IDSA spotlights AI, non-humans, zero trust and digital wallets as identity trends

Digital identity security is increasing in some measurable ways, according to the latest research from the Identity Defined Security Alliance. After a significant increase in incidents of many types in 2024, the number of security problems decreased in nearly all categories in the 2025 report. Biometric authentication is seen by some as a necessary next step, and by some as not necessary at all.

The 2025 Trends in Identity Security report indicates 14 percent of businesses did not suffer an identity-related incident in the past year, up from 10 percent in the two prior surveys. More than 500 professionals in IT security or digital identity at companies with more than 1,000 employees were surveyed for the IDSA report.

They identified AI, non-human identities (NHIs), zero trust and digital wallets as the defining trends of the year in digital identity security.

Phishing, broadly understood, was experienced by 56 percent of organizations, far ahead of the next most-common type of identity-related incident, which was stolen credentials (35 percent). Attacks using AI-based identities affected 20 percent of businesses surveyed.

Stolen credentials and social-engineering to acquire passwords declined slightly, but phishing was down by 13 percent, companies experiencing brute force attacks decreased by 8 percent and man in the middle attacks were down 7 percent.

The report considers the controls companies have put on AI use, and its potential benefits to identity security.

Humans identities outnumber NHIs at 49 percent of organizations, compared to 34 percent with more machine identities than people.

Zero trust approaches are in place for critical or high-risk identities at 48 percent of companies, and for all identities at 23 percent.

Some businesses have moved from considering digital wallets to integrating them, but 35 percent are not interested, down only 1 percent from last year’s report.

Thirty-two percent identified implementing biometric authentication for all users as a step that could have prevented security incidents within the past year. But implementing biometric authentication is also the most common answer for the technology or policy least likely to impact identity security within the organization over the next two to three years, at 30 percent.

Article Topics

biometric authentication  |  biometrics  |  cybersecurity  |  digital identity  |  IDSA  |  non-human identities