Session / Architecture & Standards

Practical CIBA: Tales from the Field

Wednesday, June 23
7:30am - 8:20am MDT

Client Initiated Backchannel Authentication (or CIBA) is a recently ratified extension to OpenID Connect that opens up a world of new authentication and transaction approval use cases, through the use of strong out of band authentication. One particular strength that sets CIBA apart from other standards-based flows is that there is no requirement for a browser user agent, as all interaction with the user takes place out of band, most commonly using push messaging to a mobile phone app. In this session, Rob will demonstrate a number of real world use cases where this technology can be used to improve consumer experience when interacting with the organizations that need to identify them, whether virtually or even physically. When combined with another standard flow - the OAuth Device Authorization Grant - CIBA offers a powerful and flexible solution to identifying customers and allowing them to authorize specific actions, even in a world where physical contact must be limited. Many of the customer organizations that Rob has dealt with over the last year have been hugely excited about the potential impact of these new standards and how they can work together to deliver next-generation customer experiences that move beyond browser-based interaction, to encompass a true multi-channel experience that includes call centres, chat bots, in store kiosks, smart devices, and more.