This is part of our ongoing predictions series. We heard from top leaders across the industry on what the new year might bring for cybersecurity.
From cyberattacks against critical infrastructure to COVID-19 vaccine fraud, 2021 was a busy year for cybercriminals and a challenging year for security professionals. With 2022 right around the corner, what trends can we expect to see in the upcoming year and how can enterprises prepare?
Leaders at Jumio, a leading end-to-end identity verification platform provider, weighed in.
Robert Prigge, CEO of Jumio
Identity verification will be crucial to securely enable electronic driver’s licenses, as states begin rolling out digital ID feature.
Europe is leading the forefront for Electronic IDs with the eIDAS legislation and the United States is following in its footsteps. Apple recently announced the release of a feature that will enable U.S. residents to upload their government-issued ID to their Wallet app. Georgia and Arizona have already confirmed they will be the first states to enable this, while Florida has also announced the rollout of its Florida Smart ID Verifier, enabling residents to share their Florida Smart ID using a scannable QR or barcode.
In 2022, we will see more U.S. states adopting digital ID solutions for their residents to use as a more secure form of identification. Considering the high sensitivity of government-issued IDs, digital identity verification solutions like biometric authentication will be critical to confirm every user uploading an ID is actually the person they’re claiming to be.
Organizations will consolidate identity verification vendors for the KYC process.
Historically, organizations with identity verification needs have used countless solutions to verify user identity, examine their identification and supporting documentation, authenticate them after every visit, ensure they aren’t on any watchlists by conducting ongoing screenings, manage investigations, monitor their transactions and report suspicious activity.
However, this approach is not only costly and complicated, it cannot adequately spot financial crime and properly verify user identity. Organizations are instead moving toward a single, comprehensive platform that consolidates these capabilities to effectively and efficiently confirm user identity and maintain compliance.
It is projected that by 2023, 75% of organizations will leverage a single vendor with strong identity verification capabilities and connections instead of using various other third-party solutions for identity proofing and affirmation, an increase from fewer than 15% in 2020.
Bala Kumar, CPO of Jumio
Establishing COVID-19 vaccine passport programs will be a key international security focus in 2022.
The demand for vaccine passports is escalating, and digital vaccine passports are becoming the global standard proof of vaccination. In just the U.S., 82% of Americans are in favor of the idea. However, fraudsters are already one step ahead with the rise of a booming black market for counterfeit vaccine cards. In fact, fraudulent vaccine card selling has increased by 257% since March 2021. With fraud on the rise, organizations must ensure the person showing their digital vaccine passport is not using a counterfeit. This has become a major concern for U.S. government agencies as well with thousands of fraudulent vaccine cards seized by customs in just one week.
In 2022, countries that haven’t yet, need to establish a vaccine passport program and ensure it's interoperable between different international jurisdictions. Biometric authentication will be key to issue these COVID-19 medical documents in a secure way. Along with biometrics, AI will be critical to keep track of millions of identities and accurately verify which travelers are actually vaccinated and which ones are showing false documentation.
As digital health appointments become commonplace, the need for assurance over preventing identity fraud will grow.
With data showing that 4 in 10 GP appointments are still not face-to-face and with doctor’s surgeries being urged to continue in this manner, the digital revolution of healthcare will continue to accelerate well into 2022.
But with such sensitive health-related issues at stake, and with the potential harm so great, knowing who a patient is online is critically important.
To prevent instances of prescription fraud in particular, online medical providers will have to implement robust ways of proving a patient is who they claim to be.
Additionally, if the government continues to push for a digital-first approach to appointments, establishing this level of trust between the patient and GP will also be vital to ensuring open-mindedness and acceptance.
Labhesh Patel, CTO of Jumio
The future of AI technology and its credibility will rely on organizations mitigating AI bias through technology diversity initiatives.
As AI is adopted for an increasing number of business functions and data analysis, AI bias has become increasingly concerning for experts. Bias can impact AI algorithms in numerous ways to skew results and provide information that’s not fair or objective by proxy. This is damaging to the credibility of AI technology and has the potential to stifle its growth and the consumer trust needed to advance it forward. The future of AI technology and its credibility will rely on organizations mitigating AI bias through technology diversity initiatives.
For example, a dataset that used to be considered the benchmark for testing facial recognition software had data that was 70% male and 80% white - not representative of the holistic population. Even if sensitive variables such as gender, ethnicity and sexual identity are excluded, AI systems learn to make decisions based on training data, which may contain skewed human decisions or represent historical or social inequities.
While diversity and inclusion are discussed from a hiring and corporate perspective, it must also be a critical component of product development. To get ahead of this issue, CTOs of organizations using facial recognition technology should be asking their technology providers how their algorithms are trained. This will put pressure on identity vendors to ensure their solutions’ AI algorithms are built to represent the broader population.
Consumers will opt to purchase products and services from organizations that prioritize strong data privacy safeguards.
Consumers today are calling for more control over their online data and how it’s being used by companies. Next year and beyond, enterprises that prioritize user data privacy and are transparent with consumers about how their data is being collected and used will have a competitive advantage over businesses that don’t. For instance, Apple has put its stake in the ground at the forefront of this movement to protect consumer privacy, updating its privacy policy and controls. This move by Apple has increased the awareness of the general public, hence putting more pressure on businesses to improve their privacy standards, especially when it comes to the sensitive domain of identity management.
Strong identity and access management (IAM) controls to manage permissions are critical for enterprises to provide users better control over how their data is used. For instance, providing customers with the option to tailor which of their personal identifiable information (PII) is shared with the company’s website or app and for how long. In 2022, we will see more enterprises moving toward Apple’s approach to privacy to appease consumer’s rising privacy concerns and build meaningful customer relationships built on trust.
###