COVID-19 has caused many changes and shifts in the authentication market, including prioritization when it comes to product development, managing employee authentication, and end-user authentication for various service providers.
COVID-19 brought drastic changes in how we lead our lives. In the global lockdown, new habits have been formed and many of them are here to stay.
Talking from the perspective of my work, one of the biggest changes was a complete digital transformation in almost all aspects of our daily lives. The usage of various online services has exploded during these trying times.
When compared to the last year, eCommerce transactions have increased 40% across 850 US retail eCommerce domains. PayPal reported 7.4 million net new active accounts with 250,000 net new activities per day in April — up 20% in transactions compared to the same period last year.
With the increase in online activities and online transactions, identity verification and authentication demands have soared as well. IDNow reports a 26.8% overall increase in demand!
With that in mind, it’s clear that the pandemic has had an enormous effect on the authentication, verification, and fraud prevention market. Our VP of Business Development Jim Small spoke about this impact in a webinar we recently organized.
We’re starting to see a lot of changes and shifts in the market, including in prioritization when it comes to product development, managing employee authentication, and end-user authentication for various service providers.
Let’s look at some of these changes in greater detail.
Security with Features — or, How It Should Have Been All Along
One of the biggest changes I expect to see as a result of COVID-19 is that security will no longer be an afterthought in the product development cycle, especially when it comes to mobile apps.
Today, global smartphone penetration stands at 45.4% with a projected 9.3% increase in 2020. Moreover, we have seen a 33.8% YoY mobile eCommerce growth. Under lockdown, these numbers have only increased.
However, Verizon reports that 43% of companies have sacrificed security in their mobile apps, and 38% report suffering a security compromise — and this simply shouldn’t be the case.
As we’re quickly transitioning into a mobile-first world, it’s of utmost importance for service providers to put as much importance on security as they put on features.
Both features and security mechanisms should be implemented in the design-phase of the project. Sure, it might take more time, and it might cost more, but considering the costs cyberattacks can incur, it’s actually one of the best investments a company can make.
Additionally, as more employees start working remotely, it’s in companies’ best interest to enable secure employee authentication to protect sensitive internal information.
Secure Employee Authentication As the Enabler of Long-Term Remote Working Trends
As IPification’s founder Harry Cheung wrote recently, the number of remote workers has significantly increased amid the pandemic. In Switzerland, for example, the number of employees working from home has nearly doubled from around 25% to nearly 50%.
The IPification team has been working from home, as well — and my best guess is that you have, too.
After trying this approach, many companies, including Facebook and Google, will be keeping their employees remote throughout the year. Even after COVID-19.
This model, as you may have guessed, raises certain security issues. When employees are on the same network, it’s easy to keep the bad guys out. When most of them are working from home on their own networks, this task becomes much trickier.
To illustrate, let’s quickly go through some of the current impacts of this shift to remote working.
With this in mind, you can see how remote working trends will be transformative for employee authentication. Or to lay it out more logically, effective employee multi-factor authentication systems will actually enable this trend to stay relevant.
The same will be true for service providers in the post-COVID-19 world.
Effective Mobile ID is Imperative for Service Providers to Stay Operational in the Post-COVID-19 World
Although in the past people have used mobiles mostly for entertainment and social activities as opposed to what we would call serious work, this is no longer the case.
Currently, 40% of online transactions are done using a mobile device, and we’ve already been over the incredible year-on-year growth in mobile eCommerce. That’s why effective mobile identity management has become a must for service providers, especially considering the fact that nearly half of mobile users switch to the competitor after a bad experience with a certain provider.
We all already know the notoriety of bad UX, but I think we can all agree that there aren’t many worse experiences than becoming a victim of fraud as a result of ineffective security and authentication used by a business.
With the sudden increase in online authentication and verification demands due to COVID-19, companies are starting to put their mobile app security first and will continue to do so. As we are coming out of lockdown, consumers are likely to very slowly go back to “normal,” avoiding physical contact as much as possible. That being said, I think we can assume that these new habits of relying on convenient online services are here to stay.
To be able to win and keep customers’ trust, service providers have to be able to keep up and provide secure, yet convenient mobile identity verification and authentication solutions. If that weren’t enough, the cost alone of potential cyber attacks may be too grave for many companies to handle. Remember, an ounce of prevention is worth a pound of cure.
Moving forward, effective mobile ID management will involve equal emphasis on security, user experience, and privacy delivered through MFA protocols for effective user authentication, verification, and fraud prevention.
That’s where IPification fits in exquisitely well, I am proud to say.
By relying on already-existing mobile operator infrastructure, IPification is able to be integrated as a part of MFA based on zero trust and continuous authentication principles.
It compares SIM card and various device data against mobile operator data to verify a user, without actually transferring any sensitive user data. The user is validated within milliseconds after sending a verification request and with only one tap of the finger. Best of all, it is ready to be integrated within days.
