Challenges
Bisnode provides a large number of applications to their customers; many of these have been procured through years of mergers and acquisitions. Consequently, these digital services were implemented with different back-ends, and each had its own set of user accounts and credentials. If a person used several products, they had to manage multiple accounts. This lead to a suboptimal user experience and higher development and maintenance costs; this protracted time to market for new features and negatively affected innovation.
Stronger authentication that allowed Bisnode's new and existing services to log users in with multiple factors was also critical. This was needed to ensure that Bisnode's handling of high worth data – which includes Personally Identifiable Information (PII) – was done in a commensurate level of safety. New government regulations effecting Bisnode's industry also demanded stronger authentication.
Solution
To overcome these challenges, Bisnode implemented “Bisnode ID”, an innovative and unified user account service which was built upon the Curity Identity Server. This allowed Bisnode to:
- Provide a single user account for accessing multiple products and services
- Deploy various authentication methods, including stronger ones that used multiple factors of identification; and
- Combine disparate databases of user identities into a unified identity system.
The Curity Identity Server is easily configured to have different applications using an assortment of authentication methods; these can all be connected to different user repositories. This capability allowed Bisnode to meet their requirements and deliver a better use experience.
For example, it allowed for simpler authentication methods like username and password where appropriate. When sensitive data was needed, Bisnode was able to step up the level of assurance that the user was really who they claimed to be. One of these more secure alternatives is a Bisnode-branded mobile application called Bisnode Secure; it provides a convenient multi-factor login experience and is seamlessly integrated with the Curity Identity Server out of the box.
Results
The outcome of implementing the Curity Identity Server was one identity and authentication solution used across many different applications and services. These included both existing applications as well as new ones. Bisnode customers can now login with a single account to access all services, simplifying the end users' experiences. This has also lessened the work on customer service representatives by reducing the number of password resets and account-related challenges they must help customers with. By adding stronger authentication methods, like Bisnode Secure, they were also able to comply with regulatory requirements while simultaneously assuring customers that their PII is secure. Bisnode ID also hastens and simplifies new customer signup, resulting in less fall off and higher new customer acquisition rates.
In short, the deployment of the Curity Identity Server has saved Bisnode and its customers time, money, and frustration while delivering security and regulatory compliance.