Customer Identity and Access Management (CIAM) Solutions
These products won a Top Rated award for having excellent customer satisfaction ratings. The list is based purely on reviews; there is no paid placement, and analyst opinions do not influence the rankings. Read more about the Top Rated criteria.
Okta is an enterprise grade identity management service, built in the cloud. IT can manage access across any application, person or device. Whether the people are employees, partners or customers or whether the applications are in the cloud, on premises or on a mobile device, Okta…
The SAP Customer Data Cloud, based on Gigya (acquired by SAP in 2017) is a product suite that allows users to identify consumers, business customers, or partners across devices and channels to drive registrations and engagement; manage access, permission, and consent; and transform…
OneLogin is an identity and access management (IAM) product from One Identity since the October 2021 acquisition, featuring single sign-on (SSO), multi-factor authentication, provisioning, cloud directory, and more.
IBM Security Verify, formerly known as IBM Cloud Identity, is an identity-as-a-service (IDaaS) offering that aggregates dynamic user, device and environmental context to automate risk protection and continuously authenticate any user to any resource.
The PingOne Cloud Platform from Ping Identity in Denver, Colorado is an identity management and access solution (IAM) for enterprises. Features of the products include single sign-on, multi-factor authentication, user management with directory, provisioning and deprovisioning. The…
Azure Active Directory B2C (alternately, Azure Active Directory External Identities) provides business-to-customer identity as a service. Customers can use their preferred social, enterprise, or local account identities to get single sign-on access to applications and APIs.
LoginRadius is a customer identity platform that helps companies deliver a streamlined login process while protecting digital accounts and complying with data privacy regulations. The vendor says LoginRadius serves over 3,000 businesses with a monthly reach of 700 million users worldwide.…
Infobip headquartered in London offers a CPaaS designed to bridge IT and Telecoms, powering enterprises with omnichannel communication and user authentication options for a global user base.
Transmit Security headquartered in Boston offers their identity orchestration solution, providing strong customer authentication and authorization for entities that need it.
Amperity, headquartered in Seattle, offers their customer data platform, supporting raw data ingestion from all sources of customer data, identity resolution driven by AI, and delivery of enriched customer data to the marketing tools that need them.
Akamai Identity Cloud (formerly Janrain, acquired January 2019) supports the collection of customer identity data through social and traditional registration and login as well as diverse engagement capabilities like Commenting, Ratings and Reviews and Live Chat. The customer identity…
WSO2 Identity Server provides security and identity management of enterprise web applications, services, and APIs. The most recent version of Identity Server acts as an Enterprise Identity Bus (EIB) — a central backbone to connect and manage multiple identities regardless of the…
OneSpan Cloud Authentication increases operational efficiency by streamlining the authentication process. The solution is designed to provide all the benefits of the cloud and support banks and other businesses’ transformation from costly legacy, on-prem infrastructures to a more…
Veridas is a SaaS company headquartered in Pamplona, Navarra, that provides solutions to verify people's real identities in the digital space. They do this with face biometrics, voice biometrics and identity document verification. Veridas solutions are modular and scalable, adapting…
Prove enables their customers to prove their identities with just a phone. Prove offers phone-centric solutions that enable its customers to acquire new consumers and engage with their existing consumers by removing friction while bolstering security and enhancing consumer privacy…
Fractal is an identity verification platform, ranging from human uniqueness for sybil-resistance to KYC/AML for regulatory compliance. Fractal provides decentralized identity solutions for Web3 users and chains ensuring trustless systems and empowering users to exchange their data…
Evergent, headquartered in Sunnyvale, offers cloud-based OSS, revenue management, and subscriber management software solutions, using a modular approach to present solutions for telecoms.
Synaps verifies identities online, offering universal digital identity and reusably know your customer (KYC). They help customers meet their compliance requirements while helping users decentralize their identity to get a frictionless and borderless experience in web3.
Blockpass is a self-sovereign Identity Portal for regulated industries and the Internet of Everything, from the company of the same name headquartered in Hong Kong. Through the use of Ethereum and smart contracts, Blockpass is a Regtech platform offering shared regulatory and compliance…
Annex Cloud (formerly Social Annex) in Los Angeles offers their social login application, Login Services, supporting customer social login for customer identity management to promote intelligent marketing.
Asgardeo is an identity-as-a-soluton (IDaaS) that helps developers implement secure authentication flows to applications.
Next Reason helps govern customer identity, boasting the agility of a startup and the security and scale needed for Enterprise. Their flagship product, Next Identity, is an integration layer supporting interoperability, security, and scalability between CIAM vendors and customer…
SheerID’s digital verification platform verifies the identity of individuals and businesses, enabling enterprises to deliver gated offers and experiences to high-value customer segments while mitigating fraud and minimizing friction. By using authoritative data sources to verify…
What is Customer Identity and Access Management Solutions?
