Anonymous Frontends

Banking and financial institutions might want to provide their consumers with unauthenticated access to specific contracts and agreements with the click of a button (widget) on their website. Innovation Studio makes this possible by exposing data from form driven flows to unauthenticated users.

NOTE Only the wizard like data form driven flows (the ones that have the Wizard mode checkbox ticked in the journey configuration page) can be exposed to unauthenticated users.

Is it secure to expose digital journeys to unauthenticated users?

An anonymous frontend environment with a secure architecture has been designed to allow exposing journeys to unauthenticated users (consumers).

The desired wizard-like form driven flow is exposed on the organization’s website via an iFrame. As iFrame is vulnerable to hacker attacks, a reverse proxy sits between the internet and FintechOS apps that are placed in a non-public subnet.

The reverse proxy ensures a single point of authentication for all HTTP requests, forwarding the requests to the FintechOS B2C App (the one that contains the digital journey to be exposed). It also handles requests to the FintechOS Back Office apps (Innovation Studio and the Digital Experience Portals).

Here’s a simplified diagram of the traffic flow.

In order to expose digital journeys, you need to setup a B2C environment. For information on how to do that, see B2C Environment Setup.