CDP and CIAM: A match made in cookieless marketing heaven

Most companies today, no matter how big or small, compete in a truly global marketplace. As a result, the pressure is on marketers to understand their customers more deeply. This understanding is the basis for effective campaigns and great experiences that increase conversions, create loyalty, and — ultimately — foster long-lasting and valuable relationships.

You can only achieve this kind of deep understanding of customers by collecting and properly leveraging high-quality data. However, obtaining customer data is no easy feat. As privacy awareness has increased — and for good reason — so has privacy regulation. Today, understanding customers through data is challenged by:  

• The impending elimination of third-party cookies, greatly impacting the ability to target users across sites and brands, driven by privacy regulation requiring user consent  data collection
• Consumer reluctance to share data without a clear value exchange (e.g. trustworthy, personalized, and frictionless omnichannel experiences)
• Complications presented by multi-brand, omnichannel engagements limiting the ability to deliver the value exchange, often resulting in silos and clumsy user experiences

In this post, we’ll outline how integrating a customer data platform (CDP) with Customer Identity and Access Management (CIAM) helps marketers overcome these challenges with a source for normalized, accurate, and consented data. Integrating CDP and CIAM can effectively resolve Identity across devices, channels, and platforms, and deliver the frictionless, hyper-personalized, and secure experiences customers have come to expect. 

What is a CDP?

A CDP is a collection of software that attempts to build a unified view of every customer by collecting and harmonizing information. While there isn’t a practical restriction on the information that a CDP can ingest, some of the most common types include:

• Identity data: name, demographics, contact info, and other protected data, etc.
• Descriptive data: information pertinent to a particular organization’s objectives, such as a customer’s interests, education history, career path, and income level — and so on
• Quantitative data: potentially anything that can be measured, including average purchase volume and frequency, number of engagements with an organization’s social media channels, interactions with customer service, etc.
• Qualitative data: additional context such as sentiments and motivations

By aggregating customer data across multiple channels and repositories, a CDP can bring together multiple datasets that, together, are more valuable than each in isolation.

But for the CDP to create an accurate, 360-degree profile of each customer, it needs to ingest reliable and complete information. 
 

CDPs ingest and aggregate data across many siloed data sources
 

These rich profiles promise to enable marketing teams to optimize the timing and targeting of offers, communication, and engagement activities — including highly personalized experiences — based on deep analysis of behavior across the entire customer journey.

However, as with any tool that employs data ingestion and aggregation, the CDP depends on the accuracy of its upstream data sources — in this case, zero-party data (ZPD) and first-party data (FPD) collected across all customer-facing channels.

Limitations of CDPs

CDPs are great tools, which is why they’ve become so popular with many marketing and sales organizations. In fact, many organizations have multiple CDPs used by different teams, which is good (more teams using more data to make more informed decisions) and bad (disconnected data silos creating imperfect points of view).

However, it’s important to recognize that — as with any tool — CDPs have limitations.

GIGO: Garbage in, garbage out

By far, the biggest limitation of a CDP can be summed up in the pithy expression “Garbage in, garbage out” (often shortened to GIGO).

Because CDPs aggregate data collected by other sources, the accuracy of the profiles they produce and the insights these profiles provide (i.e., when explored in aggregate) depend entirely upon the quality of the data the CDP ingests.

Basing decisions on poor-quality information — e.g., wrong, incomplete, outdated — can be worse than basing decisions on limited information. In the latter scenario, you’re likely aware of the limitations and can behave accordingly. But poor-quality data may point you in the wrong direction, leading to surprise and confusion when results disappoint you.

Customer consent also provides another limitation: A CDP has no inherent way of knowing whether or not it’s ingesting data gathered compliantly, and basing decisions on information gathered without a user’s consent can annoy or even upset your customers — while running afoul of regulatory obligations.

Silhouettes or real people?

Who are your customers? Ultimately, answering this question at the macro (segment) and micro (individual) levels is one of the most important things a marketer can do.

