Identity Management for SaaS applications

Meet Minimum Viable Secure Product Requirements

Minimum Viable Secure Product (MVSP) is a collaborative baseline minimalistic security checklist for B2B software developers, created by Google and Salesforce. It has been designed with simplicity in mind, the checklist contains only those controls that must, at a minimum, be implemented to ensure a reasonable security posture.

Ubisecure CIAM helps achieve MVSP compliance, in particular:

• SSO (Single Sign-On) – “Implement single sign-on using modern and industry standard protocols”
• Logical access (authorisation) and password policy

Find out more about building MVSP SaaS applications at mvsp.dev

Grow Revenue

Ubisecure enables SaaS providers to grow revenue with optimised, frictionless, out-of-the-box workflows for login and registration, resulting in reduced sign-up abandonment rates and increased customer retention. These workflows may include:

• Identity providers – customers log in using an identity they already own, removing the frustration of having to create yet another username/password.
• SSO – remove cumbersome repeat logins, making it easy for your customers to keep returning to your service. SSO to external apps (‘federation’) also offers potential new revenue streams, and speeds up new customer onboarding as they can integrate services quickly and easily.
• Incremental registration – customers convert more easily by signing up with just a few details, with more data collected later points.

By plugging in CIAM APIs, SaaS developers can get applications to market (and start earning revenue) faster.

Get to know your customers

The more you know about your customers, the more you can tailor solutions to their needs, providing upsell opportunities and staying ahead of competition. CIAM offers several ways to get to know your customer, including:

• Identity verification – verify your customers’ real-world identities using a variety of strong authentication methods. Digitally verifying physical ID documents or leveraging identity providers who have conducted robust KYC (such as bank or teleoperator eIDs)
  
• Progressive profiling – progressive profiling helps you build a fuller picture of your users’ data without asking for it all at once. This makes users much more likely to provide additional information
• Integrate identity silos – for example, your CIAM and CRM. Data becomes more up to date and ensures a single, accurate view of all available information.

Improve user experience

Seamless user experience across devices is key to success for any SaaS business:

• Self-service account management – let users handle their own account data, consent and other settings, without having to contact your IT support.
  
• Support Bring Your Own Identity (BYOI) – let users connect existing identities, rather than forcing them to create a new username and password.
• SSO – enable one identity across all of your services (and external services with federation), simplifying the journey and architecture for your users.
• Delegated Authority – digitise complex delegation workflows and access requirements with the most advanced delegation solution from any CIAM provider.

Secure identity data

Security is central to avoiding an identity data breach, which can cause loss of customer trust, regulatory non-compliance fines and time/money spent trying to deal with the damage caused. CIAM enables many security benefits, including:

• Identity directory – avoid identity data silos by integrating data pools to keep identity data and authorisation up to date. Less chance of vulnerabilities with a reduced attack surface.
• Secure APIs – enable secure access control of APIs both within an organisation and to third parties. Ubisecure’s standards-based token server uses OAuth 2.0 and OpenID Connect protocols.
• SSO – as access is only tied to one set of credentials, all access is revoked upon credential deactivation.
• Authentication – options for strong authentication and multi-factor authentication (MFA) enhance trust in who is accessing your application(s).