Earlier this month, Massachusetts-based Akamai Technologies announced their agreement to acquire Portland-based Janrain, a leading customer identity access management (CIAM) company.
Janrain’s CIAM technology allows organizations to securely capture and manage customer identity, as well as control customer access to services.
Akamai has already positioned itself as one of the world’s largest content delivery networks (CDN) and cloud service providers.
This acquisition promises an even more robust and comprehensive digital strategy against identity fraud.
To understand a bit more about what this acquisition means, ClickZ sat down with Akamai VP and Chief Technology Officer John Summers.
John Summers: We’ve been interested in the CIAM space for a while now, especially as we look at augmenting and extending our own functionality.
Janrain’s early development of CIAM has made them a front-runner in digital insights and protection. We spend a lot of time talking to customers about how they’re doing and how we can help their business better.
The idea of identity protection and management started to really come to the forefront a few years ago. We began focusing on the space in the past 12 months or so.
We announced a partnership with Janrain in 2015. As that partnership continued to grow, we got more serious about the possibility of an acquisition.
JS: Akamai has been around for about 20 years now.
Our goal has been to build a platform that would become the plumbing of the internet, if you will.
We have a global network of servers distributed in over 130 countries. That means we can place servers within just one network hop away from most of the world’s internet users.
Our primary mission is to make the web faster, scalable, and reliable.
Internet users use us all the time, but have no idea. We’re behind the scenes, making sure websites run quickly and creating a seamless and delightful customer experience.
With so many servers, we’re able to help deliver online content rapidly.
From a security perspective, being just one hop away from network users means we’re just one hop away from hackers and attackers. This also allows us to protect our users from data theft and attacks.
JS: Exactly. Akamai is all about making the connection fast.
Janrain is all about knowing who is on the other end of that connection. That makes the combination of the two particularly compelling.
When we talk to our customers, we hear the concerns about identity fraud and theft. And we’re concerned, too.
The main problem is a set of attacks known as “credential stuffing attacks.”
These are what’s behind these huge data breaches with millions of usernames and passwords stolen that it seems we’re always reading about.
What these nefarious actors do is take this stolen data and play it all across the internet.
Thieves are able to test the data across multiple websites over and over again, so for people who use the same passwords across multiple websites, it becomes particularly risky.
Akamai has a solution already that works to detect whether the thing on the other end is a bot or a human.
Janrain goes even deeper, seeing not just the user’s name and password, but also what network they’re coming from, what browser they’re using, etc.
From there, Janrain builds patterns of behavior, creating a whole data set of identity information.
Identifying these patterns will also give us the ability to address the larger problem of digital identity fraud: Is the user behind the username and password the right user?
This is where it starts to get interesting and where Janrain’s technology will help us do a much better job of mitigating potential attacks.
JS: The process is two-fold. First, we work with each customer to define a policy for what they want us to do when we see an attack.
One option is to completely drop the attacker’s connection and deny them from the site.
Another is to let the user in, but alert the customer to the user’s presence so they can keep an eye on them. Or the customer can choose to let the attacker in, but to a different set of systems so that they don’t have access to certain data.
That third option is a way to fake out the bad guys. The attacker thinks he’s gotten access to the data he wants, but he’s just seeing useless data that the customer wants him to see.
After taking one of those three actions, the second thing we do is send a message to the customer in real time in their own backend systems, alerting them to the attack.
They can take that information, send it to their own fraud analysts, and do with it what they will.
Akamai already had these security services independent of the acquisition, and we’ve seen so many of these attacks that we’ve built up pretty good threat intelligence.
Combining Janrain’s technology to what we have already will give us much more attacker data to bring to bear.
JS: Well, for those of us at who’ve made it our mission to defend user identity and information, it’s gratifying to know that we can keep data safe, beat the bad guys, and help businesses succeed.
We’re moving forward with a more robust set of options and data so that we can make better decisions on behalf of internet users, which is the real motivation behind all of this.
The synergy between Akamai and Janrain can make it happen.
(See more on Akamai’s Facts & Figures page.)
Year founded: 1998
Headquarters: Cambridge, Massachusetts
Martech landscape category: Content & Experience: CMS & Web Experience ManagementReblogged 9 months ago from www.clickz.com