Identity Fraud: What companies should prepare for in 2021 and how they can benefit from artificial intelligence in the process. One of the downsides businesses face after a major digital transformation is the dramatic increase in attempted fraud.
Deepfakes continue to serve as a form of entertainment at the amateur level, for example on social media. More sophisticated forms of deepfakes are still rare, as they are very complex, expensive and time-consuming to produce. However, the few professionals in the business could make their files open source in code accessible to others. As more sophisticated fraud attacks increase, this is something companies should be aware of in the future. It is pushing businesses and regulators from passive methods (a still photo for biometric analysis) to more active methods (a video or dynamic multi-frame video). We see this, for example, with the requirements for age verification, which make up a large part of the new German Gaming Ordinance, which will come into force in July 2021.
Deepfakes are becoming increasingly sophisticated
Michael Van Gestel, Global Head of Fraud, Onfido
Active methods include more sophisticated identity verification solutions to combat more sophisticated attacks. Organizations need to understand that improvements in anti-fraud technologies will go hand in hand with smarter attacks. Therefore, they should start taking countermeasures now to stay on the offensive against hackers.
Threat landscape: Identity fraud on the rise
As transactions moved online due to the COVID-19 pandemic, identity fraud is becoming a major problem in all digital industries. In the past twelve months, the average rate of identity fraud in Germany has increased by 23 percent compared to the previous year. There's no question that COVID-19 has fueled a massive spike in identity fraud attempts, with industries like financial services and telecommunications disproportionately affected. Given that sensitive and personally identifiable information is easy to find on social media and available for sale on the dark web, database audits are no longer useful in this escalating fraud environment. The use of very sophisticated identity verification methods, such as B. Document and biometric authentication, ensures that companies can significantly reduce the risk of fraud for their company and their customers. Michael Van Gestel, Global Head of Fraud, Onfido
Non-human identities as important as human identities
Mary Writz, Vice President of Product Management, ForgeRock
While we often associate digital identity with a person, in the future many other “things” will also need identities, from watches and bracelets to SCADA (Supervisory Control and Data Acquisition) sensors and medical devices to DevOps containers and Kubernetes resources. While the number of human identities is growing relatively slowly, the number of non-human identities will explode. Enterprises will attach identities to virtual machines, hosts, or containers to control security, and they will spend on cloud computing. The ratio of human or developer to machine identities is 200:1 and will continue to grow.
As we move more and more towards “identity as the new perimeter”, we will hit a performance limit as the number of non-human identities increases exponentially through both 5G and modern DevOps. This will lead to an increase in real-time decisions that need to be made based solely on the number of identities in place. Also, the amount of context or signals we want to use to make those decisions will significantly increase bandwidth. Enterprises will find that they cannot manage latency and bandwidth strain and must offload them to the edge.
Dramatic increase in attempted fraud
One of the downsides businesses face after a major digital transformation is the dramatic increase in attempted fraud. In 2021, a record number of consumers will switch to online services, be it shopping, healthcare, education, visiting authorities or working remotely. We experienced a foretaste of attempted fraud last year with zoom bombing, when classrooms were converted to virtual environments.
In addition, quantum computers will have a major impact on how we think about “secure access”. When quantum computing becomes part of everyday life, certain types of encryption and thus authentication (e.g. with encrypted tokens) will no longer be necessary. Public Key Infrastructure (PKI) and digital signatures are then no longer considered secure. Organizations will need to be quick to modernize their identity and access technology accordingly. Mary Writz, Vice President of Product Management, ForgeRock
AI bias: A compulsory topic for companies that use AI from 2021
Mohan Mahadevan, Vice President of Research, Onfido
Racial bias in many AI-controlled facial recognition algorithms (AI bias) has been a big talking point over the past year and has come to a head with the social unrest in 2020. Research has found widespread evidence that racial minorities are much more likely to be misidentified than whites. In 2021, correcting AI bias will become an important topic for any company using AI or facial recognition technology. Using government issued documents, companies can quickly and easily prove possession of an ID by analyzing the face on the document and comparing it to the face trying to access the system. 2021 will be the year AI bias comes to light and companies begin to implement radical changes to eliminate racial bias in their software - which can happen in part through a conscious focus on fairness and training the The company's ML system is in place to reduce racial facial recognition errors.
AI governance frameworks: Many industries will use them as a USP
The global implementation of AI governance frameworks picked up speed in 2020. Companies increasingly asked for details on the results of AI applications. Here it is very important to ensure a suitable level of explainability in AI applications. It is also important to use high quality data, to ensure verifiability and to adhere to ethical, fair and transparent principles. Data protection requirements and the implementation of effective cybersecurity measures should also be a focus. Implementing AI governance frameworks was more likely to be seen in finance and banking in 2020, but we'll see this become more widespread in 2021. Other industries such as healthcare, e-commerce and mobility services will begin to use AI as a USP, i.e. as a competitive differentiator. For example, healthcare providers are starting to be more transparent about how data is being used and how ethically and fairly they are protecting that data. If companies want to be ahead of the times, they should start developing ethical AI frameworks now to position themselves as leaders in this global movement. Mohan Mahadevan, Vice President of Research, Onfido
More on this at Onfido.com More on this at ForgeRock.com