However, a CDP doesn’t inherently have this ability because it doesn’t include any mechanism to determine a customer’s identity or collect and validate such information directly. Of course, a CDP is perfectly capable of joining together datasets with common attributes (e.g., email address, phone number), but with no authoritative source of Identity information, the output is essentially a collection of anonymous “silhouettes.” And, oftentimes, these silhouettes do not belong to a real person but are bot-driven.  

While legitimate silhouettes still have real-world utility, their value pales in comparison to a complete 360-degree profile that includes accurate and validated Identity information (i.e. ZPD and FPD) — which is where CIAM enters the picture.

What is Customer Identity and Access Management (CIAM)?

CIAM is often oversimplified as the technology that powers your login box (or protects your APIs), and controls what users are allowed to do (i.e., what resources they are allowed to access) after they authenticate with your system. However, CIAM is, at its core, customer data, plus the tooling to protect, respect, and connect that data. 

In immature organizations, CIAM tools operate alone. However, the power of CIAM is realized by working in an integrated way with other systems — like a CDP or customer relationship management (CRM) platform. Thus, a modern CIAM solution enables organizations to:

• Collect data over time, and integrate it with other systems for strategic and tactical decisions and experiences
• Provide levels of assurance that a user is a real person versus a bot
• Help create meaningful relationships with customers that evolve over time and across channels
• Tackle the problem of fragmented data silos
• Satisfy customer demands and regulatory requirements for data privacy, regardless of downstreaming tooling changes
• Help strengthen the organization’s security posture

While the literal definition of CIAM has remained consistent over the years, its true meaning and impact have evolved as digital transformation has changed how customers and organizations build relationships and interact.

But let’s start with the basics. In Identity terms, the four essential features of an effective CIAM solution are registration, authentication, authorization, and Identity management.

• User registration (identification) creates the record that makes the rest possible. During user registration, a CIAM platform typically verifies that identifiers (such as email or phone number) are legitimate but can also include more advanced forms of Identity proofing. 
• Proper authentication ensures that the users logging into accounts are who they say they are and can include multiple factors and advanced techniques like passkeys. 
• Effective authorization helps businesses provide a user with the appropriate level of access to resources or applications.
• Comprehensive Identity management is the suite of tools that covers updates and changes to users’ data and access. In CIAM, user access permissions and security policies are typically assigned automatically but authorized personnel (business customer administrator, customer service, etc.) can update them. Also, customers typically manage — to the extent permitted by the use case and required by regulations — their own identities, data, and preferences.

In the context of CDPs, the most important foundational functions of CIAM are registration, authentication, and Identity management.They all directly contribute to improving the quality of Identity data and adhering to privacy and regulatory compliance laws.

Looking beyond the basics, CIAM is also the point of integration for third-party tools and services that perform or enable:

• Social login to simplify signup, login, and frictionless profile enrichment by leveraging existing social media Identity providers 
• Consent management to streamline how consent is requested, stored, and updated across all your channels
• Identity proofing to ensure a user's claimed identity matches their actual identity
• Marketing automation to facilitate email and SMS campaigns, ensuring these contact methods are legitimate
• eCommerce to trigger recommendations, facilitate secure and streamlined checkouts, and more 
• Point of sale to optimize in-store customer service and self-service support kiosks 
• Web analytics to tie anonymous user actions to converted (identified) users
• Lead enrichment to ensure profiles and records contain accurate and relevant data 
• And more

Essentially, a modern CIAM platform orchestrates, enriches, and connects the data to and from these systems (or any third-party system related to your customers) across tech stacks including CDPs, DMPs, CRM, fraud prevention systems, etc. 
 

CIAM collects accurate, zero- and first-party omnichannel data and connects, enriches, and orchestrates it across MarTech

Limitations of CIAM

The biggest limitation of CIAM, compared to a CDP, is that a CIAM solution isn’t designed to do what a CDP does.

