Gustavo Gassmann, Vice President & Head of Emerging Markets at HID
Gustavo Gassmann, Vice President & Head of Emerging Markets at HID, shares insights on the accelerating convergence of physical and digital identity, the rise of mobile and passwordless access, and how AI, cloud, and zero-trust architectures are reshaping the future of secure identity infrastructure across global and regional markets.
Discuss the demand growth for access and identity solutions, from a global and regional perspective.
When we talk about access and identity today, it’s clear that the way organizations manage both has fundamentally changed. Physical and digital environments are increasingly connected, and security teams are looking for solutions that reflect how people actually live and work. That’s where mobile comes in. Mobile access has become a modern, intuitive extension of identity, allowing organizations to deliver stronger security while improving the everyday user experience.
We’re also seeing this shift clearly in the data. Demand for modern access and identity solutions is accelerating worldwide as organizations face a growing digital and physical attack surface. In our 2026 State of Security and Identity Management Report at HID, where we spoke with more than 1,400 security professionals globally, mobile credentials stood out as a key area of adoption. Seventy-four percent of organizations told us they have already deployed mobile credentials or are actively planning to do so.
What this tells us is that mobile access is no longer viewed as an emerging technology. For many organizations, it’s quickly becoming an expected part of a modern access and identity strategy.
Regionally, the GCC is experiencing even stronger momentum, with the security market projected to reach $6.9 Billion by 2034. This growth is being driven by government investments in digital transformation, smart cities, critical infrastructure, and national cybersecurity frameworks. In addition, the region’s rapid urbanization, mega-projects, and public-sector digitization are creating sustained demand for scalable, resilient identity infrastructure.
For HID, this growth reflects a fundamental shift in how identity is viewed: not as a supporting function, but as a strategic layer that underpins security, digital services, operational resilience, and national digital agendas.
How is HID reshaping the way digital and physical identity work together in a hybrid work environment? What recent innovations highlight this direction, and what does your roadmap look like going forward?
Hybrid work has fundamentally changed how identity is used. Employees now move seamlessly between physical offices, remote work, cloud platforms, and digital services, and identity must follow them securely across all environments. At HID, we are reshaping identity by unifying physical and digital access into a single trusted ecosystem. Our approach is built on interoperable platforms where credentials, authentication, infrastructure, and cloud services operate as one architecture.
Recent innovations, such as HID Mobile Access® integrated into Apple Wallet and Google Wallet, allow smartphones to serve as secure, hardware-backed credentials for both building access and digital authentication. Our biometric solutions, such as HID® Amico™, further strengthen identity assurance for high-security environments. At the infrastructure layer, our cyber-hardened Mercury Intelligent Controllers and HID® Aero® Controllers act as the secure bridge between physical environments and digital platforms.
Looking ahead, our roadmap focuses on deeper cloud integration, zero-trust architectures, continuous authentication, and AI-driven risk intelligence. The goal is to enable identity systems that adapt dynamically to user context, risk levels, and enterprise policies, creating a frictionless yet highly secure hybrid work experience.
How is AI being applied across HID’s solutions today?
AI is increasingly becoming an important enabler across HID’s trusted identity portfolio, particularly in areas such as biometric authentication, security analytics, system optimization, and operational intelligence.
In biometrics, AI is used to improve facial recognition accuracy, speed, and reliability across diverse lighting conditions, environments, and user populations. HID® Amico™ biometric readers use advanced AI algorithms for identity matching, liveness detection, and anti-spoofing, helping organizations maintain high-security assurance without compromising user experience. AI is also being applied in video identity, anomaly detection, and behavioral analytics to enable security teams to identify unusual access patterns, detect potential threats earlier, and respond more proactively.
From an operational perspective, AI supports predictive maintenance, system health monitoring, and performance optimization across large-scale deployments. This helps organizations reduce downtime and improve long-term reliability. At the platform level, AI enables intelligent automation, from access policy enforcement to identity lifecycle management, reducing manual intervention and improving governance.
As AI continues to evolve, we are focused on applying it responsibly within a secure identity framework, ensuring transparency, auditability, and strong data protection while unlocking smarter, more adaptive security systems.
What new risks does AI introduce into identity and access systems?
While AI brings powerful capabilities to identity and access systems, it also introduces new risks that organizations must actively manage.
One of the most significant risks is the rise of AI-generated spoofing and deepfake attacks. As synthetic media becomes more realistic, attackers can attempt to deceive biometric systems using manipulated images, videos, or voice samples. This makes advanced liveness detection and multi-factor authentication more critical than ever. AI can also be used to automate large-scale credential attacks, accelerating phishing, social engineering, and brute-force attempts. This increases the importance of strong identity assurance, behavioral analytics, and continuous monitoring.
