Never Trust, Always Verify: On Combating AI-Driven Identity Threats

About the Author

Johan Fantenberg is a Principal Solutions Architect APJ at Ping Identity. With over 25 years of experience in IT, telecommunications and financial services markets, he is an experienced technologist with a keen eye for emerging technologies and tech driven business opportunities. He has held roles at ForgeRock, Oracle, Ericsson and Sun Microsystems, and collaborates closely with a range of partners, system integrators and software vendors. He attended Stockholm University.


Never Trust, Always Verify: On Combating AI-Driven Identity Threats

In an exclusive interview with Industrial Automation Asia, Johan Fantenberg, Principal Solutions Architect for APAC at Ping Identity, delves into the evolving landscape of AI-powered identity attacks. Highlighting emerging threats such as checkout fraud and authorised push payment fraud, Fantenberg discusses innovative strategies and cutting-edge technologies that organisations can employ to fortify their defences. With insights into Singapore’s Zero Trust Architecture and advice on rebuilding consumer trust, this interview offers a comprehensive guide to navigating the complexities of modern cybersecurity.


  1. Introduction to AI-driven Threats: With AI-powered identity attacks evolving rapidly, could you provide an overview of how these attacks have transformed over the past year and highlight some of the emerging tactics that have caught your attention in 2024?

Because the rewards are so lucrative when they succeed, malicious actors are continually striving for more effective ways to execute attacks. We are seeing new attack variants emerge. One such variant is checkout fraud, which sees threat actors utilise bots to enter stolen credit card information and discount codes.

There’s also been a spike in authorised push payment (APP) fraud incidents. Threat actors undertake such attacks by posing as a merchant selling products to a target, sweetening the deal with offers of exclusive discounts through e-wallet transactions.

Meanwhile, promotion and bonus fraud are also becoming more common, with threat actors creating different accounts to collect sign-up bonuses. This type of fraud commonly targets online gambling services, but also appears in other businesses that offer similar incentives to customers who register for new accounts.

  1. Strategies Against Sophisticated Threats: Considering the increasingly sophisticated nature of AI-driven identity attacks, what innovative measures do you believe organisations can implement to fortify their defences against these threats? Could you also discuss the role of traditional security measures in this new landscape?

Traditional password-based authentication is ill-suited to the increasingly sophisticated threats we face today, which include password theft, phishing, and credential reuse.

Organisations should look to enhance their cybersecurity with a comprehensive strategy that also includes leveraging the advancements we’re witnessing in artificial intelligence (AI) for authentication methods including:

  • Biometrics – Utilising unique physical characteristics such as fingerprints or faces to verify identities.
  • Multi-Factor Authentication (MFA) – Combining two or more authentication factors like passwords, tokens or biometrics to add an extra layer of security.
  • Token-Based Authentication – A token relies on a physical device or software application that generates a one-time passcode for authentication.
  • Cryptographically bound devices – PKI based methods to enable passwordless, often coupled with biometrics.


  1. AI as a Shield: AI is often seen as a double-edged sword in cybersecurity. How can AI be harnessed effectively as a defensive mechanism to counteract AI-driven identity attacks? Are there specific technologies or methodologies you believe are most effective?

Security professionals need to always be on their toes as threat actors continually find ways to evolve and circumvent detection. With AI increasingly accessible to the public, we are beginning to see how advanced machine learning is being used to penetrate established authentication methods. Organisations similarly need to leverage AI for cybersecurity. A couple of features to keep an eye out for are:

  1. Proactive Anomaly Detection and Real-Time Response: AI-driven tools that effectively analyse behavioural patterns and adjust parameters dynamically can vastly improve detection capabilities and provide real-time breach response to mitigate threats.
  2. Identity Threat Detection and Response (ITDR): Organisations should also look to enforce extra areas of zero trust in addition to user identities. ITDR is a key element of zero trust since it monitors the IT network for suspicious and anomalous activity.
  3. Decentralised Identity (DCI): However, ITDR is not sufficient to protect user data in today’s IT environment as a standalone solution. It must be complemented with decentralised identity management to improve security and privacy by reducing reliance on centralised data systems.


  1. Adapting to Dynamic Threats: The cyber threat landscape is notoriously dynamic, with new tactics emerging continuously. How do you propose organisations keep pace with these changes and ensure their defence strategies remain effective against AI-driven identity attacks? Could you share insights into any early detection or predictive technologies?

AI-related threats require a combination of ITDR and DCI practices to keep data safe. The new security imperative brought about by AI means that zero trust has never been more important, and this two-pronged approach allows users to control how their identity data is shared, while organisations reinforce users’ security by constantly monitoring the IT environment.

  1. Singapore’s Zero Trust Architecture (GovZTA) and MFA: Given Singapore’s adoption of concepts like Zero Trust and the MAS’s advisory on strengthening Multi-Factor Authentication with passwordless identity verification, how do you see these strategies impacting the fight against identity fraud and AI-driven attacks at a national level?

They really underscore what we’ve mentioned earlier about the need to rethink identity management and cybersecurity more generally. At Ping Identity, we believe in supporting organisations striving to live up to these new paradigms by making our solutions accessible to them so that they can withstand attacks and respond swiftly in the event of a breach.

  1. Consumer Trust and Identity Data Management: With a low level of consumer trust in how organisations manage their identity data, what steps do you think organisations can take to rebuild this trust, especially in high-trust sectors like banking and healthcare?

A recent Ping Identity survey found that only 40% of consumers have full trust in the organisations that manage their identity data, with the highest levels of trust in banks (71%), healthcare services (58%) and insurance companies (50%).

To engender higher consumer trust, organisations should also be transparent about their data collection practices. This includes how data is stored, managed and kept secure, and who has access to data, in addition to making identity security central to their overarching strategy. It is also prudent to only collect data that is directly relevant to provide a product or a service. Ease of collection is not a reason to ask for all types of data at time of customer registration.

  1. Future Outlook and Advice for Organisations: As we look beyond 2024, what future trends do you anticipate in the realm of AI-driven identity attacks and cybersecurity? Moreover, what key piece of advice would you offer to organisations aiming to protect their digital interactions in the face of these evolving threats?

The cyber threat landscape is likely to worsen as attackers will continue to push the envelope. For organisations, it is crucial to counter this by firstly building a culture that emphasises the need to always advance cybersecurity to protect digital assets from ever-evolving threats. Conduct regular training sessions to keep staff apprised of the latest methods employed by threat actors can help enlist them as another layer of defence.

Organisations must also enforce device trust to control access to enterprise networks. Implementing device fingerprinting strategies, for example, ensures malicious devices do not make their way into a company’s network.





MiR and Sonic Automation Partners To Automate Intra-Logistics in Thailand’s Manufacturing Sector
Lee Kuan Yew Water Prize 2024 Presented To Professor Gertjan Medema For His Significant Contributions In Revolutionising The Application Of Wastewater-Based Epidemiology For Virus Detection