iiDENTIFii and CYBER1 Solutions recently joined forces to provide security solutions tailored to diverse threats, use cases, and businesses. CYBER1 Solutions is an integrated service reseller, while iiDENTIFii offers enterprise-grade, African-developed biometric identity technology. This collaboration delivers cybercrime prevention solutions for African markets, offering tangible benefits in risk mitigation and reducing fraud.
Marco Wagener, CTO of iIDENTIFii, and Christiaan Swanepoel, Security Architect at CYBER1 Solutions, joined forces to answer SMART Security Solutions’ questions.
What is happening in South African businesses in terms of identity authentication?
Wagener & Swanepoel: Identity authentication has become much more prominent due to increased fraud and financial crime. Organisations have been compelled to take it seriously. Fraud incidents not only have financial repercussions, but erode consumer trust. While businesses are more aware, that does not necessarily mean they are confident in their identity authentication processes.
Our recent inaugural SA Identity Index found that just 24,5% of South African businesses considered their identity authentication ‘very effective’. Given these factors, we have no doubt that identity authentication will continue to be a central concern for South African businesses. Digital or mobile identities are still an emerging topic. The technology to achieve them is robust and effective, and digital identities are possible, but they are not being actively used yet.
With standards such as FIDO, are we moving away from PINs and passwords?
Wagener & Swanepoel: Identity and the consumption of authentication has become the norm. This means that people have grown accustomed to using 2FA and tokenisation in addition to passwords. This is particularly the case in South Africa, where two-factor authentication is rapidly spreading.
Microsoft is pushing for mandatory two-factor authentication, considering that the most common breaches originate from username and password combinations. At the same time, many consumers are receptive to stronger security measures that provide greater protection for their accounts and data.
The discussion of passwords versus tokenisation is fundamentally rooted in the concepts of friction and ease of access. It has become clear that complex passwords and frequent rotations do not significantly enhance security. In contrast, transitioning to a passwordless infrastructure through tokenisation represents a more effective approach to achieving deeper security within an organisation. In summary, while we have not entirely moved away from passwords, they are now being supported by additional methods of identity authentication, such as biometrics.
Is identity as a service (IDaaS) taking hold in SA, and if so, in which markets?
Wagener & Swanepoel: We are not seeing the same growth in IDaaS in South Africa as we are seeing in the worldwide market because many of these sectors are still located outside of South Africa. Right now, we are aware of it and are building the security architecture that would allow for the adoption of these services.
Many organisations struggle with access control as a service because it is cumbersome. AI and big data analysis offer the potential to alleviate some of that burden. Many businesses in South Africa have moved their infrastructure into the cloud, which is largely trusted by regulators. This prevalence of the cloud will speed up the adoption of Zero-Trust security measures.
Are devices on a network subject to IDA processes in South Africa, or is this something related to IoT (and OT) that is not seen as part of the whole identity management process?
Wagener & Swanepoel: Many breaches have originated in Internet of Things (IoT) or operational technology (OT) networks. We have seen instances where threat actors have focused on targeting OT structures because that is where the business impact lies. When OT structures are targeted, the entire business grinds to a halt. For this reason, OT should be considered an integral part of identity authentication conversations.
Cybersecurity is a core component of the above, but how important is it to people setting up or using IDA?
Wagener & Swanepoel: The strength of security vs the seamlessness of identity solutions is an ongoing balancing act. At iiDENTIFii, we are confident that we can strike a balance between the best of both. We prioritise security, but our 4D Liveness makes the process seamless for users.
As organisations expand their validation and authentication processes for both internal staff and consumers, various cybersecurity policies will also be strengthened. We feel that reducing risk with more identity validation is the starting process for onboarding a true Zero Trust strategy.
Are SA companies in the move to Zero Trust?
Wagener & Swanepoel: There is a lot of talk about Zero Trust in the banking sector, especially post-COVID. However, there is no tool to solve for Zero Trust; it is a methodology that applies to multiple pillars. The concept is plain and simple – you should not trust anything on your network, and just-in-time access should be the norm. From an identity perspective, it applies to confirming that the person transacting is real and live, and validating their identity at that moment.
What role do your companies play in the IDA market?
Wagener & Swanepoel: iiDENTIFii is a face authentication and identity verification platform that distinguishes itself through its use of 3D and 4D Liveness detection. Purpose-built for enterprises across Africa and the Middle East, we enable frictionless, scalable customer onboarding in seconds from anywhere and on any device. Founded in 2018, iiDENTIFii has become a proven key partner in multiple tier-1 African banks. The technology plugs seamlessly into existing infrastructures, including mobile and web-based platforms.
CYBER1 Solutions is a cybersecurity specialist operating in South Africa, East and West Africa, the Middle East and Europe. Our solutions deliver information security, IT risk management, fraud detection, governance and compliance, as well as a full range of managed services. We also provide bespoke security services across the spectrum, with a portfolio that ranges from the formulation of our customers’ security strategies to the daily operation of end-point security solutions. To do this, we partner with leading security vendors to deliver cutting-edge technologies augmented by our wide range of professional services.
For more information, contact:
• CYBER1 Solutions,
• iiDentifii,
| Tel: | +27 11 543 5800 |
| Email: | malckey@technews.co.za |
| www: | www.technews.co.za |
| Articles: | More information and articles about Technews Publishing |
| Tel: | +27 11 543 5800 |
| Email: | malckey@technews.co.za |
| www: | www.securitysa.com |
| Articles: | More information and articles about SMART Security Solutions |
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version