Thanks to Ilex International’s IAM platform and the expertise of Idento, Keolis Lyon is aligning the user experience with security, the keys to a successful digital transformation.
The challenges
- Modernise the working environment for agents through digital technology
- Adopt a “security by design” approach for the digital plan
- Harmonise access management in a mobile environment
Keolis Lyon, the leading urban network of the Keolis Group
As a public service delegation, Keolis Lyon operates the Transports en Commun Lyonnais (Lyon public transport agency, TCL) network on behalf of Sytral (joint transport union for the French department of Rhône and the conurbation of Lyon). As a key economic player in the conurbation, Keolis Lyon employs 4500 people, representing 80 different sectors.
The TCL network contributes to the success of all events in the conurbation, and provides a real showcase for the international development of the Keolis Group. Every day, 1.8 million journeys are made on the various underground, cable car, tramway and bus routes.
The Keolis group places innovation at the heart of its strategy, with the aim of conceiving new solutions which will shape the mobility of the future. Keolis Lyon has therefore made digital transformation a priority for the past few years, in order to provide travellers with innovative tools and services helping to simplify and enhance the customer experience.
An ambitious digital plan
working to improve the customer experience
Against this background, the Digitalisation Division of the ISD is launching an ambitious plan to provide field agents with new and innovative mobile applications. The aim is therefore to respond to their sector requirements, improve their work environment and their productivity, and as a result optimise the quality of service provided to passengers.
Digital transformation is a complex project, the success of which is dependent on key factors. It was therefore essential to develop applications with a high added value with the sectors, and facilitate their access via a company store adapted to the profile of each agent. The extension and renewal of the smartphone fleet was also essential, allowing agents to work on a standardised and modern base.
Keolis Lyon defined an iterative working method and priorities over 3 years in order to successfully carry out this digital transformation. The project was therefore broken down into 3 main phases.
- It was first necessary to put in place the foundations essential for any mobility project, in other words a robust, secure, scalable technological base, based upon the standards and good practices of the market. Priority was given to agents in direct contact with customers, in order to provide them with simple, reliable and immediate information.
- For the second stage, Keolis Lyon placed the emphasis on day-to-day operational digital technology, working on applications targeting productivity and going paperless in order to optimise the quality and operation of the service.
- Lastly, the third and final part should, in time, build on and optimise existing tools, based on feedback from the field, technological developments, new uses and opportunities, etc.
« With the project being so detailed and complex, we dealt with things methodically. The gathering of requirements from business departments was essential in order to prioritise projects and stagger the portfolios of applications over time. Each application required a thorough analysis of its level of complexity, target user profiles, or risks relating to the sensitivity of the data concerned. We were therefore able to group the applications to be developed into 4 main areas: Management and communication in the event of a disruption, Encouraging productivity and management, Monitoring of quality and going paperless, and lastly Informing customers. »
Focus on the “security by design” approach and the single authentication
Aware of the risks relating to the sensitivity of the data handled, the Digitalisation Division incorporates the security dimension starting from the project design phase.
The technological base in place is intended in particular to standardise and secure the authentication paths to the applications while ensuring an optimum digital experience, essential to win support from the agents. Users must be able to access their applications with a single authentication, based on an electronic certificate.
In order to combine convenience and security, the technological base is built on a robust access management infrastructure providing advanced single authentication (Single Sign-On) features, strong authentication, Mobile Access Management and identity federation.
« Beyond the convenience provided to our agents, data security was a major concern for Keolis Lyon. It was essential to be part of a “Security by design” procedure to control and manage access to applications and ensure faultless security and traceability. At a time when IT attacks are multiplying, we cannot work to the detriment of security. Obviously, this raises some additional challenges: several technical correspondents, integrators or publishers, several layers of technology, and we needed to adapt, and sometimes take a few steps back. However, that’s all part of the game, since digital experience and security are closely connected. »
The Ilex International / Idento partnership
for unequalled SSO functional coverage
Keolis Lyon chose to delegate the production of the application security functions to security professionals, and not to web development teams. That is why the Lyon subsidiary turned to Idento, an independent advisory and integrations consultancy in IAM solutions, which proposes deploying the Sign&go Global SSO solution of Ilex International, an IAM (Identity & Access Management) solution publisher.
The Ilex International Sign&go Global SSO solution is a perfect match for the requirements of Keolis Lyon. It is without equal on the market, as it offers via a unique server architecture and centralised administration, all features from strong and adaptive authentication to identity federation, by way of eSSO, Web Access Management and mobile SSO. It’s a true “authentication and federation Hub” that enables coverage of all existing means of authentication, whatever the environment employed (workstation, web or mobile).
IDento is the reference consultancy, independent and specialising in identity and access governance. They support customers in the scoping, design and implementation of IAM solutions, providing an innovative vision and cutting-edge technical expertise.
« What convinced us to choose Ilex International technology was above all its considerable potential. Sign&go Global SSO is a highly flexible, innovative solution able to handle all security standards. Its compatibility with identity federation protocols such as SAML or OpenID Connect, or its interoperability with the certificate standards on the market such as TLS and X509, were essential conditions since we wanted an open and interoperable technological response. Beyond our digital project, the global coverage of the solution has allowed us to address additional requirements, such as handling authentication for internal users who log in from their workstations, and the implementation of SSO on web and fat client applications. The solution thus ensures coherency for our security policy on the implementation of the various components in our access management projects. Idento, a long-standing partner of Ilex International, has proven it knows exactly how to support and guide us to optimise our use of the solution. »
Keolis Lyon, building the mobility of the future
Keolis Lyon is now calmly taking the digital path and following the established trajectory, since the teams are getting ready to tackle the third and final part of the project.
« The feedback from Keolis users on the digital tools made available to them is already positive, and the impact on their productivity and the quality of customer service is encouraging. We want to sustain our momentum by offering our agents and customers increasingly innovative tools to ensure they are satisfied, and that we meet their requirements. »
The benefits
- User ergonomics and convenience
- Improved productivity of sector teams and field agents
- Optimised customer service quality
Who we are
Ilex IAM Platform is Nexpublica’s complete identity and access management offering.
Nexpublica has a long history of publishing in software for the public, semi-public, and private sectors. The company supports more than 4,000 public organizations and 1,200 private companies.
Our latest news
Inetum Software becomes Nexpublica20 March 2025
What’s new on Sign&go Global SSO!25 June 2021
