Industry executives and experts share their predictions for 2024. Read them in this 16th annual VMblog.com series exclusive.
Passkeys, ATO Prevention, Better Registration to Redefine CIAM
By Brian Pontarelli, founder and CEO, FusionAuth
Customer Identity and Access
Management (CIAM), a set of processes and technologies that organizations use
to manage the identities and access of their customers, will continue to evolve
in 2024. As companies gear up for the challenges and opportunities in the
coming year, we anticipate the mainstream adoption of passkeys, a heightened
focus on preventing account takeovers, and an increased demand for enhanced
registration processes to redefine the CIAM landscape.
Here's how we can expect these
three trends to play out in the coming year.
Mainstream passkey adoption will
quickly rise
Passkeys are a relatively new
security method, but they have proven more secure than traditional techniques.
Additionally, it's an attractive option for consumers because it leverages the
power of biometric methods (with a fallback to a PIN system if biometrics
aren't available) to protect accounts and allow them to go passwordless. The
term "passkeys" was first introduced and used by major tech giants, including
Apple, Google, Microsoft and Best Buy, and we expect in the coming year for
them to be rapidly and widely adopted.
Passkeys are gaining popularity
because they remove the need for the user to create and remember complex - yet
safe - passwords. Instead, the application stores a public key, and each user's
device securely holds the corresponding private key. This makes it virtually
impossible for hackers to get users' information. Even if a hacker gains access
to the public key, the private key is safe because it never leaves the device.
This will be a game changer for the future of authentication and password
management because passkeys are decentralized, consumer-friendly, secure
alternatives for protecting your data - and it's what consumers want - which is
why we can anticipate it being used more widely in the coming year.
Preventing account takeovers will
be a priority
Today, hackers now have access to
many databases containing stolen credentials. In recent years threat actors
have become increasingly sophisticated, carrying out more notable data breaches
that have left a treasure trove of usernames and passwords exposed. This has
resulted in more account takeover (ATO) attacks, an issue that is skyrocketing.
In fact, by 2025, ATO fraud losses are expected to reach almost $17 billion globally. This validates
the urgency for companies to make ATO fraud prevention a key focus in 2024 and
ensure that the person behind the screen is who they say they are.
However, preventing account
takeovers has been challenging in recent years because identity and login
security aren't easy, and most internal authentication solutions fall short. As
this trend continues to rise next year, we expect companies to look to outsourcing
and implementing more advanced detection and prevention solutions. These
solutions will better protect their customers' data from cyber attacks that
prey on identity-related techniques.
Demand for a better registration
process will be on the rise
As digital interactions increase,
companies face the challenge of orchestrating secure yet seamless registration
workflows. In 2024, consumers and companies alike will expect more from the
registration process. Over the next year, vendors will be urged to address
complex registration workflows such as Know Your Customer (KYC) protocols and
seamless third-party integrations.
These upgraded registration
processes will have immense benefits for users, allowing them to experience
less UX friction, more transparency with federal legislation such as HIPAA,
GDPR and CCPA, and more self-service options, among others. As new regulations
come into play and digital services expand - especially in key industries such
as finance, e-commerce, healthcare, real estate and cryptocurrency - KYC
vendors will play an even bigger role in CIAM to verify identities, monitor
transactions and ensure compliance in the coming year.
2024 promises to be a dynamic year
in the CIAM space, and the trends we explored offer both business and user
benefits that will enhance the CIAM landscape in the coming year. The bottom
line is developers and organizations must remain agile and proactive to
navigate the evolving landscape and implement strategies that align with
emerging trends and challenges in order to see the most success.
##
ABOUT THE
AUTHOR
Brian Pontarelli is a technology entrepreneur currently solving
login, registration, and user management challenges with FusionAuth. Brian started programming at the
age of 8 and studied Computer Engineering at CU Boulder. During his early
career, Brian worked as a software engineer at companies such as BEA and
Orbitz. He started working on his own products nights and weekends and quit his
day job after selling a few enterprise licenses. Brian still codes but spends
most of his time doing sales, marketing and operations for the company.