Sign-up fraud, credential stuffing, and MFA bypass are everyday threats targeting Customer Identity. Identity has become a primary security entry point for all consumer applications. From buying flowers online to conducting financial transactions, millions of authentications occur daily to verify the digital identities of customers. But legitimate users aren’t the only ones interested in what’s behind the login box. Over the past few years, the volume and complexity of attacks on Customer Identity and Access Management (CIAM) systems have increased, so mitigating, detecting, and protecting against them is more important than ever. The challenge is that customer-facing applications must deliver a user-friendly and secure experience. In our third annual State of Secure Identity Report, we aim to increase the awareness of threats to Customer Identity systems and the defensive measures that should be taken to build and maintain trust with consumers. We share anonymized platform data from the Okta.