Consumers increasingly find themselves facing fake media and misinformation campaigns. Having a way to prove your content and communications are authentic should be one of your business’s top priorities.
Every year, Merriam-Webster publishes its Word of the Year, highlighting the top-searched terms. This year’s word for 2023 is authentic, a decision that the dictionary company said was primarily driven by “stories and conversations about AI, celebrity culture, identity, and social media.”
Although the importance of authenticity transcends all industries and walks of life, it’s a term that resonates with those of us working within the cybersecurity industry in particular. Consumers need a way to identify and differentiate what’s real from what’s not. Likewise, businesses need a way to prove their brand, products and services are authentic so consumers know their products and services can be trusted.
But what do “authentic” and “authenticity” mean in the ever-changing digital world that relies on public key cryptography?
Let’s hash it out.
What It Means to Be ‘Authentic’ and Why It Matters Now More Than Ever
The Dictionary company acknowledges that authentic is a term that has a certain je ne sais quoi; it’s often challenging for people to define, and many don’t necessarily agree upon a specific definition. One reason is that the term is highly subjective and means different things to different people.
In its post about its chosen word, Merriam-Webster’s “Authentic has a number of meanings including ’not false or imitation,’ a synonym of real and actual; and also ‘true to one’s own personality, spirit, or character.’”
Authenticity is more than just being real and true; it’s a quality that paves the way to establishing digital trust for businesses and other organizations. Without digital trust, your organization’s reputation, products, and services likely won’t have the impact that drives sales and develops relationships with consumers. If you want people to trust your business, then give them a reason to do so.
Authenticity Is Virtually Synonymous With Verifiable Digital Identity in the Digital World
In everyday life, when you think of the word “authentic,” one of the words that comes to mind is identity. According to Merriam-Webster’s article:
“Authentic is often connected to identity, whether national or personal: words frequently modified by authentic include cuisine and dish, but also self and voice. Celebrities like singers Lainey Wilson, Sam Smith, and especially Taylor Swift all made headlines in 2023 with statements about seeking their ’authentic voice’ and ‘authentic self.’”
It’s no secret that cybercriminals love to impersonate businesses — especially those lacking strong digital identities. They love to use social engineering attacks to target your employees and customers to get them to turn over sensitive information and make fraudulent purchases or money transfers. They can do all of these things (and worse) using brand impersonation attacks. In addition to getting away with sensitive data and your hard-earned money, they also drag your organization’s good name through the dirt and destroy any trust people have in your brand.
In the digital world, one of the best ways to prove someone’s (or something’s) authenticity is to use a verified digital identity. Without a verifiable digital identity on your side, how are your customers and employees supposed to differentiate your authentic (legitimate) messages from those created and distributed by an imposter?
These verifiable identities are generally based on the foundation of public key infrastructure (PKI), a term representing the frameworks, policies, and technologies that make secure communications possible over the (insecure) internet.
Some of the ways that organizations prove their authenticity in online communications using PKI include:
- Using SSL/TLS certificates (i.e., website security certificates) that validate website legitimacy
- Signing emails using PKI-based email digital signatures
- Displaying a verified logo up-front in recipients’ inboxes using verified mark certificates (VMCs) and brand indicators for message identification (BIMI)
- Using PKI-based client authentication to prove someone’s identity is authentic when connecting to a virtual private network (VPN)
- Signing software and documents using digital certificates that prove that these digital assets came from a particular person or organization and weren’t secretly altered after being signed
How Industry Leaders Are Working to Help Consumers Answer the Question ‘Is This Real?’
We’re living in a time in a time when artificial intelligence (AI) tools and platforms like Siri, Alexa, and ChatGPT have become household names. It’s only fitting then that one of the runner-up words for the 2023 Word of the Year rankings is deepfake.
Not sure what a deepfake is? Think of the deepfake video of Paris Hilton and Tom Cruise:
Another example that made big waves and tons of headlines was the AI-generated images of President Donald Trump being arrested that X (formerly Twitter) user Eliot Higgins created:
While many industry leaders embrace the merits of AI technologies, they also recognize the disadvantages they create for consumers who are left trying to decipher real from fake media. One way they’re trying to do this is by creating a new standard called the Coalition for Content Provenance and Authenticity (C2PA). This open standard aims to help users identify who or what created media content and how it’s been altered.
We’ve written at length about the new standard, which To learn more about C2PA, check out our article “Real Photo vs AI-Generated Art: A New Standard (C2PA) Uses PKI to Show an Image’s History.”
How to Help Bring Authenticity to Your Brand, Products, and Communications
Are you looking for other ways to help your customers and prospects recognize that you’re you and not an imposter? Here are a few resources that you might find useful: