Kindred had an advanced microservices architecture, but their existing identity solution couldn’t scale in the way they needed. The nature of the betting market means strict requirements on security with regular, high bursts in traffic, and lots of pressure on their digital services with requests from all around the globe. Coupled with consumers expectation of nearly instant access to services and the process to log-in and access the application was too long.
Another challenge was to find the balance of protecting data online whilst being able to access it internally. There were multiple legacy systems that couldn’t just be ripped out and replaced.
Active in in many different countries each with a different set of laws and regulations, means they need to know where the user is at all times to ensure the right protocols are applied.
One very important requirement for the project was to minimize disruption to the services throughout the implementation. To mitigate this risk, a scheme for a gradual introduction of the Curity Identity Server was created. The configurable nature of the server allowed temporary integration with the legacy systems during the migration, introducing more functions incrementally and when migration was completed these were easily removed.
The target architecture needed to facilitate scalability for “bursty” traffic patterns. A move to a token-based architecture with the addition of an orchestrated login process using the Curity Authentication Service was agreed upon to solve the login performance issues.
Tokens issued by Curity Identity Server could be tailor made to always contain the appropriate information needed to make authorization decision in line with any local regulation.
With the help of Curity’s Token Service Kindred have increased the performance of their services. By improving the efficiency of the login flow, they have been able to reduce the time from registration to access and play, creating a much-improved user experience. This has had a notable effect worldwide as it is now much faster to connect from far away or on a slow connection.
The flexibility of the Curity Identity Server meant that Kindred could integrate existing systems, instead of having to throw them out and start again, saving a lot of time, effort and money.
Powered by Curity’s Token Service, Kindred has been able to adapt the content of the token(s) for different scenarios and use cases. It has empowered them to create their own custom token procedures and adapt the tokens to suit their specific needs and legal requirements.
Curity’s long experience of API and identity management, together with their great product, has been key for us in delivering an identity platform that can support our global multi-brand offering in the strongly regulated technical climate we operate in.
Marcus Smedman - CTO, at Kindred