Ransomware and cyberattacks increased in 2020, and continue to increase in 2021. Almost every day, we read news stories about some company or organization falling victim to cyberattacks. The May 7th Colonial Pipeline ransomware attack disrupted pipeline operations and fuel supplies to much of the U.S. East Coast for several days. The attack resulted in fuel shortages and higher prices for consumers. Fuel prices in some regions, as of this writing, still have not recovered to their pre-attack levels.
The Colonial Pipeline attack was traced to a leaked password that had access to a VPN, which was used to access the company’s servers per a Bloomberg report. Without multi-factor authentication (MFA) enabled, it was easy for the bad guys to gain access – even with an old account that was no longer in use!
Once again, it’s prediction time again. But this post is about how we did last year. As has been my standard, we look back at last year’s predictions to see how accurate they were. For 2019, I was 86% correct, which improved on my 2018 forecasts, which were 81.5% correct.
It is once again time for my annual (14th consecutive to be specific) predictions for the mobile industry. When I wrote last year’s predictions, I (and really no one) could have foreseen the momentous events that 2020 brought the world. From the global COVID-19 pandemic to the significant Black Lives Matter protests, and actions, climate-related events, to the US presidential election, its aftermath and more. All have impacted the wireless / mobile industry, but in many ways, the mobile industry has responded well to the pandemic, which has been the overriding issue for the planet in 2020.
Here we go again. This is the 12th consecutive edition of my mobile industry predictions, originally published in January of 2008. While we try to cover most major aspects of the mobile industry, we do tend to emphasize messaging-related topics as well as consumer engagement. But we also focus on key industry trends such as devices, mobile payments, and blockchain. If a trend begins to fall out of favor, then it may disappear from subsequent predictions. You can get a detailed review and accounting of my 2018 predictions here.
Many of you, no doubt, have heard of the European Union’s European Banking Authority (or EBA) directive called PSD2 (Payment Services Directive). These guidelines were originally published at the end of 2015. By January 2018, all member states were required to implement the regulations.
In late July 2016, there were a significant number of news stories that have “declared the end of 2FA over SMS,” as the US NIST has recommended that the Out-of-Band delivery channel of SMS for 2FA tokens to be deprecated in the next version of their guidelines.
At the 2016 Facebook’s F8 Developer’s conference, a new no-password login solution was announced called Account Kit. Account Kit is designed to be an alternative login facility for people who either don’t want to use a social login such as Facebook or a non-password login. Users are given a choice between either email or their mobile phone number as their “identity.” After providing one or the other, a one-time code is sent via email or SMS to their mobile device. Access to the account is then granted.
Have you ever forgotten a password? I know that I have. I do all the time, in fact, although over the last year or two, I’ve gotten better at managing my password schemes (yes, I have schemes that I’ve memorized to generate new passwords). But forgotten password recovery is a “popular” mechanism in which bad guys can gain access to your account. So, we must incorporate a number of checks to disrupt and prevent attempts to gain access to accounts.
In the past few years, the incidents of major data breaches as well as hacking into personal accounts for not only public people, but also not-so-public people, seem to be on the increase. In June, 2014, McAfee recently published a study indicating that hackers are costing consumers and companies between $375 and $575 billion… annually! Furthermore, losses connected to personal information, such as stolen credit card data, have amounted to over $150 billion. We’ve all had instances of unsubstantiated charges appearing on our credit card statements. These are usually handled by the credit card companies, with little or no liability for us personally. I am hoping that as contactless payment options and EMV cards become more ubiquitous, we will start to see the great reduction or elimination of these types of fraudulent charges and activities.