KuppingerCole Recognizes WSO2 Identity Server as a Leader in CIAM
The KuppingerCole Leadership Compass: CIAM platforms, 2020 published by KuppingerCole analysts has identified WSO2 as an Overall Leader, a Technology Leader, and an Innovation Leader among 20+ CIAM vendors in the market.
The KuppingerCole CIAM Leadership Compass is carried out by KuppingerCole, which is a global, independent analyst organization specializing in Information Security, Identity & Access Management (IAM), Governance (IAG), Risk Management & Compliance (GRC). The reports provides an overview of the Consumer Identity and Access Management market to help organizations to select a suitable CIAM solution. The report considers market segment, product/service functionality, market share, and innovativeness to evaluate the vendors.
Inclusion Criteria
KuppingerCole has identified the following capabilities in the vendor product offering as the inclusion criteria for the report.
- User self-registration including interoperability with social and national ID systems (eIDAS)
- Consent capture and management
- Interoperating with other applications such as CRM and marketing systems
- Interoperability based on standards and APIs
- Management of consumer users, directory services and profile database association and high scalability
- Support for Single Sign-On through industry standard protocols
- Authentication capabilities such as MFA, Risk-Adaptive authentication, mobile based authentication and FIDO support
Required Capabilities of a CIAM Solution
In the report, KuppingerCole identifies a set of key capabilities as basic requirements in a CIAM solution. Below is the breakdown of those capabilities and how WSO2 Identity Server Addresses them.
- Deployment options:
WSO2 offers On-premise, cloud and managed cloud services as deployment options.
- Social logins:
WSO2 has out of the box support for all the popular social login options. Also a variety of identity federation options are available in our connector store.
- Multi-factor authentication:
WSO2 has a rich set of MFA authentication options including Email OTP, SMS OTP , TOTP, FIDO 2.0, x509 certificate based, popular authenticator applications (Google, Duo, Authy, etc) and more.
- Risk adaptive authentication:
WSO2 Identity Server’s adaptive authentication feature caters a range of risk adaptive authentication capabilities including device fingerprints and history, geo-location, geo-velocity, user attributes and behavioral analysis. Further through integration with WSO2 Integrator portfolio, it is possible to plug in 3rd party fraud, threat or credential intelligent systems.
- Account recovery mechanisms:
WSO2 Identity Server supports self care as well as admin involved account recovery mechanisms. The recovery option includes, challenge questions , email and sms based account recovery.
- Inclusion of 3rd-party fraud and compromised credential intelligence:
WSO2 Identity Server’s adaptive authentication capabilities along with the WSO2 Analytics server can be used to configure 3rd-party fraud and compromised credential intelligence solutions with the product.
- Identity analytics:
WSO2 Identity Analytics solution enables collection, analysis and visualization of various kinds of analytics related to authentication and session management. The analytics dashboards can be used to create custom dashboards and generate reports based on the requirements. Additionally, with the integration of WSO2 Integrator, the analytics events can be published to third party analytics solutions over a number of data formats and protocols.
- Business intelligence for marketing:
WSO2 Identity Server supports integration with a variety of 3rd party business intelligence and marketing solutions including Google Analytics, Hubspot, MailChimp, Microsoft Dynamics, Mixpanel, Salesforce.
- Privacy and consent management:
WSO2 Identity Server is GDPR compliant and it can be used to build GDPR/CCPA complaint solutions. The consent management features in the product enables to collect and manage user consent and allows users to review and revoke their consent though self service portals.
- Enhanced user experience:
WSO2 Identity Server is capable of providing a rich user experience through the support of customizing and branding consumer facing UIs and portals, enabling self or social registration which will enhance consumer interaction with websites.
- IoT device identity information:
WSO2 Identity Server can cater IoT authentication use cases through the support of OIDC protocol. The product also includes device authorization grant as a preview feature.
Leadership and Ratings
In the evaluation process, KuppingerCole identifies the following 4 leadership types. Leaders in these categories are considered exceptionally strong in particular areas.
Product Leadership — Product Leadership evaluates the functional strength and completeness of products and services. It also evaluates the capability to cater requirements of a large number of organizations and consumer identities.
Innovation Leadership — Innovation leadership evaluates the innovativeness of the upcoming product features and whether they match the expectations of the market segment. This also includes taking a customer oriented upgrade approach while maintaining backward compatibility.
Market Leadership — Market leadership evaluates the global customer reach and partner network of the vendor. Aspects such as number of customers, number of managed identities, geographic distribution of customers and partners are taken into account.
Overall Leadership — Overall leadership is evaluated based on the combination of above 3 leadership categories.
Following are the main categories used by KuppingerCole to rate products.
- Security — “Security is measured by the degree of security within the product.”
- Functionality — “This is measured in relation to three factors. One is what the vendor promises to deliver. The second is the status of the industry. The third factor is what KuppingerCole would expect the industry to deliver to meet customer requirements.”
- Integration — “Integration is measured by the degree in which the vendor has integrated the individual technologies or products in their portfolio.”
- Interoperability — “The ability of a product to work with other vendors’ products, standards, or technologies.”
- Usability — “Refers to the degree in which the vendor enables the accessibility to its technologies and products to its constituencies.”
WSO2 Rating Summary
In the CIAM leadership compass, KuppingerCole identifies WSO2 as a leader in following categories.
- Overall Leader
- Product Leader
- Innovation Leader
Meaning, that WSO2 is a leading-edge and a mature product capable of catering CIAM requirements of a large number of organizations while having an innovative vision to cater the CIAM market.
Additionally, with respect to the product ratings, WSO2 has scored strong positives for Security, Functionality, Interoperability and Deployment and positives for Usability.
In addition to the standard rating categorization, KuppingerCole also rates the vendors based on the specific capabilities for the CIAM market. For this leadership compass, KuppingerCole has considered the following categories.
- Authentication Options
- Consent Management
- IoT Integration
- Identity Analytics
- APIs
- Account Recovery
- Account Take Over (ATO) Protection
Below spider graphs depicts WSO2 Identity Server’s rating for the above capabilities.
KuppingerCole also notes down following key strengths of WSO2 Identity Server in the report.
- Great support for IAM standards
- API first strategy facilitates integration with other IAM and security systems
- Good selection of authenticators
- High scalability
- Extensive global partner network
In summary, WSO2 is well positioned as an overall leader among the other CIAM vendors in the CIAM leadership compass and the report has well captured the product capabilities which makes WSO2 Identity Server a leader in CIAM.
You can read more on the CIAM leadership compass by downloading a copy of the report at — https://wso2.com/resources/analyst-reports/kuppingercole-leadership-compass-ciam-platforms/
If you are new to WSO2 Identity Server and want to try out the product, visit https://wso2.com/identity-and-access-management/ and check the available resources.
If you have questions related to the product, you can reach our team through Identity Server slack channel (https://wso2is.slack.com) or the community twitter account (@wso2iscommunity).
