Covid-19 forced cautious shoppers to buy groceries online for the first time — and now there’s no turning back for most consumers and retailers. After experiencing its own surge in online account creations since the pandemic took hold, supermarket giant Kroger knew it needed to seriously improve its e-commerce fraud protections. 

Realizing that its developers were short on experience in the identity space, Kroger’s software engineering team opted to implement Microsoft Azure Active Directory B2C as a third-party software-as-a-service customer IAM solution. This decision freed up the company’s developers to concentrate on what they do best: innovating with features that drive revenue, explained Senior Software Engineering Manager Karthik Kotha, during a breakout session and a one-on-one interview with SC Media at the 2023 Identiverse conference in Las Vegas. 

Building on one’s own identity architecture “requires a lot of identity talent and expertise, Kotha told SC Media. “We could invest in that area or we could invest in something else. it was just a value call at the end of the day.” 

Since overhauling its CIAM architecture, the grocer has cut down on risk associated with new account fraud and takeover fraud, explained Kotha. Key additions have included email verification, MFA, behavioral biometrics and risk scoring, and conditional access policies. 

Kroger’s CIAM project appears to have moved along nicely without any significant stalling. But the same couldn’t be said for the hotel elevator Kotha rode in the wee hours of the morning prior to his Identiverse presentation. “This is when you just hope that that [emergency] call button actually works,” he noted. See the full interview, embedded within this article, to find out what happened when Kotha got stuck, and how this predicament is actually a good lesson for cybersecurity professionals in how to prepare for errors or breakdowns that can negatively impact the customer user experience.