What's in store for 2024?

Yes, it’s that time of year again, folks – welcome to Acuity’s take on the state of the market, what to be thinking about, and what 2024 is likely to bring.

Welcome to the world of AI – it’s nice you could join the party!

It’s interesting to see that the overall tech market, and perhaps the world in general, has caught up with the biometrics industry and its obsession with AI. Biometric vendors have relied on machine learning and neural nets to develop biometric solutions for years. In fact, I had conversations with iProov CEO Andrew Bud CBE FREng FIET about how deepfakes were the most significant problem in the biometrics industry back in 2019.?

Generative AI will continue to be a key capability that biometric innovators both exploit and confront in the year to come. Appropriate application of this technology is critical as biometric digital identity addresses the ongoing fraud arms race.

Welcome to the fraudsters arms race

I started characterizing the competitive dynamic between technologists striving to improve the accuracy and reliability of biometric technology and the unrelenting efforts of an assorted cohort of bad actors to spoof, hack, and attack their way past as an “arms race” more than 15 years ago. This dynamic threat landscape has never been more complex than it is today. As the market for remote onboarding and identity verification (IDV) exploded over the past three years, the sophistication of threat vectors has rapidly evolved and accelerated as have the corresponding response and detection capabilities of biometric technology.

?Deepfakes, an obscure term that seemed to be conjured from a post-apocalyptic science-fiction fantasy, is now the subject of high-priority, intense concern by governments, the media, and political and public policy organizations, not to mention the entire global enterprise ecosystem.

This arms race will continue to accelerate, and its impact on the biometrics digital identity marketplace will be profound. It will be the backdrop to the successful elevation of many companies in our industry, just as it will likely be the demise of others, and it will finally propel biometric-centric digital identity to what many of us consider its rightful place in the global identity ecosystem.

After more than 20 years in this industry, for the first time, I am seeing lights going off in people’s brains and eyes opening to the understanding that there is no digital identity without a biometric-centric approach to solving the problem. Digital data that is not linked (as my friend and collaborator Peter Counter likes to say) to an actual “carbon-based lifeform” is just data without an identity. For a market that has been at the forefront of technology evolution for two decades, it is about time that we’ve “arrived.”

Aww, shucks, biometrics are all grown up!

As to arriving, for the first time in its history, the “nascent” biometrics market is facing maturity issues. Standards bodies, testing protocols, certifications are all indications of market maturity. Nobody plugs in a lamp, turns on a dishwasher, or gets into an automobile that is not the product of a long list of regulatory processes and solution and component testing on a massive scale with dedicated standards bodies dictating performance.

While some might feel frustrated, or even defensive, about this newfound attention – and the corresponding onslaught of regulation, compliance issues, and legislation – concerns about biometric performance, data collection, management, and storage are actually good things. They are indications that widespread, broad-based mainstream adoption of the technology has created the need to make sure biometrics work the way they are supposed to, just like your smartphone or your toaster. OK, maybe not quite like your toaster.

The recent emergence of testing labs and certifications across the globe is another leading indicator of the coming massive adoption of biometrics in the service of the global digital identity ecosystem. To which I say a full-throated, two decades in the making, “Hurrah!”

Let go of the either/or conundrum.

Digital Identity is not an either/or problem – it’s a both/and solution. We need to move past the purest models of:

• Single-use Enrollment versus Reusable Identity.
• Centralized versus Decentralized Identity.
• Anonymity versus Privacy.

A secure, effective, reliable global identity ecosystem is not going to be built on any single purist model of identity. It will include a range of approaches based on SEP – the Situational, Environmental, and Personal factors (shout out to my brother from another mother, David Harding for his SEP model) that sit on top of interoperable standards-based frameworks. In this model, ‘Situational’ refers to an assessment of how biometrics will meet the security requirements. ‘Environmental’ refers to the physical constraints, e.g., light, noise, crowds, dirt, etc.. And ‘Personal’ refers to the individuals' use of biometrics – can their biometrics be captured, will they use the biometrics, and do they have a positive experience? Bundle this up under an umbrella of local regulations, customs and social constructs, and it is clear there is no single best solution. There can only ever be standards-based, certified, and compliant tools assembled to address the requirements and objectives of specific use cases. That is all.

Beware of antagonists and naysayers joining the bandwagon

Ok, this is a little dark and maybe just a little personal,?

There are many people – “thought leaders” across many industries – that for years have disparaged, diminished, or just plain “poo-pooed” the role of biometrics in advancing digital identity. Many are now enthusiastically jumping on the bandwagon. Beware of looking to these folks for insight and understanding of where this market is today, or where it is going.

Yes, I know I’m a market analyst, a self-proclaimed purveyor of market research and forecasts. And yet here I am warning you about people who operate within and administer my chosen craft. However, for 20+ years, I have offered what I believe to be an accurate, unabashed analysis of this marketplace – not always entirely popular, I might add. I have consistently provided data-driven, bottom-up assessments of where the industry is and where we are going. All that time, watching well-funded and brand-recognizable individuals and organizations consistently fail to recognize the critical role of biometrics in our emerging identity-driven global technology ecosystem. Sadly, far too often, this drives individuals and organizations astray. And even now, as many of these individuals and organizations are beginning to accept the role of biometrics in deploying digital identity solutions, I caution against looking to these former naysayers for a clear vision of how our market will evolve. Many provide important, valid, and even exceptional insight into the current state and the ongoing evolution of critical technologies, industries, and markets. But that doesn’t mean they can provide the same level of insight and understanding into biometric-based digital identity.

