From chargebacks to passwords and identity, cybersecurity experts have plenty of thoughts on what 2026 will bring.
Chargebacks charge ahead
“Chargebacks will spike as consumers exploit the ‘the agent did it’ excuse. In 2026, chargebacks will jump as agentic commerce rolls out – not because of technical failures, but because consumers will game the system.
“When AI makes a purchase, it’s easy to claim ‘the agent made a mistake’ or ‘I didn’t authorize this’ even when that’s not true. Without clear protocols defining authorized versus unauthorized agent behavior, consumers get plausible deniability for any purchase they regret. First-party fraud is already a problem, but give people an AI scapegoat, and it gets worse.”
– Brittany Allen, chief safety architect, Sift
RIP, OTP
“It’s time to hang a black veil on the static token. Cybersecurity experts have been warning for years, but 2026 is when the one-time password (OTP) approach will finally hit critical irrelevance in the high-stakes enterprise world. Microsoft has warned us about a predicted 32% surge in identity hacks in the coming year. It’s time to hammer the final nail in the coffin.
“Why? The OTP, whether via SMS or a basic authenticator app, is easily phished, intercepted or socially engineered. It’s a dead giveaway that your security model is still operating in a credential-based past.
“We predict a decisive pivot: at least 40% of Fortune 500 companies will have ditched their legacy token-based MFA for high-risk employee and contractor access. They’re replacing it with digital identity architectures that provide continuous, invisible authentication.
“Instead of asking for a temporary code, these systems passively validate a tokenized relationship rooted in the user’s verified mobile device. This move renders credential theft pointless, instantly reducing enterprise attack surface area and letting the world finally move past the era of “polite fraud enablement” that the static token created.”
– Mary Ann Miller, VP, evangelist & fraud executive advisor at Prove
The mandate for identity convergence in credit
“Escalating losses from sophisticated first-party and synthetic identity fraud rings will force the personal lending industry to mandate identity convergence at the point of application. Lenders will abandon siloed processes that treat device data, behavioral history and authoritative identity checks as separate steps, and instead require a unified, real-time identity-based trust score.
“This score will be calculated by correlating authoritative data (such as phone network identity and tenure history) with dynamic device-level intelligence (including non-device ID signals that currently show a 60% – 75% hit rate against fraud rings). Institutions failing to adopt this converged identity-first defence will see synthetic identity and first-party loss rates exceed 25% of all fraud-related credit losses, as bad actors perfect the technique of gaming initial transaction trust.
– Miller
Risk of internet monoculture
“The growing monoculture of the Internet presents a significant risk. The widespread use of the same cloud providers (like AWS), CDNs (like Cloudflare), and productivity suites (like Google or Microsoft Office) means that a failure in one service can affect millions of users, reducing the Internet’s resilience.
“This monoculture makes hacking more profitable because even a small gain per person, when scaled across millions of users on a single platform, results in large earnings for criminals. Historically, using heterogeneous networks (Sun Microsystems, Linux, Windows servers) made systems less appealing targets by increasing the cost for attackers.
“‘Because the digital ecosystem nowadays is largely monocultural, everyone becomes a target. Online, there is no such thing as being uninteresting. Any small piece of data, even something as simple as DNS records, can be sold, aggregated, and monetized. Simply existing online makes you a target,’ said Adrianus Warmenhoven, cybersecurity expert at NordVPN.”
– NordVPN
Increasing misinformation through new channels
“Over the course of 2025, it was observed that on discussion platforms like Reddit, as well as other social media and streaming platforms, sensible security measures and online privacy habits were often ridiculed by other users. This trend is expected to increase in 2026, with serious repercussions for individual online safety and privacy.
“Criminal organizations, which are sometimes better organized than legitimate businesses, have dedicated marketing and advertising units aimed at promoting poor security habits to keep users vulnerable. Capable of spending significant funds, these organizations are increasingly likely to buy or create influencers to promote insecure habits or products with weaker security standards.”
– NordVPN
Viability of quantum security threats
“‘The quantum computing market is projected to surpass $5 billion in 2026, with much of the new investment aimed at commercializing its impact beyond niche applications. As a result, cybersecurity will become a major focus,’ said Marijus Briedis, CTO at NordVPN.
