By: Andre Boysen, CIO, SecureKey
Where did the time go? It feels like just yesterday we kicked off 2018, yet so much has happened. The technology industry alone has emerged as one of the most talked about sectors, with the diffuse password-based system rising as a concern for organizations across the country. Companies are no longer immune to data breaches and understand that it’s not a matter of if they will be breached, it’s a matter of when.
Aside from data breaches, there were a number of technology trends that affected business over the past year. In this blog, I share my thoughts on the major milestones that impacted the technology industry in 2018 and the trends that will be most polarizing in the year ahead.
Reflecting on 2018
- Breaches grew in scale, frequency and scope: Unsecure digital identity is a fundamental issue that all organizations need to prepare for. The data breaches of Marriott and Facebook alone resulted in the sensitive information of millions of consumers becoming public in a matter of minutes. We’re still seeing companies require consumers to sign up for their services with a user ID and password – an authentication process that has proven to fail time and time again. Companies aren’t in the business to harm people but at the same time, don’t have the economic scale required to make the investments to keep data secure.
- Experimentation of self-managed identities picks up steam: For the first time, we saw consumers being provided with the ability to create an identity for themselves to do business with trusted organizations. New platforms by Sovrin, Civic, Uport and Mastercard all point to a global decentralized approach that gives consumers choice, control and convenience of their identity. Building on momentum in 2018, we expect 2019 to be a breakout year for self-managed identity through the launch of our Verified.Me platform – providing consumers with a new and secure way to verify their identity to get access to services and products online, in person and on the phone.
- Financial consequences got real: We started to see huge financial consequences for not managing data properly. Facebook was the first company to receive a huge fine for its hack, owing the European government $122 million for breaking its privacy law[1]. While Marriott remains to be fined, this set a precedent that companies cannot get away with data breaches without significant financial penalties. One single hack can put companies out of business, with two tarnishing their company name completely.
What’s in store for 2019?
- It’s not over – breaches continue to grow: While businesses are recognizing that digital identity is something they need to take more seriously, there is still an imminent threat of data being compromised. In the coming year, organizations should begin to develop strategies focused on long-term success, such as eliminating the existing infrastructure of user IDs and passwords. Until we overcome the topology issue of a diffuse security model where every website manages its own identity stack this problem will continue unabated.
- Confidence in data privacy and user experience grows: The current enrollment process for services is lengthy and inefficient – consumers are required to wait at a counter while tellers gather information from multiple sources. User experience is horrible, and following the interrogation, organizations have tons of data that becomes a breach risk. This will diminish as organizations move to an underlying trust model, like SecureKey’s Verified.Me platform. We’ll minimize breach risk due to much less data being accessed, while improving business confidence in the integrity of the user registration.
- AI goes political: We’ve started to see artificial intelligence (AI) advance in numerous industries, such as photography, with the creation of credible but fictional images of people and things. In the digital identity space, we’ll begin to see bad guys use AI in phishing schemes to pose as someone else. In the “Trump era” of determining what is truth and what is fiction, consumers are challenged with knowing who to trust and if the person on the other end of the transaction is a hacker or not. While volume in phishing schemes will decline, we’ll see attacks become more sophisticated due to AI.
- Bitcoin – the buzzword of 2018 – wains in importance: This supposed “cost-free” transaction turned out to be untrue; the economic cost of running bitcoin is extremely expensive ($1.40 for one bitcoin at 215KWH[2]) and causes significant environmental damage due to the electricity required to get consent on transactions. Consumers no longer want to hold wealth in bitcoin and organizations aren’t accepting it as a way to pay, due to its volatility. While bitcoin has provided great benefit in allowing blockchain to be applied to other industries, its “anti-government” approach to currency won’t continue to gather steam in the new year. Bitcoin theft through fraud schemes is diluting (or emphasizing) the benefit of the code-is-the-law element of bitcoin.
- The identity grid takes hold: Around the globe, self-managed digital identity will take over the current topology of every webservice running its own identity stack. With open banking forcing the issue, digital identity will be used to improve transactions on a global scale. Leveraging the underlying trust model mentioned above, digital identity will be used as a means for development in other parts of the world that have no advanced economy, in place of a wallet or ID card. Digital identity truly has the power to change the world.
Next year will see major milestones in technology. While breaches will continue to grow in severity, so will digital identity and the available resources to protect us from the bad guys – such as the launch of our Verified.Me platform targeted for early spring. We’re so excited to be a part of this shift towards better digital identity and while there is no telling when we can put an end to the breaches altogether, by working with the best minds in the business, we have the potential to change the game.
The SecureKey team wishes you and your families a wonderful holiday season and Happy New Year!
To learn more about digital identity, view my latest presentation at TEDxKelowna here: https://securekey.com//blog/how-identity-will-create-a-nation-of-healthcare-heroes-tedx-talk/
[1]https://www.washingtonpost.com/news/the-switch/wp/2017/05/18/facebook-will-pay-122-million-in-fines-to-the-eu/?utm_term=.0f80133fd50d
[2]https://www.wired.co.uk/article/how-much-energy-does-bitcoin-mining-really-use