McConchie and team faced three major challenges: improve customer experience, meet PSD2 compliance and increase business agility. Their first requirement was delivering a new single-factor authentication solution for a self-service web portal for their general insurance customer base. But this would introduce yet another siloed identity into their already disparate identity ecosystem. To meet the targeted launch date, the team had a narrow window in which to change course. This included finding a way to efficiently stand up the products, build a single-factor authentication journey and configure all of the insurance products to provide the necessary security that they required.
Next up was replacing their legacy security technologies across both web and mobile so the Tesco team could build out the requirements of PSD2. They needed to address the API security requirements of open banking and implement continuous risk-based authentication. McConchie says, “It was certainly a high-risk project because the web and mobile channels were existing and servicing millions of customers. There was considerable focus from senior stakeholders to ensure we were able to migrate off our legacy security technology without impacting customers adversely.”
Facing hard deadlines and a growing list of requirements, the bank orchestrated a proof of concept between their incumbent vendor and Ping Identity. To pressure test the technologies, they built a dummy web application to compare each vendor’s ability to deliver a customer authentication journey and abstract authentication and authorization from the application itself. They wanted to see how each vendor could break down their identity silos and bring it all together to build a common identity layer.
Ping + ProofID emerged as the winners. Explains McConchie, “We saw how we could use PingAccess and PingFederate to work across web, mobile and API. The ease with which we could deploy across channels was a critical factor, also the dynamic authorization of Symphonic (now part of PingDataGovernance). Ping’s solutions give us the flexible authorization capability we need to minimize friction and deliver a customer-centric experience.”
Working with ProofID as their managed service provider and implementation partner, the Tesco Bank team configured their new PingAccess and PingFederate cluster to secure their general insurance application in just 12 weeks. This was no easy feat, requiring them to build a single-factor login journey and deploy it across their private AWS cloud. But now that they have a common identity provider across banking, credit cards and general insurance, Tesco Bank is able to leverage a unified customer identity to deliver better customer experience and gain customer insights.
Serving more than 5 million customers, Tesco Bank is the retail banking division of Tesco, the UK's largest supermarket retailer. Since 1997, the bank has provided its customers with a range of financial products and services to help them manage their money better.
Learn more at www.tescobank.com
ProofID is an identity security partner, integrator and service provider. Trusted by Tier 1 enterprises and mid-market businesses around the world to design, deliver and manage IAM services. Earning Global Delivery Partner of the Year Award for three consecutive years and North American Channel Partner of the Year 2020 from chosen partner Ping Identity.
For more information, visit www.proofid.com.
More Stories You'll Love
DB Schenker chose Ping Identity to implement risk-based multi-factor authentication (MFA) and consolidate identity and access management (IAM).
Gates leveraged Ping’s applications and partnerships to implement a global authentication authority at global scale.
The Ping Identity Platform delivers 10X faster performance and 50% reduction in memory usage.
Canon's federated approach to identity and access management provides flexibility, security and simplified management.