ThirdSpace ThirdSpace
ThirdSpace Contact Us
Close 0 Reset Search Run Search What are you looking for? Type at least three characters to search. Filter Search Results
  • All Content
  • Blog
  • Page
  • Case Studies
  • Event
  • Resources
  • News
  • Careers
  • Access Centre
  • Technologies
  • Workshops
  • Service
  • Solutions
  • People
Load more

Insurance company builds secure and compliant customer login experiences


Our client (who wishes to remain anonymous) is a well-established health insurance provider that was seeking to improve its online service and experience for customers.

The client wanted to offer new and existing customers the ability to securely register for an online account, login and manage their documents, while adhering to strict German information protection laws and the General Data Protection Regulation (GDPR).

The client was referred to ThirdSpace, via Microsoft, to build and integrate custom sign-up and authentication experiences using Azure AD B2C’s advanced user flow functionality.


  • Secure and scalable customer login and authentication processes.
  • Fully compliant handling of customer data.
  • An improved modern user experience for the customer.
  • A customised customer portal solution that maintained the brand identity.
  • Cost/time savings on outsourcing CIAM requirements.
  • Capability to stay up-to-date with changing demands and regulations

The problem

This German insurer started out in the early 1900s as a local health insurance association. Over the last 100 years, it has grown steadily; expanding their customer base and product range to include services such as life, pensions, and general insurance. However, until very recently, they still did not provide an online service offering for their customers.

They realised that to compete with newer insurance providers, they needed to adopt a new approach to interfacing with customers. That started with enabling existing health insurance customers to register for an online account, login and manage their documents themselves.

The approach

Our client did not want to rush in and build their own single sign-on (SSO) solution.

They spent time researching a cloud-based service, which could give them scalability and reliability on-tap, and a provider who placed security at the heart of the offering.

They chose Microsoft Azure AD B2C as that solution and then approached Oxford Computer Group (Germany) and ThirdSpace to help with the integration.

The approach was to build custom authentication experiences using B2C’s advanced user flows, including a ‘sign up/activate’ flow, which allowed existing customers to verify their identity and then create a set of credentials in B2C for signing in with at any time.

Get a credit for your security – Free e-Guide

Get a credit for your security – Free e-Guide

Download 'Creditable security and compliance solutions for the transforming financial services industry' to discover:

  • The dangers posed by external, insider, and third-party threats
  • The unique challenges for security and privacy in the finance industry
Get my free e-Guide

The solution

ThirdSpace’s expertise with advanced B2C user flows was critical for the success of the project.

We were able to model the user experience according to our clients detailed requirements, while still conforming to the modern authentication standards to which B2C adheres.

ThirdSpace worked with the client to developed a customer sign-up flow which included acceptance of our clients latest terms and conditions, activation via known facts, a digital security key (previously posted to the user), email validation and credentials creation.

As part of our engagement with the client we also set up multi-factor authentication (MFA) and helped to developed other standard flows such as user sign-in and password reset.

During the project we also provided knowledge transfer, so that our client could maintain the solution in-house.

The outcome

Our client has rapidly progressed from pilot to pilot in production and then to full production mode.

The system has proved a success and has now been implemented in the form of a mobile app, in addition to the initial web-based solution provided.

Next, download our e-Guide ‘Drive GDPR compliance with Azure AD B2C for web applications’. Find out how you can remove one of the weakest technological links in the struggle against cyber-crime.

Subscribe to the ThirdSpace mailing list and get your free buyer’s guide to Microsoft Enterprise Security

Subscribe to the ThirdSpace mailing list and get your free buyer’s guide to Microsoft Enterprise Security

Submit your business email to join our mailing list and we'll send you 'A buyer’s guide to Microsoft Enterprise Security'.

Learn more about...


Customer Identity and Access Management Solutions


Microsoft Azure AD B2C


Make your security a credit – Free e-Guide

Discover tools to track, encrypt and/or restrict access to sensitive data.

Download e-Guide

Need some help?

Send us your questions or feedback.

Friendly folks are standing by!

Contact Us
Award-winning solutions Award-winning solutions

Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.

ThirdSpace Please upgrade your browser

You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:

Windows Mac

Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.