Another emerging risk is model manipulation. If AI systems are not properly secured, attackers could attempt to poison training data or exploit model weaknesses to bypass authentication or generate false positives. There is also a growing need for transparency and governance. AI-driven decisions must be explainable, auditable, and compliant with regulatory frameworks.
At HID, we address these risks through layered security architectures, anti-spoofing technologies, cryptographic protection, and zero-trust principles. AI must operate within a trusted identity framework, not replace it, to ensure resilience against evolving threats.
What do you see as the most critical identity-related threats enterprises are dealing with right now?
Right now, credential theft and session hijacking are the most pervasive threats. According to recent reports, nearly 90% of data breaches involve compromised identities, meaning that attackers have moved from ‘breaking in’ to ‘logging in’ using stolen or phished credentials. We are also seeing an alarming rise in multi factor authentication (MFA) fatigue and bypass attacks where attackers are using sophisticated phishing kits to intercept MFA tokens in real-time. Additionally, unmanaged machine identities, including the thousands of service accounts and IoT devices with excessive privileges, are frequently exploited as entry points.
Another major threat is the exploitation of legacy access systems. Many organizations still rely on easily cloned proximity cards, outdated readers, and unsecured controllers that were never designed for today’s cyber threat environment. Insider threats are also increasing, whether intentional or accidental. Without strong identity assurance and continuous authentication, it is difficult to detect misuse of access privileges.
This is why HID is championing Zero Trust. We help enterprises move away from static passwords and toward phishing-resistant authentication, such as FIDO2-based security keys and PKI-based mobile credentials, ensuring that identity can be trusted even if the network itself is compromised.
How is HID evolving its platforms to support cloud-smart and hybrid enterprise environments?
Enterprises today operate across a mix of on-premise, cloud, and hybrid environments. HID is evolving its platforms to support this reality through cloud-smart architectures that combine flexibility, resilience, and strong cybersecurity.
Our platforms, like HID Origo™, are designed to operate seamlessly across on-premise and cloud environments, allowing organizations to choose deployment models that align with their regulatory, operational, and risk requirements. This includes support for private cloud, hybrid cloud, and cloud-managed identity platforms. At the device layer, our controllers and readers are built with secure connectivity, encrypted communications, and remote management capabilities to enable centralized control across distributed environments. We also provide API-driven architectures that integrate with enterprise IT systems, identity providers, cybersecurity platforms, and cloud services.
Our roadmap continues to focus on high-availability cloud services, secure remote administration, AI-driven analytics, and identity orchestration across physical and digital domains. The result is an identity platform that is cloud-smart, resilient, and enterprise-ready.
Discuss your focus on passwordless solutions. Are these growing adoption? What are the adoption barriers?
Passwordless identity is a major strategic focus for us, and adoption is accelerating as organizations recognize that passwords are one of the weakest links in security. Passwords are easy to steal, reuse, and compromise through phishing and social engineering. Passwordless authentication, using biometrics, mobile credentials, and cryptographic keys, significantly reduces these risks while improving user experience.
We are seeing strong adoption of mobile credentials and biometric authentication across sectors such as government, transportation, financial services, and large enterprises, particularly where security and compliance are top priorities. However, adoption barriers still exist. Integration with legacy IT systems can be complex, particularly in highly regulated environments. Change management is another challenge, as users need to adapt to new authentication methods. Privacy concerns also need to be addressed, especially around biometrics. Organizations must ensure transparency, data protection, and regulatory compliance.
How are data protection and privacy regulations influencing the design and deployment of identity technologies?
Data protection and privacy regulations are playing a central role in shaping how identity technologies are designed, deployed, and governed. Regulations across the Middle East, Europe, and other regions are placing greater emphasis on data minimization, transparency, consent, and security. This is particularly important for biometric identity, where personal data is highly sensitive.
At HID, privacy and security are embedded into our product design from the outset. Our biometric solutions are built with strong encryption, secure template storage, and configurable data retention policies. Wherever possible, biometric data is processed locally at the edge, reducing unnecessary data transmission. We also support role-based access control, audit logging, and policy enforcement to help organizations demonstrate compliance and accountability. From a deployment perspective, our platforms support flexible architectures that align with data residency and sovereignty requirements.
Ultimately, we believe that privacy is not a barrier to innovation, rather it is an enabler of trust. By designing identity technologies that respect user rights and regulatory frameworks, we help organizations deploy secure, compliant, and trusted digital identity systems.
Leave a reply
