Connecting SAP Customer Data Cloud with Regulation Needs

Customers today expect personalization and customization. We get that. But they no longer want that great customer experience at any cost. Customers are done with creepy and no longer accept being tracked without their knowledge.

Instead, customers are demanding transparency and control, both of which are now also mandated by regulation. A recent survey asked consumers how likely they are to share data with a brand. The vast majority said they’re willing to share only if given transparency and control over how this data is shared. And guess what? Data shared directly from the customer is much more valuable, accurate, and differentiated.​

Regulation is now demanding new relationships with customers, based on what customers want today. Two examples are the GDPR (General Data Protection Regulation) and the new California regulation.

The GDPR’s key principles include:

Consent

Data collection requires explicit and informed consent from the individual.

Transparency

Organizations must be transparent about how they collect, use, and share personal data.

Right to Access

Individuals have the right to access their personal data and request information about its processing.

Right to Erasure

Individuals can request the deletion of their personal data under certain circumstances.

Data Security

Organizations must implement appropriate technical and organizational measures to protect personal data.

The CCPA (California Consumer Privacy Act) gives California residents the right to:

Know

The right to know what personal information is being collected about them.

Delete

The right to request the deletion of their personal information.

Opt-Out

The right to opt-out of the sale of their personal information.

Non-Discrimination

Businesses cannot discriminate against consumers who exercise their CCPA rights.

• CDC will refer to SAP Customer Data Cloud throughout the training materials.

• CIAM stands for Customer Identity and Access Management.

• ECPM stands for Enterprise Consent and Preference Management.

SAP Customer Data Cloud can identify your customers using a login and password. Additionally, it supports mobile devices, Internet of Things (IoT) gadgets, cars, and any internet device that can communicate using HTTP RESTful standards. 

It can connect to first-party SAP Customer Experience Cloud solutions such as SAP Commerce Cloud for collecting customer consent preferences, profile, and experience data. It can also connect to SAP Marketing Cloud, where this data can be used for profiling and product suggestion using Artificial Intelligence and Machine Learning tools. 

SAP Customer Data Cloud supports many third-party systems using the built-in Identity Exchange GConnectors and Dataflow Components. Our APIs are built on web-based RESTful standards, with a few lines of code so you can embed our Screen-Sets to your custom Web system or Native Mobile app.

With Customer Profile information, SAP Customer Data Cloud provides master data to any system. This allows the upstream and downstream flow of customer data between your CRM, Business Intelligence (BI), Marketing, SAP S/4HANA ERP, or any other system in your IT infrastructure that needs to centralize B2C and B2B CIAM information.

The SAP Customer Data Cloud platform supports all major browsers without compromising end-user privacy. The same goes for customer interfaces.  We're present on browsers in different screen sizes supporting responsive design, desktop, mobile, IoT, and smart devices.

For Authentication, SAP Customer Data Cloud supports SSO, consolidating your customer base using site groups. 

Customer Data Cloud supports over 35 social networks like Facebook, WeChat, Line, and Twitter. There are also OIDC and OAuth2 as safeguard option to integrate with third-party options. 

Our Customer Identity APIs provide an excellent level of abstraction to customer authentication and registration, independently of the device your customer is using. This solves most cases with a single code line API call to SAP Customer Data Cloud. 

SAP Customer Data Cloud supports the most commonly used languages and platforms, such as PHP, Java, .Net, and Python. In mobile, there are modern SDKs for iOS and Android. To allow federated access to your company network, SAML IdP, and SP are also supported. In addition, if you decide to federate your customer base using OIDC, the solution supports OIDC with JWT and OAuth2. 

The SAP Customer Data Cloud acts like a safe, storing your Identity, Profile, Consent data, and Organization and Policy Based Access Control information at customer and organization levels.

The solution provides 100% REST-based APIs and permissions enforced by the scope for B2C and B2B scenarios. This means users can only update their information if they have admin-level access to their organization.

SAP Customer Data Cloud allows the creation of multiple apps for exposing functionality, configuration, customer data, and site access permissions. This creates a level of granularity to your administration of customer data or exposing only specified databases and partial customer information to connected systems.

