Ping Identity, a leading provider of seamless and secure digital experiences, today released the findings of its new survey, shedding light on the state of identity fraud prevention in today’s AI-driven digital world.
The report, based on responses from 100 Australian IT decision makers and an additional 600 IT decision-makers across the U.S., U.K., France, Germany, and Singapore, reveals a pressing need for Australian organisations to enhance their identity protection strategies, with all businesses having challenges with identity verification and nearly half (45%) not very confident they have the technology in place to defend against AI-related attacks.
Read the survey: Fighting The Next Major Digital Threat: AI and Identity Fraud Protection Take Priority
Indeed, the survey found that only just over one-third of Australian enterprises are implementing multi-factor authentication (MFA), leaving themselves critically at risk, and less resilient against cybercriminals who are leveraging increasingly sophisticated AI tactics to circumvent advanced identity controls, thereby making it easier for cybercriminals to impersonate people.
“To stand a chance against advancing identity fraud tactics, businesses need to innovate to keep pace, leverage more advanced technologies and remain vigilant,” said Ashley Diffey, Vice President Australia and New Zealand, Ping Identity. “The attacks are not going to disappear and so having the ability to reduce their likelihood of succeeding will be vital. Encouragingly, the survey found that 36 per cent of Australian businesses will significantly increase their investment in fraud detection over the next 12 months.”
Australian Bureau of Statistics figures* suggest that one per cent of the population experienced identity theft in the 2022-2023 financial year with 2.1 per cent experiencing online impersonation. One-third of those who experienced identity theft advised that the stolen personal information was used to obtain money from a financial services institution or investments.
Organisations admit they are not using proper protections against identity fraud.
- All Australian organisations are experiencing challenges with identity verification.
- 62% are very concerned about protecting against phishing attacks while 56% are very concerned about credential compromise and social engineering, followed synthetic identities (55%) and account takeover (53%).
- 43% admit their current fraud prevention strategy is somewhat or not at all effective at protecting against credential compromise, with only 36% using two-factor/multi-factor identification verification to protect against fraud, and even less (35%) using biometrics.
Organisations are concerned about their ability to defend against AI threats.
- 56% are very concerned about protecting their organisation against newly emerging AI threats that AI technology will increase identity fraud.
- Only 57% expressed high confidence in their ability to detect a deepfake of their CEO.
- 45% are not very confident they have technology in place to defend against AI-attacks.
- 35% expect cybercriminals’ use of AI to significantly increase identity threats over the next year.
The power of AI To secure the identity landscape
- 75% cited that the adoption of AI will allow their enterprises to dynamically change user authentication requirements based on their behaviour.
- 55% said that AI would enable them to handle fraud/theft detection systems better.
- 53% said that AI will enable their organisations to automate more of their customer identity management processes.
Decentralised Identity (DCI) is an untapped opportunity for identity protection.
- Only 43% have implemented a strategy to use DCI as a protection against fraud for both customers and employees.
- Globally, the survey found that manufacturing and government organisations are most likely to be implementing a strategy, with both around 50%, while finance reports the lowest strategy adoption at only 26%.
“Fraud is on the rise, and it’s getting worse with AI. Smart leaders know that they need to level up yet so many organisations don’t have the right guardrails in place to mitigate or prevent these kinds of threats. The longer they go without, the more they put themselves in harm’s way. Acting against tomorrow’s attacks means planning – and getting started – now,” added Jamie Smith, Decentralised Identity Expert at Future Customers.
Additional resources
- The Ultimate Guide to Online Fraud Prevention
- Reducing Fraud with Verifiable Credentials White Paper
- Identifying and Countering AI Threats in a New Era of Cybercrime
Survey Methodology
Ping Identity and Vanson Bourne surveyed 700 IT decision-makers between February and March 2024 from the U.S., U.K., France, Germany, Australia, and Singapore. These respondents came from organizations with at least 500 employees and U.S. $100 million in global revenue, and represented a range of sectors.