David Hope, Senior Vice President of Asia Pacific and Japan at ForgeRock, discusses the trends driving innovation in the digital identity industry in a TechNode Global Q&A. He predicts that passwordless authentication and AI-driven access and governance will be key drivers for innovation moving forward.
He also highlights the three key challenges in maintaining trust as enterprises use AI and more data-led online services: businesses will need to re-assess the customer data they store long-term, businesses must invest further in AI and zero trust architecture solutions, and enterprises must prioritize Digital Trust by interacting securely and transparently with customers.
Read on for the full interview.
What are the trends driving innovation in your industry?
Passwordless Authentication will be prevalent in driving innovation for the industry. With the pervasiveness of data breaches and their association with stolen or misused passwords, the move towards a passwordless future is definitely on the horizon. Let’s face it — passwords have become the bane of most people’s online identities. They are not ideal for the user experience, security, and support. As we move forward, businesses will need to focus on achieving a truly seamless experience for their customers while dramatically reducing credential-based attacks simply by making passwords a thing of the past.
AI-driven access and governance is another key trend that we see for identity threat detection and response. The accelerated growth of the hybrid workforce, employee job changes, and increasing adoption of cloud-based services have evolved drastically. Large enterprises require full-suite governance features that scale to process millions of permissions for all identities, combined with comprehensive identity and access management – all powered by AI delivered from the cloud. We see more businesses realizing the value of that.
I believe these will be the key drivers for innovation moving forward across industries in the coming year.
What are the three key challenges in maintaining trust as enterprises use AI and more data-led online services?
Businesses will need to re-assess the customer data they store long-term
Cyberattacks are only getting more sophisticated. Recent high-profile incidents in Singapore and the wider APAC region have shown how entwined cybersecurity is with consumer trust. With online services continuing to grow, consumers are more digitally enabled than ever before, and this means they will stick with the brands that prioritize securing their personal data above all else. In 2023 and beyond, businesses will need to change how they secure and store consumer data with a minimalist approach.
Businesses must invest further in AI and zero trust architecture solutions to enhance their security and minimize vulnerabilities opening cyber attack paths.
Vigilance and new ways of enhancing cybersecurity measures will be crucial to businesses protecting the personal information of consumers stored online. The traditional password and username approach no longer cuts it. Implementing multi-factor authentication (MFA), passwordless logins, and zero-trust architecture ensures users experience a high level of security while mitigating risk and reducing opportunities for malicious actors. When selecting services, consumers prioritize seamless and secure digital experiences, so being able to adapt security journeys quickly in response to new threats without needing complex coding is critical.
Enterprises must prioritize Digital Trust by interacting securely and transparently with customers.
This will be fundamental to building customer confidence, and a key stepping stone to stronger cross-border data policies. Digital transformation will continue as we move forward into 2023 and beyond. With that in mind, enterprises need to ensure they have strong cybersecurity measures in place to protect customers’ personal information.
The growing threat of cyberattacks in a digital world means consumers are more prone to risk. The coming year needs to contain these risks and ensure customer privacy is at the forefront. To emerge stronger, businesses need to maintain data and transaction integrity and lead in safety, security, privacy, and reliability.
How is technology able to address these challenges? What particular approaches or strategies should enterprises take?
Businesses need to review credentials and customer information they do not need after their onboarding processes. Onboarding new customers often requires verifying proof of identity through information from passport records, driver’s license, and birth certificates. However, these credentials are sometimes stored long after they are needed for this onboarding, significantly increasing the chances of becoming compromised in a data breach.
Beyond enhancing cybersecurity measures to minimize the amount of data at risk, clearly communicating how data is stored and used will also be key to customer retention strategies, and building brand trust.
Next, AI and machine learning (ML) will help organizations streamline how they manage many aspects of their IT architecture internally. These solutions determine whether employees should or shouldn’t have access to applications or data, and security decisions become immediately actionable for IT teams. Additionally, excessive access can be automatically removed, and approved access can automatically be granted and used.
As Singapore progresses with its Digital Trust plans, implementing tools to ensure privacy in data exchange is prioritized, businesses need to embrace the national digital transformation journey and invest in trust technologies to safeguard customer privacy. Having systems in place will also help minimize how often the same customer information needs to be used for the same services in different regions, reducing the risk of compromised credentials in the process.
Please share any case studies, success stories, data, or industry insights that can highlight these.
We worked with Indonesia’s leading mobile operator Telkomsel to centralize and streamline identity management as part of a major push to improve its digital readiness. Recognizing that its customers were quickly moving towards digital services and demanding more seamless experiences, Telkomsel was seeking an identity management system that would underpin its digital transformation ambitions and modernize its MyTelkomsel app.
The solution had to scale 200 million identities, process seven thousand transactions per second, and handle the lifecycle of customer identities across multiple markets. With ForgeRock, they were able to migrate entirely to a cloud-based infrastructure. The consumer and identity management and orchestration for key online channels resulted in dramatic improvements in deployment efficiency.
Our work with Mox Bank which was launched during the pandemic provided them with the support they needed to become one of the highest-rated virtual banks in Hong Kong. Mox was built with a service-oriented model, providing customers with competitive bank offerings and services via its mobile app aimed at the digital lifestyle of customers. As such, identity played a crucial role in their success. With ForgeRock, they were able to fully embrace the cloud and implement an identity lifecycle into their ecosystem – making them efficient and scalable. This resulted in over 160,000 customers, $700 million in total deposits, and the fastest onboarding time of 2 minutes and 47 seconds.
Top digital security and fraud trends in Southeast Asia for 2023