Balance Regulation and Loyalty With Privacy and Consent Controls
Consumers are sharing more information than ever before and have higher expectations as to how organizations consume personal data and what they do with that data. As a result, regulations — such as the E.U. General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) — have been enacted and more are on the way. Privacy requirements change frequently and are increasingly complex for global organizations operating in multiple jurisdictions.
The ForgeRock Identity Platform is designed to support both digital transformation initiatives at the scale required for large consumer populations and Privacy by Design. Serving these needs together helps our customers build and maintain trusted digital relationships with their end users.
We help organizations address privacy compliance requirements, including:
Enabling unification and clarification of user identity information across an organization’s systems, regardless of the underlying storage technology.
Providing methods for consent and data control to users.
Offering centralized privacy and consent management options to users.
Protecting personal data through pseudonymization, encryption measures, and other techniques.
Addressing GDPR data residency and data sovereignty requirements through fractional replication, data filtering from legacy applications, and other techniques.
Manage Consent and Give Consumers Control Over Their Data
Giving users the ability to manage their own profile and privacy settings is essential for most customer-facing implementations. Not only is this a legislative requirement (for example with GDPR and CCPA), it also helps reduce customer support costs. Above all, it helps establish a closer relationship with customers because they can see exactly what personal information a company holds, and why.
The ForgeRock Identity Platform provides a comprehensive, standards-based profile and privacy management dashboard. Users can manage their own profile details, the devices connected to their account, applications they have consented to connect to their account, how they choose to share data, and what personal data is shared with external databases, such as marketing automation platforms. It also addresses many other user requirements related to key regulations such as GDPR, including giving users the ability to save their profile data locally and the right to delete their profile.
Enable consumer-controlled data while addressing privacy regulations. The Profile and Privacy Management Dashboard builds customer trust by giving users the power to control their personal information, security, and privacy preferences.
Remove Identity Silos With a Single View of and for the Customer
Delivering on important data subject rights — such as right of access, rectification, erasure (right to be forgotten), and objection to processing — requires unifying siloed user identity information and ensuring the consistency of that information. Organizations must know what data has been collected, keep it up to date, and understand when it is no longer relevant so that it can be deleted. This is no easy task. The challenge is compounded when an organization doesn’t know where all the data about a consumer is stored.
Legacy identity systems struggle to provide a single view of the customer and may become isolated. Products that were not designed specifically to work together have limited integration, resulting in disjointed data collection and management which can negatively impact the user experience. You need an identity platform that can build an up-to-date and complete picture of your consumers and their interactions with your organization.
The ForgeRock Identity Platform provides organizations of all types with a single API for viewing and managing customer data across all systems, no matter what supported technology those systems are based on. Our connector framework brings together data from different interfaces, systems, and data stores. With a single view of the customer, a large organization can find out, for example, that a single customer has multiple accounts across different divisions, after having purchased multiple products or services.
Secure Consumer Data and Support Data Residency Requirements
In many countries, how you store and process user accounts and profile information is subject to regulations and restrictions that protect users' privacy. Data residency and data sovereignty are related concepts covering the legalities of where user data resides and the legal authority over the data, regardless of where it resides. To address data residency requirements, the ForgeRock Identity Platform enables fine-grained access controls, privacy-bound user data storage, and fractional replication of personal data. This allows for secure cross-border data transfer processing of user data that is context-sensitive to a particular jurisdiction.
Not Optional — Privacy Regulations Affect Everyone
GDPR: Comply With Global Privacy Regulations
Business leaders face tough choices every day. Since May 2018, organizations that hold or process the personal information of EU citizens are subject to the impact of the new Global Data Protection Regulation (GDPR). It's time to devise a privacy and consent strategy that treats consumer-controlled data sharing across cloud, mobile, and IoT sources as a business imperative and shifts innovation toward consumer trust.
The Revised Payment Services Directive (PSD2) is meant to increase competition and innovation in the financial system by increasing privacy and security to improve the customer experience. The ForgeRock Identity Platform is uniquely suited to address its requirements around strong customer authentication, data sharing via secure APIs, and explicit customer consent for data sharing. It went into effect on January 13, 2018. Are you ready?
Consumer Data Right
The Consumer Data Right (CDR) legislation aims to provide consumers in Australia with better choice, access, and control of their data, including how it is used and disclosed. CDR will initially apply to the banking industry, with telecommunications and energy retailers following soon afterwards. It will require that organizations open consumer data to third parties, obtain user consent for data sharing, and apply strong customer authentication for services.
ForgeRock allows you to meet CDR mandates with a unified platform built to address key challenges around customer authentication, secure APIs, customer consent, and identity best practices.
ForgeRock provides continuous security not just at login, but throughout a digital session. The ForgeRock Identity Platform can respond to threats in context, asking for additional identity verification when something unusual takes place, like a resource request from an unfamiliar location or device.
User-Managed Access (UMA)
User-Managed Access (UMA) gives your customers and employees a convenient way to determine who and what gets access to personal data, for how long, and under what circumstances. Users delegate access through a simple “Share” button in your app, and can monitor and manage sharing preferences all through a central console.
What The Internet of Things Means for Consumer Privacy
Explore the privacy concerns and priorities of global consumers stemming from the Internet of Things (IoT).
Build Trust Through Protecting Privacy
With UMA, you can secure the user experience on any device, and tailor it to the customer’s data-sharing preferences — or as we like to say, “no more data about you, without you.”
Power to The People
Compliance with GDPR is an opportunity to build trust with consumers as it lays out the privacy guidelines that informed consumers are asking for in this time of digital transformation.
Get the Facts about CDR Open Banking
Consumer Data Right (CDR,) Open Banking and Beyond.