What’s the way forward for digital identity in 2022?

COVID has been a huge accelerator of identity fraud, but the public sector has a key role to play in improving the situation in 2022. Roger Tyrzyk of IDnow explains.

Posted 3 February 2022 by Christine Horton

Figures for digital identity fraud in 2020 made for grim reading, and 2021 stats look equally worrying. The latest predictions from Cybersecurity Ventures show the damage caused by internet fraud will total $6 trillion in 2021, so it will be interesting to see how accurate the estimate was.

We know the global Covid-19 pandemic has accelerated digital transformation across every industry, and this has resulted in a dramatic increase in fraud. According to the National Cyber Security Centre, more than a quarter of all cyber incidents detected by UK spies over the past year involved criminals and hostile states exploiting the coronavirus pandemic. The report revealed the scale of the threat to Britain’s healthcare sector from the global pandemic as criminals tried to capitalise on public fear resulting in the NHS becoming a target for hackers.

Meanwhile, according to estimates from the Crime Survey for England and Wales, fraud and computer misuse offenses rose by 43 percent in the year ending June 2021, compared with the pre-Covid year ending June 2019.  And cases of fraud reported to Action Fraud rose by a third in 2020, spiking during the pandemic with £2.3 billion lost by consumers that year. 

Increase in fraud

When much of the world was in lockdown – between March and June last year – IDnow saw a significant increase in different types of identity fraud attempts. Similarity Fraud increased by 231 percent, Fake ID Fraud increased by 180 percent, and Social Engineering (comprising, for example, fake job offers to encourage the applicant to open a bank account) – already one of the most dangerous fraud methods – increased by 75 percent.

As we begin 2022, and we enter a new era of restrictions, including working from home, it’s clear that the current, decentralised system of digital identity is unfit for the digital age. Covid has shone a light on the fact that the system is dangerously inadequate and highly complex and cumbersome and simply can’t cope with online sales and transactions. In Spring 2020, many organisations struggled to manage the pivot to working from home and conducting business remotely; this resulted in a myriad of ‘thrown together’ systems that required users, in both professional and personal capacities, to provide a lot of highly sensitive and personal data in numerous different forms, and often with no clear way of how this data would be stored and used. From passports, driving licences, bank statements and utility bills to newer things such as vaccination certificates, Passenger Locator Forms and QR codes.

International collaboration

In such an evolving and fast paced landscape, it’s clear that this is something that will need a concerted effort from both the public and the private sector. Whilst the private sector boasts a considerable amount of technical expertise from companies like IDnow, it is only when it is combined with the legal and regulatory clout of the public sector, the UK government and preferably, a ‘coalition’ of governments around the world, that a robust system can be put in place and enforced. 

This can be illustrated each time a lockdown is lifted, for example, our appetite for global trade and travel remains largely undiminished, so it’s essential that we develop systems that work across borders.

At this point, we must consider the fact that Brexit is still an issue for the UK, and it is not clear yet whether we will collaborate with Europe and to what extent. The EU continues to make progress with the new eIDAS 2.0 legislation which will enable EU citizens to store documents such as ID cards and birth certificates, in a digital wallet for use throughout Europe. We would hope that the UK follows this lead, or at the least, takes part in international collaborative arrangements to ensure there are standards agreed across the board and that can be combined with best practice from around the world.

We strongly believe that we should make efforts to follow our European colleagues, and UK tech companies should support the Government to highlight that this really is a crucial issue that affects everyone, and needs urgent action.

To finish with, I’d like to highlight UN estimates that predict financial fraud worldwide could be running at $2 trillion – we think this is an issue that government can’t afford to ignore.

Roger Tyrzyk is director for UK/I at IDnow