Social login and BYOI

Security for digital natives

Many services require their own customer account. This can discourage potential customers because they do not want to open yet another account and manage another password. Social login and "Bring Your Own Identity" (BYOI) can alleviate this problem.

Digital service providers want to know who their potential customers are as early as possible, so many of them insist on individual customer accounts. On the other hand, consumers are typically not keen on having to complete a laborious registration procedure for every single service – it can act as a deterent for potential new clients. This is where the concept of ‘social login’ and ‘Bring Your Own Identity’ (BYOI) come to the rescue.

Social login means that customers can use existing accounts from social networks such as Facebook, Google or Twitter to access services, with no need for a new username or new password.

Social login – even where high security levels are in play

It is a common preconception that the use of social logins only works for access profiles with a low security level. With the Secure Access Hub, social logins can be augmented with additional security measures and are therefore also suitable when requirements increase and higher levels of security are required:

  • A second factor can be added. This allows a social login to be extended to a strongly authenticated login
  • Social registration, rather than just social login. This allows social identities to be linked to internal accounts in case verified identity attributes are required or a contract is concluded.
  • Thanks to adaptive authentication, the second factors are only checked if there are increased security requirements. This ensures that a good user experience remains intact.

Support for BYOI technologies and standards

The use of BYOI technologies is becoming more and more popular, thanks to advances in standardisation. Airlock supports the underlying OAuth 2.0 and OpenID Connect 1.0 standards. Solutions based on these standards, such as SwissID, are also supported out-of-the-box.

Read article

Ready for excellent IT security?

Contact us now.
Ergon Informatik AG+41 44 268 87 00

Whitepaper - OWASP Top 10

Read our whitepaper "Airlock and the OWASP Top 10 for API Security 2019" and learn all about the ten biggest API security risks and how you can protect yourself against them.

Download the whitepaper now.