Written by David Vergara, Senior Director of Security Product Marketing, OneSpan
2021 was another memorable year. Organisations that built remote processes in response to the pandemic have spent the past year optimising and strengthening their systems to ensure a positive and secure customer experience.
However, with identity theft, payment fraud, phishing, and other financial crimes at an all-time high, the work of digital security is never done.
In this article, we’ve gathered the three predictions that will shape the security landscape in 2022.
1. Digital identity initiatives will increase for governments, states, and private sectors
Governments around the globe are launching digital identity initiatives that enable users to access a range of services via online or mobile applications.
Singapore, UAE, and Australia have already issued a digital identity scheme, and the EU is moving in that direction too with the revision of eIDAS and the announcement of the European Digital Identity.
The availability of digital identities on mobile devices will facilitate the onboarding and authentication to digital applications and help combat account takeover fraud attacks.
Once a consumer is verified, they can use their digital identity anywhere at any time online to onboard or authenticate to any application using digital identity verification.
Any application dealing with digital identities will need to adapt and support the new governmental digital identity schemes in order to be relevant in the market.
Example sectors include energy suppliers, banks, postal services and telco providers.
Furthermore, the usage of qualified electronic signatures will become more relevant as citizens will be able to use their digital identities to legally sign contracts online.
This was elaborated further in our webcast discussing the “The Role of Digital Identity in Account Opening & Onboarding”.
2. Security measures for embedded finance offerings
Non-financial enterprises are able to offer tailored financial products to their community, such as payday loans for easy and reliable access to credit or specialised digital platforms for truckers offering credit for fuel financing or vehicle insurance.
Analyst firm Juniper Research expects that the value of the embedded finance market will exceed US$138 billion in 2026, from just US$43 billion in 2021.
Both consumers and organisations have become more open to working with non-financial institutions.
These companies have better access to consumer data, which helps in providing an optimal user experience and leads to greater brand loyalty.
However, though these embedded finance offerings present value to consumers and opportunities for financiers, they also attract the attention of cybercriminals.
Because financing apps often include payment transactions and connections to bank accounts, these fintech applications will become even more interesting for hackers as they gain in popularity.
Security will play a key role as the market matures. Only the companies that combine a frictionless user journey with a secure environment will stand out in the crowd.
Functionality and usability will be important to be sure, but organisations that fail to protect their websites and mobile apps will quickly lose their brand reputation and customer base.
3. Cryptocurrency fraud will skyrocket
Crypto exchange platforms have been developed very rapidly from open source without taking their security ecosystem or fraud management seriously.
Since the platforms are unregulated and not secure, there’s no guarantee that customers get their money back after a hack.
At least 32 incidents of hacks and fraud have already taken place in 2021, for a total value of almost US$3 billion.
Without a doubt, the number of cryptocurrency hack incidents and fraud losses will break records in 2022.
The most common types of crypto hacking are phishing and social engineering attacks, even though the technology to protect customers against those attacks has already existed for years and has been in use by traditional banks.
Push notifications instead of one-time passwords sent via SMS can prevent SIM Swap attacks. Also, application shielding can protect wallet applications from cloning and secret extraction.
The only way to mitigate these attacks is to bring in more regulation and rules, like PSD2 and the requirement for Strong Customer Authentication.
For customers, on the other hand, it is critical to select a trading platform that offers premium security capabilities.