Improving customer experience and loyalty, reducing costs through efficiency, and increasing revenue are all critical goals for an organization. For example, organizations need to intelligently cross-sell and up-sell to their customers, whether a customer is a consumer or a business/corporate customer. Likewise, increasing customer loyalty and efficiency can be achieved by ensuring customers have self-service options to update their customer data, and be able to login through their preferred identity providers, such as social or organizational authentication systems.
Unfortunately, however, organizations have siloed applications, such as customer relationship management (CRM) platforms, e-commerce platforms, invoice/contracting systems, enterprise resource planning (ERP) systems, and many others. In fact, a typical CRM system has different modules for marketing, sales, customer service, and field service. Therefore, different teams or departments are focused on distinct stages of a customers’ lifecycle.
The objective of master data management (MDM) is to create a single, complete, consistent, and accurate golden record of an organization’s core business data, such as customers, employees, or suppliers across a vast enterprise application landscape. Having a single source of truth ensures improved data quality, reduces duplication, and enhances operational efficiency and capability for reporting/analytics.
Specifically, the purpose of customer master data management is to help support both operational processes as well as analytics processes that relate to customer data. For example, a customer address change may necessitate updating multiple systems as part of an operational process. Likewise, supporting an analytics-driven process such as cross-sell or up-sell may require the ability to combine customer master data with customer-related data, such as customer interaction data from CRM systems and customer transaction data from ERP systems. The result of this process could be that the customer master data is ingested into an analytics engine alongside all of the customer-related data to produce a 360-degree view of a customer.
While MDM is about mastering data using “back-end” processes, customer identity and access management (CIAM) is the “front-end” for customer experience. CIAM drives customer onboarding, login, and security, as well as enables customers to update their own profile information. Any friction with customer onboarding, authentication, or the inability to manage their own customer information will frustrate customers and result in increased customer churn.
Workforce IAM and MDM
Although this article discusses mastering customer data, it’s important to realize that MDM can also be applicable to other business entities, such as mastering employee records. Human Resources (HR) systems such as Workday already “master” worker data centrally (e.g., employees, contingent workers), and then worker profile data is synchronized to workforce IAM platforms, such as Active Directory, Entra ID, or Okta, and to downstream systems in the enterprise. The following diagram shows the conceptual architecture:
The HR system is the source of truth for employee profile data, and joiner, mover, and leaver operations begin with the HR system. While other enterprise IT systems may be authoritative for a limited set of attributes that are written back to the HR system (such as an employee email address), the HR system is viewed as the centralized master employee data hub, with all other enterprise systems having synced employee attributes that are essentially ready-only copies sourced from the central HR system. As a result, any changes made to the core attributes of an employee profile should be performed in the HR system first and then automatically synced downstream from there.
For many organizations, this standard architecture adds value from an operations perspective, such as propagating employee profile changes to other enterprise applications, but is rarely needed for any analytics/business intelligence scenarios. The HR system acts as a centralized hub for employee master data and a single source of truth for employee profile records. In fact, many organizations use an employee ID or a worker ID as a matching attribute that is used to match employee records between the HR system, IAM system, and other enterprise applications.
Customer IAM and MDM
Customer scenarios are much more complex because customer data as well as customer-related data is distributed across many enterprise systems without a single system that can act as the master data hub for customer data. Therefore, a customers’ lifecycle and corresponding data will be siloed across multiple systems with each system having an important slice of the customer profile. To make matters more complex, each system in this distributed architecture usually has a local copy of customer data and personnel who work with this data need to rapidly search, create, read, as well as update customer records directly within those systems.
CIAM systems are primarily concerned with the following core capabilities:
- Customer Registration/Sign-Up
- Customer Login/Sign-In
- Customer Profile Editing
Within customer registration and customer login, CIAM systems provide many security and customer experience benefits, such as single sign-on (SSO), multi-factor authentication (MFA), API access control, and so forth. All these capabilities relate only to the management of access by the customer.
CIAM systems are not designed to reconcile/unify customer data from siloed applications enterprise-wide. Any account linking that CIAM supports is solely used to enhance customer registration and customer login experiences, with the goal of avoiding the unnecessary creation of duplicate customer accounts in the CIAM system.
CIAM platforms only contain a small subset of customer profile data, and in real-world scenarios they must be integrated with other enterprise applications, such as CRM and ERP systems, to achieve the goal of a customer 360-view for analytics purposes. In addition, there is an operational advantage with being able to automatically update customer data across multiple enterprise systems to keep customer data consistent and accurate.