CIAM is about authenticating and managing user identities and carefully controlling resource access accordingly. Modern CIAM solutions orchestrate more than just logins, password resets, and other Identity flows. And good ones do so in a way that can simultaneously achieve strong security and deliver a great (e.g., easy, fast, familiar) user experience. And the CIAM solution is what puts into practice the combination of an organization’s Identity policies (your rules), user experiences, and an individual user’s preferences (e.g., using a passkey instead of a password or providing the “remember me” option).

Beyond this, CIAM is, at its core, about collecting and managing customer data through interactive channels. Understandably, this apparent overlap in “customer data” is where the CIAM vs. CDP confusion starts. 

But CIAM solutions aren’t designed to aggregate historical transactions, ingest and analyze third-party data, or perform most of the other functions uniquely provided by a CDP. In fact, to get the most out of CIAM and a CDP, they should be used together. An analogy for the relationship between the two platforms is that a modern CIAM platform is like a loading dock and shipping department where packages (data) can be validated and routed. Meanwhile, a CDP is like a warehouse and logistics center where packages can be disassembled, reassembled, and combined with other things.

CIAM provides a clean and normalized source of omnichannel ZPD and a continuous and compliant thread through all of the various FPD sources. And a CDP provides data aggregation, user matching, profiling, and analysis, making the two platforms better together.

Better together: Using CDP(s) and CIAM to responsibly collect and leverage customer data

The fifth edition of Salesforce’s State of the Connected Customer report revealed that 73% of consumers expect companies to understand their unique needs and expectations (up from 66% in 2020).

Most marketers are happy to oblige, but delivering personalized experiences and crafting high-performing campaigns requires information — and many traditional data sources are disappearing.

• Legislation is giving consumers additional rights regarding how their personal data is acquired, tracked, and used (the CCPA, GDPR, PIPEDA, and more)
• 3rd party cookies used for cross-brand profiling at scale are disappearing
• In addition to government regulation, technology companies have also introduced anti-tracking measures — notably Apple’s App Tracking Transparency (ATT), which reportedly cost Facebook $10 billion in lost revenue
• Companies have also started pushing back against browser fingerprinting — a way of uniquely identifying an individual without the need to use a tracking cookie — with both Apple and Mozilla including anti-fingerprinting measures enabled by default

In the privacy-conscious cookieless age, campaigns and personalized experiences will be powered not by third-party data, but instead by customer consent. In this new paradigm, terminology needs to evolve so that marketers can distinguish between:

• ZPD that customers willingly share with you, such as fields on a sign-up form, their shipping details, or an email survey they completed. This often includes personal data that can be attributed to a single person and is protected by data privacy regulations in many jurisdictions.
• FPD that customers generate as they interact with your site, including search history, analytics information, session metadata, and more. Many types of FPD require consent to acquire and use. Unlike ZPD, some kinds of FPD can be anonymous (e.g. web analytics) and, in certain cases, later de-anonymized.

CIAM and CDP platforms work together to acquire, manage, and leverage this data — and to associate it with real, known customers — while meeting ever-evolving customer expectations and regulations.

CIAM and CDP(s) complement each other unlocking outcomes together that neither can deliver alone

Enriching profiles while meeting customer expectations for privacy

Today’s customers care about privacy. Okta’s Customer Identity Trends Report, based on a survey of 21,512 consumers from 14 countries, revealed that 80% of all respondents considered control over their data important.
 

When interacting with a brand online, how important is it to you to have control over your data (e.g. change the privacy settings, limit the information you have to share)? (sum of Very Important and Somewhat Important)

Given the strong competition for customer attention — and the growing trend towards increased regulation around privacy — organizations that want to build long-term customer loyalty need to be transparent about what data they collect and how it’s used to power a private, secure, and convenient experience and provide customers with tools to manage their preferences.

But in a privacy-conscious world, how do you persuade customers to part with their data in the first place?

