Login Mobile application scenario

Mobile Login and Social Media – connect with your customers

Mobile Login allows employees and customers access to data from anywhere, with any device. We can ensure a seamless experience where users do not need to re-register their devices.

NOTE: iC Consult has enjoyed the confidence of Global 500 companies for many years. The projects we support and implement are of strategic value to our customers, both for security reasons and as a business driver. For confidentiality reasons, all use cases shown here are anonymized and obfuscated. But the individual elements of the solutions are real and used by several of our customers and reflect our project experience.

Customer and Objectives

ACME is a global retail company with nearly 50,000 employees. The company offers its more than 18 million customers games, competitions and coaching programs as mobile applications (apps) on Android and iOS.

ACME’s aim was to securely integrate social media functionality (such as login and sharing) in the application software for mobile devices.

ACME chose iC Consult as its systems integrator, due to its reputation as a vendor-independent expert in identity and access management for large companies, and because of the company’s expertise in authentication from mobile apps.

iC Consult was involved with the project from architectural design, to implementation, delivery and commissioning.

Task and challenge

To foster customer loyalty, ACME operates several internally-developed Web applications. The company has developed mobile apps for all major mobile platforms and delivers these services to almost every country on the planet.

Until now, consumers had to set up their accounts manually in order to take advantage of personalized offers. Since passwords had to be entered repeatedly for each application, ACME lost many users to the dreaded “forgotten password” process. Especially on smartphones, gratuitous password entry was a clear drawback that served defeated the objectives of the company’s marketing campaigns.

To remain competitive, it became imperative for ACME to integrate social media logins from Facebook and Twitter into its mobile apps. With such a solution, users could quickly and easily login and could share coupons and offers with their friends and contacts in social networks. With more useful apps, ACME could better serve its customers.

The lack of a centralized services meant that each mobile application had to provide its own methods for authentication, registration, and account management. This led both to increased costs in application development, and increased risks in the areas of security and data privacy. Due to the differing implementations of the login process it was difficult for ACME to enforce the compliance with the coding guidelines and the handling of customers’ account information.

In addition, each development team had to provide a dedicated server for user authentication. Even central services such as registration and social login had to be implemented separately for each application platform.
With a centralized infrastructure, the authentication needed to be simplified and security from external attacks needed to be increased.

The solution also needed be flexible, extensible and easy to integrate with back-end systemds in order to facilitate quick response to new demands in a dynamic retailer environment. The same was expected from the vendor support.

Solution and Implementation

A classic Web Access Management (WAM) solution was deemed insufficient because WAM solutions could not provide adequate support for mobile apps. What was needed was a scalable solution for social login and mobile apps.

Instead, through the use of an API gateway based on open standards like OpenID and OAuth 2.0 the integration effort could be minimized. The deployment of the gateway product was a worthwhile, future-proof investment for the company, as it provided integration with Facebook, Twitter, Google and Yahoo directly out of the box. Connectors for more exotic social networks could be integrated flexibly and quickly.

When creating a new customer accounts, the complete registration data could be acquired directly from the social network given the user's consent.

Results and benefits

The number of registered and authenticated users grew significantly and the number of failed logins due to forgotten passwords was correspondingly reduced.

Users across a variety of devices and applications received more appropriate and personalized offers from ACME. This allowed for individualized marketing campaigns in the mobile environment.