Highly Regulated Identity: The key to easier, more secure customer interactions

Across industries, organizations have sensitive customer operations that present challenges. These interactions extend beyond login. For example, updating account information, changing security and admin settings, accessing sensitive data, and executing transactions (e.g., money transfers) must deliver secure and user-friendly digital experiences.

The most successful brands will build experiences that delight users and protect against elevated fraud according to their industry’s unique (and, often, uniquely rigorous) security standards. It’s a difficult, uncompromising balancing act: Users need special protections when executing these operations, but if you can’t package those protections in seamless UX, you risk costly help desk tickets or, worse, losing them to a competitor.

That’s why Okta is proud to announce the General Availability of Highly Regulated Identity, a solution suite on Okta Customer Identity Cloud that delivers Financial Grade Identity™ with elevated security, privacy, and UX controls for sensitive customer operations beyond login.

Provide protection from threat actors, enable intuitive and easy user experiences, drive agility, reduce costs, and set the stage for compliance at a financial-grade security level.

Phase one of Highly Regulated Identity allows your organization to implement financial-grade step-up security (a.k.a. Strong Customer Authentication (SCA)) and provides a certified FAPI 1 Advanced security profile implementation for elevated end-to-end security. Powered by Okta Customer Identity Cloud, you can now leverage pro, low, and no-code Actions and UX templates to implement Financial Grade Identity ™ controls faster across a wide range of industry-specific operations. Get advanced –– yet user-friendly –– safeguards against the rising tide of cybercrime that also support compliance.

Read on for the complete picture of Okta’s newest solution for your organization’s most sensitive customer scenarios.

What is Highly Regulated Identity?

Highly Regulated Identity is a Financial Grade Identity™ solution for any industry dealing with sensitive customer operations. Through a suite of advanced features, Highly Regulated Identity helps leaders across industries answer three important questions with a high level of certainty:

  1. Is the user who they say they are?

SCA, an authorization framework that originated in financial services, allows the secure execution of sensitive digital interactions through dynamic, context-specific multi-factor authentication (MFA).

 

Requirements of Strong Customer Authentication

 

  1. Did the user give informed consent to the transaction?

Dynamic linking raises SCA to a financial-grade level by tying transaction details to the SCA approval confirmation, preventing transaction tampering. This is what distinguishes SCA from regular step-up authentication. Rich Authorization Requests communicate this contextual information to the user as part of the SCA approval request ( for example, by sending a push approval asking whether they sign off on a person-to-person payment).
 

Secure customer authentication requires dynamic linking

 

  1. Is the approval process secure end-to-end?

OpenID FAPI 1 Advanced Protocols elevate data privacy and app security for the end-to-end flow, including JWT-Secured Authorization Requests, Pushed Authorization Requests, Private Key JWT, JSON Web Encryption, and OAuth 2.0 Mutual-TLS Client Auth and Certificate-Bound Access Tokens.

 

Man smiling at computer monitor, adjusting data privacy settings

 

By allowing your organization to authenticate and authorize consumer transactions on a financial-grade assurance level, Okta Highly Regulated Identity builds trust into the foundations of sensitive offerings without compromising user experience.

Better, more secure transactions across industries

Trust is essential to driving the adoption of digital services and reducing fraud. To meet the elevated user experience and security requirements for sensitive customer scenarios, organizations need user-friendly ways to build a high level of trust and enable secure end-to-end operations.

Here are a few industry-specific examples of customer operations that Highly Regulated Identity can make more secure and seamless:

 

Finance

  • Sending money to any person with any provider
  • Changing payee details on recurring payments
  • Open banking payments that conform with evolving regional regulatory standards
  • Verifying a customer’s identity at a point-of-sale terminal or banking branch
  • Verifying a user's identity during a call center interaction
  • Securing a customer’s consent to share personally identifiable information (PII)

Healthcare

  • Accessing personal health information or test results in a portal
  • Providing consent to share personal health information with a provider
  • Paying a healthcare provider

Retail

  • Processing returns and refunds (while reducing fraudulent claims)
  • Changing profile information (address, email, phone number)
  • Accessing loyalty programs and redeeming points

Transportation and Logistics

  • Enacting a change of address on a high-value package
  • Accessing a request portal for fleet requests
  • Authorizing changes to delivery schedules/routes

Manufacturing

  • Granting access to suppliers or vendors
  • Approving/rejecting products based on quality standards

 

Example: Identity verification for a money transfer
 

3 Identity verification steps

 

The Okta difference

Leaders in highly regulated industries need a solution that prioritizes security and UX equally. By applying a solution like Highly Regulated Identity, which we built for powerful security and seamless UX, organizations can get ahead of common issues that arise when these two areas conflict. And with Okta Customer Identity Cloud, implementation and customization are easy: Users can hit the ground running with custom policies and UX templates that provide next-level security while fortifying your brand. Better yet, they can do so with the knowledge that their sensitive customer operations are backed by Okta, the world’s Identity company.

 

Benefits of Highly Regulated Identity

 

If you’re ready to get started with Highly Regulated Identity, contact an Okta team member or schedule a demo today. For more information, check out the resources below.