And as to warnings, beware of the parade of market research reports branded under dozens of names you’ve never heard of that hail from mainland China and Pune, India. Do yourself a favor and be cautious about purchasing off-the-shelf research reports or even relying on a market projection number published in a press release put out by a random company. You may like the number and having it as a reference may solve an immediate problem, but it really doesn’t provide any meaningful information. Limit yourself to reputable, proven organizations, understanding their actual expertise and that ALL market forecasts are based on a model someone built. Ask what that model is, who developed it, and how it’s applied. Also, ask who’s doing the actual research – a seasoned professional with years of insight or a recent college grad with no market-specific knowledge.

Consumers of market research, insight, and analysis need to balance outside resources with their own direct experience and incorporate information based on their own clear vision of who they are and where they are going.

Enough said, you’ve been warned.?

The Zero-One Fallacy may be waning, but its disciples still need help.

This is particularly true in the realms of general IT and cybersecurity. Disciplines, based on what I like to call the “Zero-One” Fallacy (props to my friend and colleague, Jay Meier whose been applying the fallacy term to discuss the limitations of PKI.) In the world of IT and cybersecurity, when it comes to protecting data and securing access, this zero-one password construct drives the thinking. It’s either a 100% match or it’s a fail. This mindset makes it very difficult to accept a threshold-based security construct like biometrics. It is, in my opinion, a major reason why passwords and their spawn - hard and soft tokens, SMS, driven verification, passkeys, etc. – persist today, long after their inability to protect and secure access and data has been clearly understood. When you’re grounded in a zero-one, pass-fail, yes - no mindset, accepting risk-based security assessments is challenging, to say the least.

And yet, we’ve seen the total failure of the Zero-One Fallacy. Every year fraud accelerates, data breach levels increase, and individuals and organizations suffer the consequences. We are addicted to a system based on a mindset that defines security as an exact match. An exact match, we’ve repeatedly learned the hard way, that can be breached, hacked, or broken. So, even as increased recognition among those in these disciplines that have long resisted biometrics technologies is a good thing, care must be taken.

Many large enterprises and institutions, who stand the greatest chance of benefiting from the introduction of biometric-centric digital identity, employ IT and cyber security staff that have now accepted the shift to threshold-based biometrics, but they believe they can do it themselves in-house. In fact, some are champing at the bit to attack the problem themselves – to build their own face recognition algorithms, to create data sets to train the AI, and to construct internal biometrics identity management systems. I literally had a client tell me that their cybersecurity department thought it would be a great idea to scrape faces off the Internet to train their algorithm.?

Perhaps it is time to produce a compendium of every catastrophic mistake the biometrics industry has made over the past 20 years. Or maybe, we must do a much better job of communicating to those in the IT and cybersecurity disciplines – particularly their executive leadership teams – that biometric data is NOT just like any other kind of data and we’ve spent decades learning the hard way how to build solutions that safely, securely, and reliably leverage it.

To keep all of our heads from exploding, members of the biometric digital identity community must now re-double our efforts at thought leadership and market education to explain the discipline we’ve spent decades developing, to provide cautionary tales about the outcomes and impacts of mistakes that we’ve made, and to actively engage in developing and embracing the standards, certifications, and regulations that will continue to elevate our critical role in the ongoing global digital transformation.

The Prism Project Arrives!

And just in the nick of time: thought leadership and market education brought to you courtesy of The Prism Project (www.the-prism-project.com ),

The Prism market framework is the brainchild of a collaboration between myself and Peter Counter of ID Tech (formerly FindBiometrics) – an organic outgrowth of a project we embarked on to define The Road Ahead for Biometric Digital Identity. The result was the development of now familiar Prism market model – a new paradigm for understanding the emerging digital identity ecosystem.

The aim of this ongoing research project – now known as The Prism Project – is to help influencers and decision makers understand, innovate, and implement biometric digital identity technologies and solutions. Just what the doctor ordered for an industry poised to make the leap to massive, mainstream adoption.

In 2023, we published our sponsor-based, free to download flagship Biometric Digital Identity Prism Report , featuring:

• Evolutionary trends influencing the biometric digital identity market.
• Strategic guidance for vendors seeking to capitalize on opportunities in the biometric identity space.
• Key differentiators to help plan a digital identity roadmap for your organization.
• The advanced Biometric Digital Identity Prism market landscape reference model.
• Assessments and profiles for vendors included on the Biometric Digital Identity Prism.

This year, for 2024, we are introducing a series of vertically focused Prism reports in Financial Services, Government Services, and Travel & Hospitality. These reports will focus on connecting the dots for biometric digital identity within each vertical:

• Across Beams to define the unique Prism ecosystem.
• Between high pain point real-world problems that biometric digital identity can address.
• Between real-world problems and vendor use case success stories.

You can view the preview of the Financial Services Prism Report www.the-prism-project.com/prism-reports . The other vertical report previews will be available there soon.

Also in 2024, we will introduce Prism Pioneers – Vendor driven market profiles for those targeted solutions operating outside the scope of three Prism power driving verticals. We will focus on vendor-driven market creation applying biometric digital identity in new and creative ways to offer convenience, security, and better experiences for consumers, citizens, and businesses. Stay tuned.

We welcome your participation in The Prism Project.?

• Visit the website
• Download the flagship Prism Report
• Share your insight and perspective in our Road Ahead Survey
• Or reach out and let us know how you’d like to contribute

?

I believe that 2024 represents the beginning of a new phase of biometric market development. An opening through which our industry needs to surge. Not only with truly useful and high-performing products and services but with thought leadership that drives the direction of our technology solutions, demonstrating our industry commitment to universal, equitable, and privacy-respecting digital identity for all.??

I look forward to taking this journey with you.

#biometric #biometrics #digital #identity #digitalidentity #financialservices #theprismproject