What’s Real Anymore? Only Hardware Knows.

“If annual cybercrime were a country, it would have the third-largest gross domestic product (GDP) worldwide.”
That’s how the World Economic Forum describes the growing cost of digital crime, projected to hit $10.5 trillion by 2025.

AI is further fuelling this explosion. “Vibe coding” has entered the chat and what once took a team of hackers with some expertise, only takes a few prompts now. Generative AI is used to forge documents, clone voices, and create deepfakes convincing enough to fool both people and systems.

This isn’t just a technical threat. It’s an economic one. It weakens the user's trust in the systems they use, which is  the foundation of all digital interaction. The WEF report warns that AI-driven fraud undermines financial stability as more services go online.

At Spear, we’ve long warned against relying on human judgment for authencation. It is too risky and it shifts the responsibility of the cybercrime onto the victim rather than the criminal or the authentication system... But the personalized phishing techniques? It's child's play compared to the threat of deepfakes. 

So 6 years later, we still believe that the strongest defence is something even AI can’t fabricate: an actual physical key. 
And for good reason:

• FIDO2 keys do not connect to the internet themselves.

• They work locally by communicating with your device (via USB, NFC, or Bluetooth). 

  So that you authenticate without ever transmitting your private key online.

• The authentication happens through a cryptographic challenge-response between the device and the service, not by the key “going online.”

This is what makes hardware-based security so resilient it doesn’t rely on a "trusted third party". It eliminates it from the authentication process altogether.