• Mike Kiely, Regional Senior Director at IDnow


• 01.12.2023 10:45 am
#security #fraud #digitalidentity

With the rise of ChatGPT, the topics of fraud and deepfakes entered the zeitgeist in 2023. Looking ahead to the next 12 months, there’s little sign of these developments slowing down. But what else will be important in the world of digital identity and identity verification in 2024?

1. The continuing rise and threat of generative AI

Primarily in the form of ChatGPT, generative artificial intelligence (AI) and large language models (LLMs) entered the collective mind in 2023. In fact, Collins Dictionary recently named ‘AI’ as its Word of the Year, showing how far these burgeoning technologies have captured wider public interest. Experts expect generative AI to add a staggering £3.7 trillion in economic value from a combination of specific use cases in the coming years. However, the developments within AI are bound to have some adverse effects on cybersecurity, the beginnings of which we are already witnessing. Social engineering attacks will become easier and faster because (cyber)criminals no longer need deep technical know-how to execute them. Document forgery, especially digitally generated images of physical documents, is likely to become easier than ever before with accurate information harder to spot. To combat these AI-aided advances of cybercriminals, organisations will need to leverage AI themselves to stay one step ahead.

2. Deepfakes are the next evolution in fraud

One notable side effect of the advances of generative AI is the evolution of fraud in the form of deepfakes. These will pose a growing threat to biometric processes, such as those used in identity verification. This includes both presentation and injection attacks. According to market experts, presentation attacks using deepfakes are roughly 10 to 100 times more common than injection attacks. In 2024, it will become ever more important for banks and financial service providers to rely on remote identity verification processes that validate the user’s face biometrics and perform liveness checks to detect and prevent presentation attacks and tackle the rising number of fraud attempts. Learning more about the user’s device and where it comes from, securing the communication between camera and application, and the usage of NFC (near field communication) technology will all start to play bigger roles in the fight against fraud. 

3. A layered approach for a new threat landscape

In 2022, over £1.2 billion was stolen through fraud in the UK. Yet, organisations increasingly recognise that fraud is a security issue rather than a cost of doing business. Many UK players, especially in the financial services industry, will be looking to adopt end-to-end online fraud prevention solutions, counting on multi-layered tools and technologies. One key development to watch within these ‘layers of defence’ is the addition of so-called risk signals. Leading digital identity experts have already started to incorporate more behavioural biometrics, such as typing patterns or mouse movements. These patterns from historic interactions with users will start to impact fraud prevention positively, with device signals or template signals of fraudulent ID documents making it much harder for fraudsters to get away with their crimes.

4. The ongoing transition to digital identity 

In some ways, 2024 will be another year of transition for remote identity verification solutions. Digital identity solutions, in the form of digital wallets, are becoming increasingly mature across markets. The biggest initiative in this realm is eIDAS 2.0, driven by the European Union, which is pushing for the adoption of digital identity wallets across its member states by the end of the decade. While the adoption rates of these wallet solutions are still in the early stages, organisations with any type of digital service offering should prepare themselves for this upcoming transition.

5. The regulator steps up   

It has been over a year since the UK government published its Digital Identity and Attributes Trust Framework (DIATF), a set of rules and standards for digital identity providers to follow. With the release of the DIATF, the journey towards a brave new and digital world in the UK has begun anew. Digital identity is not the only place where regulations are changing. Modifications to the UK’s cryptocurrency framework and the UK gambling regulations are also underway and will start to materialise in 2024. For crypto, this will mean a greater emphasis on trust and transparency within the market, while for gambling, the UK government is looking to make the sector fairer, safer, and free from crime.