Telesign CEO Joe Burton recently provided his predictions on all-things digital security for 2022. As a recognized thought leader in the industry, Burton has plenty of unique insight into how things currently work, how that will change in the future, and what businesses can do to adapt. Here are five predictions he sees for the upcoming year.
1) SIM swapping: What’s old is new again
SIM-swapping isn’t a new vulnerability. But, as crypto markets boom and micro-transactions make the opportunity to repeatedly steal a negligible value (that adds up to real value) – SIM-swap attacks are becoming an ever more lucrative opportunity for thieves. With bounties high, 2022 will see an increase in thefts by SIM-swap attacks making the consequences of inadequate security even more devastating for companies and their account holders.
SIM-swapping is a low-tech but high-reward attack. Nearly all verification systems fall back to SMS or email because the ubiquity of the technology makes it a necessity. Securing your customers and systems against this type of attack means adding new layers of intelligence into your high-value, high-risk interactions – like account password resets or monetary transfers. Checking for recent number porting, carrier information, billing information, and more can help stop these attacks in their tracks – all without adding layers of friction to legitimate users and transactions.
2.) Explainable AIâ¯will become the new standard for Artificial Intelligence
It is not enough that AI can reach a decision faster than its human counterpart; it should be enabling a better and more equitable ecosystem. This is especially the case with racial or gender bias issues and how a consumer’s information might be shared or accessed. When creating a secured user experience, AI-based decision-making in any ‘high consequence’ scenario needs to explain its logic to create transparency and accountability in the process.¯
2022 will be the year that AI becomes more credible and trustworthy through Explainable AI, enabling AI systems to reveal how it made the decision. Increasingly adopted in the fraud and cybersecurity industries, Explainable AI helps demystify AI decision-making and build a trust continuum. Eventually, this new standard for AI models may become mandatory and usher in a higher level of fairness for everyday transactions and interactions – from loan applications to credit scoring.
3.) The best security is one that customers don’t notice
The way security, fraud, and identity technology interact with people will change going forward. Sites that ask the most questions for verification will be the least secure, and the ones asking for the least will be the most secure. How? They’re working from a gatekeeper mentality and not a continuous trust mentality. Constantly monitoring the digital identity signals of a user and an account will give forward-looking companies an edge – both in security and customer experience – by looking at thousands of signals and factors silently verifying the authenticity of a user with the least number of hurdles.
Risk scoring and digital identity simultaneously look at thousands of factors to help companies understand if the device, location, behavior, and thousands of other signals match the “user.” Companies adopting this technology will have a competitive edge by being more secure and more human.
Humans don’t want high security; we want trust. We don’t want to log on; we want a continuous security posture as we go through our lives. This approach gives us the freedom to do what we enjoy without disruption from nagging and ineffective security procedures.
4) Geographical differences take center stage
Starting in 2022, technology will enable advanced security technology to adapt its risk-scoring and authentication factors for local needs automatically. For example, a smartphone-enabled real-time digital face scan for verification might work great for a country with 5G network access and not at all for a country still using 3G networks. The fact is: no one factor or method is infallible or scalable across the globe.
With thousands of factors and billions of users, the problem quickly becomes complex. Deploying intelligent systems that use machine learning and artificial intelligence to factor in regional and behavioral differences in risk-scoring digital signals and identities will give companies a competitive edge. How? By being able to deliver low-friction, high-security experiences that monitor the right signals in the right places all the time.
5) Security goes from defense to offense
Especially in this digital age, consumers are looking to interact with secure companies that aren’t relentless in their security processes. While necessary today, annoying and repeated requests for answers to security questions and bothersome, ongoing checks will become the hallmark of laggards as best-in-class organizations adopt a posture of continuous trust.
In 2022, the least-breached companies will also be the most consumer-friendly. Today, we react to requests and challenge users to prove they are who they are. To be best in class, companies need to always know their customer – and understand when something in their digital identities is abnormal. This could be a location, a new device, an abnormal request – something that isn’t normal behavior. Using AI-powered digital identity monitoring prevents needless friction while increasing the security of your systems.
Parting thoughts on 2022
Today, we are experiencing exponential growth in the amount of data available online, representing seemingly limitless possibilities for people worldwide. Telesign is moving the world of digital security forward by continuing to be amazingly accurate when scoring data to detect fraud—and doing so at scale. We help businesses provide superior customer services to trusted customers while making life difficult for bad actors. Our job is to deliver on the promise of the digital economy.
Accurate. Fast. Global. That’s what Telesign is. And that’s what it will continue to improve upon in 2022.