Customer Identity and Access Management (CIAM) solutions create classes of end-users and control their access to apps, programs, and other assets. CIAM solutions automatically authenticates users based on identity without administrator intervention. It allows for a narrow or personalized slice of features or assets to be available to certain users.
For businesses and their customers, CIAM can do many things. CIAM manages customer registration and login, allowing for customer interaction with businesses based on predefined authentication. For example, if you need to allow users to access multiple accounts, CIAM can manage this for you by signing users into all associated accounts when they sign into one of them. Additionally, CIAM can handle account management, order tracking, bill paying, and other tasks for the under user. As a result, CIAM is also an efficient way to collect, analyze, store, and protect end-user data.
Compared to identity management (IM), CIAM allows end-users to register themselves into your systems, rather than requiring an administrator to do that for them. End users in CIAMs are also allowed to have multiple identities, meaning that CIAM requires much more user accommodations than IM software, which usually only manages one identity per user. CIAMs are also much more vulnerable to hacking and data leaks, as end-users typically reuse passwords, e-mails, and other identifiers, allowing for multiple accounts to be breached at once. As such, CIAMs typically come with more security features such as multi-factor authentication and adaptive authentication than standard IM products. This makes CIAM products useful for healthcare, education, retail, and other customer-facing industries because all identity information is submitted by the client, and access is distributed to them automatically by the product.
Customer Identity and Access Management Solutions Features
These are the most common features across all CIAM products:
- Cloud-based hosting
- Centralized user management
- Single Sign-on
- Automatic user and device recognition
- End-user portals
- End-user data analytics
- End-user self-service
- Marketing technology
- Multi-factor authentication
- Adaptive authentication
- Brute force protection
- Back-end encryption
- Interface customization
Customer Identity and Access Management Solutions Comparison
When choosing the best CIAM for you, consider these factors:
- Service vs. Platform CIAM. When choosing a CIAM, you will want to determine if you want a service or a platform CIAM. Service-based CIAMs hand almost all tasks (including organization, management, and implementation) over to you, whereas platform CIAMS are largely managed by the vendor and thus are better for first-time CIAM users. Platform CIAMs such as Auth0 and OneLogin are optimized for ease of use at their price points, but service CIAM like Azure Active Directory may be better suited for businesses who want more control over their identity and access management.
- Scalability. The primary function of a CIAM is to support a high volume of users, so the degree to which your chosen product can handle rapid increases in end-user access (e.g. Black Friday) is paramount because it affects product usability and cost. Google Cloud, Amazon Cognito, and Azure Active Directory allow for hundreds of millions of users, increasing pricing as the number of end-users grows. ForgeRock, on the other hand, may be better suited for businesses with smaller or more consistent clientele because it allows you to gather customer data and personalize their experience over time without significant end-user volume costs.
- Authentication. Authentication security features are standard across all CIAM products, as sensitive customer data can be transmitted across multiple platforms. However, the level of protection varies between products. Some services, like Okta Identity Cloud, Cisco Secure Access by Duo, and LoginRadius, provide many authentication methods, such as SMS, text, voice, or e-mail authentication. Some products, namely SAP Customer Data Solutions, only offer single sign-on or two-factor authentication. To best determine which of these products meet your needs, consider which authentication services best meet the needs of your customers while also considering how much customer experience may be impacted by requiring multiple authentication methods.
- Personalization. Because CIAM products collect and centralize end-user data, they can also help you with marketing, branding, and other personalized experiences that drive higher customer retention rates. Single sign-on features can help with this because it grants a clearer picture of consumer behavior across multiple platforms with the bonus of making registration and sign-in easier for individual users. LoginRadius, Auth0, OneLogin, and Akamai Identity Cloud boast strong personalization features in the forms of single sign-on, user/device recognition, and robust analytic tools.
- Data privacy law compliance. Regardless of the product you choose, be sure that it helps your business comply with laws that govern the collection, storage, and sharing of personal data. Depending on the location of your business, you may be legally obligated to fulfill a user’s request to share information on how you use their data, so you’ll want an easy-to-use database that you can quickly and efficiently handle this request and avoid the costly fines of mismanaging user data.
Expected pricing for CIAM solutions depends on how many monthly end-users you are expecting and how frequently you expect them to use your products. Auth0, Google Cloud, Azure Active Directory, and Amazon Cognito all offer free plans that accommodate between 7,000 and 50,000 monthly users, and each charge per user once you’ve exceeded this maximum.. Some CIAM providers charge flat fees for each authentication attempt.. Most vendors offer free trials.
If you are considering using single sign-on solutions that include social media accounts, the following blog may help you foresee issues:
Frequently Asked Questions
The major benefits of CIAM products are:
- Centralized user management
- Customer experience personalization
- Customer self-service account management
- Increased security with multiple authentications
- Data gathering, storage, and analysis on a single platform
- Flexible multi-platform integration