Google believes that companies can build their own identity and access management capabilities, but this approach is risky because having the right knowledge and access management requires a lot of expertise and cost. Due to the high complexity of building and maintaining identity systems, it is necessary to update the authentication system to ensure account security with evolving technologies.
To help companies solve this problem, Google launched the CICP service, customer identity and access management (CIAM) platform that allows developers add Google-level identity and access management capabilities to their applications to protect user accounts. CICP provides necessary identity management capabilities, including Google-level certification, advanced user security, and three significant features of a global scale infrastructure.
Google-level certification is based on Firebase and Google’s identity platform. CICP provides a customizable authentication service that manages the user interface process for user registration and login. CICP supports a variety of authentication methods, including anonymous, email/password, phone, social, SAML and OIDC. The client’s SDK supports web pages, iOS and Android, and the server SDK supports Node.js, Java, and Python.
CICP integrates Google Wisdom and Threat Alerts to help users detect compromised user accounts for advanced user security. Also, CICP will also provide two-factor authentication in the official version to help users avoid phishing attacks. Finally, CICP is supported by a global scale infrastructure that supports Google Cloud. The performance and network quality are the same as those on GCP to meet the rigorous application requirements. In the official CICP version, enterprise-level availability will provide enterprise-level availability SLA and technical support.
Besides, to solve the problem of secure login for traditional applications, Google also launched the Secure LDAP feature in Cloud Identity. Traditional applications may rely on older infrastructures such as virtual private network servers or Lightweight Directory Access Protocol (LDAP). LDAP is a way to access conventional applications over the network securely, but it is not compatible with current cloud services like Google G Suite or SaaS.
Secure LDAP allows users to use the same credentials as traditional LDAP-based applications when accessing Google Cloud and SaaS. Google said that with Secure LDAP, Cloud Identity helps users unify identity management for the cloud, local and legacy applications.