We, ourselves, and us: Why it’s time to focus on identity protection
We live in extraordinary times. It’s so often said that it’s become the mainstay of marketing emails and stump speeches everywhere.
But the focus is almost always on the times and our circumstances rather than who we are. We.
The irony is that who we are has never been easier to specify. Browser-based autofill functions populate dozens of fields related to our identity, in one click. Biometric technology is built into everyday consumer products. Readily available DNA kits supply reams of data about our ancestry, based on the very cells that make us who we are.
At the same time, our digital lives are fleshing out, so to speak. Where just a few years ago, digital interaction meant reading a web page, or possibly creating one, now almost all human experiences are accessible in some virtual format. Identity is going to be the key that unlocks pathways, connections, and agreements – whether human-to-human, human-to-bot, or human-to-indeterminate.
“Today everything is digital — work, shopping, even your wallet — and there’s one thing that secures you throughout your digital life: your identity,” says OneSpan Chief Product Officer Sameer Hajarnis. “But digital identities are broadly defined, including everything from your username and password to your gender, address, and date of birth. Think about it: Every time you input your address into a website when shopping online, you’re sharing part of your digital identity.”
Unfortunately, this very ease of sharing has fed into a tidal wave of fraudulent behavior. “We are constantly sharing these attributes that make up our digital identities, and this will only expand as we do more things digitally,” says Hajarnis.
“But this also means that threat actors can more easily commit identity fraud and create synthetic identities. These synthetic identities have the ability to disrupt people's lives and the way we do business. Consider, for example, that AI tools can be used to generate authentic-looking fake passports or ID cards that can bypass authentication and verification platforms.”
Who we are is also proving to be extraordinarily fragile in a world where it’s increasingly difficult to trust anything we see or hear. If we are going to move beyond leaps of faith, it’s vital to secure the very foundation of who we are.
This is why OneSpan is proud to be a Champion of Identity Management Day.
Founded by the Identity Defined Security Alliance (IDSA) and supported by the National Cybersecurity Alliance (NCSA), Identity Management Day[2] is a day of awareness to educate business leaders, IT decision-makers, and the public about the importance of identity management. Its goal: To inform about the dangers of casually or improperly managing and securing digital identities by raising awareness, sharing best practices, and inspiring individuals and organizations to act.
Hajarnis’ recommendation is to focus squarely on identity as a keystone of the overall enterprise security posture.
"We need to be thinking about how we can protect a business and a consumer’s digital identity. This means implementing a system where digital identities are provisioned in a secure way and can only be unlocked with strong user authentication in place.”
He adds: “Not only does this protect digital identities from abuse and fraud, but it also limits the amount of identity attributes users need to share. Instead of sharing every piece of personal information, users would only be disclosing the minimum information required to get the job done. This is how we will protect and secure digital identities as we embrace Web3.”
When it comes down to it, it’s practices such as these that will make the difference between a hostile digital landscape, and one in which we can realize our full potential for collaboration and discovery. Extraordinary times indeed.
Learn more about best practices in user identification and authentication.