Connected systems can integrate into SAP Customer Data Cloud through Dataflows ETL, Webhooks, Extensions synchronous proxy, or provide custom web user experience through JavaScript events. And, of course, 100% of our API is exposed through RESTful endpoints.

CDC integrates with many third-party solutions such as Adobe Analytics, Google Analytics, Krux, MailChimp, SAP CX, WordPress, and Doubleclick by Google.

And additionally, data exchange services with recommendation and personalization engines, web analytics, DMPs, and more.

Securing user identities and access to SAP systems involves implementing robust authentication mechanisms to protect sensitive data and ensure compliance. SAP offers solutions to provide a frictionless user experience while maintaining the highest levels of security. Here are some key aspects to implementing secure user authentication:

1. Frictionless Point of Entry

   SAP provides a customizable, secure registration and login experience for customers across brands, regions, and properties. This includes:

   • Lite Registration – A simplified registration process for quick access to basic functionality.
   • Customer Identity – A centralized identity management system for consistent user profiles across various SAP applications.
   • Social Login – Allows users to log in using their existing social media accounts, streamlining the authentication process.
   • Single Sign-On (SSO) – Enables users to access multiple SAP applications with a single set of credentials, improving usability and security.
2. Secure User Identification

   SAP employs various authentication methods to securely identify online visitors from any touchpoint using federation, single sign-on, and flexible user authentication options. For more information refer to the Authentication Options documentation in the SAP Help Portal.

   • Flexible Authentication Methods – Allows users to log in using their existing social media accounts, streamlining the authentication process.
     • Username and Password (U/P)
     • Social Network
     • Phone number
     • Biometrics
     • Bring Your Own Identity (BYOI)
     • One-Time Password (OTP)
   • Federated Authentication – Uses standard protocols like SAML (Security Assertion Markup Language) and OpenID Connect to enable secure authentication across different systems and domains. This allows users to authenticate with their existing identity providers and access SAP resources without creating separate accounts.
3. Advanced Security features

   Protect against identity fraud and theft:

   • Two-Factor Authentication (2FA) / Risk-Based Authentication (RBA) – Adds an extra layer of security by requiring users to provide two independent factors of authentication. RBA dynamically adjusts the required level of authentication based on the context of the login attempt, such as the user's location, device, or the sensitivity of the data being accessed.
   • Email / Mobile Verification – Verifies the user's email address or mobile phone number during registration or account recovery.
   • Secret Question / Response Password Reset – Allows users to reset their passwords by answering a secret question.
   • Network-Protected Identity – Protects user identities by implementing network-level security measures, such as firewalls and intrusion detection systems.
   • Account Takeover Protection (ATO) – Implements mechanisms to detect and prevent unauthorized access to user accounts.

SAP Customer Consent is a comprehensive solution designed to help businesses manage customer consent throughout the customer lifecycle. It includes:

Terms of Service (ToS) – Obtaining agreement to the terms and conditions for using a service.

Privacy Policies – Informing customers about how their data is collected, used, and protected.

Cookie Consent – Consent for allowing some or all website cookies to be stored in the user’s browser.

Marketing Consent – Letting users define their preferences for receiving marketing communications and participating in custom activities.

The consent process typically. Involves the following steps:

1. Present and capture consent – Display consent request to customers and recording their responses. This may involve presenting terms of service, privacy policies, or specific consent options for marketing communications.
2. Record consent at renewals – Ensuring that consent records are accurate and up to date. This includes automatically prompting customers for consent when policies are changed.
   • Trigger consent renewals – Regularly requesting customers to renew their consent to ensure it remains valid.
   • Record consent at renewals – Capturing and storing the renewed consent information.
   • Track consent history – Maintain a history of all consent interactions with a customer, including when consent was given, withdrawn, or renewed.
   • Audit consent – Providing the ability to audit consent records to verify compliance with regulations.
3. Enforce consent – Ensure that customer data is only used in accordance with their consent preferences. This is particularly important when synchronizing data outside of Customer Data Cloud.