The key is trust: Customers will only share data and opt into marketing programs if they feel confident that their data is safe, being used in the way they’ve agreed to, and will benefit them by providing more personalized and convenient interactions. But it also needs to make sense in context. Asking for a credit card number upfront obviously erodes trust as it makes no sense ahead of a purchase decision, but asking for too many details during an initial registration can have the same effect. Ask for only what is needed and when it makes sense to the end user to provide it.

CIAM is the foundation for all of these things and is essential for equipping your CDP with the accurate and complete data it needs to turn separate datasets into customer profiles, segments, and insights.

Turning anonymous data into holistic customer profiles

Thanks to the proliferation of digital channels, marketers now have access to a vast amount of data at their fingertips. Every online interaction tells you something more about your customers, whether it’s their demographics, behavior patterns, preferred communication channels, favored products, or buying habits.

But, this data is frequently inconsistently gathered and scattered across disparate systems, giving you an incomplete picture of the truth.

In fact, research from Salesforce found that “only one in three marketers said they were ‘satisfied’ with their ability to reconcile identities across data sources.”

It’s common for a single customer to have multiple identities on multiple platforms and brands all owned by one organization. For example, they may have a separate account for your website and another for your loyalty program or completely different accounts across multiple brands that combined via mergers and acquisitions.

Complicating matters even further, FPD — as noted earlier — is often collected anonymously, and in many organizations, it stays in a web analytics system rather than being incorporated into the CDP. Or, if it’s pulled into the CDP, its utility is limited until it can be linked to known identities.

CIAM helps you tie your data to known, engaged, and converted customers — turning shadows and silhouettes into comprehensive profiles of real people.

These profiles can be mined for insights and put into action with a level of personalization and granularity that isn’t possible without a CIAM solution to manage Identity.
 

Ensuring CDPs only ingest data that customers have consented to share

Plus, their information may not have been gathered in a way that’s compliant with data protection regulations, or the consent may be lost due to switching platforms, making it untrustworthy and unusable.

Data privacy regulations often require you to obtain customers’ clear consent to collect and use their data. As noted above, CIAM helps you store this consent — so you can confidently use the data you collect even if you switch to other platforms.

In addition to ensuring your CDP only ingests data that customers have consented to share, this level of clarity and control also helps you easily respond to customers’ enquiries — or proactively communicate policies in plain language — regarding what data you store for them.

Enhancing Identity data collection and improving Identity data quality

Data is vital for tailoring your offers, remembering your customers, and preventing them from having to re-enter information. But the way you gather data can make or break customer perceptions and experiences — and impacts the quality of the data itself.

Simplifying signups to increase account creation

Registration is that pivotal point when an unknown prospect becomes a known customer. And first impressions matter: Your sign-up process is often a user’s first real interaction with your brand.

To underscore this point, Okta’s Customer Identity Trends Report revealed that customers ranked “filling up long login or sign-up forms and creating passwords” as the most frustrating factors when registering for or logging in to a service. Faced with frustrations, many customers may abandon your service or resort to entering false or incomplete data. But a modern CIAM platform can help by making it easier for customers to sign up.

Leveraging passwordless approaches like sending a one-time code via SMS or by implementing passkeys allows users to securely start interacting in meaningful ways without the usual friction of a traditional registration process. With passkeys, users leverage their relationship with Google, Apple, or Microsoft to sign up for and sign in to applications the same way they unlock their mobile devices (sign up on their phones via Face ID, sign in on their laptop via fingerprint without re-registering). By reducing reliance on passwords, organizations can improve engagement and revenues, as the Okta Customer Identity Trends Report found that customers are more likely to spend more when login is simple, secure, and frictionless. 

As covered earlier, another common CIAM feature that simplifies the registration process is social login — essentially single sign-on (SSO) for your customers — that provides users with a one-click sign-up (e.g., “Sign in with Google”) option, using their existing social accounts, versus requiring them to complete multiple fields and provide information upfront.

