The retail industry is undergoing a significant transformation, driven by technology and evolving consumer demands. This new era, dubbed ‘Shopping 2.0,’ sees retailers leveraging advanced technologies like Artificial Intelligence (AI) to create smarter, more personalised experiences. As Richard Evans, UK&I Country Manager for WSO2, explains, securing this agile infrastructure against escalating cyberthreats and navigating complex compliance regulations becomes paramount. This article explores how robust digital identity solutions are providing the essential foundation for retailers to thrive in this dynamic and competitive market.
Shopping 2.0: Smarter technology, sharper experiences
Since the start of 2025, the retail industry has been undergoing a seismic shift, driven by technology innovation, rapidly evolving consumer demands and a fiercely competitive market as retailers strive for a share of the consumer’s wallet.
When we talk about technological innovation, retailers are rapidly adopting AI to deliver smarter, faster, more tailored and personalised experiences. AI can help retailers curate product recommendations, implement dynamic pricing and design loyalty rewards based on individual preferences. We are seeing the rise in virtual assistants and chatbots, which enhance customer service while reducing operational costs.
Retailers that use AI report up to 69% revenue growth and 72% cost reduction. Today, shopping is no longer merely a transactional experience; it’s immersive, shareable, and community driven. Social platforms like TikTok, Instagram and X are now well-used shopping hubs. Live shopping events and influencer-led campaigns drive impulse buys and brand engagement. In-store experiences, from pop-ups to themed cafés, are designed to engage customers. Likewise, smart inventory and supply chains are a prerequisite for this agile approach, with predictive analytics helping retailers manage stock, reduce waste and respond to demand spikes.
Identity is central to powering a secure, adaptive retail infrastructure
In this rapidly evolving environment, robust digital identity solutions are essential for retailers seeking to achieve their newfound goals, and such solutions must be designed to be as agile and responsive as possible.
But we are also seeing escalating cyberthreats, which means these solutions must also provide secure access, because, according to IBM’s 2024 Cost of a Data Breach Report, stolen credentials accounted for 15% of breaches globally, making it the most common initial access method. The much-publicised Marks & Spencer breach earlier this year involved attackers exploiting third-party access and credential stuffing. Additionally, outdoor clothing retailer The North Face saw thousands of customer accounts compromised via credential stuffing. These and other attacks sent shockwaves through the retail industry as organisations looked at ways to avoid becoming the next victim.
Layer onto this ever-growing compliance regulations, standards like GDPR and PCI-DSS, which now require even stricter policies around who can access data and for what purposes. Those who fail to comply will face stiff penalties, as well as financial and reputational damage.
Sustainable fashion meets digital innovation
This is a reality that Scandinavian-based fashion chain Lindex knows only too well. Founded in the 1950s, today Lindex has 480 stores in Scandinavia, Central Europe, the Baltic states, the Middle East and the UK and nearly 6,000 employees. The business is highly focused on sustainability, and 55% of its clothing is made from sustainable materials.
Lindex has been on a Digital Transformation journey that started 15 years ago as it looked to transform its digital services by exposing APIs over its existing monolithic architecture. Digitising its services would enable it to build applications that improve user experiences for both customers and employees alike. From the outset, Lindex faced problems when trying to initiate the development of multiple new digital channels, owing to the legacy architecture that powered its existing web channel and the limited capacity of the team to support it.
The retailer chose an API-based approach to expose key functions, whereby WSO2 API Manager was selected to manage clients, access control and usage limits. This was complemented with WSO2’s Identity Server so that Lindex could position its digital landscape to further transform customer identification and authorisation and optimise for identity federation and single-sign-on.
Personalised, secure, connected: The identity backbone behind retail experiences
While the app team focused on developing new applications, Lindex’s IT team, responsible for the existing architecture, refactored the code to expose functionality in its customer shopping experience, such as features like shopping cart, wish list, pricing, promotions and order details. The retailer also had other development teams working on different areas of customer experience simultaneously. For example, its ‘My Store’ programme was upgraded, and the retailer was able to create a ‘My Stock’ app and a ‘My Customer’ app, when in-store personnel were acting on behalf of customers. During the complex process of setting up multiple levels of authentication across different user groups, Lindex found that the WSO2 Identity Server provided the necessary authentication capabilities for these applications.
This is just one example of many which demonstrate the need for secure, frictionless digital access for all users, whether employees or customers. Another example is British home improvement retailer and garden centre, Wickes, which is known for its digitally led, service-enabled business model.
With more than 230 stores throughout the country, Wickes is owned by Wickes Group plc, a publicly traded company listed on the London Stock Exchange in 2021. Today, Wickes uses WSO2 identity and access management and integration technology to securely integrate with its third-party suppliers.
Secure, frictionless access is key to customer loyalty
Whether retailers operate in the cloud, on-premises or hybrid environments, they need secure digital identity services, and this is where either our multi-tenant SaaS identity management solution, such as Asgardeo, or our WSO2 Identity Server has helped retailers deploy what they need, quickly and seamlessly.
Retailers that fail to cater to specific customer needs and demands will undoubtedly lose out. Fickle customers will switch loyalties to competitor sites if they must wait to access these sites, and their digital sign-on proves to be a labourious task.
But the challenge for retailers is balancing frictionless access whilst ensuring consumers can do this in a secure way. They must embrace technology innovation and AI, while making sure they don’t fall foul of regulations or become the latest victim of a credentials breach.
Join us at Oxygenate 2025
If you are interested in hearing first-hand how our retail customers are harnessing our suite of identity and API management solutions, why not attend Oxygenate 2025? Register here.
