Mayur Upadhyaya, CEO of Contxt, will give a presentation on how to preserve privacy in identity-aware customer applications at EIC22, the European Identity and Cloud Conference, organized by KuppingerCole.
After working with consumer companies around the world, Mayur has seen first hand the challenges of building and retrofitting privacy requirements into existing customer applications. Often, in the rush to launch new customer experiences, personal data is over-exposed and over-replicated. The default is to ship all identity attributes, to all systems, on every request in order to make access decisioning easier for application developers.
This approach disperses identity information across the application stack; which increases risks of data breach, data loss, and compromised identities. As a result, consumers lose trust and new business opportunities falter; or worse, customers like the new experience, but its success creates security and compliance liabilities that expand exponentially. To remediate the risk, data teams enter a never-ending cycle of costly data analysis and audits.
Identity architects and developers need to address privacy requirements earlier – not in post-collection data management, but instead in the application development process. While Privacy by Design and Privacy by Default principles are a helpful framework, they offer little practical guidance for developers to actually build privacy-preserving applications.
Mayur will discuss how to use identity data at run-time, in the context of the application; how to retrofit existing applications with privacy requirements; and how to easily evolve applications over time.
Other speakers that will present successful projects and best practices include Mastercard, ForgeRock, Siemens, Lufthansa, Ping Identity, Microsoft, and others. EIC22 is May 10-13, in Berlin and also available as a hybrid event online. For more information, please visit https://www.kuppingercole.com/events/eic2022.