers have the access they need and others can't go where they're not authorized. For example, a CIAM solution can use identity data to determine whether a customer is a VIP member with access to premium content.

Recognize them

Engaging omnichannel experiences aren't just about easy access. They're also about deep customer insight. Organizations collect all sorts of information about their customers, both directly and indirectly. But if that data is siloed across many repositories, it's next to impossible to apply it usefully and make sure it's always correct.


CIAM allows organizations to maintain a single source of truth about a customer within an identity directory, or by syncing data between directories. That way, the same identity data, customer profiles and preferences can be shared across channels. As an organization learns more and more about its users, it can also apply those insights to personalize interactions and plan ever more engaging experiences to meet customer wants and needs.

Protect them

CIAM includes secure MFA to make sure users are who they say they are, and end-to-end data security within the organization to keep that valuable customer information safe from attack. CIAM can also govern access to stored customer data by limiting third-party access to only those attributes that are necessary to do business and making sure customers have complete control over how their data is used and shared.

Customer IAM: your competitive advantage

There's a fundamental difference between customers and employees: your customers have a choice. If you're not meeting their experience expectations, or if they fear their data might be compromised, they can easily go to a competitor. Customer IAM encompasses a range of different capabilities to help organizations deliver the right balance of strong security and a seamless experience, helping organizations turn their customer identity data into a competitive advantage.


To learn more about Customer IAM can help you balance security and customer experience, visit our website.


Ciam, ciam solutions, customer identity and management