Business Objectives
An ambitious goal to improve operations and provide secure digital access for a wide variety of partners meant If needed a new identity and access solutions.
The IAM team at If recognized a business-critical need for centralized identity management and login. They also wanted to enable configuration at a local level to ensure specific regulations or business practices were taken into account. The new solution had to provide a smooth customer experience, be robust, flexible, and able to cope with large-scale user demand.
Challenges
If is active in every country in the Nordic region, they want to make customer's and partner's digital experiences and access management more unified across the region. Other challenges were a large and varied partner network and everyone becoming more digital: partners, customers, and users. Which fueled If's shift to an API business model.
Another difficulty was partner-focused services that If want to improve to enable new digital experiences and APIs. The end goal is to deliver better experiences for customers interacting with If products through partner's digital systems and be available for the customer in their cars, homes, phones, and other digital devices.
Key Challenges:
- Varied customer base including individuals and large corporate customers
- Enabling and improving API business model
- Different types of insurance products
- Diverse and extensive partner network
- Enable access to If products from IoT devices
Solution
After exploring and researching many alternatives, including assessing the possibility of developing their own solution, If selected the Curity Identity Server as it matched their very precise criteria:
- Ability to create a decentralized architecture
- Based on industry standards (OAuth and OpenID Connect)
- Developer-friendly, flexible, and customizable
- A scalable and predictable pricing structure that wasn't on a per-user basis
Previous identity solutions at If focused only on internal users, and they needed more functionality and a robust solution that could cope with external partners and different ways of working. After developing a Common Login platform which is being rolled out to partners, If are now also replacing their legacy IAM system for customers with the more flexible capabilities of the Curity Identity Server.
Results
Capabilities that would have taken us years to develop we now have from the Curity Identity Server out of the box.
By implementing the Curity Identity Server, If has been able to focus on delivering end value for their partners instead of the core identity and access management (IAM) functionality.
At the start of the project, the primary goal was not to replace the existing internal legacy system but to solve the external partner challenge. That is where the focus has been, and it was delivered in production very quickly. If are so pleased with the result, they have decided to replace the internal legacy system and use the Curity Identity Server together with API Gateway to protect all If’s APIs - both internal and external.