The following diagram shows the conceptual architecture that may be implemented to link customer identifiers across disparate enterprise systems:
While there are multiple approaches to mastering customer data, the previous diagram shows that it’s not strictly necessary to make changes to source systems in order to be able to link customer records. The MDM hub simply needs to be able to match customer records based on customer profile data. For example, a given customer may have the same name and address in two or more enterprise systems but with a different email address in each system. There are different trade-offs for the design of an MDM system for customer data, but it should offer the ability to search customer records to discover linked/related records, with the ultimate goal of enabling both customer analytics and automation in operations.
A much more complex topology would involve bidirectional data flows where source systems are updated to reflect the most accurate customer master data record. While it’s simpler to master customer data in the hub without syncing that master data back to other enterprise systems, this approach would result in data quality and consistency issues and would significantly impact any operational scenarios.
It’s important to remember that different enterprise systems may be authoritative for different customer attributes. The diagram above shows an architectural approach whereby a master customer identifier is generated via an identity matching engine and that master identifier and its association with source system identifiers is stored in an MDM system in an index-like manner. In this design, source systems do not need to be modified, which would otherwise significantly increase the complexity of the solution. On the other hand, searching for customer records could be a significant challenge. Therefore, simply having an index may be insufficient and, in addition to the index, the MDM may also be required to store a complete golden master customer record.
Identity Matching drives Operational and Analytics Scenarios
From an operational perspective, if a customer changes their name or their email address via a CIAM system (e.g., profile edit) that verified/trusted change needs to be propagated to multiple systems that store that information. For example, not only will the CIAM system need to be updated, but so will the invoicing system, CRM systems, MDM system, and so forth. It’s a poor customer experience if this isn’t done in a timely manner.
From an analytics perspective, it should be possible to pull together customer master data and customer-related data across various enterprise systems (e.g., such as from the CRM, ERP, and MDM system) since there is a single master customer identifier that can be used to query the data in a federated manner, such as through the APIs of those systems of record.
After the customer and customer-related data is retrieved, it can be used for analytics, such as cross-sell and up-sell opportunities. Additionally, as the diagram above indicates, customer master data can also include relationships between customer master identifiers, and as such, an analytics engine can be used to drive personalization experiences, such as to offer discounts to family members in a given household for consumer customer scenarios, and similarly for relationships between corporate customers and legal entities, such as when one organization is a parent company for another.
How can machine learning (ML) and Large Language Models (LLMs) help?
Machine learning, AI agents, and LLMs can be used in a few scenarios, such as:
- Assist with identity matching/identity linking by matching customer records and returning confidence scores, even across disparate customer records that have inconsistencies (e.g. spelling mistakes), while also improving data quality.
- Perform analytics by reasoning over near real-time as well as historical customer and customer-related data to predict customer churn, suggest next best actions, and so forth.
- Help with operational scenarios, such as when a customer wishes to update their profile data through CIAM in a self-service manner (e.g. via a chat bot). In the simplest scenario, the customer data update may be reflected only in the CIAM system and the MDM hub. In a more complex integration, however, that update can automatically flow to other systems of record (such as ERP, CRM, etc.) by leveraging the master customer identifier in the MDM hub that is linked to all the customer identifiers in the source systems. Therefore, a customer profile can remain consistent and accurate across multiple enterprise systems automatically.
Conclusion
A CIAM platform isn’t an MDM system, and it’s not designed to replace CRM systems. Trying to master golden customer records in a CIAM platform will likely result in failure as customer and customer-related data are spread across many applications. Moreover, machine learning and LLMs have given us a breakthrough ability to perform complex identity matching and analytics which takes advantage of both LLM reasoning capability as well the full customer context for the LLM to make its prediction or next best action suggestion.
Most importantly, identity matching is the key to the kingdom as it enables traditionally siloed customer data to be merged to yield the illusive golden customer record, while the power of AI agents and LLMs can then take all that contextual customer information to offer suggestions, resolve issues, or even suggest products that the customer may be interested in purchasing, thus increasing revenue for the organization.
Integrating CIAM and MDM can lead to a much better customer experience (in both consumer and corporate customer scenarios), improve customer loyalty, reduce customer churn, and even assist the organization with its regulatory compliance obligations (since it will be much easier to identify all the locations where a given customers’ data is stored). In addition to regulatory compliance, this will enable an organization to more easily meet customer expectations, such as for customer consent and preference management.
Taken together, these benefits will ensure organizations are able to achieve a competitive advantage in an increasingly competitive global market.