What is SAP Customer Data cloud?
Solutions for building more trusted and valued relationships with customers. Customer Data Cloud is also known As “GIGYA”.
With three, tightly integrated products to offer, the SAP Customer Data Cloud from Gigya can help your business securely identify consumers across devices and channels to drive registrations and engagement, manage their permissions and consent across their entire lifecycle, and transform data into unified customer profiles that are governed, orchestrated and analyzed from a central and secure environment.
The SAP data cloud offering for the secure and targeted handling of customer data consists of three seamlessly integrated solutions from the acquired company Gigya. With them, you can clearly identify consumers on all devices and across all channels, promote registrations and interactions and manage the consent obtained from your customers throughout the entire life cycle. The data collected is merged into uniform customer profiles that you can control, coordinate and analyze centrally and securely.
What part of the SAP Cloud for Utilities solution will it cover?
- Identity,
- Consent
- Profile Management
Other CDC management part is: –
- Customer Communication Preference Management.
Identity Management
Customer Identity from SAP Customer Data Cloud (previously known as Registration-as-a-Service, or RaaS) is a CIAM solution (Customer Identity and Access Management) that enables you to connect with your website and app users, and engage with your customers. Customer Identity helps you gather critical information about your users, store that information securely and leverage it for an enhanced customer experience. Use Customer Identity as the pivot point for launching personalized marketing campaigns, providing customer service, and building a trust-based relationship with your users.
Frictionless Registration: Website visitors register with ease as Customer Identity provides friendly registration screens which require minimal input, offer logging in with social networks, and include predefined flows to ensure registration completion.
Higher Registration Rates: A quick and easy process leads to higher registration rates as only minimal information is required from the user. However, the quality of user data is not compromised. Customer Identity continues to unobtrusively collect user data over time and as the user continues to interact with your site, by using progressive profiling. See also our Registration Conversion Best Practices guide.
Meaningful Identities: Each registration transforms anonymous visitors into rich user profiles, complete with information such as age, gender, preferences and site behavior, stored in the Sap Customer Data Cloud secure database.
Identity Life-Cycle: User data and behavior can be viewed, managed and analyzed in Identity Access, and synchronized to downstream applications (such as CRM, sales and service systems) using IdentitySync, our robust tool for data transfers.
Easy to Manage: In the console, you can easily customize the user-facing elements, such as registration screens and confirmation emails: Change the appearance to match your branding, add predefined and custom data fields and define the available language options; all in the same place where you configure your site policies and manage admin permissions.
Authentication Options: We offer many authentication options that may be utilized with Customer Identity, to accommodate a wide variety of business needs. These include Social Login, logging in with a federated identity using SAML or OIDC, Single Sign On across Global Sites, passwordless login via SMS, and more.
Push Authentication
You can now offer your users the option to authenticate via a push notification displayed by your app on their mobile phones, instead of a password. For more information see Push Authentication.
New Screen-Sets and new Policy to support Push Authentication.
New UI Builder control, ‘Auth methods’, used for linking to the relevant authentication method (password / push) in a login flow.
New Android v4 and Swift SDKs with new “auth” library for supporting Push Authentication.
Note: If you are using second factor push authentication, you will need to update your code to use the new libraries and changed methods and class names, before upgrading to the new SDK versions
Global Access
Upcoming, January 2020: Global Access, our recently released feature that enables creating a global, cross-data center experience for your users, will be generally available for all partners. This means you will be able to create a global site as you would a regular site, in the Sites dashboard of the SAP Customer Data Cloud Console.
Consent Management
SAP Customer Consent is our offering for managing user privacy, preferences and consent in a way that is transparent to the user, while helping you uphold rigorous standards so as to support your compliance with international privacy regulations. It is a secure profile, preference and consent management solution that addresses regional privacy compliance throughout the customer lifecycle. Use Customer Consent to give customers control over their personal data.
Benefits:
- Supports compliance with data privacy laws: require consent to terms of service and privacy policies as a prerequisite for using some of your site services
- Additional optional consent statements allow flexibility in your relationship with the customer
- Communication preferences allow users to subscribe to various communication channels; with the option of requiring double opt-in as proof of the user’s intention to subscribe
- Displays clearly to users which data was saved to their account, and provides the option to withdraw consent and manage communication preferences
- Consent Vault contains an audit of the customer’s agreement to your site policies and the version to which they consented
- Unified user database enables presenting a holistic view of the customer, including data gathered from various platforms
- Synchronize consent-based user data to third-party platforms using IdentitySync or GConnectors
- Out-of-the-box lite registration screens for transparent interaction with your guest users
Use Consent Management to clearly display to users the terms to which they are required to consent in exchange for using your site’s services, and to capture the version they agreed to and the time at which they did so. Based on this consent, you can fine-tune the services you offer to users, and downstream to third-party applications, using IdentitySync, Gigya’s ETL platform.
- Supports terms of service, privacy policies, and other consent statements
- New registrations consent
- Enforce re-consent after change of terms
- Cross-brand and site-specific consent in a multi-site implementation
- Clearly display to users the terms and policies to which they consented
- Third-party integration
Consent Vault:
The Consent Vault contains a log of interactions between your sites and site users regarding their consent to the processing of their personal data.
You can use the Consent Vault to easily view and search the history of all Consent objects on your site.
- Search by specific time period
- Filter by actions (consent granted, withdrawn, renewed)
- View the timestamp and version of a signed consent
Profile Management
SAP Customer Profile is the layer of user profile data that is gathered when you use Customer Identity or Customer Consent. It is a centralized location to manage your site and your site users, within the SAP Customer Data Cloud administration Console.
- Use out-of-the-box flows with Screen-Sets, highly customizable using the UI Builder canvas.
- Site administrators and service reps use Identity Access to gain valuable insights on the entire userbase, with query and filter tools that provide you with an overview of your users on one hand, and an in-depth view of individual user profiles, on the other.
- Enrich your user data with the Data Store, a dynamic, flexible database that complements the core user database.
- View Reports and Analytics on your customer base
- Extend your flows using the Extensibility Engine, Webhooks and JavaScript Parameters.
IdentitySync
The User Import Guide is now available for importing users via IdentitySync.
You can now transfer files between SAP Customer Data Cloud and Google Cloud Storage using IdentitySync.
SAP Marketing Cloud integration: You can now send a ContactOrigin field with your user records. If included, this will update the ContactOrigin in SAP Marketing Cloud. Otherwise, by default, this integration writes a value of “GIGYA_ID” as the ContactOrigin. In addition, see below for information regarding usage of the V1 API in Marketing Cloud.
A salt parameter has been added to the hashing components, field.hash.md5 and field.hash.sha2, for adding salt to the hashing algorithm.
You can now read more than 1000 files from Amazon S3.
GConnectors
The Drupal 8 GConnector is now available on GitHub. This change requires a small change to the installation process.
Magento 2 GConnector is now available on GitHub.
WordPress GConnector is now available on GitHub.
Console
UI Harmonization: As part of the continued Console UI Harmonization project, the UI Builder and Schema Editor apps have been redesigned.
Changed UI for the UI Builder:
New look-and-feel, including changed control icons, different fonts, different layout
UI Builder now embedded so that navigation within the Console is still available.
List of screens is now a dropdown and not fixed on the screen
Global Configuration has been renamed to WebSDK Configuration in the Console menu.
SDKs
New Android SDK includes support for Push Authentication.
Maintenance release of legacy Android SDK.
New Swift SDK includes updated sample apps with Apple sign-in, and support for Push Authentication
New Objective-C SDK includes renewed support for WeChat and the latest version of the GoogleSignIn SDK (v5.0.2).
New Python SDK, includes support for sending multiple concurrent signed requests with the same parameters (same params object).
Miscellaneous
When provisioning a certificate to serve SAP Customer Data Cloud requests from your own domain: You can now validate your domain ownership using DNS, instead of email validation. For more information, see Certificate Provisioning.
For server-side registration flows, it is no longer required to pass a regToken, and therefore unnecessary to trigger the registration flow with accounts.initRegistration, but possible to directly call accounts.register.
New cookie, gig_bootstrap_< apiKey >. For a full list, see Advanced Cookie Reference. Please remember we always recommend that customers never use the data stored by a Gigya cookie for their own business logic.
The code sent in Phone Number Login and Email Code Verification flows is now a 6-digit code, instead of 4.
Cookies associated with a cross-site resource at https://gigya.com/ will soon
include the SameSite attribute, set to SameSite=None and Secure,
in keeping with changes being made to Google Chrome.
Changes That May Require Your Action
- SSO: User Will Not Be Logged in If Session is Invalid
Until now, in certain edge cases, when a user was logged into one site (“site A”) of an SSO group and moved to another (“site B”), if the user’s session on site B was invalid (for example, if they were missing required schema fields), they may have skipped the session validation (e.g., not submitted required fields in a Registration Completion screen) and still had a valid session. This change fixes that behavior.
Who Will Be Affected: Site groups whose implementation depends on having an active user session on a given page (e.g. initiated calls to accounts.setAccountInfo) may be affected.
Impact: On March 30, 2020, we will ensure that users who move between sites in an SSO group, are considered logged in only after their session is validated.
Why: This is the expected behavior for SSO.
Action Required: If you have SSO groups with different validation requirements for the different sites, review your site pages and make sure you do not expect users to have a valid session on the page before they pass validation.
2. Tag Change for Custom Buttons in Social Login UI
Who Will Be Affected: Customers who use custom code with custom buttons in their social login UI may be affected.
Impact: On February 10, 2020, in the social login UI, the classification of custom buttons will change from an ‘img’ tag to ‘button’ tag.
Why: This change is required for better WCAG compliance.
