“Innovation has a high priority at Baloise”, says Jeroen Hulshof, Chief Information Security Officer at Baloise Belgium. “With our Simply Safe strategy, we focus on protecting and diversifying our core business while also going beyond traditional insurance. An outstanding digital consumer experience is at the core of all these activities. So, to achieve this next-level experience all countries and departments were asked to think about how they wanted to put Simply Safe into action.” As Jeroen explains, the Belgian finance and insurance market is traditionally broker-oriented, which meant that Baloise at the time didn’t have a direct customer solution in the past. However, the market is rapidly evolving and Baloise recognised the importance of offering its services directly to consumers. And for this, they would need a B2C identity and access management (IAM) solution.
The most broker-friendly insurer of 2018 because of its commitment to offering a convenient yet secure customer experience.
Using the Thales OneWelcome Identity Platform for the main Baloise label and many sublabels such as gonna.be
Supporting agents, customers and empowers with the Thales OneWelcome Identity Platform.
Launching an all-new IAM platform for customers brings many challenges. Naturally, the login system would have to be extremely user-friendly yet highly secure and transparent. And it would have to be optimised for use on mobile devices, which the majority of consumers now use to access their financial information. Other requirements included simple onboarding with a one-minute signup, and support of external identities such as public and social IDs. “On the other hand, we would need to deal with the increased frequency and sophistication of hacking attacks with a strong focus on identity theft, as well as tougher regulations that protect consumer transactions and personal privacy”, Jeroen adds.
Jeroen realised that the size of the challenge would be too wide for Baloise’s own people to cope with, but didn’t see this as a problem. “Security services can also be outsourced and fits in our outsourcing strategy. The next question was whether we wanted to have a CIAM platform on premise or in the cloud, but then we looked at analyst options such as Gartner’s forecast of how identity-as-a-service will increase in the coming years.” While Baloise will maintain some of its on-premise systems, the company is gradually moving towards the cloud, which offers numerous advantages. By choosing a cloud-based CIAM platform with Thales at its core, Baloise now has a single hub connecting information systems ranging from partner systems, applications and APIs, various identity providers and mobile services, as well as a means of controlling all external users.
In addition to offering a flexible solution that meets Baloise’s strict technical requirements, Thales also offers the advantage of being a European company, with data residency within the EU. Jeroen says, “We are all aware of the credo ‘America first’, but I believe that in Europe we should do the same and invest in our own tech. Also, typically, insurers want every level of assurance covered, from prospects that do not really require that much identification to highly identityproofed customers. We wanted a solution that could manage all of these levels, and the Thales OneWelcome Identity Platform is capable of supplying the whole range—it has all the customer journeys out-ofthe-box, so to speak. That fact has made our lives a lot easier.”
By simplifying our authentication process, we have enabled our business lines while also providing single sign-on for our brokers. And there are so much more capabilities and features on the Thales OneWelcome Identity Platform that we can still utilise and link to our Simply Safe strategy.”
Jeroen says that the Thales OneWelcome Identity Platform at its core provides a future-proof basis for Baloise to continue exploring new authentication possibilities. First, we want to onboard more applications and modernise API security by using the OAuth tokens issued by the Thales OneWelcome Identity Platform. Thales has helped Baloise in Belgium to offer a smooth, secure authentication process so that it can achieve its goal of offering a direct B2C channel online. At the same time, the new system has improved the user experience for Baloise’s B2B partners.
Originating from Basel, Switzerland, the Baloise Group operates as a specialised financial services provider, offering a combination of insurance and banking services. Its core markets are Switzerland, Germany, Belgium and Luxembourg. In Belgium, Baloise was voted most broker-friendly insurer of 2018 because of its commitment to offering a convenient yet secure customer experience. This was the result of the Simply Safe strategy launched in 2016, aimed at transforming Baloise into a customer-focused provider of assistance, care and prevention solutions in four key areas: mobility, home, financial wellness and business services. For this, Baloise either performed acquisitions, invested in startups or launched startups on its own–adding up to over 50 ongoing initiatives. Baloise’s strategic goals were the reason why Baloise’s Belgian branch wanted to create a single customer identity and access management (CIAM) platform for all of these initiatives. And that’s why they decided to partner with Thales.
© Thales - October 2023