Digital Identity, Digital Trust, Janrain and Akamai

Authentication on the World Wide Web is badly broken.  We all know it, or at least sense it. Every web site or mobile app that we want to use asks us to register and set up yet another account with yet another username and password.  With the typical end user having tens of online accounts, this results in a dizzying number of usernames and passwords to keep track of. Or even worse, end users simply reuse the same username and password across multiple accounts.  A 2017 Pew Research survey reported that 39% of all users employ the same or very similar passwords across online accounts.

All of this is made even worse by the epidemic of data breaches that have taken place in the last several years.  In 2016, over 4 billion usernames and passwords were stolen. And every month there is another huge set of identities stolen, such as the recent hospitality industry data breach of up to 500 million users personal information. From a website owner’s perspective, this leads to a huge digital trust problem – just because someone or something presents the correct credentials, how can the business trust that it is truly the account owner that is attempting to login? Digital trust needs to underpin every digital interaction between a business and its end users.  Digital trust should include measuring and quantifying the expectation that an entity is who or what it claims to be and that the user or entity will behave in an expected manner.

AWS Builder Community Hub

Now, Akamai already secures its customers’ websites, apps and APIs from DDoS, application vulnerabilities, bots, and other advanced threats. As the world’s largest cloud delivery platform, Akamai also has a strong legacy of delivering superior end user experiences with the company’s media delivery and web performance solutions.  

Akamai is acquiring Janrain to combine the Janrain Identity Cloud and the Akamai Intelligent Platform in order to make Akamai’s security and performance solutions fully “identity aware”. Identity is critical to enforcing strong access controls to mitigate risk while maintaining superior user experiences. By adding Identity management to the Akamai Edge, Akamai is better positioned to secure against expanding threats while also enabling superior web experiences.

Janrain provides Customer Identity and Access Management (CIAM) as a service for the mission critical internet applications of leading global enterprises. Janrain enables enterprises to enhance digital trust by bringing identity awareness to online engagements through social and traditional registration, login, authentication, single sign-on, and end-user profile data storage and management.  

Akamai already accelerates many of our customers’ Identity transactions, with hundreds of millions of login transactions taking place on the Akamai Edge during a typical business day. Further, Akamai protects many customers’ login pages from attack with our Bot Manager Premier product. Bot Manager detects bots as they attempt to login to customers’ web sites using stolen credentials. It provides customers the ability to detect, mitigate and effectively manage such attacks on a global scale.

I believe the combination of Janrain’s Identity services with Akamai Bot Manager will result in increased accuracy in mitigating identity fraud – delivering superior detection with the lowest possible false positive rates. Janrain’s technology will allow Akamai to understand login history and access patterns (e.g. Geo/City/Time of the day/Device, etc.) which will help further differentiate legitimate end user login attempts from bot-based attacks. It will also allow Akamai to offer better, more nuanced responses to potential attackers, including step up authentication that enhances protection without compromising normal end user experience.  Together, these capabilities are expected to help Akamai to “stay ahead” of both the competition and the “bad guys” in mitigating the rapidly evolving credential abuse attacks facing customers today.

The acquisition of Janrain is a strategic step for Akamai intended to result in a range of new capabilities for us and an exciting roadmap of future services. Once the deal is finalized, we will be able to deliver a single digital identity that consolidates user context across all channels, social media and offline sources. Akamai CIAM capabilities will improve end user security while also decreasing friction, enabling customers to improve and personalize the end user digital experience. CIAM helps customers meet regional end user privacy requirements around the globe. And finally, CIAM delivers better visibility into end user behaviors and preferences that can drive increased revenues through improved digital marketing and stronger up sell and cross sell opportunities.

By broadening Akamai’s role in delivering the best end user experience possible, extending and improving our security protections, and expanding to marketing initiatives and execution, I believe Akamai with Janrain can become an even more strategic vendor to our customers.

The acquisition is expected to close in early 2019.

*** This is a Security Bloggers Network syndicated blog from The Akamai Blog authored by John Summers. Read the original post at: