December 5, 2018
November 29, 2018
Posted January 24, 2018
Cybercriminals are using the network effect to their advantage. Isn’t it time digital businesses did the same?
That’s a point I drive home at many industry conferences and in interviews with the press—especially when the topic is digital identity and securely growing your business.
The fact is, cybercrime has evolved into a full-blown, highly networked industry of its own.
Today, nation-states and multinational cybercrime syndicates with names like CyberVor, Lazarus Group and Legion of Doom buy, trade and augment stolen identity credentials from the darkest corners of the web.
Working collaboratively with far-flung networks of operatives, they leverage these credentials, ransomware, automated bots and other tools to perpetrate increasingly successful attacks. With each new year, the payoff gets bigger.
To curb all that, a growing number of businesses have been gravitating toward digital identity-based user verification and assessment solutions that are impervious to attacks leveraging stolen identity credentials.
Now more than ever, they’ll need the network effect to be successful.
The network effect is a well-known phenomenon: Each new user of a product or service increases the value of that product or service for all of its users.
That AMEX card in your wallet would have a lot less appeal if it could only be used in one or two stores, for instance. Likewise, Facebook would be a pretty lonely place if everyone you know wasn’t there already.
In fact, the same is true of the digital backbone supporting these and every other organization doing business online today, including your own. Websites and apps would be pointless if 7.5 billion of us hadn’t flocked to this thing called the Internet.
The network effect gets to the heart of what makes digital identity so central to preventing fraud.
Think of it this way. Digital identity combines hundreds of offline and online data elements to establish an individual’s “normal” behaviors, devices, locations and more. When any of those factors diverge from those norms, it may signal fraud.
The thing is, getting a clear view of an individual’s digital identity and the risk associated with it depends on the size and accuracy of the dataset it’s drawn from.
One organization’s dataset doesn’t really cut it. But combining that dataset with another organization’s dataset makes it that much better. Combining datasets from hundreds of organizations is better still. That’s the thought behind a push in recent years toward business consortiums meant to share datasets within specific verticals, such as retail and banking.
Unfortunately, that approach is only going to get you so far on its own. Cybercriminal networks aren’t exactly industry specific. Criminal networks stealing from online retailers are also stealing from insurance companies, for instance. And they don’t just stick to Wichita or Irkutsk.
So, what does it take to achieve the kind of global, cross-industry network effect that can provide an accurate read on digital identities—and flip the odds against cybercriminals?
As you can imagine, the challenges are significant:
Spoiler alert: It’s not a do-it-yourself proposition.
But participation in a global digital identity network can achieve all of this and more. By leveraging shared intelligence across thousands of organizations, a cyberattack detected by one is known and neutralized by all, instantly.
Now that’s what I call the network effect—and a great way to win an arms race.
To learn more, check out the Definitive Guide to Digital Identity, which is designed to help businesses of every size understand digital identity and how it can help them safely grow their business in 2018 and beyond.