Citizens and businesses in Italy use SPID, the Public Digital Identity System, to access the public administration and its digital services with a single user identity. This authentication system represents a valuable opportunity to improve and simplify the customer experience, especially for private companies considering that about 65% of the Italian population has an active SPID account. It’s easy to see how tapping into this authentication system for business applications would benefit both users and businesses.
Let’s explore how composable architecture was used to optimize the SPID integration process with a dedicated a packaged business capability (PBC) built by Intesys.
Why businesses should utilize SPID Service for customer access
There are two distinct reasons:
- Currently, there are 39 million active SPID accounts which corresponds to about 65% of the Italian population.
- Customer experience is one of the most important, if not the foremost competitive factor for any company with an internet presence. Industries like banking, insurance, and healthcare services all provide customer-facing applications that interact directly with customers and clients, making that interaction crucial for a competitive edge.
Most people find it a hassle and burdensome having to manage dozens of web accounts, with password fatigue, complex verification processes, and concerns about cybersecurity and data privacy. By integrating the SPID authentication system into your application, all this can be avoided; with 39 million people already registered for the service, they just need to click the trusted blue button, authenticate through an identity provider like Poste or TIM, and login.
There are significant benefits for the companies as well. Through SPID authentication, they can receive certified data on users from identity providers and reduce user management costs. It’s a win-win situation, with improved customer experience and loyalty on the customer side, and cost savings and increased sales on the business side.
SPID Authentication: Technical and Bureaucratic Challenges
With such advantages, why isn’t SPID authentication used in applications across all the companies?
The reason is the underlying complexity: partly technical, partly bureaucratic. SPID is an authentication system designed to facilitate access to public administration services, and as such, it integrates advanced security mechanisms that ensure a high level of protection against unauthorized access and potential fraud. It triggers a complex process that involves the following:
- the user, who wants to access the service
- the company, which provides the service
- the identity providers, who securely create and manage personal identities
- AgID (Agency for Digital Italy), which governs and monitors the process
To implement SPID authentication, the company must develop a solution that meets the challenging technical security requirements and obtain accreditation from AgID to enter the SPID Federation and become a full-fledged Service Provider. The requirements include multiple bureaucratic challenges, from the production of various documents and digital signatures, to the issuance and installation of specific certificates
The Composable Approach and Intesys’ SPID PBC
The PBC that our partner Intesys provides to all businesses simplifies and accelerates the integration of SPID authentication to portals and all types of eCommerce platforms.
Independent, reusable, and dedicated to a single purpose, the SPID PBC module is a prime example of a building block for the composable enterprise. Once connected by an API to an application, the PBC takes charge of all authenticating processes, handling calls and responses, and dealing with exceptions and errors, all in compliance with regulations. The module also stores request/response information in a designated database, ensuring access for at least two years in case of inspections. Likewise, data persistence helps administrative verifications with reports related to billing since private enterprises can be charged for utilizing the public SPID service.
The SPID PBC is a pre-packaged software component capable of managing a specific functionality end-to-end, precisely SPID authentication in this case. It is available in the Entando marketplace.
A real use-case of SPID PBC in the insurance world
Implementing access through SPID offers benefits that extend across all sectors and activities that utilize a digital channel with customers.
Intesys recently provided SPID service integration to a major insurance group whose objective was to simplify service delivery to its customers. They provided a comprehensive solution that included technical support to integrate the PBC with the company’s systems, and navigation of the bureaucratic process to become accredited as a Service Provider.
The value of simplification
A packaged business capability achieves the highest value when it takes charge of a particularly complicated process, subject to strict regulations and rapid changes, like the SPID authentication service. Aside from streamlining the technical and regulatory issues, the module is primed to adapt and evolve due to its composable architecture. That means changes in regulations or new innovations can be applied promptly and without disruption.
Adopting a composable paradigm brings many benefits for companies:
- First and foremost, it can leverage 100% of the technical and domain expertise of its partner, which are crucial for the success of a project in such a complex and specific sector.
- The PBC manages the web of interactions between the service provider, identity provider, and AgID. The organization simply integrates it into their application and avoids regulatory and compliance headaches, now and in the future with continuous updates from the developers.
- The module can be incorporated into many cloud-based corporate applications without the need for rewriting code or creating major disruptions.
- Implementation times are shortened and costs reduced with composable methods since PBCs are reusable and independently developed and deployed, making business more efficient.