Digital Identity Protection for Customers Becomes Key in the Mobile-First Economy Era
Jakarta (ANTARA) — Identity protection has become a crucial factor in maintaining public trust whilst supporting the sustainability of the national digital economy, particularly as the expanding cyber attack surface increasingly threatens customer identity security.
Data from Cybercrime Watch Indonesia indicates that more than 60 per cent of fintech fraud cases now involve stolen or forged identities during digital onboarding processes. Although the Financial Services Authority (OJK) has endeavoured to standardise electronic Know-Your-Customer (eKYC) procedures, synthetic identity fraud has risen sharply, particularly deepfake-based attacks targeting facial recognition systems.
The surge in threats is also evident in the rise of malware and phishing. The National Cyber and Encryption Agency (BSSN) recorded that such incidents soared to 26 million cases between 2023 and 2024. Meanwhile, website defacement increased 30-fold and data breach incidents leapt from 1.67 million to 56 million within a single year.
By mid-2025, BSSN had also recorded 5.838 million anomalous ransomware activities and 9.304 million Advanced Persistent Threat (APT) activities. The data shows that phishing, particularly through social engineering, remains the most common attack vector.
In operational response, BSSN has taken down 4,155 URLs containing fraudulent and phishing content. Separately, the East Java Communications and Information Technology Agency (Diskominfo Jatim) provided 124 expert testimonies in cybercrime and electronic transaction cases throughout 2024.
**Gaps in Traditional Identity Security Systems**
Although various organisations have invested in Customer Identity and Access Management (CIAM), biometric verification, and Identity Verification (IDV) solutions, many application providers in Indonesia still struggle to suppress identity fraud. In 2024, 72 per cent of mobile fraud cases involved fake or synthetic identities that successfully bypassed CIAM and multi-factor authentication (MFA) systems.
The core problem lies in the limitations of traditional identity security systems designed for static and centralised environments. Artificial intelligence (AI) technology can now be exploited by perpetrators to bypass conventional facial and biometric verification. Furthermore, synthetic identities constructed from fragments of genuine data can easily pass through automated verification systems.
Even after successful authentication, the risk does not end there. Session hijacking has become a critical vulnerability, with 41 per cent of mobile session takeovers occurring after MFA or biometric login processes. Perpetrators can manipulate identity signals such as application metadata, devices, and installations to masquerade as legitimate users.
They also exploit synthetic or spoofed devices to impersonate customer identities, employing techniques such as credential replay, token theft, and session cookie manipulation to gain unauthorised access.
"Threats to digital identity no longer stop at the login stage. Many attacks occur after authentication, through manipulation of sessions, devices, and the applications in use," said Jan Sysmans, Mobile App Security Evangelist at Appdome.
Runtime threats further exacerbate the situation. Overlay attacks, keystroke injection, and application manipulation can alter transaction data. Meanwhile, ephemeral device binding methods commonly used to link identities with device fingerprints can easily be removed through reinstallation, resets, or hacking tools.
Additionally, on-device KYC fraud such as fake clicks, gesture injection, and geolocation spoofing continues to exploit system gaps. Even the digital marketing ecosystem is not immune, with rampant mobile ad fraud leveraging device spoofing and advertiser ID rotation.
**Towards Continuous Identity Verification**
To confront the ever-evolving threat landscape, periodic authentication approaches need to be elevated to continuous identity assurance.
Continuous monitoring that validates device and session authenticity in real time ensures every interaction originates from a legitimate, uncompromised environment. This approach can detect fake devices, cloned applications, attribute manipulation, and code injection before they cause harm.
Key elements of continuous identity protection include perimeter defences to secure the application environment, multi-level fingerprinting-based identity that links user, application, and device attributes, and immutable device binding to maintain identity consistency even after device resets.
Further components comprise real-time threat intelligence to detect anomalous behaviour such as overlays, session hijacking, or credential theft, as well as on-device identity protection covering all user interactions.
This continuous identity protection can also integrate directly with existing CIAM and IDV frameworks, thereby maintaining trust throughout the customer journey within mobile applications.
**Building Trust, Inclusion, and Growth**
Digital trust has become the primary foundation of financial inclusion. Without robust and continuous identity protection, consumers will hesitate to use new fintech services, ultimately hindering adoption and innovation.
Traditional identity management solutions continue to play an important role but are no longer sufficient on their own. To thrive amid the current threat landscape, brands and mobile service providers need to combine legacy systems with continuous oversight and adaptive protection that verifies the authenticity of every session and device.
