Three of our senior executives sat down with our experts to summarize what top trends they are seeing unfold across our business in 2025.

The rise of Digital Identity Wallets

The majority of cybersecurity challenges are caused by stolen, misused or fake identities. To mitigate these risks, some claim that we have to choose between security, usability and privacy: but there is a clear solution focused on the broad adoption of digital identity wallets and open standards for digital identities.

Digital identity wallets aim to offer a new approach to the use of federated identities, in which users are in control of when and where their personal data is shared, and with whom. Modern FIDO-based authentication is a natural fit to secure digital wallets as users are becoming more familiar with its associated registration and sign-in flows due to many websites having implemented passkey security.

As we continue seeing more success stories about digital identity wallets and continued momentum of open standards for digital identities, in 2025, I expect many more countries around the world to adopt the technology and secure citizens and organizations with FIDO-based digital wallets.

A passkey future is in the cards

The role of passkeys in securing online identities depends heavily on how they are used. Unless organizations do all the right things and have an effective strategy in place throughout the user lifecycle, passkeys will not reach their potential. Over the next few months of 2025, I expect to see a rapid rise in adoption of passkeys across the enterprise, but it will still take time for organizations and consumers to take full advantage of passkeys technology.

In the short term, consumers may continue to be hesitant to adopt multi-factor authentication (MFA). While better than no MFA at all, the reliance on SMS-based One Time Passwords as a primary MFA factor is still widespread but dangerous. Yet, when we are talking about consumer behavior, there is hesitancy to change or adopt anything else unless they see it in more places that they trust and respect.

I believe the solution is clear: enable broad support for passkey authentication and remove unsafe methods of authentication (such as SMS OTP). It will also be important to prioritize following recommended guidelines around creating a good user experience that encourages users to enroll passkeys and educates them on the security benefits.

AI-driven cyber threats will continue to increase

As a majority of cyberattacks start with phishing, primarily due to its relatively low cost and high success rate, the advent of AI-driven phishing attacks is going to drive further assaults on the public. Generative AI is making it possible for even the less capable attackers to get started with phishing campaigns.

The risk does not end there, though. We will continue to see generative AI make social engineering attempts more potent. For example, AI can mimic someone’s writing style or reference relevant and accurate details extracted from previous breaches. It can even be used to create deepfakes and voice-fakes that fool victims into complying with suspicious requests. The drastic increase in generated content will negatively impact confidence in content if countermeasures like these are adopted and well understood by consumers. This is why I believe we will also see wider adoption of standards, such as those from the Coalition for Content Provenance and Authenticity, that focus on assisting consumers to validate the authenticity of content.

In 2025, we will also need to stay one step ahead of attackers through phishing-resistant security keys to remove the human error that leads to the success of AI-driven phishing attacks.