Company Feeds | Identosphere Blogcatcher

MEDIA INVITATION prezly Tue, 06/10/2025 - 12:37

Parc des Expositions, Paris Le Bourget, from Monday 16 to Friday 20 June 2025

Thales is delighted to welcome you to the 2025 Paris Air Show, where the Group will present its latest innovations for a safer and greener sky, in both defence and aerospace.

Join us at the Thales Pavilion (B1) and the Thales Media Chalet (No. 271) for dedicated meetings with our experts, where you can find out more about:

Artificial Intelligence for critical systems: sovereign, trusted, secure, and present in 100 products. Developed within Thales’ AI accelerator, cortAIx, it is already enhancing the performance of sensors and decision-support systems across both civilian and military domains: air traffic management, commercial aviation, airborne sensors, air operations command centres, drones and satellites. Securing the skies from low altitudes to space
Ground-based defence systems that can neutralize a wide range of threats—from drones to ballistic missiles and fighter jets—thanks to tailored technologies. Disruptive observation systems (ALL-IN-ONE, Stratobus…) for real-time, day and night surveillance from space. The emergence of Collaborative Combat, including the next-generation Combat Cloud A more connected, efficient, and sustainable civil aviation sector
How ground-to-air connectivity and AI are helping to build more sustainable aviation in response to growing traffic. How to improve the passenger experience in airports and on board. Space to address major challenges in security, sovereignty, and environmental monitoring
Cutting-edge space technologies enabling secure, multi-orbit connectivity in line with constellation needs such as IRIS2, and resilient, ultra-precise navigation (Galileo, LEO-PNT). Earth observation satellites for environmental monitoring (Copernicus, SWOT) and CO₂ emissions detection (Carb-Chaser…).

Thales press releases will be sent by email and will also be available on our website: Paris Air Show | Thales Group

Please confirm your attendance to:

Alice Pruvot : alice.pruvot@thalesgroup.com / +33 7 70 27 11 37 Laura Fau : laura.fau@thalesgroup.com / +33 6 65 84 09 82 Camille Heck : camille.heck@thalesgroup.com / +33 6 73 78 33 63 ​

 

 

/sites/default/files/prezly/images/pasinvit_0.jpg Documents [Prezly] PRESS INVITATION - Thales Paris Air Show 2025.pdf Contacts Cédric Leurquin 10 Jun 2025 Type Press release Structure Group THALES AT THE PARIS AIR SHOW 2025: BRINGING A COGNITIVE EDGE TO THE SKIES AND BEYOND prezly_765694_thumbnail.jpg Hide from search engines Off Prezly ID 765694 Prezly UUID 22b46b8c-7a5e-44a6-a1a9-8b0afd47b99b Prezly url https://thales-group.prezly.com/media-invitation-iu2plt Tue, 06/10/2025 - 14:43 Don’t overwrite with Prezly data Off

Ensuring regulatory compliance and fostering loyalty is crucial for fast-growing SaaS and FinTech startups. Thus, selecting the right AML and KYC provider is paramount to maintain speed, growth, and cost-effectiveness in the long-run.

The post Top KYC & AML Platforms for Growing SaaS and FinTech Startups first appeared on ComplyCube.

Interview with Patrice Caine in La Tribune Language English adam.roberts Tue, 06/10/2025 - 11:39

Article published by La Tribune Dimanche on 10 June 2025. Translated with the kind permission of La Tribune. Read the article in French on La Tribune website: Patrice Caine, PDG de Thales : « L’Europe peut rester en Ligue des Champions dans le domaine spatial »

“Europe can remain a Champions League player in the field of space”

The Chairman of the French high-tech firm has far-reaching ambitions in the field of quantum technology and in the consolidation of the European space industry.

After ten years at the head of Thales, what strategic vision have you defined for the next ten years?

Thales has successfully completed a strategic transformation over the past decade that makes our company a global leader in high-tech for defence, aerospace, cybersecurity and digital. This has allowed us to double our size and our operational performance. In cybersecurity and digital, we have made significant investments, especially with the acquisitions of Gemalto and Imperva, which have turned us into a world leader in those fields. These are areas with a future, with prospects for growth and profitability, for example the digitalisation of SIM cards. We also sold our railway signalling business after having righted the ship. This is a sector that has been consolidated around very large vertically-integrated players that have a “turnkey” offer incorporating both rolling stock and signalling.

What growth-rate are you anticipating for Thales in the medium term? 

Looking ahead to the coming years, my vision is to consolidate and develop Thales' position as a global high-tech leader. We are responding to the needs created by three major trends: growing geopolitical tensions, which we all deplore, but which generate a strong global demand for more security and defence; continued growth in air traffic until 2050; and the digitalisation of our lives and societies. The more the objects we use are connected, the more software they use... and the more potentially vulnerable they are to cyberthreats. This is even truer in the era of artificial intelligence (AI). Cybersecurity is becoming the oxygen of our societies, so to speak, and it is true for both individuals and businesses. This favourable environment, combined with the excellence of our technologies and our R&D, is what will drive our growth over the coming years. We have made it clear to our investors that our aim is to increase our turnover by 5% to 7% per year between now and 2028. 

Many observers believe that Thales is becoming more and more a defence company, as evidenced by the strong increase in the share-price in recent months.

