McConchie and team faced three major challenges: improve customer experience, meet PSD2 compliance and increase business agility. Their first requirement was delivering a new single-factor authentication solution for a self-service web portal for their general insurance customer base. But this would introduce yet another siloed identity into their already disparate identity ecosystem. To meet the targeted launch date, the team had a narrow window in which to change course. This included finding a way to efficiently stand up the products, build a single-factor authentication journey and configure all of the insurance products to provide the necessary security that they required.

Next up was replacing their legacy security technologies across both web and mobile so the Tesco team could build out the requirements of PSD2. They needed to address the API security requirements of open banking and implement continuous risk-based authentication. McConchie says, “It was certainly a high-risk project because the web and mobile channels were existing and servicing millions of customers. There was considerable focus from senior stakeholders to ensure we were able to migrate off our legacy security technology without impacting customers adversely.”

Facing hard deadlines and a growing list of requirements, the bank orchestrated a proof of concept between their incumbent vendor and Ping Identity. To pressure test the technologies, they built a dummy web application to compare each vendor’s ability to deliver a customer authentication journey and abstract authentication and authorization from the application itself. They wanted to see how each vendor could break down their identity silos and bring it all together to build a common identity layer.
Ping + ProofID emerged as the winners. Explains McConchie, “We saw how we could use PingAccess and PingFederate to work across web, mobile and API. The ease with which we could deploy across channels was a critical factor, also the dynamic authorization of Symphonic (now part of Ping DataGovernance). Ping’s solutions give us the flexible authorization capability we need to minimize friction and deliver a customer-centric experience.”

“We faced many challenges given the schedule and number of people and processes involved. But Ping’s products and team couldn’t have been much easier. The Ping strategy and roadmap are so well aligned with what we want to do as a bank. From the Ping perspective, I’ve been really, really pleased.”

– David McConchie, Customer Security Architect, TESCO Bank