In addition to helping convert prospects into customers, social login can help to start building out the user’s profile while improving the Identity data you collect. Many Identity providers — like Facebook or Google — allow websites to automatically obtain basic biographical details a user has consented to share, like their name, confirmed email address, location, interests, birthday, and more. Data obtained like this is more likely to be accurate and — better still — doesn’t require the user to type it out, saving them effort and further reducing friction.

Using progressive profiling to gather more data

As noted above, long forms frustrate users.

Modern CIAM solutions offer an alternative in the “form” of progressive profiling, an approach to data collection in which you gradually build up a picture of your customer.

For example, a returning user may be prompted with a message to “Tell us a bit more about yourself and receive 10% off your next order.” This incremental, context-aware, and benefit-oriented approach builds trust and is less likely to frustrate your users to the point where they enter garbage into your form fields (thus polluting your CDP).

Delivering consistent and personalized omnichannel experiences

Intelligent engagement requires a consolidated omnichannel view of customer Identity, preferences, and history across all interactions and transactions — and the best customer experiences depend on trusted, unified, and consented data.

When data is outdated or collected without informed consent, trust and experience suffer, and personalization falls apart. CIAM is the key to acquiring, managing, and effectively leveraging this data. It enables Identity resolution, ensuring the 360-degree view for each customer is fueled by accurate, verified, and consented data.

Equipped with these detailed, CDP-created customer profiles, companies can leverage CIAM to:

• Enable a universal login experience across all your brands — regardless of the channel or Identity provider (i.e., in the case of social login) the customer decides to use — whether in-person or virtually
• Power consistent, seamless, personalized experiences for customers wherever they engage with your brands — reducing acquisition and retention costs, and maximizing satisfaction and revenue
• Observe and influence customers who journey across multiple brands and categories — going beyond cross-selling and upselling
• Extend loyalty programs across all the relevant brands under a corporate umbrella — increasing customer stickiness and the rewards for loyalty
• Suppress campaigns where needed, like avoiding targeting customers with ads for products they already have
   

By giving you the power to orchestrate your own user journeys, CIAM — working in conjunction with your CDP — unlocks vast potential in how you manage customer acquisition and retention.

Summing up

In a cookieless and privacy-conscious world, users will be anonymous by default.

As a result, all marketing tools — from CDPs and CRMs to AI-based recommendation engines, copy tools, and campaign managers — will be hugely dependent upon a central source of truth for Customer Identity.

Moreover, as third-party data sources disappear, organizations will increasingly base strategic and tactical decisions on ZPD knowingly provided by customers and FPD collected with customers’ informed consent.

A modern CIAM solution powers your Identity flows (e.g., anonymous to known conversion, account creation, logins, password resets, progressive profiling, SSO, etc.) and allows you to collect data incrementally and with your customers’ full consent. With CIAM, you can confidently collect more — and more accurate — ZPD and FPD to feed into your CDP.

By design, a CDP doesn’t do what a CIAM solution does and a CIAM solution doesn’t do what a CDP does. But when integrated, they equip the organization with the insights and capabilities needed to understand customers, comply with privacy legislation and preferences, and create great user experiences.

The digital marketing landscape is continuously evolving, and with traditional techniques relying on 3rd-party cookies no longer an option, marketers will need every tool in their toolbox (not just CDPs and CIAM) to interoperate seamlessly. 

To learn more about marketing in a cookieless world, check out this eBook. 

These materials and any recommendations within are not legal, privacy, security, compliance, or business advice. These materials are intended for general informational purposes only and may not reflect the most current security, privacy, and legal developments nor all relevant issues. You are responsible for obtaining legal, security, privacy, compliance, or business advice from your own lawyer or other professional advisor and should not rely on the recommendations herein. Okta is not liable to you for any loss or damages that may result from your implementation of any recommendations in these materials. Okta makes no representations, warranties, or other assurances regarding the content of these materials.  Information regarding Okta's contractual assurances to its customers can be found at okta.com/agreements.