This approach not only enhances security but also builds user trust, drives financial inclusion, and accelerates the sustainable growth of Indonesia's increasingly mobile-first digital economy.
Data from Cybercrime Watch Indonesia indicates that more than 60 per cent of fintech fraud cases now involve stolen or forged identities during digital onboarding processes. Although the Financial Services Authority (OJK) has endeavoured to standardise electronic Know-Your-Customer (eKYC) procedures, synthetic identity fraud has risen sharply, particularly deepfake-based attacks targeting facial recognition systems.
The surge in threats is also evident in the rise of malware and phishing. The National Cyber and Encryption Agency (BSSN) recorded that such incidents soared to 26 million cases between 2023 and 2024. Meanwhile, website defacement increased 30-fold and data breach incidents leapt from 1.67 million to 56 million within a single year.
By mid-2025, BSSN had also recorded 5.838 million anomalous ransomware activities and 9.304 million Advanced Persistent Threat (APT) activities. The data shows that phishing, particularly through social engineering, remains the most common attack vector.
In operational response, BSSN has taken down 4,155 URLs containing fraudulent and phishing content. Separately, the East Java Communications and Information Technology Agency (Diskominfo Jatim) provided 124 expert testimonies in cybercrime and electronic transaction cases throughout 2024.
**Gaps in Traditional Identity Security Systems**
Although various organisations have invested in Customer Identity and Access Management (CIAM), biometric verification, and Identity Verification (IDV) solutions, many application providers in Indonesia still struggle to suppress identity fraud. In 2024, 72 per cent of mobile fraud cases involved fake or synthetic identities that successfully bypassed CIAM and multi-factor authentication (MFA) systems.
The core problem lies in the limitations of traditional identity security systems designed for static and centralised environments. Artificial intelligence (AI) technology can now be exploited by perpetrators to bypass conventional facial and biometric verification. Furthermore, synthetic identities constructed from fragments of genuine data can easily pass through automated verification systems.
Even after successful authentication, the risk does not end there. Session hijacking has become a critical vulnerability, with 41 per cent of mobile session takeovers occurring after MFA or biometric login processes. Perpetrators can manipulate identity signals such as application metadata, devices, and installations to masquerade as legitimate users.
They also exploit synthetic or spoofed devices to impersonate customer identities, employing techniques such as credential replay, token theft, and session cookie manipulation to gain unauthorised access.
"Threats to digital identity no longer stop at the login stage. Many attacks occur after authentication, through manipulation of sessions, devices, and the applications in use," said Jan Sysmans, Mobile App Security Evangelist at Appdome.
Runtime threats further exacerbate the situation. Overlay attacks, keystroke injection, and application manipulation can alter transaction data. Meanwhile, ephemeral device binding methods commonly used to link identities with device fingerprints can easily be removed through reinstallation, resets, or hacking tools.
Additionally, on-device KYC fraud such as fake clicks, gesture injection, and geolocation spoofing continues to exploit system gaps. Even the digital marketing ecosystem is not immune, with rampant mobile ad fraud leveraging device spoofing and advertiser ID rotation.
**Towards Continuous Identity Verification**
To confront the ever-evolving threat landscape, periodic authentication approaches need to be elevated to continuous identity assurance.
Continuous monitoring that validates device and session authenticity in real time ensures every interaction originates from a legitimate, uncompromised environment. This approach can detect fake devices, cloned applications, attribute manipulation, and code injection before they cause harm.
Key elements of continuous identity protection include perimeter defences to secure the application environment, multi-level fingerprinting-based identity that links user, application, and device attributes, and immutable device binding to maintain identity consistency even after device resets.
Further components comprise real-time threat intelligence to detect anomalous behaviour such as overlays, session hijacking, or credential theft, as well as on-device identity protection covering all user interactions.
This continuous identity protection can also integrate directly with existing CIAM and IDV frameworks, thereby maintaining trust throughout the customer journey within mobile applications.
**Building Trust, Inclusion, and Growth**
Digital trust has become the primary foundation of financial inclusion. Without robust and continuous identity protection, consumers will hesitate to use new fintech services, ultimately hindering adoption and innovation.
Traditional identity management solutions continue to play an important role but are no longer sufficient on their own. To thrive amid the current threat landscape, brands and mobile service providers need to combine legacy systems with continuous oversight and adaptive protection that verifies the authenticity of every session and device.
This approach not only enhances security but also builds user trust, drives financial inclusion, and accelerates the sustainable growth of Indonesia's increasingly mobile-first digital economy.