“Quantum computing is approaching a threshold where current encryption standards may no longer be secure. Although large-scale quantum attacks are still years away, cybercriminals are already conducting ‘harvest now, decrypt later’ operations—stealing encrypted data today with the expectation that quantum breakthroughs will allow them to decrypt it in the future.
“Once quantum decryption becomes viable, decades’ worth of private information could be exposed. For organizations and individuals alike, quantum resilience should no longer be a future concern but a current priority.
“As the borders between the physical and digital worlds blur, cybersecurity is no longer just a technical issue but a societal one. It’s like teaching a child to eat a sandwich but not how to brush their teeth. Digital education has focused on literacy (how to use devices), whereas the focus must shift to digital hygiene, cultivating good security habits. In 2026, this will become more important than ever,” said cybersecurity expert Adrianus Warmenhoven.
– NordVPN
Why identity intelligence will separate market leaders from breach headlines
“In 2026, identity will either be your company’s strongest differentiator or its weakest link. We’re entering an era where AI is both transforming business and transforming fraud. The cost is not just revenue loss, but long-term reputational damage, regulatory exposure, and a complete erosion of customer trust.
“Many companies are still relying on outdated verification methods such as static data, passwords, and fragmented KYC checks, while attackers are using tools that didn’t exist two years ago. This asymmetry will define the winners and laggards in the next phase of digital business.
“Identity verification must become continuous, adaptive, and anticipatory, predicting and preventing risk before it occurs while remaining nearly invisible to the end user. It represents the evolution from a point-in-time identity check to a continuous, connected understanding of who someone truly is.
“Identity intelligence brings together data across identity, historical, behavior, and risk checks to build a dynamic view of a user over time. Instead of verifying once and hoping for the best, organizations can continuously assess trust in the background, adapting to new signals as they emerge. Because when fraud happens, customers don’t blame the criminal; they blame the brand.
“The leaders who understand that digital trust and identity intelligence form the foundation of a modern business model, not just a security protocol, will be the ones who scale safely, expand globally, and protect their reputation.”
– Robert Prigge, CEO, Jumio
Multi-cloud fragmentation becomes a crisis
“Whether they planned it or not… by 2026, nearly every enterprise will be operating in a patchwork of public cloud, private cloud, containers, and edge environments. When apps need to talk to each other securely, or when data must move quickly and reliably to support analytics and AI, that fragmentation will become a real liability. Teams are already discovering that traditional networking and legacy failover approaches simply don’t work at multi-cloud scale. The complexity isn’t slowing down – so the resiliency architecture and network connectivity have to evolve to match the world we’re deploying into.
“What I expect to see in 2026 is a massive shift toward secure, lightweight, point-to-point connectivity models built on zero-trust principles. Companies need a way to ensure constant uptime, fast recovery, and secure movement of data across clouds without wrestling with brittle tunnels or static network overlays.
“High availability isn’t just about servers anymore – it’s about the entire distributed fabric staying resilient. Businesses will choose solutions that let them seamlessly failover across clouds, maintain jurisdictional control, and securely reach any resource from anywhere. That’s the only way to operate confidently in a multi-cloud world.”
– Don Boxley, co-founder and CEO of DH2i
Disaster recovery moves from “backup plan” to “active architecture”
“For years, disaster recovery has been the fire extinguisher in the hallway – something everyone pays for but hopes they’ll never have to touch. That thinking won’t make it through 2026. Regulators are tightening the screws in finance, healthcare, and government. Cloud regions are going dark without warning. Geopolitical tensions and climate disasters are taking entire data centers offline. The idea that a single cloud or region can keep you safe is becoming a dangerous illusion. Disruption isn’t the exception anymore; it’s the operating environment.
“The companies that don’t get caught flat-footed will treat resilience as a living, breathing part of their architecture – not an afterthought. Cross-region and cross-cloud failover will shift from ‘nice to have’ to the only sane way to run a business. And whether critical apps come back online fast enough will depend on secure, low-latency connections that don’t crumble under pressure. In 2026, resilience becomes a board-level concern. The organizations that invest in it now will be the ones still delivering uninterrupted services when everyone else is scrambling to recover.”
– Boxley