Entercard complies with banking regulations and secures its microservices with the Curity Identity Server
Logo Entercard complies with banking regulations and secures its microservices with the Curity Identity Server

Entercard complies with banking regulations and secures its microservices with the Curity Identity Server

Entercard Group AB is one of Nordic's leading credit market companies present in Norway, Sweden, Denmark, and Finland. Entercard creates financing solutions that make their customers' lives easier and enable growth for their partners. Today they issue credit cards and consumer loans to 2 million customers across the countries they operate in.

Business Objectives and Challenges

Entercard is committed to providing top-tier financial services and solutions. To support this commitment, they embarked on a journey to transform the digital security infrastructure. Entercard faced the challenge of modernizing its architecture to a microservices-based one. This strategic shift was essential to comply with the European Union’s Payment Services Directive (PSD2) regulation that requires strict security measures for electronic payment and consumer financial data handling. Entercard was looking for ways to implement a more secure, efficient authentication and authorization flow leveraging open standards such as OAuth and OpenID Connect. This initiative aimed to serve its expanding customer base better, adhere to evolving European Economic Area (EEA) regulations and level up the security of their systems.

Selection and Solution

In the process of selecting the best solution, many of the evaluated options fell short of providing the necessary support for industry standards and the security requirements essential for a modern microservices architecture. The Curity Identity Server's powerful capabilities made it an obvious standout. The Curity Token Service, for example, enables distributed authorization with authentication flows customized to each type of client. Plus, the Curity Authentication Service centralizes authentication. This capability removes the burden of user identification from the app level for better agility, scalability and adaptability.

Results

As Entercard transitioned to a microservice-based architecture, the next step was establishing powerful and flexible security and access around it. As a result, Entercard set up strong, PSD2-compliant authentication and authorization flows, established easy signing of third-party vendors connecting to their systems and achieved zero-trust with Curity's token-based architecture approach. The flexibility of the Curity product allowed for smooth integrations and customized implementations, addressing specific needs like token caching for enhanced performance.

“Great support and excellent cooperation. All the learning resources, training opportunities, and support make working with the product and identity easier." - Joar Dahlen, Product Owner

The Entercard team highly values Curity's competence, support, and guidance, which played a pivotal role in enabling them to establish robust systems, ensuring the utmost security for their services. Entercard also appreciates Curity’s commitment to introducing new features for increased security in every product release. They have plans to expand their use of Curity. For instance, the team is working to provide a more streamlined login experience for end users, and they feel confident that with an extensive set of Curity features and support from the Professional Service Team, they can implement any future projects.

Kristian Sahlin

The journey with Curity, though challenging due to the complexity of IAM itself, was a pivotal step in achieving our security and compliance objectives.

Kristian Sahlin - Senior Enterprise Architect

Read More Customer Stories

Volvofinans Bank has evolved identity and access management across all digital services
Volvofinans Bank has evolved identity and access management across all digital services

Volvofinans Bank has evolved identity and access management across all digital services

Read Story
The Curity Identity Server allowed Dun & Bradstreet to unify their many different services and meet their unique requirements
The Curity Identity Server allowed Dun & Bradstreet to unify their many different services and meet their unique requirements

The Curity Identity Server allowed Dun & Bradstreet to unify their many different services and meet their unique requirements

Read Story
SproutLoud leveraged API integrations using the Curity Identity Server, allowing them to create a common identity platform
SproutLoud leveraged API integrations using the Curity Identity Server, allowing them to create a common identity platform

SproutLoud leveraged API integrations using the Curity Identity Server, allowing them to create a common identity platform

Read Story
Powered by the Curity Identity Server Shell Energy was able to evolve their identity infrastructure
Powered by the Curity Identity Server Shell Energy was able to evolve their identity infrastructure

Powered by the Curity Identity Server Shell Energy was able to evolve their identity infrastructure

Read Story
Poppulo achieves their API-first strategy with the Curity Identity Server
Poppulo achieves their API-first strategy with the Curity Identity Server

Poppulo achieves their API-first strategy with the Curity Identity Server

Read Story
PayEx established a secure and flexible IAM system allowing for easier customer integrations
PayEx established a secure and flexible IAM system allowing for easier customer integrations

PayEx established a secure and flexible IAM system allowing for easier customer integrations

Read Story
Nowcom improved login security with the Curity Identity Server
Nowcom improved login security with the Curity Identity Server

Nowcom improved login security with the Curity Identity Server

Read Story
Maersk Customs Services created ‘one truth’ for identity and data sharing with the Curity Identity Server
Maersk Customs Services created ‘one truth’ for identity and data sharing with the Curity Identity Server

Maersk Customs Services created ‘one truth’ for identity and data sharing with the Curity Identity Server

Read Story
Kindred increased the performance of their services with the Curity Identity Server
Kindred increased the performance of their services with the Curity Identity Server

Kindred increased the performance of their services with the Curity Identity Server

Read Story
Ikano Bank streamlined identity management in multiple countries with the Curity Identity Server
Ikano Bank streamlined identity management in multiple countries with the Curity Identity Server

Ikano Bank streamlined identity management in multiple countries with the Curity Identity Server

Read Story
If can now focus on delivering value for customers and partners instead of developing core IAM functionality
If can now focus on delivering value for customers and partners instead of developing core IAM functionality

If can now focus on delivering value for customers and partners instead of developing core IAM functionality

Read Story
How ATG moved to a microservice architecture with the Curity Identity Server
How ATG moved to a microservice architecture with the Curity Identity Server

How ATG moved to a microservice architecture with the Curity Identity Server

Read Story
HealthHero future-proofs its virtual healthcare services with the Curity Identity Server
HealthHero future-proofs its virtual healthcare services with the Curity Identity Server

HealthHero future-proofs its virtual healthcare services with the Curity Identity Server

Read Story
Curity helped dmTECH secure online sales and provide smooth login UX for dm-drogerie markt digital services
Curity helped dmTECH secure online sales and provide smooth login UX for dm-drogerie markt digital services

Curity helped dmTECH secure online sales and provide smooth login UX for dm-drogerie markt digital services

Read Story
Curity enabled easier ways of logging in, leading to an increased usage of Com Hem's services
Curity enabled easier ways of logging in, leading to an increased usage of Com Hem's services

Curity enabled easier ways of logging in, leading to an increased usage of Com Hem's services

Read Story
Curity enabled PagerDuty to deploy in different regions and enhance service availability
Curity enabled PagerDuty to deploy in different regions and enhance service availability

Curity enabled PagerDuty to deploy in different regions and enhance service availability

Read Story
Bankdata achieves an improved, modernized identity infrastructure with the Curity Identity Server
Bankdata achieves an improved, modernized identity infrastructure with the Curity Identity Server

Bankdata achieves an improved, modernized identity infrastructure with the Curity Identity Server

Read Story
Arion Banki now has a standards-based identity platform and robust Open Banking protection
Arion Banki now has a standards-based identity platform and robust Open Banking protection

Arion Banki now has a standards-based identity platform and robust Open Banking protection

Read Story

Next steps

Start Today

Ready to modernize IAM? Build security and improve ease of use to stay ahead of the competition.