UK Bank Migrates to Modern Identity Management Microservices

Overview

The customer is one of the largest banking and insurance holding companies in the UK. They used Ping Data Governance (PDG) to centrally manage and control access to identity and profile data within the organization. PDG was reaching End of Life and was supposed to be replaced with Ping Authorize. The team identified several issues with this migration: migration activities requiring config and custom adapter/plugin updates, some custom adapters and plugins not supported by Ping Authorize, no upgrade utility requiring manual reinstallation, high licensing and infrastructure costs, dependency on external vendors, and skills not available in-house.

Request an IAM Assessment

Talk to an Identity Expert

The Challenge

The customer uses Ping Data Governance (PDG) to centrally manage and control access to identity and profile data within the organization. PDG was reaching EOL and was supposed to be replaced with Ping Authorize. The team identified few issues with this migration: Migration activities (Updates required for Configs & Custom adapters/plugins) Some of the custom adapters and plugins are not supported by Ping Authorize No upgrade utility, configs must be reinstalled manually. High licensing and infrastructure cost Dependency on external vendor for migration and other support Skill not available inhouse and expensive in the market to develop and maintain

The Solution

After careful deliberation, a custom-build microservices approach was adopted:

- Built the APIs as Microservices per SCIM2 standards and base configuration catering to all customers.

- Extensible design supports One Identity Strategy and adheres to the customer’s Microservice architecture, design & security patterns.

- Built using Spring Boot, UnboundID LDAP and SCIM2 SDKs.

- Effective load balancing (PDG used direct server communication which degraded performance).

- Easy scalability leveraging customer’s PAAS PCF (Pivot Cloud Foundry), compared to PDG scaling which demands a minimum of 6 months.

- Enhanced security for Secret Management via Hashicorp Vault; earlier passwords were maintained and updated within PDG.

- Minimal or no involvement in Platform Upgrades (OS Patching / Upgrades etc).

The Impact

Seamless Migration Across Applications

Seamless migration covering 13 customer applications and 3 internal/staff applications without any impact to customers.

Zero Post-Migration Incidents

Post-migration, there were zero incidents, issues or observations resulting in improved customer experience and trust.

Operational and Cost Efficiency

Helped saving approx. over £220k per year.

Simplicity

Performance and Deployment Improvements

Customer Satisfaction

Performance and Deployment Improvements

Want to be a part of Trevonix family?

See our Careers

Advancing enterprise security standards

Case studies of identity and access implemented in enterprise environments.

View All Case Studies

Financial Institution Prepares for Trusted Digital Identity Integration

Lorem ipsum dolor sit amet consectetur adipiscing elit semper dalar elementum tempus hac tellus libero accumsan.

Financial Institution Achieves FAPI-Compliant Open Banking Platform

Lorem ipsum dolor sit amet consectetur adipiscing elit semper dalar elementum tempus hac tellus libero accumsan.

Companies we work with

“Trevonix brought the industry experience, technology expertise and proven best practices necessary to transform our legacy infrastructure to a standards-based, scalable architecture.”

Allica Bank

Head of IAM

“They very quickly managed to get a grasp of the legacy product and the target design, which has helped to deliver this release with top quality, where we have zero post release incidents, which is a rare feat for a release of this massive complexity.”

"Big 4" UK Brand

Identity Product Owner