What Will 2023 Bring in the World of Digital Identity Verification?
- Benjamin Haas, Senior Director EMEA Financial Industry at IDnow
- 12.12.2022 09:45 am #DigitalIdentity
The world of technology and everything associated with it moves quickly. Identity verification is no different. With 2023 drawing ever closer, we are looking towards five trends and challenges in the fields of data security and privacy, fraud prevention and regulations that will shape how companies verify the identity of their customers in the new year and beyond.
Digital identity to forge ahead
Digital identity is all set to continue its inexorable rise in 2023. After being hastened by the Covid-19 pandemic, using digital processes as a way of proving that a person is who they say they are will continue to be the primary way of accessing government, banking, health, workplace and education services. The global market for this is expected to be worth approximately $33bn by 2025, which is more than a 100 per cent increase in its value in 2020.
The use of digital identity wallets is also set to increase in 2023. There are now so many instances of onboarding during which verification is required that it is becoming increasingly time-consuming to go through the same processes time and time again for each service. As digitisation’s popularity continues, so the number of anticipated verification processes will also rise. Adoption of the Bring Your Own Identity (BYOI) model will grow, using an underlying ledger infrastructure. The market for schemes like this, however, remains fragmented with regional variations and no interoperability standards, though a global standard for portable decentralised identities is likely to emerge in the next few years as use cases evolve more and more quickly.
Data security and privacy
The warning is stark: assume that all your personally identifiable information (PII) is known to everyone. Stolen static identity credentials like names, passwords and email addresses, are being used to impersonate individuals online and for carrying out synthetic identity fraud.
The management of their data is becoming more and more important to users, with almost four-fifths of them willing to invest time and money on ways that will better protect their privacy. Self-management of data by consumers, as offered via digital identity wallet solutions, also reduces the liability of an organisation to collect, process and safeguard PII, which makes it a more appealing concept to the business world.
Growth in fraud
It is an unfortunate fact that when the economy is uncertain, fraudsters take advantage. Ransomware, geographically-targeted phishing and attacks related to cloud security and IoT are all expected to increase in 2023 as the global cost-of-living crisis continues.
One method to watch in the next twelve months is deepfake. As machine learning (ML) becomes more sophisticated and facial databases hold much more information on peoples’ likenesses, millions of fake identities can be created by bad actors using deepfake technologies.
Technology has also enabled other types of digital fraud. Those intent on committing illegal activity now no longer need to create counterfeit physical documents, because the tools needed to usurp a person’s identity are all available on the dark web. As quickly as technology develops, fraudsters keep pace, so it remains a challenge for identification service providers to develop measures to counter fraud. In the field of biometrics, ‘liveness detection’ assists, as the underlying AI ensures that the digital interaction or transaction is with another person rather than a spoof, inanimate photograph or video.
With the increase in fraud and its accompanying sophistication, the onus will fall on the importance of identifying risky individuals and legitimate consumers across platforms.
Regulatory evolution in crypto
The need for governments to create well-constructed regulatory frameworks is vital if adoption of digital identity propositions is to be promoted. Clear and stable rules on the collection, processing and sharing of personal data must be put in place by authorities. This seems to be especially true for the crypto market.
The crypto industry endured a torrid end to 2022 following the collapse of FTX in November. An extension of the European Transfer of Funds Regulation (TFR) to include crypto assets, meaning that the sender and beneficiary of all applicable crypto transactions will need to be identified, is expected to come into effect in the EU in 2023.
Markets in Crypto Assets (MiCA) has also been mooted as the first major regulatory framework for crypto assets and has established rules for the issuance, admission to trading, and operation of crypto assets. Although enforced by the EU, British providers will need to obtain MiCA authorisation should they wish to trade with customers from the continent. While MiCA is not expected before 2024, given the scale of requirements, British providers should already prepare for the framework’s implementation starting from next year.
Additionally, both MiCA and TFR could have far-reaching implications on the world of crypto regulation beyond the EU. Since the FTX crash, other nations like the United States are now looking towards Europe as a guide for their own future regulatory landscapes and frameworks in crypto.
Know Your Customer (KYC) will no longer simply be a box-ticking exercise
When it comes to proving the identities of customers and companies understanding who these customers are, KYC is expected to become more all-encompassing.
Working in silos is no longer acceptable. It is a significant threat to customer service and satisfaction. Companies will have to embrace the functionality of multi-purpose technology solutions as a way of encouraging better collaboration across their departments. This in turn will optimise their operations.
The financial services industry and institutions within it are prime examples. Different departments such as Compliance, Sanctions and KYC all currently work to their own separate agendas and the dots are not joining up. The very best tech and KYC providers will understand how departments feed into each other and enable multi-purpose use. This will offer major benefits, as the work done by KYC informs how other departments such as Fraud and other financial crime sectors view perpetrators.