November 13, 2018
Digital Identity: Top Three Challenges to Digital Transformation in a Post-Breach World
Posted November 22, 2017
Transformation initiatives are always challenging—let alone those involving digital identity, the digital experience and the fight against fraud and cybercrime.
After all, there’s plenty to contend with in any effort to expand or develop digital capabilities aimed at creating new efficiencies or growing top-line revenue. Organizational resistance to change; inflexible legacy technology; siloed departments and an inability to leverage customer data in meaningful ways are just a few.
According to a recent Gartner survey of 3,160 CIOs, 95 percent believe that, in the next year, the CIO role will need to evolve into a change leader—and that cybersecurity will significantly affect how CIOs do their jobs in the future.
Indeed, as business processes and systems move online, cybersecurity becomes critically important. But in what’s quickly becoming known as a “post-breach” world awash in stolen identity data, three key challenges can make or break any digital transformation initiative.
As many businesses in every industry are discovering, digital identity – a dynamic, high-fidelity authentication technology – addresses these challenges.
1. Increased Attacks
The stats are already harrowing. So far this year, more than 1.9 billion personal identity records have been compromised, including 143 million in a recent breach at a major U.S. credit bureau. And that’s on top of more than 8 billion others since 2013.
Today, cybercriminals leverage this continuous stream of stolen identity credentials and personal information — names, social security numbers, usernames, passwords, challenge questions — to defraud businesses and their customers.
That’s why it’s called a post-breach world. So much identity data is on the loose, identity verification and assessment using static credentials are nearly useless. These systems simply can’t tell the difference between a legitimate user and a fraudster using valid credentials.
The damage so far amounts to $3.6 trillion in losses worldwide — a figure that’s estimated to reach as much as $8 trillion by 2022. For any digital business, this impedes profitable growth and exposes the organization to inordinate risks.
Digital identity is designed to change all that by moving beyond “static” forms of identification to “dynamic” forms of identity that cannot be lost, stolen or faked.
2. More Customer Defections
The typical reaction to stats like those above is as predictable as it is perilous.
Customers become distrustful if they hear news coverage about a data breach. And they erupt in anger if their accounts are the ones getting compromised.
According to a survey of 2,000 consumers by OnePoll, 86.55 percent say they’re “not at all likely” or “not very likely” to do business with an organization that suffers a cyberattack involving payment fraud.
Meanwhile, in an effort to protect themselves, businesses often add extra layers of security, such as two-factor authentication (2FA). While this can be necessary in extreme situations, when it’s applied universally, it puts the burden of verifying identity on users and creates an alienating experience. A full 67 percent of U.S. businesses say longer verification processes increase their risk of losing customers, according to a recent study from PaySafe.
Beyond lost opportunities, universal step-ups increase false positives and false negatives. Last year, false negatives (fraudsters passing as legitimate customers) led to a $8.6 billion loss for U.S.-based eCommerce merchants. Decreasing false positives (customers wrongly tagged as fraudsters) will increase revenue and recover as much as 80 percent of what is lost in chargebacks.
Businesses that fail to deliver the speed, convenience and security consumers demand risk losing customers to businesses that can recognize them online. Forrester Research estimates a $1 investment in reducing friction and fraud yields a $100 return while expanding consumer trust.
Digital identity solutions are designed to make authentication better, not harder, for customers through smart authentication that instantly recognizes returning customers while blocking out fraudsters—even if they’re using valid login credentials stolen through breaches.
3. A Serious Cybersecurity Skills Gap
Preventing and responding to fraud and cyberattacks requires a team of experts. But as reported by CSO magazine, 45 percent of all businesses say they’re facing a problematic shortage of cybersecurity skills.
More specifically, 81 percent of companies find it somewhat to extremely difficult to recruit and hire staff with cybersecurity analytics and operations expertise. Additionally, CISOs report siloed data and a lack of integrated security tools only add to overhead.
Many want to reduce complexity with integrated security solutions. And even the technologically advanced businesses are realizing they can’t do everything themselves, and are looking to service providers to supplement internal staff.
By its very nature, digital identity is a cloud-based, SaaS-oriented proposition. That’s because access to global, real-time threat intelligence at the point of a transaction is critically important. Digital identities are used to recognize legitimate users, even if it’s their first time visiting your business.
Achieving Growth Without Compromise
These three challenges to cybersecurity-enabled digital transformation are just the tip of the iceberg.
Businesses that fail to implement digital identity-enabled smart authentication and assessment often find themselves stuck in a dangerous trap. They’re unable to innovate rapidly. They’re increasingly susceptible to cyberattacks. And they can quickly find themselves outmaneuvered by newer, more nimble competitors that are all too happy to lure their customers away.
It doesn’t have to be this way. If you’re ready to learn more about smart authentication’s role in digital transformation initiatives, check out The Definitive Guide to Digital Identity, a new online resource designed to further the understanding of digital identity and how to grow profitably and securely in a post-breach world.