by Barika Pace | July 28, 2020 | Comments Off on Securing A Touchless Society
By 2023, 50% of all major business applications will include at least one type of no-touch experience, such as voice, augmented reality, or virtual reality.
COVID-19 has acted as a catalyst for the era of AI-powered no-touch interfaces, which include
- Open-air gesture control and three-dimensional interfaces,
- Virtual reality,
- Brain-computer interfaces,
- Augmented reality, and
- Virtual personal assistants.
Touch-less interfaces present new attack vectors and thus increase security risks and lead to a higher dependence in AI. Product leaders will need to increase their focus on privacy and security controls to combat the collection of ever-larger amounts of personal data in a cyber-physical world. However, the greatest threat to product leaders’ touch-less product ambitions might be the risk to their product development cycles. Product leaders must increase their efforts to protect training models, especially those that can have real cyber-physical consequences, including threats to people and the environment.
As part of their long-term strategies, products leaders must prioritize the investments below technologies to prepare for short term impacts a changing society:
Embedded trust: Embedded trust delivers a hardware root of trust (e.g., Trusted Platform Module), which is frequently a requirement to secure end-point functions. Examples of these include device virtualization, firmware, operating systems, and execution environments. Such vendor products offer protection from scale able software-based threats and are useful in defending against physically invasive attacks. Providers like Thales, Keyfactor, Entrust Datacard, and Allergo offer embedded trust solutions.
Homomorphic encryption: Homomorphic encryption is a cryptographic method that enables third parties to process encrypted data and return an encrypted result to the data owner while providing no knowledge about the data or the result. Note that fully homomorphic encryption isn’t quick enough for most applications at this time, but some vendors offer partial homomorphic encryption. Providers like Duality Technologies, IBM, ShieldIO, and Ethereum are vendors that readers can research further.
Decentralized identity: Digital identity and data-sharing challenges create numerous privacy concerns. Decentralized identity enables privacy-enhanced verifiable identity data exchanges online. It also leverages technologies such as blockchain or other distributed ledger technologies to decentralize an identity system by distributing it across a large number of nodes or participants. Relevant providers include Microsoft, NuID, SecureKey, and Sovrin Alliance.
Cyber-physical system security (CPSS) solutions enable secure management of increasingly interconnected environments, growing out of IOT and OT security. The goal of CPSS is to secure engineered systems that orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans) and enable a safe, real-time, deception, secure, reliable, resilient and adaptable performance. Product managers must develop and demonstrate security features that, while helping mitigate threats, ensure privacy, guarantee safety, availability, reliability, and resilience. Sample providers include SCADA Fence, Nozomi, Cisco (CyberVision), Bayshore, Microsoft Azure Sphere, Claroty, Dragos, Forescout, 802 Secure, Armis, Indegy, Radiflow Tenable. Verve, IoActive, Otorio and PAS.
GPS anti-jamming and anti-spoofing This technology includes jamming and spoofing detection sensors, hardware and software. Signal-jamming solutions need to be fully automated to be effective, whether “kill” type jammers or “return home” systems. Sample providers: InfiniDome and Orolia
Online-fraud detection (OFD)
In a touch less society, online fraud detection is expanding beyond traditional use cases, and market overlap with identity proofing and authentication is growing. OFD tools normally enable real-time monitoring, and may be focused on detection alone, or also on mitigation, once fraudulent activity is suspected. Capabilities may include solutions to provide behavior analytics, bot detection, fraud scoring, integration with social media analytics tools, and event monitoring. Representative vendors include: Amazon Fraud Detector, SHIELD Enterprise, BioCatch, Cleafy, and Callsign.
View Free, Relevant Gartner Research
Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.Read Free Gartner Research
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.