Client Overview
The organisation is India's largest life insurance provider, serving tens of millions of customers across the country through one of the most extensive agent and branch networks in the Indian financial services sector. With user personas spanning employees, agents, sub-agents, and policyholders — each requiring differentiated access to a vast portfolio of applications and services — identity and access management is a foundational operational challenge at extraordinary scale. The organisation sought to enhance its identity management infrastructure to materially improve security, operational efficiency, and regulatory compliance across its entire ecosystem.
The Challenge
The organisation faced significant challenges in managing digital identities across its diverse user base. The existing decentralised identity management system created substantial administrative overheads, security vulnerabilities, and operational inefficiencies. Without a centralised access control mechanism or multi-factor authentication, the organisation was exposed to growing cybersecurity risks, including credential compromise and unauthorised access to sensitive policyholder data and financial systems.
"Managing identities across employees, agents, and millions of customers on a fragmented, decentralised system was becoming untenable from both a security and an operational standpoint. We needed a unified platform that could scale to tens of millions of users, enforce strong authentication, and simplify access management across more than 100 applications — all while meeting the regulatory requirements of our sector."
— Chief Information Officer
The lack of Single Sign-On meant users had to manage multiple credentials across different applications, contributing to a poor user experience, high support volumes for credential resets, and increased risk of password-based attacks. The organisation required a comprehensive Identity and Access Management solution capable of unifying identity management, enforcing security policies across all user types, supporting tens of millions of users at scale, and delivering a measurably improved access experience.
The Solution
eMudhra deployed its SecurePass IDAM solution, providing the organisation with a centralised identity and access management platform designed to handle enterprise-scale identity complexity. The solution was architected to integrate with the organisation's existing IT infrastructure, supporting both on-premises and cloud-based applications through SAML 2.0 and OpenID Connect (OIDC) protocols.
A centralised identity repository was established for unified management of all user personas — employees, agents, sub-agents, and customers. Multi-Factor Authentication was deployed with support for Password, OTP via email and SMS, Fingerprint biometric, MPIN, and Geotagging, enabling adaptive, risk-appropriate authentication across the user base. Single Sign-On was configured to provide seamless access to more than 100 applications through a single authenticated session. Role-Based Access Control provided fine-grained access permissions aligned to each user's role and business function.
A self-service portal was made available to empower users with password resets, profile updates, and access requests — reducing the burden on IT support teams. Secure session handling with idle timeout and session expiration policies was implemented across the platform. Integration with Hardware Security Modules was included for cryptographic key management, and adaptive risk-based authentication using machine learning algorithms was built into the platform's access decision engine.
The implementation followed a structured phased approach: assessment and planning, deployment and configuration, migration of existing users to unified digital identities, IT administrator training, and a managed go-live with ongoing support and maintenance.
Results
The SecurePass IDAM deployment set a benchmark for identity management in the Indian insurance sector, delivering security, efficiency, and scalability improvements that directly support the organisation's digital transformation ambitions.
Metric | Before | After |
Identity management architecture | Decentralised — fragmented across applications | Centralised — unified identity repository for all personas |
Users onboarded with enhanced security (initial phase) | Legacy credential-only access | 1 million users onboarded with MFA in initial deployment |
User onboarding speed | Slow — manual provisioning | 50% faster — automated provisioning and de-provisioning |
Applications unified under Single Sign-On | 0 — separate login per application | 100+ applications accessible via single authenticated session |
Platform scalability | Limited by decentralised architecture | Designed and validated to 50 million users |
Authentication strength | Password-only — high credential compromise risk | MFA — biometric, OTP, MPIN, geotagging, and password |
