Volvofinans Bank has evolved identity and access management across all digital services

Volvofinans Bank has evolved identity and access management across all digital services

Volvofinans Bank, founded in 1959 and part of the larger Volvo ecosystem, is the mobility bank. By offering a wide range of financing solutions and payment services in the automotive and transport industry, the bank facilitates a smarter car economy for partners and customers. Volvofinans Bank’s entire business operation is run with a great responsibility, as sustainable and as effective as possible.

Challenges

By both being part of the banking sphere and having a large partner network, APIs and shared digital solutions are essential parts of the business and continue to increase in importance.

Working with APIs was not new to Volvofinans Bank. Instead the process of finding a solution sprung from a general feeling that they had too many different solutions for API security and identity management. Some APIs were used by third party providers, that’s being verified by an Open Banking trust framework. Other API consumers were Volvofinans’ own web and mobile applications, but also partner applications. Each product/API had its own way of addressing authentication and authorization, and even though some common solutions had been developed they weren’t widely used - they needed a standardized, ONE approach to identity management.

The existing solutions were evaluated for this purpose but was dismissed as too complicated to configure and not able to scale up in the way Volvofinans Bank needed it to. After a thorough review process Volvofinans Bank chose the Curity Identity Server because of its scalability, flexible login options and broad OAuth and OpenID Connect support.

Solution

Flexible login: Powered by the flexibility of the Curity Identity Server, authentication can now be done in many different ways, via built-in capabilities or using external services. The user-facing screens and the flows were possible to tailor to satisfy User Experience (UX) requirements.

Banking-grade security: Using features such as JWT assertion grant type and asymmetrically signed JWTs and mutual TLS for client authentication has given Volvofinans Bank secure ways of issuing access tokens. This helps deliver banking-grade security because these tokens can be tied to a private key that only this client has. Then, when the API is called, it knows that the token was indeed issued to that client application.

Configuration and Operations: Volvofinans is a 24/7 operation, part of providing a secure service is an available, always up identity infrastructure. The vast management features in the Curity product and being built for automation and DevOps makes it straightforward to operate a complex environment with the highest requirements on availability.

We as developers are hands-on professionals and with Curity we get to speak directly to Curity developers instead of going via a non-technical account manager. That makes design conversations so much easier.

Results

Empowered by the Curity Identity Server, Volvofinans Bank have created a very capable platform for Identity and Access Management that is rolled out across their digital services.

We have great confidence in the Curity team in discussions, you can tell they are specialists and know their product. They’re a much-appreciated sounding board.

Andreas Toom

We have great confidence in the Curity team in discussions, you can tell they are specialists and know their product. They’re a much-appreciated sounding board.

Andreas Toom - Lead Developer at Volvofinans

Read More Customer Stories

The Curity Identity Server allowed Dun & Bradstreet to unify their many different services and meet their unique requirements
The Curity Identity Server allowed Dun & Bradstreet to unify their many different services and meet their unique requirements

The Curity Identity Server allowed Dun & Bradstreet to unify their many different services and meet their unique requirements

Read Story
Powered by the Curity Identity Server Shell Energy was able to evolve their identity infrastructure
Powered by the Curity Identity Server Shell Energy was able to evolve their identity infrastructure

Powered by the Curity Identity Server Shell Energy was able to evolve their identity infrastructure

Read Story
Poppulo achieves their API-first strategy with the Curity Identity Server
Poppulo achieves their API-first strategy with the Curity Identity Server

Poppulo achieves their API-first strategy with the Curity Identity Server

Read Story
PayEx established a secure and flexible IAM system allowing for easier customer integrations
PayEx established a secure and flexible IAM system allowing for easier customer integrations

PayEx established a secure and flexible IAM system allowing for easier customer integrations

Read Story
Nowcom improved login security with the Curity Identity Server
Nowcom improved login security with the Curity Identity Server

Nowcom improved login security with the Curity Identity Server

Read Story
Kindred increased the performance of their services with the Curity Identity Server
Kindred increased the performance of their services with the Curity Identity Server

Kindred increased the performance of their services with the Curity Identity Server

Read Story
KGH created ‘one truth’ for identity and data sharing with the Curity Identity Server
KGH created ‘one truth’ for identity and data sharing with the Curity Identity Server

KGH created ‘one truth’ for identity and data sharing with the Curity Identity Server

Read Story
If can now focus on delivering value for customers and partners instead of developing core IAM functionality
If can now focus on delivering value for customers and partners instead of developing core IAM functionality

If can now focus on delivering value for customers and partners instead of developing core IAM functionality

Read Story
How ATG moved to a microservice architecture with the Curity Identity Server
How ATG moved to a microservice architecture with the Curity Identity Server

How ATG moved to a microservice architecture with the Curity Identity Server

Read Story
Curity helped dmTECH secure online sales and provide smooth login UX for dm-drogerie markt digital services
Curity helped dmTECH secure online sales and provide smooth login UX for dm-drogerie markt digital services

Curity helped dmTECH secure online sales and provide smooth login UX for dm-drogerie markt digital services

Read Story
Curity enabled easier ways of logging in, leading to an increased usage of Com Hem's services
Curity enabled easier ways of logging in, leading to an increased usage of Com Hem's services

Curity enabled easier ways of logging in, leading to an increased usage of Com Hem's services

Read Story
Curity enabled PagerDuty to deploy in different regions and enhance service availability
Curity enabled PagerDuty to deploy in different regions and enhance service availability

Curity enabled PagerDuty to deploy in different regions and enhance service availability

Read Story
Bankdata achieves an improved, modernized identity infrastructure with the Curity Identity Server
Bankdata achieves an improved, modernized identity infrastructure with the Curity Identity Server

Bankdata achieves an improved, modernized identity infrastructure with the Curity Identity Server

Read Story