FIDO Alliance, HID Report Finds Gap Between Enterprise Confidence and Identity Security Performance

The FIDO Alliance and HID have released a new research report examining how organizations manage physical and logical access across their workforces, finding a disconnect between enterprise confidence in identity security and operational performance.

The report, “The State of Physical and Digital Identity in the Enterprise,” is based on a survey of 500 IT and cybersecurity decision-makers in the United States, Canada, the United Kingdom, France and Germany.

According to the study, 94% of organizations said they are confident that all physical and logical access can be revoked within 24 hours when an employee leaves. However, 35% reported experiencing delays or failures in revoking access during the past two years. Overall, 70% said they experienced at least one identity-related security incident.

Governance and complexity challenges

The report also found that governance of physical and digital identity remains fragmented in many organizations. Only 50% of enterprises reported having unified reporting ownership for physical and digital identity, while 48% said they have consolidated budget control.

Among industry sectors, finance was identified as the most governance-fragmented, with 34% operating fully separate reporting structures.

Identity management complexity also continues to increase, according to the report. Fifty-nine percent of enterprises reported managing three or more distinct credential and authentication systems, while 58% said managing digital identity has become more complex over the past two years.

The public sector reported the highest identity security incident rate among industries surveyed. According to the findings, 43% experienced access revocation failures. The sector also reported a 20% manual credential revocation rate, more than double that of the IT and technology sector.

Passkey adoption continues to grow

The study found widespread passkey adoption activity, with 93% of organizations reporting they are at some stage of adoption and 65% indicating high or expert technical familiarity with the technology. However, only 13% said they have deployed passkeys at scale.

Reducing phishing and credential-based breach risk was cited as the leading driver for adopting passwordless authentication by 45% of respondents. Another 44% identified reducing IT costs associated with password resets and help desk workloads as a primary motivation.

“The story in this data isn’t about awareness. It’s about execution. Ninety-three percent of organizations are on the passkey journey, but only 13% have deployed at scale, and the security incident rates reflect that gap directly,” stated said Andrew Shikiar, executive director and CEO of the FIDO Alliance.

Sean Dyon, vice president of the Authentication Business Unit at HID, said the findings highlight the need for organizations to take a unified approach to physical and digital identity management.

The full report will be launched at Identiverse 2026. Visit FIDO Alliance at booth 252 and HID at booth 800 from June 15-17.