KGH created ‘one truth’ for identity and data sharing with the Curity Identity Server

KGH created ‘one truth’ for identity and data sharing with the Curity Identity Server

KGH Customs Services is a major customs broker at the border between Norway and Sweden, and an important actor in many European countries. The company was established more than 50 years ago when the founder, who lived close to the border between Norway and Sweden at the time, discovered a problem and created a solution to help close the gap between truck drivers and customs officers.

Today, KGH helps customers optimize trade and customs management, in order to improve trade performance, operational efficiency, risk management and customs duty control. KGH strives to always be at the forefront of customs and continuously develop skills, competencies and technology to meet new customer demands.

Challenges

KGH was in the process of evaluating a solution for identity and access management, whilst also developing a SaaS system for their customers. They already had four systems needing authentication, the same was needed for the new SaaS. KGH wanted a solution that could sit in the center and offer one source of truth, removing the need to log into several systems.

They started listing the key criteria to help achieve their goal of creating a microservices architecture. On the top of the list was standards, OAuth and OpenID Connect in particular. They strongly felt the system and supplier needed to be in the forefront of identity and security standards. And it needed to be easy and safe to integrate with other systems, as KGH’s different client applications needed to have a straightforward integration with the new identity management solution. Also, they didn’t want to be locked into one solution, KGH wanted the reassurance that, if needed, they could back out of the technology without too much problem.

Solution

KGH was able to realize these and other requirements using the Curity Identity Server, which is built to leverage on standards. In particular, they utilized:

  • Issue opaque reference tokens to apps which preserved privacy and were translated into phantom tokens during ingest
  • Quickly integrate into Single Page Application (SPAs) using the Assisted Token flow
  • Issue tokens to back-end services that were able to safely invoke APIs on behalf of a disconnected user

Mattias Hansson comments:

We looked at different vendors but found that some didn’t use the latest standards, and others had a cost per user that looked good at first glance but resulted in very high total costs. The Curity team are actively working on the standards and are continuously one step ahead, looking at what’s next. And we found the flat, transparent fee very appealing, which made it an easy choice in the end.

He continues:

The support provided by the Curity team was invaluable. We didn’t have in-depth knowledge of authentication systems or security standards in-house, so the questions were many. And the Curity team were very helpful, responding to our questions promptly, sharing their expertise and useful resources.

Results

With the Curity Identity Server in place, KGH has been able to solve their authentication and privacy challenges and has created the desired “one truth”. The fact that the system provides a very capable implementation of OAuth and OpenID Connect, means KGH can integrate their different systems faster, and offer more secure access for users. The high security in the new platform was proven in the subsequent pen-test that was performed by a 3rd party.

Mattias Hansson concludes:

With Curity’s help we now have a modern and secure architecture which allows us to talk to customers about features we wouldn’t otherwise be able to. By using the Curity Identity Server we can meet our customers at the level where they are currently, from basic to advanced."

Mattias Hansson

The features of the Curity Identity Server and support of the Curity team helped us deliver a large-scale multi-tenancy system by reducing the complexity associated with digital identities

Mattias Hansson - Enterprise Architect at KGH Customs Services

Read More Customer Stories

Volvofinans Bank has evolved identity and access management across all digital services
Volvofinans Bank has evolved identity and access management across all digital services

Volvofinans Bank has evolved identity and access management across all digital services

Read Story
The Curity Identity Server allowed Dun & Bradstreet to unify their many different services and meet their unique requirements
The Curity Identity Server allowed Dun & Bradstreet to unify their many different services and meet their unique requirements

The Curity Identity Server allowed Dun & Bradstreet to unify their many different services and meet their unique requirements

Read Story
Powered by the Curity Identity Server Shell Energy was able to evolve their identity infrastructure
Powered by the Curity Identity Server Shell Energy was able to evolve their identity infrastructure

Powered by the Curity Identity Server Shell Energy was able to evolve their identity infrastructure

Read Story
Poppulo achieves their API-first strategy with the Curity Identity Server
Poppulo achieves their API-first strategy with the Curity Identity Server

Poppulo achieves their API-first strategy with the Curity Identity Server

Read Story
PayEx established a secure and flexible IAM system allowing for easier customer integrations
PayEx established a secure and flexible IAM system allowing for easier customer integrations

PayEx established a secure and flexible IAM system allowing for easier customer integrations

Read Story
Nowcom improved login security with the Curity Identity Server
Nowcom improved login security with the Curity Identity Server

Nowcom improved login security with the Curity Identity Server

Read Story
Kindred increased the performance of their services with the Curity Identity Server
Kindred increased the performance of their services with the Curity Identity Server

Kindred increased the performance of their services with the Curity Identity Server

Read Story
If can now focus on delivering value for customers and partners instead of developing core IAM functionality
If can now focus on delivering value for customers and partners instead of developing core IAM functionality

If can now focus on delivering value for customers and partners instead of developing core IAM functionality

Read Story
How ATG moved to a microservice architecture with the Curity Identity Server
How ATG moved to a microservice architecture with the Curity Identity Server

How ATG moved to a microservice architecture with the Curity Identity Server

Read Story
Curity helped dmTECH secure online sales and provide smooth login UX for dm-drogerie markt digital services
Curity helped dmTECH secure online sales and provide smooth login UX for dm-drogerie markt digital services

Curity helped dmTECH secure online sales and provide smooth login UX for dm-drogerie markt digital services

Read Story
Curity enabled easier ways of logging in, leading to an increased usage of Com Hem's services
Curity enabled easier ways of logging in, leading to an increased usage of Com Hem's services

Curity enabled easier ways of logging in, leading to an increased usage of Com Hem's services

Read Story
Curity enabled PagerDuty to deploy in different regions and enhance service availability
Curity enabled PagerDuty to deploy in different regions and enhance service availability

Curity enabled PagerDuty to deploy in different regions and enhance service availability

Read Story
Bankdata achieves an improved, modernized identity infrastructure with the Curity Identity Server
Bankdata achieves an improved, modernized identity infrastructure with the Curity Identity Server

Bankdata achieves an improved, modernized identity infrastructure with the Curity Identity Server

Read Story