As technology evolves, customers face an increasing number of identity threats. At the same time, legislation around the world now applies increasingly hefty fines when customer data is compromised. According to Experian, more than two in five consumers worldwide have experienced fraudulent activity online, and 55% of businesses globally have reported losses due to online fraud in the last 12 months. The World Economic Forum classes identity fraud and theft as one of the top five global risks for 2019.
Data Theft and Protection Legislation
In 2018, an upswing in data breaches affected many big-name companies. In most cases, these attacks garnered huge fines, along with a loss of both revenue and consumer confidence. At the same time, GDPR came into force in the EU, with strict data protection regulations backed by penalties reaching as high as 4% of global turnover (not 4% of profit).
Similar regulations have also come into force in other parts of the world. The UN now hosts an online map tracking global cybercrime and data protection legislation, and it makes for interesting reading.
The State of Security Today
To protect the public’s digital assets, unprecedented levels of surveillance are now commonplace. Advanced login and authentication procedures now include multi-factor authentication (MFA) and the public are far more aware of how to protect themselves online.
Biometric identification is seeing big growth.
Biometric national identity documents are in use in many countries, and most smartphones have fingerprint and facial recognition options for login. However, some of these login methods are less secure than one would hope. Companies that allow customers to log into mobile app accounts using device-based biometrics may need to consider additional safeguards.
5 Emerging Threats to Companies in 2019 and Beyond
Several threats have increased in 2019 or are have garnered the interest of security professionals. Here are a few:
1. Mobile device attacks and takeovers
With the increase in mobile device usage and applications, it’s natural that an increase in attacks will follow. Mobile phone account takeovers more than doubled last year. That’s why organizations need to prevent ID theft and fraud on their mobile platforms. Approximately 24,000 malicious mobile apps are blocked every day.
2. A rise in Synthetic Identity Fraud
Large datasets like the ones lost in recent high-profile breaches could be used to create semi-fictitious personages for use in synthetic identity fraud. This type of fraud can still rebound on your customers by tying details like their address to fraud, or by directly affecting your organization. To date, the largest synthetic ID ring detected caused banks to lose $200 million.
3. Increased Internet of Things (IoT) risks
IoT security will affect consumers more than ever in 2019, as smart devices continue to make their way into homes and workplaces. Many consumer IoT devices are inherently insecure, using default passwords, unencrypted connections, and more. While IoT devices may be vulnerable to a range of cyberattacks, the authentication landscape for IoT devices is rightly evolving, as well.
4. Ransomware
The sheer number of new attacks and vulnerabilities is growing rapidly year on year, with ransomware attacks growing 350% annually.
5. Credential Stuffing
Credential stuffing is also making the news lately. Credential stuffing has helped boost the marketplace for large databases of credentials on the dark web, by using databases of known credentials to attack multiple sites and services in brute force attacks.
