Connect with us

Hi, what are you looking for?

Business

Shaking up tech: 2022’s ticking disruptors

Organisations that fail to protect their websites and mobile apps, will quickly lose their brand reputation.

Image: © AFP
Image: © AFP

As 2021 comes to an end and we start looking to next year, it is useful to consider the predictions and trends that will shape the fraud and security landscape in 2022.

To gain insight, Digital Journal caught up with OneSpan’s Chief Technology Evangelist, Benoit Grangé.

Digital identity initiatives will increase for governments, states and private sectors

Grangé sees many of the initiatives for 2022 set to come from the state sector, noting: “Governments around the globe are launching digital identity initiatives that enable users to access a range of services via online or mobile applications. Singapore, UAE and Australia have already issued a digital identity scheme, and the EU is moving in that direction too with the revision of eIDAS and the announcement of the European Digital Identity. The availability of digital identities on mobile devices will facilitate the onboarding and authentication to digital applications.”

Further on this seemingly pressing need for regulation, Grang  states: “Once a consumer is verified, they can use their digital identity anywhere at any time online to onboard or authenticate to any application. The consumer has full control of the information they are sharing online. Example sectors include energy suppliers, banks, postal services and telco providers. Any application dealing with digital identities will need to adapt and support the new governmental digital identity schemes in order to be relevant in the market. Furthermore, the usage of qualified electronic signatures will become more relevant: citizens can use their digital identities to legally sign contracts online.”

Security top concern for embedded finance offerings

Financial issues are likely to fall into the spotlight, says Grangé: “Non-financial enterprises are able to offer tailored financial products to their community, such as payday loans that employees can benefit from to get easy and reliable access to credit, or specialized digital platforms for example targeting truckers that offer credit they can use for fuel financing or vehicle insurance. Analyst firm Juniper Research expects that the value of the embedded finance market will exceed $138 billion in 2026, from just $43 billion in 2021.”

As to what the consequences will be, Grangé  explains: “Both consumers and organisations have become more open to working with non-financial institutions. These companies have better access to consumer data, which helps in providing an optimal user experience, leading to an increased brand loyalty. Since those apps are being used more often and very often include payment transactions, they will become even more interesting for hackers. Only the players that combine a frictionless user journey and accommodating offerings like “buy now, pay later” with a secure environment, will stand out in the crowd.”

On this, Grangé warns: “Organisations that fail to protect their websites and mobile apps, will quickly lose their brand reputation, and hence their customer base.”

Privacy by design becomes imperative for organisations to remain competitive

Consumers want privacy, so for firms to offer better security is a mans to boost revenue says Grangé , finding: “Privacy by design refers to the idea that the future of privacy cannot be assured solely by compliance with regulatory frameworks. Rather, privacy assurance must ideally become an organisation’s default mode of operation and personal information should be protected from the start, at the design phase. Although this concept was put in the spotlight when the GDPR regulation was released, it has already existed since the 90’s. At that time, Ann Cavoukian, former Canadian Information & Privacy Commissioner, defined seven principles that are considered the foundation of privacy by design — from enabling privacy settings by default and being proactive to being transparent about the motives for data collection. Those principles still remain valid today.”

These factors will drive firms to revisit their practices. According to Grangé: “In today’s age of constant data breaches, companies will revisit how they approach privacy. Privacy will be used to differentiate from the competition and create a business advantage. It will be critical for companies to demonstrate they understand the principles and integrate them at all levels of their organisation to offer their employees, partners and customers the warranty they are taking privacy seriously. Companies that are not able to demonstrate that they apply security by design will lose market share. According to Cognizant, 57 percent of consumers will stop doing business with a company that has broken their trust because of a lack of transparency or a breach with their personal data. Consumers are becoming more privacy-conscious. They request to have a clear understanding about security and privacy of their personal data. If not, they will move to a solution that does offer such transparency. Recently, even Google has started to offer more transparency about the way data is being used.”

Cryptocurrency fraud will skyrocket

The big area that is set to grow is cryptocurrency, and this means malicious actors will follow the trail. Grangé cautions: “Crypto exchange platforms have been developed very rapidly from open source without taking security seriously. Since the platforms are unregulated and not secure, there’s no guarantee that customers get their money back after a hack. At least 32 incidents of hacks and fraud have already taken place in 2021, for a total value of almost $3 billion. Without a doubt, the number of cryptocurrency hack incidents will break records in 2022. The most common types of crypto hacking are phishing and social engineering attacks, even though the technology to protect customers against those attacks has already existed for years and has been in use by traditional banks.”

As an example, Grangé  mentions: “Push notifications instead of one-time passwords sent via SMS can prevent SIM Swap attacks. Also, application shielding can protect wallet applications from cloning and secret extraction. The only way to mitigate these attacks is to bring in more regulation and rules, like PSD2 and the requirement for Strong Customer Authentication. For customers, on the other hand, it is critical to select a stock exchange platform that is offering premium security capabilities.”

Artificial Intelligence will lead the regulatory agenda in 2022

Artificial intelligence continue to promise plenty. This is, therefore, another area of cyber concern says Grangé. As he indicates: “The use of artificial intelligence in finance has expanded massively in 2021, and it will only increase in the coming years. According to a recent OneSpan survey, 32 percent of FIs are already putting AI in place to comply with regulations. Jurisdictions across the world are eagerly looking to develop AI-based solutions, while also considering the ethical implications of its use such as addressing racial bias that creeps into facial recognition algorithms. Policies and legislation pertaining to the use of artificial intelligence will lead to regulations in 2022 and beyond. In March, U.S. Financial Regulators issued a Request for Information to get input from financial institutions on their use of AI.”

The issue is another one for the state to consider carefully, which leads Grangé onto: “The regulators wanted to understand how AI is used in their provision of services to customers and for other business and operational purposes. These insights will likely lead to a Notice of Proposed Rulemaking, a precursor to a regulation. We expect these to be published in 2022. Federal regulatory action should not surprise financial institutions based on our recent research conducted by Arizent: 43 percent of US FIs noted that anticipated federal AI regulations are a top concern. The European Commission’s proposed Artificial Intelligence Regulation seeks to encourage the development of AI, while classifying and regulating AI solutions according to risk. The regulation is currently progressing through the legislative process. If the legislation passes, it won’t occur until late 2022 or 2023. We expect the first regulations to be published in 2023, so it can go into effect in 2024.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

The Liaoning seen in Hong Kong waters in 2017. The aircraft carrier sailed through waters northeast of Taiwan on Wednesday - Copyright AFP/File Anthony...

World

Jared Isaacman, the 41-year-old founder and CEO of Shift4Payments, led the recently concluded SpaceX Polaris Dawn mission, where a team of four ventured farther...

Business

The report shines a light on business payment behaviours, analysing how various sectors are invoicing, etc.

Business

Federal Reserve chair Jerome Powell indicated in recent weeks that a rate cut was coming in September - Copyright GETTY IMAGES NORTH AMERICA/AFP SPENCER...