The Identity Standard: How Experian built a secure, streamlined experience for employees, consumers and partners with Okta
Data and Financial Services
Experian is a leading global information services company, providing data and analytical tools to clients around the world. The company helps businesses manage risk, prevent fraud, target marketing offers, and automate decision-making. It also helps consumers keep track of their credit and protect against identity theft. With headquarters in Dublin, Ireland, Experian employs approximately 17,000 people around the world.
Experian Consumer Services’ Credit Tracker app becomes a huge hit with customers for its unprecedented access to credit management tools. Okta provides the identity component.
Standardized identity management
Experian leaders move to transform the company from a credit reporting agency to a customer-driven data services company. To turn Experian into an enterprise equipped to lead in a digital world, IT leaders recognize the need to consolidate their seven identity management providers into one. They also hope to build out an API services environment that will allow customers to programmatically interface with Experian data sources and pull the exact information they need. Secure authentication is central to the project’s success.
After reviewing the success with Okta on their Consumer Services division’s popular Credit Tracker app, IT makes the decision to deploy Okta internally to Experian’s 17,000 employees, connecting all applications company-wide. They quickly move on to connect Experian’s external business services applications, connecting all applications, employees, and customers on Okta within one year. To date, Experian is well into building out its API services environment, selecting Apigee as an API management tool because of its seamless integration with Okta API Access Management.
- 17,000 employees connected to Okta, along with all their applications
- <1 year to full internal and external implementation
- 6 identity management technologies, support contracts, and servers retired, an estimated savings of >$1M annually
- Reduced employee and customer onboarding time
- Faster application and product development cycles
- Increased reliability for business-critical applications
- More secure authentication processes, company-wide
- Ability to meet customer and market demands with increased sensitivity and acceleration
From credit bureau to technology company
Inside Experian’s journey to deliver data services through new applications and APIs, and why they chose Okta as the identity layer to power it all.
A standout consumer app
Company-wide, Experian relies on six disparate identity management providers. IT leaders recognize the need to consolidate, and choose Okta as the standard.
More accessible employee apps
Experian deploys Okta internally to Experian’s 17,000 employees, connecting all applications company-wide and retiring six on-prem services within a few months.
Unified authentication, company-wide
Next, Experian brings its external business services applications onto the Okta platform. In less than a year, the company brings all employees, customers, and partners onto Okta.
Enabling the API economy
Experian begins building an API services environment that allows customers to interface with Experian data sources programmatically. Okta’s integration with Apigee makes it possible.
- 17,000 employees connected to Okta, along with all their applications
- <1 year to company-wide implementation for employees, customers, and partners
- 6 disparate identity management technologies replaced by Okta
From credit reporting to data services
On the list of great business challenges, one of the most daunting today may be this: Transforming an established enterprise built on legacy software into a fast-moving, agile organization ready to take on the digital world.
That’s why Barry Libenson was hired in 2015 as CIO of Experian. Prior to Libenson, the company had already made great strides. While it’s still the largest consumer credit reporting agency in the world, today Experian also helps business customers prevent fraud, offer on-the-spot credit to consumers, or make data-driven marketing decisions.
“I would say that Experian to a large extent really is a technology company,” says Libenson. “Gone are the days where our responsibility was to keep the lights on and keep financial systems operating. We’ve morphed into being more of a strategic partner with the business, helping to decide what type of product should be built, to better understand how customers want to access information.”
That shift—from providing standardized credit reporting, to integrating real-time data into a line of customer-driven services—encapsulates the transformation that Experian is undergoing today.
Identity management sits at the heart of it, says Libenson. “Ensuring that the person who’s requesting information is the person they say they are. Ensuring that we don’t share proprietary information with somebody who’s not entitled to see it. That’s at the forefront of all the products we build.”
The vision: A single identity platform
In shepherding Experian through that transformation, one of Libenson’s first priorities was standardization. He wanted to give developers across the company one set of tools, so they could build products in a consistent way. That’s how you build consistent customer experiences, product to product, he says.
When Libenson came onboard, Experian had many different identity management systems—including products from Okta, Ping, RSA, Oracle, and MobileIron—implemented across various parts of the company. He recognized that standardizing on one identity and authentication platform would be critical for unifying the company’s architecture internally and externally.
For that single identity platform, Libenson wanted a cloud-based identity solution. It needed to be flexible enough to handle Experian’s broad mix of internal productivity applications, as well as the growing number of customer and partnerfacing applications.
To meet the challenge of the digital age, Experian also needed an identity partner that could help secure a growing API ecosystem. Libenson wanted to be able to respond to customer and partner demands for even more sophisticated and customized data services.
Okta is the go-forward strategy for all authentication, and will be the single standard that we use. It will have a huge impact on everything we build going forward. –Barry Libenson CIO, Experian
A solution already in place
In April 2015, two months before Libenson came on board, Experian’s Consumer Services division had launched its Credit Tracker app, allowing individual consumers to keep track of and manage their credit in an unprecedented way. “People love the interface, how clean it is,” says Libenson. “You can log on and see your FICO credit score, how many open accounts you have, and any issues that are affecting your credit. You can also do what-if scenarios to see how you might improve (or negatively affect) your credit score.”