Action Required: Review your login UI and make sure to update any code that expects an image tag for custom buttons, to a “button” tag.
3. Password Complexity Will Return Validation Error
Who Will Be Affected: Implementations that use our screen-sets and have custom code around screen-set events may be affected.
Impact: Currently, password complexity requirements are enforced only for registration. On the 10th February, 2020, update profile and change password screens will display an error when password complexity requirements are not met, where previously no error was displayed before form submission.
Why: The expected behavior is to enforce complexity requirements on all password related flows.
Action Required: Check your code and make sure you do not rely on specific events around password change flows. A temporary parameter, toggles.alwaysValidatePassword, has been made available in the WebSDK configuration (previously Global Configuration). When set to “true”, screen-sets will behave according to the new behavior. After February 10 2020, this will become the default behavior and the temporary parameter will be removed.
4. gigya.auth.loginToken.getTokenParam to be Removed from the Web SDK
Who Will Be Affected: Implementations that rely on this specific method will be affected.
Impact: on February 10, 2020, we will remove this method from the Web SDK.
Why: This method is part of legacy code and is not required or used by the SDK.
Action Required: Review your implementations and ensure that your code does not use the gigya.auth.loginToken.getTokenParam.
5. End of Support for socialize.getUserSettings and socialize.setUserSettings
Who Will Be Affected: Customers who use these methods will be affected.
Impact: On February 10, 2020, we will cease support for socialize.getUserSettings and socialize.setUserSettings.
Why: As platform capabilities for setting and getting user data have grown and become more sophisticated, these methods are no longer in use.
Action Required: Review your code and ensure it does not use either of these methods.
6. UI Builder: Removing Class “sortable-drag”
Who Will Be Affected: Some implementations using custom CSS in the UI Builder may be affected.
Impact: On February 10, 2020, this class will no longer be supported.
Why: Bug fix.
Action Required: If you have custom code around screen-sets, review your code and make sure it does not use the ‘sortable-drag’ class.
7. Changed Cookie Values Encoding
Who Will Be Affected: We do not anticipate affected customers, as we always recommend that customers never use the data stored by a Gigya cookie for their own business logic.
Impact: On February 10, 2020 we will change cookie values encoding from escape to encodeURIComponent.
Why: The “escape” function is a deprecated web standard and less compatible with language codes.
Action Required: Review your code and make sure this change does not break your implementation.
8. Renaming Internal Parameter: dontHandleScreenSets
Who Will Be Affected: Implementations that rely on the internal parameter dontHandleScreenSets will be affected.
Impact: On February 10, 2020 we will rename dontHandleScreenSets to ignoreInterruptions.
Why: As this parameter will have a wider functionality of interruption handling, we are renaming it to a more accurate name.
Action Required: If your code uses dontHandleScreenSets, rename the parameter to ignoreInterruptions.
9. Remove ‘i’ Icon From Photo Widget
Who Will Be Affected: Implementations that use custom logic for screen-set implementations may be affected.
Impact: On February 10, 2020 we will remove the element with the class gigya-myPhoto-status-icon and all its children, from the photo widget on the Profile Update screen.
Why: As part of the code cleanup, we are removing unnecessary and unused elements from our code and screens.
Action Required: If you have custom code that depends on our screen-sets, review your implementation and make sure to remove any usage of the gigya-myPhoto-status-icon class.
10. Console Social Login No Longer Supported
Who Will Be Affected: Console users who log in with social accounts.
Impact: We will no longer display the social login widget on the SAP Customer Data Cloud login screen, and only enable logging in with an email and password.
Why: As part of our harmonization with SAP designs and flows.
Action Required: If your login identity to the Console is social, you can trigger a “reset password” flow for the email associated with your social account, and create a site password with which to log in to the Console.
11. Console to Switch to TLS 1.2
Who Will Be Affected: We do not expect Console users to be affected.
Impact: On February 10, 2020 we will enforce TLS 1.2 on the SAP Customer Data Cloud Console.
Why: Increased security and better browser standards.
Action Required: Make sure the browser you are using to access the Console supports TLS 1.2. This is a widespread standard, so we do not anticipate any issues.
Changes to Other Platforms
The following changes, announced by SAP Marketing Cloud and Facebook, may affect your implementations.
SAP Marketing Cloud V1 Deprecation
SAP Marketing Cloud has announced end of support for version 1 of their APIs. Customers should upgrade their SAP Marketing Cloud implementations to use v2 APIs by the end of 2020.
When integrating SAP Customer Data Cloud with SAP Marketing Cloud, after migrating to v2 APIs add ‘ v=0002’ to the Marketing endpoint defined in IdentitySync to use v2 APIs.
Please note that Marketing v3 APIs are not supported for the SAP Customer Data Cloud integration.
Instagram Login Deprecation
Facebook has announced a series of changes to its Instagram APIs, and no longer supports user login with Instagram for non-business accounts. Existing applications will stop working on March 2, 2020.