Digital Identity at the Heart of the Fight Against Online Fraud

Amid the rise in cyberattacks in France, both public institutions and private actors are multiplying their initiatives. Phishing, now ubiquitous, acts as a gateway to increasingly sophisticated attacks. At the core: digital identity, the management of which is becoming a strategic issue.

Cyber threats are becoming more diverse and voluminous. That is the observation made by Denis Boyer, Awareness Project Manager at Cybermalveillance.gouv.fr. “In 2024, the Cybermalveillance.gouv.fr platform recorded over 420,000 assistance requests, a record that illustrates the scale of the phenomenon. We have categorized 51 different types of cyber threats, from spam to ransomware,” he explained during a panel discussion at the 2025 edition of the INCYBER Forum.

Regardless of the victim category (individuals, businesses, local authorities), phishing remains the most reported incident, increasing by 22% between 2023 and 2024. Beyond traditional fraudulent emails, phishing now infiltrates smartphones via SMS messages impersonating government agencies or well-known companies, further blurring the lines.

Phishing serves as the entry point into a given system. It paves the way for account hacking, ransomware, fake wire transfer orders, and data breaches. “In 2024, data breaches increased by 82% for individuals and by 72% overall. This correlates with the many incidents that occurred last year, including those affecting third-party payment operators Viamedis and Almerys, as well as Free,” he added.

To strengthen the fight against these cyberattacks, a new system was launched at the end of 2024: the 17cyber service (17cyber.gouv.fr). A collaboration between Cybermalveillance.gouv.fr and the Ministry of the Interior, this portal aims to simplify incident reporting and direct victims to the appropriate contacts. “We want 17cyber to become everyone’s digital reflex, just like 17 is for contacting law enforcement,” emphasized Colonel David Flotat, Division Chief of the National Cyber Unit of the French Gendarmerie.

Industrializing Identity Management Projects

At the heart of all previously mentioned cyberattacks lies a common denominator: identity (and its theft). “When it comes to identity, companies have very diverse needs. And although some have made progress, often due to regulatory requirements, they still don’t cover their entire scope. One of the market’s main expectations is the availability of industrialized solutions that allow both deep customization and compliance with regulatory constraints,” notes Nolwenn Le Ster, Chief Operating Officer at Almond, an independent French player in cybersecurity, cloud, and information systems.

Another key point to consider: the complexity of identity-related projects. The market is full of solutions, with varying levels of maturity, that do not always meet functional or organizational expectations. “The good news is that new solutions are emerging, easier to implement and more interoperable with their ecosystem,” she adds.

Among these solutions is the company Memority. This SaaS-based provider offers an IDaaS (Identity-as-a-Service) platform that enables access customization based on the company’s needs. “Managing the identity of a supplier or an employee working in a factory or office involves specific characteristics. We handle these either directly through our graphical interfaces or via API in business applications,” explains Francis Grégoire, Deputy CEO of Memority.

Sovereignty is a central focus of Memority’s offering. “We are a French company—developed, operated, and hosted in France. We use two types of cloud providers. The first is S3NS, one of the upcoming trusted clouds certified by SecNumCloud, stemming from the Thales and Google Cloud partnership. The second is AWS, which is not sovereign, but allows us to meet the global needs of some of our large enterprise clients,” says Francis Grégoire.

Five Major French Banks Launch B.Connect

Finally, closely tied to Memority (which provided the project’s technological platform), the B.Connect initiative was discussed during the panel. This authentication service was launched by five major French banking groups (BNP Paribas, Groupe BPCE, Crédit Agricole, Crédit Mutuel, and Société Générale). It is a solution that allows e-commerce sites to offer customers access to their accounts without a password (in 80% of cases).

“42 million French people already have B.Connect in their pocket without knowing it. Starting this fall, they will be able to create their B.Connect account in just a few seconds from their banking app. This will allow them to log into thousands of websites using the B.Connect button—without using a single password. To put it in perspective, in France, passwords account for 50 to 60 billion entries per year, which is a nightmare for the user experience and a real security flaw,” comments Pierre Chassigneux, CEO of B.Connect.

The service will be free for users, but paid for websites using the B.Connect button. Given that 25% of cart abandonments are due to forgotten passwords and 15% to the authentication process at checkout, e-commerce platforms are likely to see a clear economic benefit.