SlideShare a Scribd company logo

Identity Live London 2017 | David Knott & Ian Sorbello

Download as PPTX, PDF
ForgeRock
ForgeRock

David and Ian discuss the challenges and opportunities that come with managing customer identity management at HSBC, one of the largest banking and financial services organisations in the world. With over 37 million customers spread across 37 different markets, digital identity has become a strategic initiative for HSBC in order to modernise infrastructure and build stronger relationships with their customers. This session covers HSBC’s path to consolidating on a single digital identity solution, as well as a few of the reasons why they chose ForgeRock including standards support, biometrics, and API security.

Technology
1 of 13
HSBC CUSTOMER IDENTITY MANAGEMENT DEMOCRATISED AND COMMODITISED Dr. David Knott, Chief Architect
HSBC (Hong Kong & Shanghai Banking Corporation) – the world’s largest international bank – 4,500 Branches 37,000,000 Customers $2.375tn Total Assets $47.9bn Reported Revenue 70 countries & territories Present in 45% of clients have international presence 340,000 PCs & Laptops 85,000 Personal Devices 290,000 Staff Users 255,000 Corporate Customers 915,000 Corporate Users 90,000 Servers 93PB of Data
Customer Identity Management Democratised and Commoditised PUBLIC October 2017 Ian Sorbello - Head of Product Technology (Security)
4 PUBLIC Overview • HSBC Global – geography and markets • One Strategy – global rollout, different needs • Access Management • Designed for variance • Biometry • APIs • Identity Management • Your organisation’s developers are your customers
5 PUBLIC HSBC Global – Retail and Wealth • 37 markets across 70 countries • 37M customers • 3 geographic IT points of presence (NA, EU, AP) –many localised sub PoPs covering geopolitical and regulatory boundaries • One solution, globally. • Deploy to PROD, which PROD?
6 PUBLIC Access Management • Maturation of security standards - OIDC / OAuth2 / UMA / SSO • Strong desire to USE these • Zero desire to CODE these • Subsume underlying identity repositories • Using ForgeRock Access Management and ForgeRock Identity Management • Security commoditised ForgeRock Access Management IDP RETAIL COMMERCIAL PRIVATE
7 PUBLIC Access Management Market 2 Market 3 PoP ForgeRock Access Management Instance 2 App Y ForgeRock Access Management Instance 1 Market 1 App X Journey A Journey B GEOPOLICTICAL AND BUSINESS LINE INSTANCING Piloting – A/B • Extreme multiplicity requires variation to be at the heart of the solution… Security democratised LOGICAL / REALMS GEOGRAPHIC INSTANCING
8 PUBLIC Access Management - Biometry • Biometrics – growing in capability and usefulness • Build biometrics on top of a solid foundation • They are just new credentials (inherence factor) • Assume rapid change in this space • Build to pivot – add or jettison is a steady state ForgeRock Access Management ForgeRock Access Management Knowledge ForgeRock Access Management Possession ForgeRock Access Management Inherence Broker Biometric 2 Biometric 1
9 PUBLIC Banking APIs • A polarised conversation: Should banks enable “programmatic” access? • In the UK this decision was made for us: YOU MUST • CMA OpenBanking initiative, authenticated journeys Q1 2018 • HSBC ready and primed for OIDC and OAuth to publish carefully curated APIs / Services • Because we use ForgeRock Access Management and this is what ForgeRock Access Management does…
10 PUBLIC Identity Management • HSBC has identity data on clients globally • Immediately, this helps the digital bank (internal) • Further, capacity to participate in identity data markets ForgeRock Access Management Customer Data Customer Data ForgeRock Access Management IDENTITY as a SERVICE Internal Systems Internal Systems Internal Systems
11 PUBLIC Look After Your Developers • Developers love to build, but they need permission: • To innovate, to challenge, to execute (securely) • They need a way forward: via security platforms, patterns and architectural guardrails • Publish usable security capabilities to your organisation. (hint: ForgeRock). Your Devs will take care of your clients.
12 PUBLIC Thank you … Ian Sorbello Head of Product Technology - Security | HSBC Digital Solutions (HDS) HSBC Operations, Services and Technology (HOST) | HSBC Holdings plc Level 7, 110 Southwark St, London SE1 0SU, United Kingdom E-mail: ian.sorbello@hsbc.com Website: www.hsbc.com
13 PUBLIC Thank you … Ian Sorbello Head of Product Technology - Security | HSBC Digital Solutions (HDS) HSBC Operations, Services and Technology (HOST) | HSBC Holdings plc Level 7, 110 Southwark St, London SE1 0SU, United Kingdom E-mail: ian.sorbello@hsbc.com Website: www.hsbc.com

Recommended

Paradigmo. Rock Kit, the Rapid Deployment Toolkit for ForgeRock Identity Plat...
Paradigmo. Rock Kit, the Rapid Deployment Toolkit for ForgeRock Identity Plat...Paradigmo. Rock Kit, the Rapid Deployment Toolkit for ForgeRock Identity Plat...
Paradigmo. Rock Kit, the Rapid Deployment Toolkit for ForgeRock Identity Plat...
ForgeRock
 
Winning with GDPR: How to Win Customer Loyalty and Trust
Winning with GDPR: How to Win Customer Loyalty and TrustWinning with GDPR: How to Win Customer Loyalty and Trust
Winning with GDPR: How to Win Customer Loyalty and Trust
ForgeRock
 
Identity Live Sydney 2017 - Andrew Latham
Identity Live Sydney 2017 - Andrew LathamIdentity Live Sydney 2017 - Andrew Latham
Identity Live Sydney 2017 - Andrew Latham
ForgeRock
 
IoT Wonderland: Understanding the Magic of OAuth2 Device Registration Flow
IoT Wonderland: Understanding the Magic of OAuth2 Device Registration FlowIoT Wonderland: Understanding the Magic of OAuth2 Device Registration Flow
IoT Wonderland: Understanding the Magic of OAuth2 Device Registration Flow
ForgeRock
 
DevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed DeploymentsDevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed Deployments
ForgeRock
 
OpenAM: An Introduction
OpenAM: An IntroductionOpenAM: An Introduction
OpenAM: An Introduction
ForgeRock
 
Identity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel RaskinIdentity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel Raskin
ForgeRock
 
Keynote : Customer Identity Builds Digital Trust - Paris Identity Summit
Keynote : Customer Identity Builds Digital Trust - Paris Identity SummitKeynote : Customer Identity Builds Digital Trust - Paris Identity Summit
Keynote : Customer Identity Builds Digital Trust - Paris Identity Summit
ForgeRock
 

Recommended

Paradigmo. Rock Kit, the Rapid Deployment Toolkit for ForgeRock Identity Plat...
Paradigmo. Rock Kit, the Rapid Deployment Toolkit for ForgeRock Identity Plat...Paradigmo. Rock Kit, the Rapid Deployment Toolkit for ForgeRock Identity Plat...
Paradigmo. Rock Kit, the Rapid Deployment Toolkit for ForgeRock Identity Plat...
ForgeRock
 
Winning with GDPR: How to Win Customer Loyalty and Trust
Winning with GDPR: How to Win Customer Loyalty and TrustWinning with GDPR: How to Win Customer Loyalty and Trust
Winning with GDPR: How to Win Customer Loyalty and Trust
ForgeRock
 
Identity Live Sydney 2017 - Andrew Latham
Identity Live Sydney 2017 - Andrew LathamIdentity Live Sydney 2017 - Andrew Latham
Identity Live Sydney 2017 - Andrew Latham
ForgeRock
 
IoT Wonderland: Understanding the Magic of OAuth2 Device Registration Flow
IoT Wonderland: Understanding the Magic of OAuth2 Device Registration FlowIoT Wonderland: Understanding the Magic of OAuth2 Device Registration Flow
IoT Wonderland: Understanding the Magic of OAuth2 Device Registration Flow
ForgeRock
 
DevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed DeploymentsDevOps Unleashed: Strategies that Speed Deployments
DevOps Unleashed: Strategies that Speed Deployments
ForgeRock
 
OpenAM: An Introduction
OpenAM: An IntroductionOpenAM: An Introduction
OpenAM: An Introduction
ForgeRock
 
Identity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel RaskinIdentity Live Sydney 2017 - Daniel Raskin
Identity Live Sydney 2017 - Daniel Raskin
ForgeRock
 
Keynote : Customer Identity Builds Digital Trust - Paris Identity Summit
Keynote : Customer Identity Builds Digital Trust - Paris Identity SummitKeynote : Customer Identity Builds Digital Trust - Paris Identity Summit
Keynote : Customer Identity Builds Digital Trust - Paris Identity Summit
ForgeRock
 
OpenAM - An Introduction
OpenAM - An IntroductionOpenAM - An Introduction
OpenAM - An Introduction
ForgeRock
 
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
ForgeRock
 
Identity Live Sydney 2017 - Ashley Stevenson
Identity Live Sydney 2017 - Ashley StevensonIdentity Live Sydney 2017 - Ashley Stevenson
Identity Live Sydney 2017 - Ashley Stevenson
ForgeRock
 
HSBC - ForgeRock Identity Summit 2017 Dusseldorf
HSBC - ForgeRock Identity Summit 2017 DusseldorfHSBC - ForgeRock Identity Summit 2017 Dusseldorf
HSBC - ForgeRock Identity Summit 2017 Dusseldorf
ForgeRock
 
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
ForgeRock
 
Identity Live Sydney 2017 - Allan Foster & Eve Maler
Identity Live Sydney 2017 - Allan Foster & Eve MalerIdentity Live Sydney 2017 - Allan Foster & Eve Maler
Identity Live Sydney 2017 - Allan Foster & Eve Maler
ForgeRock
 
Identity Live Sydney 2017 - Tim Sheedy
Identity Live Sydney 2017 - Tim SheedyIdentity Live Sydney 2017 - Tim Sheedy
Identity Live Sydney 2017 - Tim Sheedy
ForgeRock
 
Implications of GDPR in Conjunction with UMA
Implications of GDPR in Conjunction with UMAImplications of GDPR in Conjunction with UMA
Implications of GDPR in Conjunction with UMA
ForgeRock
 
Keynote: Tech, Trust, and Transformation - Paris Identity Summit 2016
Keynote: Tech, Trust, and Transformation - Paris Identity Summit 2016Keynote: Tech, Trust, and Transformation - Paris Identity Summit 2016
Keynote: Tech, Trust, and Transformation - Paris Identity Summit 2016
ForgeRock
 
Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...
Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...
Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...
ForgeRock
 
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 ReleaseThe Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
ForgeRock
 
Identity Live Sydney 2017 - Michael Dowling
Identity Live Sydney 2017 - Michael DowlingIdentity Live Sydney 2017 - Michael Dowling
Identity Live Sydney 2017 - Michael Dowling
ForgeRock
 
A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016
ForgeRock
 
Identity Live London 2017 | Ashley Stevenson
Identity Live London 2017 | Ashley StevensonIdentity Live London 2017 | Ashley Stevenson
Identity Live London 2017 | Ashley Stevenson
ForgeRock
 
Identity Live London 2017 | Marko Orenius
Identity Live London 2017 | Marko OreniusIdentity Live London 2017 | Marko Orenius
Identity Live London 2017 | Marko Orenius
ForgeRock
 
The digital pains of retail
The digital pains of retailThe digital pains of retail
The digital pains of retail
ForgeRock
 
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
ForgeRock
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
ForgeRock
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
ForgeRock
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
ForgeRock
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
ForgeRock
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
ForgeRock
 

More Related Content

Viewers also liked

Identity Live Sydney 2017 - Tim Sheedy
Identity Live Sydney 2017 - Tim SheedyIdentity Live Sydney 2017 - Tim Sheedy
Identity Live Sydney 2017 - Tim Sheedy
ForgeRock
 
Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...
Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...
Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...
ForgeRock
 
Identity Live London 2017 | Marko Orenius
Identity Live London 2017 | Marko OreniusIdentity Live London 2017 | Marko Orenius
Identity Live London 2017 | Marko Orenius
ForgeRock
 

Viewers also liked (16)

OpenAM - An Introduction
OpenAM - An IntroductionOpenAM - An Introduction
OpenAM - An Introduction
 
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
T-Systems. Automating ForgeRock Full Stack Deployments to a Magenta Cloud.
 
Identity Live Sydney 2017 - Ashley Stevenson
Identity Live Sydney 2017 - Ashley StevensonIdentity Live Sydney 2017 - Ashley Stevenson
Identity Live Sydney 2017 - Ashley Stevenson
 
HSBC - ForgeRock Identity Summit 2017 Dusseldorf
HSBC - ForgeRock Identity Summit 2017 DusseldorfHSBC - ForgeRock Identity Summit 2017 Dusseldorf
HSBC - ForgeRock Identity Summit 2017 Dusseldorf
 
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
The Business Ecosystem is a Neighborhood - ForgeRock Identity Live Austin 2017
 
Identity Live Sydney 2017 - Allan Foster & Eve Maler
Identity Live Sydney 2017 - Allan Foster & Eve MalerIdentity Live Sydney 2017 - Allan Foster & Eve Maler
Identity Live Sydney 2017 - Allan Foster & Eve Maler
 
Identity Live Sydney 2017 - Tim Sheedy
Identity Live Sydney 2017 - Tim SheedyIdentity Live Sydney 2017 - Tim Sheedy
Identity Live Sydney 2017 - Tim Sheedy
 
Implications of GDPR in Conjunction with UMA
Implications of GDPR in Conjunction with UMAImplications of GDPR in Conjunction with UMA
Implications of GDPR in Conjunction with UMA
 
Keynote: Tech, Trust, and Transformation - Paris Identity Summit 2016
Keynote: Tech, Trust, and Transformation - Paris Identity Summit 2016Keynote: Tech, Trust, and Transformation - Paris Identity Summit 2016
Keynote: Tech, Trust, and Transformation - Paris Identity Summit 2016
 
Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...
Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...
Analyst Keynote: Putting Customers First Requires Innovation and Identity - P...
 
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 ReleaseThe Future is Now: The ForgeRock Identity Platform, Early 2017 Release
The Future is Now: The ForgeRock Identity Platform, Early 2017 Release
 
Identity Live Sydney 2017 - Michael Dowling
Identity Live Sydney 2017 - Michael DowlingIdentity Live Sydney 2017 - Michael Dowling
Identity Live Sydney 2017 - Michael Dowling
 
A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016A Backstage Tour of Identity - Paris Identity Summit 2016
A Backstage Tour of Identity - Paris Identity Summit 2016
 
Identity Live London 2017 | Ashley Stevenson
Identity Live London 2017 | Ashley StevensonIdentity Live London 2017 | Ashley Stevenson
Identity Live London 2017 | Ashley Stevenson
 
Identity Live London 2017 | Marko Orenius
Identity Live London 2017 | Marko OreniusIdentity Live London 2017 | Marko Orenius
Identity Live London 2017 | Marko Orenius
 
The digital pains of retail
The digital pains of retailThe digital pains of retail
The digital pains of retail
 

More from ForgeRock

ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock
 

More from ForgeRock (20)

Digital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at ScaleDigital Identities in the Internet of Things - Securely Manage Devices at Scale
Digital Identities in the Internet of Things - Securely Manage Devices at Scale
 
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and BeyondGet the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
Get the Exact Identity Solution You Need - In the Cloud - AWS and Beyond
 
Identity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic OpportunityIdentity Live Sydney: Identity Management - A Strategic Opportunity
Identity Live Sydney: Identity Management - A Strategic Opportunity
 
Identity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity CapabilityIdentity Live Singapore: Transform Your Cybersecurity Capability
Identity Live Singapore: Transform Your Cybersecurity Capability
 
Identity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote PresentationIdentity Live Singapore 2018 Keynote Presentation
Identity Live Singapore 2018 Keynote Presentation
 
Identity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote PresentationIdentity Live Sydney 2018 Keynote Presentation
Identity Live Sydney 2018 Keynote Presentation
 
Identity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'EmIdentity Live Singapore: Just Ask 'Em
Identity Live Singapore: Just Ask 'Em
 
Identity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected SocietyIdentity Live Singapore: Building Trust & Privacy in a Connected Society
Identity Live Singapore: Building Trust & Privacy in a Connected Society
 
Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication Identity Live Sydney: Intelligent Authentication
Identity Live Sydney: Intelligent Authentication
 
Identity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected SocietyIdentity Live Sydney: Building Trust and Privacy in a Connected Society
Identity Live Sydney: Building Trust and Privacy in a Connected Society
 
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep DiveGet the Exact Identity Solution you Need in the Cloud - Deep Dive
Get the Exact Identity Solution you Need in the Cloud - Deep Dive
 
Get the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - OverviewGet the Exact Identity Solution You Need - In the Cloud - Overview
Get the Exact Identity Solution You Need - In the Cloud - Overview
 
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User ExperienceForgeRock and Trusona - Simplifying the Multi-factor User Experience
ForgeRock and Trusona - Simplifying the Multi-factor User Experience
 
Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)Opening Keynote (Identity Live Berlin 2018)
Opening Keynote (Identity Live Berlin 2018)
 
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
Steinberg - Customer identity as the cornerstone of our approach to digitaliz...
 
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
BMW Group - Identity Enables the Next 100 Years.. (Identity Live Berlin 2018)
 
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
Trust is Everything - The Future of Identity and the ForgeRock Platform (Iden...
 
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
Silo Busters- The Value of User and Data Centricity beyond IoT Devices (Ident...
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
 
Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)Intelligent Authentication (Identity Live Berlin 2018)
Intelligent Authentication (Identity Live Berlin 2018)
 

Recently uploaded

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Recently uploaded (20)

HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

Identity Live London 2017 | David Knott & Ian Sorbello

  • 1. HSBC CUSTOMER IDENTITY MANAGEMENT DEMOCRATISED AND COMMODITISED Dr. David Knott, Chief Architect
  • 2. HSBC (Hong Kong & Shanghai Banking Corporation) – the world’s largest international bank – 4,500 Branches 37,000,000 Customers $2.375tn Total Assets $47.9bn Reported Revenue 70 countries & territories Present in 45% of clients have international presence 340,000 PCs & Laptops 85,000 Personal Devices 290,000 Staff Users 255,000 Corporate Customers 915,000 Corporate Users 90,000 Servers 93PB of Data
  • 3. Customer Identity Management Democratised and Commoditised PUBLIC October 2017 Ian Sorbello - Head of Product Technology (Security)
  • 4. 4 PUBLIC Overview • HSBC Global – geography and markets • One Strategy – global rollout, different needs • Access Management • Designed for variance • Biometry • APIs • Identity Management • Your organisation’s developers are your customers
  • 5. 5 PUBLIC HSBC Global – Retail and Wealth • 37 markets across 70 countries • 37M customers • 3 geographic IT points of presence (NA, EU, AP) –many localised sub PoPs covering geopolitical and regulatory boundaries • One solution, globally. • Deploy to PROD, which PROD?
  • 6. 6 PUBLIC Access Management • Maturation of security standards - OIDC / OAuth2 / UMA / SSO • Strong desire to USE these • Zero desire to CODE these • Subsume underlying identity repositories • Using ForgeRock Access Management and ForgeRock Identity Management • Security commoditised ForgeRock Access Management IDP RETAIL COMMERCIAL PRIVATE
  • 7. 7 PUBLIC Access Management Market 2 Market 3 PoP ForgeRock Access Management Instance 2 App Y ForgeRock Access Management Instance 1 Market 1 App X Journey A Journey B GEOPOLICTICAL AND BUSINESS LINE INSTANCING Piloting – A/B • Extreme multiplicity requires variation to be at the heart of the solution… Security democratised LOGICAL / REALMS GEOGRAPHIC INSTANCING
  • 8. 8 PUBLIC Access Management - Biometry • Biometrics – growing in capability and usefulness • Build biometrics on top of a solid foundation • They are just new credentials (inherence factor) • Assume rapid change in this space • Build to pivot – add or jettison is a steady state ForgeRock Access Management ForgeRock Access Management Knowledge ForgeRock Access Management Possession ForgeRock Access Management Inherence Broker Biometric 2 Biometric 1
  • 9. 9 PUBLIC Banking APIs • A polarised conversation: Should banks enable “programmatic” access? • In the UK this decision was made for us: YOU MUST • CMA OpenBanking initiative, authenticated journeys Q1 2018 • HSBC ready and primed for OIDC and OAuth to publish carefully curated APIs / Services • Because we use ForgeRock Access Management and this is what ForgeRock Access Management does…
  • 10. 10 PUBLIC Identity Management • HSBC has identity data on clients globally • Immediately, this helps the digital bank (internal) • Further, capacity to participate in identity data markets ForgeRock Access Management Customer Data Customer Data ForgeRock Access Management IDENTITY as a SERVICE Internal Systems Internal Systems Internal Systems
  • 11. 11 PUBLIC Look After Your Developers • Developers love to build, but they need permission: • To innovate, to challenge, to execute (securely) • They need a way forward: via security platforms, patterns and architectural guardrails • Publish usable security capabilities to your organisation. (hint: ForgeRock). Your Devs will take care of your clients.
  • 12. 12 PUBLIC Thank you … Ian Sorbello Head of Product Technology - Security | HSBC Digital Solutions (HDS) HSBC Operations, Services and Technology (HOST) | HSBC Holdings plc Level 7, 110 Southwark St, London SE1 0SU, United Kingdom E-mail: ian.sorbello@hsbc.com Website: www.hsbc.com
  • 13. 13 PUBLIC Thank you … Ian Sorbello Head of Product Technology - Security | HSBC Digital Solutions (HDS) HSBC Operations, Services and Technology (HOST) | HSBC Holdings plc Level 7, 110 Southwark St, London SE1 0SU, United Kingdom E-mail: ian.sorbello@hsbc.com Website: www.hsbc.com