SAP Customer Consent facilitates the synchronization of preferences, consent, and profile data to downstream marketing, sales, and services applications. This helps ensure that customer preferences are respected across touchpoints.

It provides users with control over their data, allowing them to:

• View profile and consent – Access and review their personal information, communication preferences, and consent settings.
• Update profile and consent – Update their profile details, adjust their communication preferences, and modify their consent settings.
• Withdraw consent – Revoke their consent for specific data processing activities.

Customer Profile Management: SAP Customer Data Cloud transforms customer identity and data into a single, unified record, providing a holistic view of each customer. This allows businesses to:

Build Unified Customer Profiles: Create a unified reference for users' identity data by leveraging the extensible data model and fully indexed database with a dynamic schema.

• Automate identity and profile management
• Supports an extended data store

Orchestrate Data Exchanges: Benefit from integration capabilities to orchestrate user data exchanges with the rest of the Customer Experience Suite.

• Available IDX integrations and dataflow templates
• Custom scripts and integrations are provided, including:
  1. Dataflows (a dedicated ETL infrastructure and Dataflow Studio script editor)
  2. A comprehensive API
  3. WebHooks

Govern Identity Profiles: Implement identity governance features, such as account freezing and auditing capabilities, to ensure data integrity and compliance.

• Available governance workflows (such as account status)
• Audit Logs support governance
• Exception Handling is provided

Partner Management – Automated identity and profile management ensures that partner information is accurate and up to date. It features an extended data store with a fully indexed database and dynamic schema, allowing for flexible data management.

Policy-Based Access Management – CIAM for B2B enables fine-grained authorization based on intelligent policies, ensuring that partners and their members have appropriate access to resources. This is combined with authentication and identity management to provide a clear view of your partners, their members, and your relationships. This feature also offers IDX Integrations, dataflow templates, and custom scripts & integrations for enhanced flexibility.

Member Management – Governance workflows for managing account statuses, audit logs for governance, and exception handling, ensuring that member accounts are properly managed and monitored.

SAP CIAM for B2B streamlines partner and member management by automating key processes and providing a centralized view of partner and member data. This includes:

Automated Identity and Profile Management – Simplifies the process of creating and maintaining partner and member profiles, ensuring data accuracy and consistency.

Fine-Grained Authorization – Enables precise control over access to resources, ensuring that partners and members only have access to the information and systems they need.

Governance Workflows – Automates processes such as account creation, modification, and termination, ensuring compliance with policies and regulations.

Audit Logs – Provide a detailed record of all actions taken within the system, enabling effective monitoring and auditing.

SAP Customer Data Cloud Platform enables enterprises to create meaningful business actions in real-time and offline based on the integration, unification, and ease of access to all enterprise customer-related data.

It gathers unified customer data and activities into a central repository accessible in real time for consuming applications.

From individual consumers to multiple business accounts, customers demand relevant, personalized engagements. With SAP Customer Data Cloud Platform, organizations can surface real-time insights across the enterprise to deliver winning engagements, boost revenue, and drive growth.

Use cases that achieve this generally map to one of the following focus areas:

Supercharge demand generation – Identify, qualify, and enrich audiences with the power of a unified data model, known-to-unknown identity resolution, and connectors to data enrichment providers.

Scale lead creation – Segment leads based on quality, target more prospects with lookalike modeling, and power lead scoring.

Nurture Higher Quality Opportunities – Automate the progression of contacts and accounts through the nurture funnel to accelerate pipeline maturity.

Master Account Based Marketing – Power new business outreach, retention campaigns, and up/cross-sell tactics across B2B and B2B2C.

These include:

• Grow marketing base
• Increase purchase rates
• Enter new markets, geos, segments
• Improve lead scoring
• Increase pipeline velocity
• Increase sales
• Increase market share
• Grow more leads
• Increase lead quality
• Increase cross-sell/upsell
• Reduce acquisition costs
• Reduce churn
• Increase ROAS
• Increase onboarding efficiency