Blake Hall, CEO and founder of ID.me, has drafted four predications around biometrics, federated identity and data privacy regulations.
McLEAN, Va. — In 2018 more than $1.48 billion was lost to fraud, according to the Federal Trade Commission (FTC), with identity theft accounting for nearly 15% of all cases. As cybercriminals diversify their targets and become more sophisticated, identity theft will continue to pose major challenges for businesses and consumers in 2020 and beyond.
So what’s in store in 2020 for the evolving identity protection landscape, specifically? Blake Hall, CEO and founder of ID.me, provider of a leading digital identification verification platform, has drafted four predictions around biometrics, federated identity and data privacy regulations. These predictions follow.
1. Biometric Authentication Will Enter the Mainstream
The biometrics industry will experience significant growth in the coming years. In 2020, biometric authentication for in-person transactions, particularly for travel and physical access to locations, will become more common. Governments at all levels will need to define a regulatory framework to allow for innovation and convenience while safeguarding individual privacy and establishing guardrails against surveillance.
2. Data Breaches Will Hit Record Highs
Stolen credentials are responsible for approximately 80% of data breaches. As the economy becomes more digital and more applications move online, the state of user login will continue to degrade as users are asked to manage more passwords and to prove their identity over and over again. Meanwhile, 86% of American users report using their memory alone to manage passwords.
Fraudsters will attack the system by exploiting inherent weaknesses in this model by using a single compromised password across different sites and through social engineering attacks.
3. Secure Federated Identity to Grow in Importance
Driven by the rising cost of data breaches and consumer demand for a more efficient way to login online, a secure federated identity system will significantly expand to empower users to control their identity information by using the same trusted login across sites.
While some industries accept identity verification via social media platforms or Internet search engines, these companies are not poised to serve digital applications in the e-government, healthcare and financial services verticals as they don’t meet security requirements and force consumers to trade off the convenience of login with the loss of control over the use of personal data.
4. California Privacy Laws Will Expand Across the Country
Passed in June 2018 and set to go live in 2020, the landmark California Consumer Privacy Act (CCPA) will likely expand across the country as the federal government will work to pass legislation for the country to have one, unified set of rules. The CCPA will heavily inform this national privacy framework ensuring that all states have the same data security compliance requirements for organizations. Additionally, many companies will proactively choose to implement CCPA nationally, which is already starting to happen with companies like Microsoft, for example.
Comparable to Europe’s General Data Privacy Regulation (GDPR), these laws could have major repercussions on U.S. companies that don’t adhere to new data privacy standards. The new data law will go into effect this month, severely impacting tech giants and major U.S. businesses through changes of privacy regulations. However, these laws will empower Americans to protect their identity data and have more control over what information companies can have.