Working with Australia’s favourite car brand to scale online security

Back to Stories
We have partnered with Toyota Finance Australia (TFA) to deploy and scale online security across Toyota’s Australian operations.

Client

Toyota Finance Australia

Sector

Financial Services

Timeframe

2020 - Ongoing

Technology Themes

Amazon Web Services (AWS) Cloud DevOps Customer Identity and Access Management (CIAM) Enterprise Application Integration ForgeRock Identity Cloud Identity and Access Management (IdAM) Web Application Development

About the Client

Toyota Finance Australia (TFA) is a subsidiary of Japan’s Toyota Financial Services. The TFA business was established in 1982 as Toyota’s first overseas finance provider to help more Australians own a new Toyota.

This key player in the Toyota network is now Australia’s largest automotive financier. TFA is the first-choice financier for 99% of Australia’s Toyota dealer network and for 100% of the Lexus dealer network.

Background

As our cars have become smarter, they’ve become less dependent on oil and more dependent on data. From performance data to computer vision and user behaviour, cars are going online and communicating with the world around us. Toyota is working to securely organise this data and use it to improve the end-to-end customer experience.

Toyota has big plans for the digital future of is customer’s vehicle ownership and leasing experience. These depend upon watertight user identity and authorisation security throughout the connected vehicle supply chain.

ForgeRock’s Identity Cloud was selected by Toyota as the Customer Identity and Access Management (CIAM) platform of choice across the globe. TFA put their hand up to take a leadership role in deploying this SaaS Identity and Access Management (IdAM) solution, initially for Australia’s dealer networks.

Agile Digital were selected based on our enterprise identity expertise to work with the Toyota team to ensure the successful launch and evolution of the CustomerOne initiative.

Mission

As a regulated financial services provider TFA maintains strict accreditation requirements for all dealers issuing car loans or insurance. TFA needed a secure login solution to allow accredited dealer staff to quickly authenticate themselves in way that was seamless and easy to use. To meet this challenge TFA launched the Dealer Identity & Access Management (IdAM) project as the first milestone of its CustomerOne initiative.

Our initial goal was to enhance the sign-on experience for loan and insurance officers across Australia to be centrally governed, easy to use, and cybersecure. Delivering this digital experience meant offering the peace of mind of multi-factor authentication (MFA) and the convenience of single sign-on (SSO) for the online systems dealers use.

Key project requirements included:

  • Deploy and configure the ForgeRock Identity Cloud platform.
  • Integrate ForgeRock Identity Cloud as an “identity provider” so TFA’s enterprise systems (e.g., Pega) can uniformly authenticate dealer users.
  • Migrate ~1,700 dealer user accounts into the new identity cloud.
  • Integrate the solution with Azure AD to deliver a Single Sign-On (SSO) user experience for TFA staff.
  • Deploy a “push notification” authenticator app to the personal mobile devices of dealers.
  • Minimise any disruption to loan and insurance officers as this solution is rolled out to ~700 dealerships Australia-wide.

Approach

Agile Digital worked with TFA integration teams over a phased project delivery period of 6 months.

Discover

We initially evaluated  technology options offering the best future for identity management across Toyota’s dealer network. This involved:

  • Assessing existing IT operations and IdAM capabilities.
  • Establishing a current state overview of relevant systems and services within TFA.
  • Documenting user and business workflows.

ForgeRock’s Identity Cloud platform was chosen by TFA as best fit-for-purpose for the CustomerOne initiative.

Design

We worked closely with TFA to plan viable transitional states towards a sustainable and scalable solution. Given tight deadlines for rollout and the requirement to have minimal impact on end-users, it was of paramount importance to get the design right.

Deploy & Integrate

We took an agile approach, collaborating closely with system owners, infosec, business managers, and change managers. Where there was uncertainty, we built proof-of-concept projects to demonstrate potential solution capabilities. Enterprise integration was achieved with connectors such as an OpenID Connect single-sign on to integrate Pega with the ForgeRock platform.

Validate & Roll-out

Testing was carried out by TFA’s internal staff. Workshops were held by the change management team to walk the Dealer Account Managers through the changes before onboarding dealer users. A phased nationwide rollout minimised any disruption to business as usual at Toyota dealerships.

Outcome

This first milestone of TFA’s CustomerOne strategy was successfully delivered to tight deadlines. Key outcomes included:

  • A secure multifactor authentication (MFA) sign on for dealers handling customer financial data.
  • Integration with existing enterprise systems.
  • A national rollout of this online security solution with minimal impact on dealers.

With Toyota being early adopters of the new ForgeRock Identity Cloud platform we worked with ForgeRock to uplift the platform’s capabilities to meet TFA’s needs.

We also worked with TFA to uplift broader aspects of IT operational capability by demonstrating best practices when it comes to software engineering practices in code reviews, automated testing, and infrastructure-as-code deployments.

The value to Toyota will only increase as other systems are integrated and dealer staff experience true Single Sign-On convenience and security across all TFA online applications.