ID Security Adoption Gaps

by George Skaff, SVP, WW Marketing
February 9, 2023

 

As cyber threats rapidly evolve and increase in their sophistication, confidence in identity security continues to erode.   

Our report, “The Era of the Zero Trust Consumer: The New Mindset of Digital Consumers in a World of Cyber Risk,” introduced a new level of understanding into how consumers view these threats and the current and future solutions designed to thwart them. As we zoom in for a closer look, generational gaps become apparent in the adoption of evolving identity technologies, while a willingness to combat fraud persists across demographics.  

Technology adoption doesn’t happen overnight. It can take years, even decades, for some consumers to embrace new innovations, and the pace of adoption is often driven by generational gaps – with digital natives being the fastest adopters and older generations showing the most resistance. The results of our survey revealed, however, that 91% of all respondents ages 18 to 60+ were willing to further safeguard their information and accounts by taking extra security measures to prove their identity on an ongoing basis.   

This consensus points to a new generation of consumers, across demographics, who are open to adjusting their actions to support businesses that implement stronger identity security to combat fraud. To ensure the loyalty of customers, businesses need to provide innovative security solutions in the most seamless way possible.   

  

Fraud Increases and Passwords Remain  

Protecting important, personal data is critical to avoid falling victim to scams and fraudulent activity. This is especially necessary for sensitive information, like financials and personal health.   

According to Atlas VPN, U.S. citizens lost a record $3.56 billion to various types of online fraud in the first half of 2022, an increase of almost 53% over the same period last year.   

In fact, a PYMNTS and Ingo Money survey found that the average U.S. fintech loses $51 million to fraud every year and The National Health Care Anti-Fraud Association (NHCAA) estimates that health care fraud costs tens of billions of dollars each year.  

Consumers are watching emerging threats with an inherent understanding of just how rapidly they are progressing. In our findings, 95% of consumers believe that threats are evolving faster than the security technology being developed by industry leaders and the government agencies they rely on to protect them.     

While there is a consensus that cyberthreats are increasing, opinions on the current state of cybersecurity vary widely by demographic, with older generations showing significantly more concern. Of consumers ages 18 to 29, 79% think cyber threats are somewhat or mostly under control. Conversely, only 48% of consumers aged 60+ share this belief. It should be noted that the groups that show the most concern are also the groups that are still relying almost entirely on passwords.  

A password plus a one-time password (OTP), usually received via text message (two-factor authentication or 2FA), is the most common security method for consumers. Passwords alone, interestingly, are still heavily relied upon by every age group, even when a consumer is accessing financial accounts. Specifically, consumers aged 60+ are the most likely to use a password alone (67% of the time), but even those aged 19 to 29 rely solely on passwords 47% of the time.  

  

Digital Natives are Resisting   

The adoption of new authentication methods is beginning to put pressure on organizations to leave the password behind, especially for businesses that cater to younger generations. Facial recognition is already seeing a 40% adoption rate among consumers ages 18 to 29. Older generations are adopting newer technologies much more slowly – at only 14% – but the technologies are still making inroads, even at that rate.  

Advances in tech and the accelerated technology lifecycle come more naturally to younger generations. Even so, some digital natives are still either placing a lot of trust in existing technologies, or prioritizing ease over security: 12% of consumers ages 18 to 29 are still not ready to take extra security measures.   

On the other hand, regardless of their traditionally slower adoption rates, 94% of consumers aged 60+ are willing to take extra security measures to prove their identity, even though two-thirds still rely on passwords alone. This gap points to how younger users prefer minimal friction over advanced security measures in their identity transactions, highlighting the need for organizations to focus on minimizing complexity while increasing security.  

  

Can Security Be Simple?  

Companies looking to appeal to consumers who are ready to adopt advanced security measures but are still looking for ease-of-use should focus on frictionless development. The younger demographic prefers to do business with organizations that share the responsibility of protecting their identities. They don’t want all of the responsibility to tackle these threats alone. Businesses that want to compete need to focus on technologies that don’t place all of the burden of change onto their customers.   

Just like organizations that have adopted the Zero Trust approach to securing their networks and data, many consumers are embracing a similar mindset. With cyber criminals constantly developing new ways to breach security, Zero Trust Architecture acknowledges that no single defense perimeter can provide full protection. Zero Trust models require all users to be authenticated and verified each time they are given access to networks, applications, or data. Our report demonstrates the rise of a new generation of digital consumers who embrace this reality for their own identity security. We call them the Zero Trust Consumer.   

Businesses need to face the reality that the assumption of risk requiring ongoing authentication for accessing data has moved beyond an organizational perspective; it’s become consumer-centric. Zero Trust Consumers understand that continually proving their identity will better combat an increasingly complex security landscape.   

What all generations agree upon is this new era of high expectations for security – the willingness to use more robust security methods, coupled with a desire for frictionless experiences. The best path to gaining both the trust and the business of Zero Trust Consumers is through meeting (and exceeding) their high demands.