Seamless CIAM in Retail: Customer Identity Management for a UK Retailer

How we migrated a leading retail organisation from an unstable, risky platform to a modern platform.

How it started

A leading UK retailer was relying on a legacy access management platform that was costly to operate, unstable during peak shopping periods, and vulnerable to audit findings. Compliance pressures, especially around PSD2, made the shortcomings of the system even riskier. Frequent outages and inconsistent user journeys meant that both customers and the business were losing trust in the platform.

The Results

The migration to a modern CIAM platform transformed how the retailer managed customer access. Operational costs dropped as the new system required less infrastructure and ongoing support. Audit issues that had plagued the legacy system were addressed, with controls now aligned to PSD2 requirements, giving the compliance team confidence ahead of regulatory reviews.

Equally important, customers immediately noticed the difference. Logins were faster, more reliable, and seamless across devices. During peak retail events, such as holiday sales, the platform maintained stability and performance where the old system had struggled. This improvement not only reduced customer frustration but also translated into higher engagement and fewer abandoned sessions.

By completing the programme within 24 months, the retailer achieved both risk reduction and measurable business value. The new CIAM platform now underpins millions of customer interactions, giving the organisation a stable foundation for future digital initiatives and sustained growth.

The Full Story

Understanding the risks

The retailer’s existing platform was more than just a technical liability, it was a business risk. Customers faced frequent login failures during high-volume shopping events, and the support teams were overwhelmed by spikes in access-related issues. For the business, recurring audit findings created a drain on resources, and operational costs climbed each quarter. With PSD2 compliance in retail requiring stronger authentication and clearer audit trails, the situation had become untenable.

Choosing the right solution

The client’s leadership knew that patching the old system was no longer an option. Working with Onaware, they assessed the market and selected a commercial off-the-shelf (COTS) CIAM platform that balanced flexibility with resilience. This gave them confidence that the system could scale to millions of users while embedding compliance and security controls out of the box. Unlike a custom or open-source approach, the COTS platform provided proven reliability and the assurance of ongoing vendor support.

Managing the migration

Migration was not just a technical challenge – it was also a change programme. Onaware worked with business stakeholders, compliance teams, and customer experience specialists to map the migration journey. Customers were transitioned in carefully planned phases, ensuring continuity even during seasonal retail peaks. Parallel testing allowed the organisation to validate login flows and transaction authorisation, preventing disruption to customers.

Delivering lasting value

Over a 24-month period, Onaware guided the client through planning, execution, and governance alignment. By blending deep technical expertise with business-first thinking, we helped the retailer reduce operational risk, restore customer confidence, and meet compliance obligations. Today, the new CIAM platform delivers a strategic foundation for future digital retail initiatives.

For context on how regulations shape digital identity programmes, see the European Banking Authority’s PSD2 pages. For a related client story, read our case study on Identity governance in insurance