Case Study

Building a secure multi-brand experience with one of the world's largest Azure B2C deployments

arrow icon arrow icon

Creating a secure authentication framework for a single brand can be a challenge. Applying it across four brands whilst remaining ‘pixel perfect’ is on another level – but with Azure AD B2C, we enabled our client to do just that.

150+ apps. Four brands. One group. Secure authentication and identity management across everything.

This was the challenge given to us by one of the world’s leading telecoms giants. With the help of Azure AD B2C, we rose to the occasion.

Customer experience can make or break a brand. When you’re an enterprise-level business with multiple sub-brands under your umbrella, you can’t afford to offer a subpar digital experience.

In addition to that experience, customers also expect complete security. If your users can’t trust you with their data, they’ll go elsewhere.

Our client, one of the world’s largest telecommunications companies, is undergoing a major digital transformation.

As part of that transformation, it needed to move its customer identity and authentication processes into the Cloud to provide both the security and exceptional experience required.

Azure AD B2C was the chosen solution. As a specialist B2C partner, Microsoft referred the client to us to complete what would become one of the world’s largest B2C deployment to date.

A secure, seamless, on-brand experience with Azure AD B2C

With support from our external identity team, our client now has:

Ebony and green key icon on transparent background

A single access portal

‘One front door’ for access and authentication across multiple brands – improving security monitoring and administration.

Ebony and green hand and mobile phone icon on transparent background

A single authentication portal

A single framework for authentication, applying strong, scalable security to each of its business brands.

Ebony and green Identity management and governance icon on transparent background

Seamless user migration

The ability to securely migrate millions of accounts with no disruption to the end user.

Green and ebony magnifying glass and line icon on transparent background

Improved visibility and monitoring

Improved security log generation and monitoring, thanks to Microsoft Sentinel.

Ebony and green central connected nodes icon on transparent background

Meeting identity and security standards

Best-in-class solutions for a standards-based approach to identity and security.

Ebony and green arrow laptop icon on transparent background

A powerful, modern customer experience

A single, highly customisable, modern platform that protects its customers and provides a ‘pixel-perfect’ brand experience.

A legacy solution unfit for purpose

Our client quickly identified that its existing solutions simply couldn’t keep up with the pace of change and evolving customer expectations.

Using a combination of SiteMinder and Apigee was preventing our client from delivering the security and brand experience it needed to. With no clear roadmap or capability to meet our client’s ambitions, another solution was needed.

Not wanting to be held back by its technology, our client sought to build a platform for the future based on the principles of zero trust. Faced with over 6000 attacks per day, security was a top priority.

tag icon

Need help?

Book a Discovery Call today – and fast-track becoming greater

A short Discovery Call is your opportunity to:

  • Find solutions that meet your unique challenges
  • Learn more about the latest technologies
  • Explore Microsoft licensing and funding options
Speech mark icon

One of the big things for us is security. We want our customers to feel confident and safe giving us their data.

Client Senior Manager for Identity Engineering

Our client wanted to take advantage of modern security features such as MFA and passwordless AND create a seamless, fully branded customer experience across each of its established brands and businesses.

As a secure cloud service with highly customisable branding features, Azure AD B2C quickly established itself as the ideal solution.

After a couple of introductory workshops with us, the client was sold on the platform and work began on a transformation roadmap. The roadmap included the following stages:

  • Creating a single authentication framework
  • Migration of all customer accounts
  • Adoption as a product
  • Refinement and further feature development

Creating ‘one front door’ for access and authentication

It was ruled out early on that having a separate authentication framework for each of the client’s business brands was unrealistic.

Having seven or eight different platforms was simply unmanageable and impractical.

What it needed was one framework that could be monitored, upgraded, and simultaneously updated across each brand – with no visible disruption to the customer experience.

This framework would consist of event-driven architecture and contain a single suite of experiences and features that could be ‘skinned’ to represent each brand for a consistent end-user experience.

A version of the Kocho butterfly logo
Speech mark icon

We’ve got one front door in our security. It makes it great for SecOps, DevOps, etc. They’re only looking in one place for vulnerabilities.

Client Enterprise Architect for Customer Identity and Access Management

Having this one framework also meant that security monitoring improvements could be made, using Microsoft Sentinel to draw security data into a single dashboard for investigation and remediation.

Once the framework had been developed and implemented, the next challenge was migrating users to begin using it.

A roadmap to migrating 30 million customers

With over 150 applications to migrate and more than 30 million customer accounts, we focused on migrating our client’s mobile services brand app first.

This was no mean feat, as the target brand had over 3.3 million active users – and we had to figure out how to securely migrate those users without impacting their usage of the app.

Our external identity team used transparent just-in-time migration to move any users who needed to use the service before migration was completed wholesale.

This involved creating a process where submitted credentials were verified against the existing directory and, if approved, were then created in Azure B2C.

A multi-stage migration process would then be completed to move applications and users to the new platform.

A secure customer identity platform built for scale

Happy with the successful framework development, strategy, and migration of its mobile services brand, we worked with our client to begin the same process on its other brand properties.

Excited by the options and opportunities Azure AD B2C has made available, our client has ambitious plans for the future.

These include completing the migration of its remaining brands, applications, and users into Azure, as well as rolling out passwordless and verified ID technologies to its users.

Alongside improving the customer experience and its internal identity and security infrastructure, our client has also moved to a much-improved pricing structure. As B2C is billed on a monthly active user (MAU) basis, our client will now only pay for usage, rather than per user.

As an organisation with 30-35 million customers, this is a key benefit and one that swung our client in its decision to adopt Azure AD B2C.

It’s now able to confidently expand its offerings and services, knowing that it has a flexible – yet secure – platform on which to build.

Next steps

tag icon

Need help?

Book a Discovery Call today – and fast-track becoming greater

A short Discovery Call is your opportunity to:

  • Find solutions that meet your unique challenges
  • Learn more about the latest technologies
  • Explore Microsoft licensing and funding options
Butterfly overlay image

Got a question? Need more information?

Our expert team can help you.