“With rampant data breaches in 2017 targeting victims from consumers and enterprises to politicians and nation states, the protection of personally identifiable information has never been more important,” said Patrick Harding, chief technology officer, Ping Identity.
“While new threats will continue to emerge, 2018 looks promising for advancements and innovation in cyber security.”
According to Ping, facial biometrics will go mainstream this year, with multi-factor authentication already drastically enhanced with the addition of biometrics like fingerprint sensors in devices.
Beyond facial biometrics going mainstream, Ping Identity’s other cyber security predictions for 2018 are:
The death of knowledge-based authentication and rise of identity proofing alternatives
Knowledge-based authentication — a known fact that grants access to an account, e.g. “your first pet’s name” — is arguably the weakest authentication method. This information is as easy to find today on social media as a phone number. To replace knowledge-based authentication experiences, expect to see services such as “photograph your physical ID” thrive in 2018.
A zero-login reality
This is the year where the authentication ceremony starts to blur a bit. As zero-login technologies start to gel, continuous authentication based on passive factors will become more pervasive, leading to a strange phenomenon where users are, in fact, being authenticated more often, but challenged less often.
Identities built on blockchain
Last year was a defining one for crypto currencies, with a market value increase of more than 2700%. Crypto currencies are based on blockchain technologies, and the millions of individuals currently invested in the crypto market with a crypto wallet have their own blockchain identities. Identities are all based on public keys, while the private keys are managed by the crypto wallets. In 2018, we will see these blockchain identities being used for non-crypto identity-related uses.
More cyber attacks targeting multi-factor authentication methods
As effective as multi-factor authentication is at curbing opportunistic attacks, a determined and persistent hacker cannot always be stumped. Now that MFA has become a normalised part of identity protection, expect bad actors to harvest metadata about the types of additional factors associated to a given account – in order to begin to mount opportunistic automated multi-factor attacks across multiple sites.