It was a huge hit. It was also the first app that Experian built on the Okta platform. Jeff Scanlon, VP of Global Infrastructure and Technology Operations, chose Okta because of the way it allowed Experian to bring usability and security together, to build a world-class mobile app.
Mervyn Lally, Experian’s EVP of Global Product Development, was Libenson’s first hire. He was charged with evaluating the various identity solutions that Experian had in use across the company. When he came to review what Consumer Services had done with Okta, he was impressed both with the technology and with how easily and quickly it had been implemented.
“It was clear to us that Okta was the leader,” says Lally. “Not only in the marketplace, but in how it was deployed in our environment. We decided that we would standardize as an organization on what our Consumer Services division had started.”
Experian goes all-in on Okta
The next step was deploying Okta to Experian’s 17,000 employees and connecting all their applications to it: financial systems, email, human resources systems, marketing platforms, and so forth. As that phase was completed, IT was able to shut down an array of fragmented legacy on-prem solutions.
“I’m getting rid of six different technologies,” says Lally. “That’s six different support contracts, that’s six different types of servers that I have to maintain, patch, and maintain zero vulnerabilities on.” Today, those components are taken care of by Okta in the cloud, and Experian’s internal IT environment is much simpler to manage. Costs have also decreased as the ongoing expense of managing those services is estimated at over $1M annually.
Another advantage, says Lally, is how efficiently the company can now onboard users. Employees can be more productive because they can get to their applications more quickly.
Next, Experian IT targeted its business customers, to make their access and onboarding just as efficient. Today, it’s standard for retailers such as Home Depot or Target to ask you at checkout if you’d like to apply for a store credit card—even when there are long lines at the registers. Those stores contract with Experian to facilitate that on-the-spot credit analysis.
Experian also offers marketing services, fraud detection, and credit services to financial institutions, such as American Express, Barclay’s, Citibank, and Chase. All of those services include an authentication component.
“There’s a critical need to authenticate that everybody who’s pulling information is who they say they are,” says Libenson. “Equally important is that they’re authorized to pull the piece of information that they’re actually looking at.” Thanks to Okta, that authentication process is even more simple, secure, and reliable today for Experian business clients and their customers.
For a large enterprise, the Okta implementation has gone remarkably fast, effectively consolidating all internal and external Experian applications onto Okta within one year. “We’ve had a very positive experience in terms of working with Okta,” says Lally. “The most interesting for us was the transition from looking at identity in a waterfall type method to looking at it in terms of agile—to learn fast as we deploy the environment, bring it up, configure it, and test.”
The teams struggled a bit at first, says Lally. Spinning new applications up and down quickly was a foreign concept, but it didn’t take long for them to get comfortable with it. “It’s nice watching the speed and the acceleration happen as we do the deployment,” he says.
Enabling the API economy
Experian’s next phase of Okta implementation is about embracing the data-as-a-service opportunity, putting customers in control of the way they pull and view the data they need. “The days of companies dictating how people consume information are really changing,” says Libenson. “Where we used to provide a prescriptive way that we wanted to interface with customers, they’re now coming back and saying, ‘We love the information and services you provide, but we want to consume them differently.’”
To meet those demands, Experian is building out an API services environment that will allow customers to programmatically interface with Experian data sources and pull the exact information they need. “It’s important to understand that almost any app built by our customers wants to incorporate a bunch of different pieces,” says Libenson. “We may be just one component.”
Uber is one example. They use Experian to check the credit background of potential drivers, but there are a number of components built into Uber’s driver hiring platform—it’s not a pure Experian play. Being able to tie various products together is critical to building those kinds of apps.
The API project is a big one. Experian selected Apigee as an API management tool, in part because it integrates seamlessly with Okta API Access Management. “It was really nice watching the partnership between Okta and Apigee,” says Lally. “Now I have the ability to manage APIs in the same way that I manage devices, users, and applications, and how we give access to those applications.”
Giving consumers more control
Libenson doesn’t view Experian as particularly unique in its quest for digital transformation, but getting the API micro-services economy right is extremely important. Failure is not an option, when it comes to responding quickly to customer and consumer demands. The new API environment will help Experian enter new markets, integrate business units, and expand its business.
But even for a financial services-focused organization, it’s not all entirely about money. “The user experience is so much enriched by an API economy,” says Lally. He envisions a world where consumers take unprecedented control of their financial accounts and data.
Imagine being able to lock or unlock your credit report or your credit card account in a single phone swipe. “That would be an API call that uses Apigee and Okta: Okta to make sure we’ve got the security right, and Apigee to make sure the right API call is being executed,” says Lally.
Now that’s a vision we can all buy into.
Okta is the leading provider of identity for the enterprise. The Okta Identity Cloud connects and protects employees of many of the world’s largest enterprises. It also securely connects enterprises to their partners, suppliers and customers. With deep integrations to over 5,000 apps, the Okta Identity Cloud enables simple and secure access from any device. Thousands of customers, including Experian, 20th Century Fox, LinkedIn, Flex, News Corp, Dish Networks and Adobe trust Okta to work faster, boost revenue and stay secure. Okta helps customers fulfill their missions faster by making it safe and easy to use the technologies they need to do their most significant work.
To learn more about Okta, visit:
Subscribe to Okta’s blog:
Follow Okta on Twitter: