At the end of each year, we like to reflect on our accomplishments as a collective industry as well as to recharge our magic 8 ball and predict what lies ahead. In addition to publishing our 2022 predictions, we also like to keep ourselves honest and deliberate on whether our crystal gazing was a bellwether for change.
Although most of us are eager to put the afflictions of another pandemic-fueled year in the rearview mirror, 2021 was overall, another banner year for digital identity. If 2020 was the year that accelerated digital transformation and pushed digital identity into the mainstream, then the impact of COVID-19 in 2021 was kerosene on an already well-lit fire. Looking back on the predictions we held for 2021, how did we do?
Incumbent fraud prevention platforms go on a buying spree - pushing the industry towards comprehensive, integrated digital identity solutions that include everything from identity resolution and customer onboarding to ongoing account management
The pandemic provided fraudsters with a carnival of new opportunities not quite seen before in the history of digital security. With the growth of new digital consumers (many using online banking or shopping for the first time) performing transactions online, fraudsters were able to hide in plain sight. According to the FTC, this festival of fraud led to a rise in consumer fraud theft to $3.3 billion in 2020, up from $1.8 billion in 2019. Additionally, the influx of government funds to support COVID relief measures, created new fraud vectors to steal data and conduct attacks. At least $36 billion of the $360 billion in U.S. CARES Act unemployment benefits were lost, primarily due to fraudulent claims. In the U.K., as much as $35 billion in COVID-related loans may have been fraudulent.
Organizations and governments alike found themselves unequipped to weather the storm, creating ample opportunities for fraud prevention players to bolster their platforms, grow via acquisition, or establish a greater foothold in existing market position. A few highlights from this year include:
We saw this one coming. Here, we give ourselves an A.
Proving your identity will be more common at checkout and when trying to watch mature content online
Age assurance is rapidly becoming a defining issue for the future of the internet. New regulations for age assurance not only impact service providers that offer age restricted goods and content; the very fabric of how apps and platforms are designed must now be protective of children by default. The EU Audio Visual Media Services Directive (AVMSD) and the UK Age Appropriate Design Code (AADC) are already proving to be significant in reshaping the way that content is delivered to children across new and emerging media platforms. Although these laws are regional, it is expected to be received as a template for other developing regulatory standards around age verification, as was the case with Europe’s General Data Protection Regulation (GDPR) and data privacy. Resultantly, age assurance regulations are gaining momentum, and teeth. A few highlights from this year include:
If there’s one prediction we might have preemptively called and can rollover into 2022, this might be it. We continue to have eyes on this and in the meantime, you can read our latest Age Assurance Report that covers the impact this emerging issue has on the state of digital identity.
We give ourselves a B+.
The world adopts digital identity wallets as contact tracing will become mandatory for everyday activities
As the COVID-19 pandemic has demonstrated, there is a clear and present need for trusted proof that an individual is free from infection and/or has received accredited vaccination. Many countries worldwide authorized the adoption of contactless biometric solutions at airports and border crossings and began piloting digital immunity passports. A few highlights from this year include:
COVID passports beat walking around with a laminated, fraud-prone, physical vaccination card. In that arena, we give our prediction a solid A. The question, however, is if reliance on vaccine passports will usher adoption of digital identity wallets more broadly. As of today, all signs point to definitely maybe.
Liminal’s Q3 Consumer Identity Survey, 73% of consumers say they want more autonomy over their digital identity. 60% responded that they would be likely to adopt a smartphone-enabled drivers license. Digitized services may be coming to a smartphone near you. This past year, several countries launched over 10 new eID initiatives in an effort to digitize civilian identity and access to government services. Europe is a pioneer with 22 eID schemes currently either active or in development. Additionally, the U.S. recently announced that TSA is preparing to accept mobile drivers licenses (mDLs) in 2022.
This is another one we’ll be tracking well into the new year. Overall, we give ourselves a B+.
Digital identity initiatives get the Biden Bump
In 2012, the Obama administration unveiled the Consumer Privacy Bill of Rights, as part of a “comprehensive blueprint” to improve consumers’ privacy protections and ensure that the Internet remains an engine for innovation and economic growth. Better ID Coalition, led by former Obama administration executives, unveiled their blueprint to introduce the bipartisan Improving Digital Identity Act of 2020 in Congress. So, what’s happened since then? A few highlights from this year include:
Cybersecurity remains a priority, and Congress can further strengthen CISA and improve the nation’s cyber defenses. As for our original prediction, Congress introduced the Improving Digital Identity Act of 2021 which hopes to introduce a Digital Identity Task Force to promote interoperable digital identity verification in the public and private sectors. We do believe that Personal Identity Ecosystems are the future for interoperable, privacy preserving, and user-centric identity credentials, although organized efforts are still in nascent stages.
They didn’t quite get the Biden Bump this year, and we’re giving ourselves a C.
The passwordless revolution finally arrives
The death of the password has been a long time coming. The reasons for the tenacity of the password are simple – it’s a technique as old as the internet, easily understood, and ubiquitous for consumers. The average consumer has to manage 100 or more online accounts with an unfeasible number of unique passwords to create and manage. As a result, consumers most commonly settle on 2-5 variations of the same password. Liminal’s Q3 Consumer Identity Survey shows that 45% of US consumers follow this practice for password management today. It’s not for lack of trying. Today’s authentication providers have the technology in place to kick passwords to the curb. Using Apple’s Face ID to unlock a phone is the most common example. This is an area where digital identity solutions stand to shine. A few highlights from this year include:
We still have hope that the passwordless revolution is in the not too distant future. Once it makes landfall, we also think this will open new doors for adaptive authentication, behavioral biometrics, and many other “passive” technologies that show promise beyond strictly B2B applications. Time will tell, but in 2021, 123456 took the crown (again) as the top password.
For that reason, we give ourselves a C.
To 2022 and Beyond
Perhaps what’s more important than how we performed on our initial predictions is just how far digital identity has come. 2021 is the year in which we can say that digital identity established maturity in what was otherwise still considered a relatively nascent field. It’ll breathe new life into expectations for 2022, and we’re already pontificating how things will shake out.