There is perception and then there are facts. Taking into account the strong growth of ourdefence activities and the sale of the railway signalling business in May 2024, Thales now generates over 50% of its turnover in defence (around 55% last year). However, when we completed the acquisition of Gemalto in April 2019, the pendulum swung towards our civil businesses. You have to remember that a well-balanced duality between civil and defence businesses remains at the heart of the company’s strategy and provides us with resilience. It’s part of Thales' DNA. And it’s one of its great strengths.

What is your R&D strategy?

Our three major markets - defence, aerospace, and cyber and digital - all draw on a common technology base. We invest more than €4 billion a year in R&D, to which 33,000 Thales engineers and researchers are dedicated. Beyond our R&D investments, our civil and defence cyber businesses (€2 billion in sales) also help to set us apart from the competition by bringing ever more value to our customers. 

How do you choose the technologies that bring a decisive advantage to your future products?

Thales invests in technologies that anticipate future trends, which is absolutely key for a company like ours. Our turnover, which today exceeds €20 billion, allows us to support a powerful R&D strategy. We are interested in many technologies, such as algorithms, electronic components, optics, photonics, signal propagation and acoustic waves... We cover a huge scope that encompasses the technologies of the digital world as well as those of the physical sciences. On the outside, there is a lot of talk about AI and quantum, but the reality is much broader.

For example?

We are working on the technologies of future components, called SIP (System In Package) – components of components. This is an area that may seem a little dreary, but it is fundamental for our industry, for the electronics of tomorrow and for the sovereignty of states. We are working on a project with FoxConn and Radiall around an SIP production line in France. With a planned production capacity of more than 100 million SIP-type components per year by 2031, this project aims to meet the needs of the European market for advanced semiconductor packaging in the aerospace, automotive, telecommunications and defence sectors. These SIPs will allow France and Europe to increase competitiveness and strategic autonomy in the face of the major component suppliers. 

What lessons has Thales learnt from the conflict in Ukraine, in terms of artificial intelligence and drones?

In the field of AI, Thales has created its cortAIx accelerator, which brings together more than 800 experts and engineers around the world. We already have more than 100 products that incorporate trusted AI for critical systems. AI is a differentiating technology and is already part of our daily lives. And we are starting to see it on the battlefield. Although it is not so clear from what we see on television, we have to face facts: what the war in Ukraine has confirmed is just how decisive high technology is. At the front, Russian and Ukrainian drones are facing an electromagnetic interference wall. This is why, for short range, the two armies now use wire-guided drones equipped with optical fibres 20 to 30 kilometers long, to avoid jamming. Electronic warfare has become pivotal, and it requires a very high level of technological mastery. What makes the difference on the battlefield today is not only the number of systems, but also how highly they perform. As for the quantum revolution, Thales is one of the most advanced companies in the field.

But quantum technology is much further down the line...

Quantum technology is starting to be seen outside of laboratories. And soon, we will offer sensors that use quantum technologies, such as cold atom inertial units, radio antennas based on quantum interference filters, and magnetic anomaly detectors using nitrogen-vacancy synthetic diamonds (NV centres). They are going to be on the market in a few years, and will be a game-changer. We will be able to detect and measure noises, signals, and “anomalies” that we did not detect before, with sensors a thousand times more compact and a thousand times more precise. This leap in performance is such that it is likely to confound a number of certainties in several areas.

In the field of space, Thales is currently discussing a consolidation with Airbus and Leonardo, code-named Bromo. Do you have any red lines for this major operation?

It is important to remember that at this stage, these are preliminary – and not binding – talks. We must first get the green light from the industry principals, i.e. the governments we work for. The turnover of this industry is largely driven by institutional bodies such as ESA (the European Space Agency) and national space agencies. For example, two-thirds of Thales Alenia Space‘s turnover comes from our institutional customers. Without the agreement of these large constituents, we can do nothing. Today, there is a good understanding – including among our major customers – of the issues surrounding this project, and of why these discussions are taking place. Of course, any consolidation of these businesses must ultimately make economic sense and be useful to all stakeholders. 
 
Is the geopolitical context changing the European Commission’s vision on competition? 

I’m not going to comment on the ongoing discussions, outside of the fact that they’re good. Everyone understands that the geopolitical situation has changed. This project, if it is implemented, will obviously have to obtain the approval of the authorities in charge of questions of competition.

Broadly speaking, is there not a risk of space in Europe stalling?

The ESA ministerial conference at the end of the year will be an important and, in fact, strategic event. European countries, including France, are lucky enough to be able to pursue their ambitions in the space sector in order to remain in the Champions League.
 
Should we be worried?

The country’s fiscal position is what it is, but Europe and France have enormous assets. In particular, we must strongly support the sectors where we are in a leadership position, so as to remain there. We must therefore make the right public investment choices in order to develop our strengths, and to maintain or even increase our positions as leaders: the space industry, the aeronautics industry, where we are at work within CORAC (the council for civil aeronautics research) and of course the defence industry in the service of our armed forces.
 

/sites/default/files/database/assets/images/2025-06/PC_header_Tri.jpg 10 Jun 2025 Patrice Caine Group Patrice Caine, Thales Chairman & CEO, talks to French financial daily La Tribune about the future of the space and defence industries in France and Europe. Type News Hide from search engines Off

“Once upon a time, digital systems were built around a beautifully simple idea: one user, one identity, one device, one intent. That model worked, for some value of “worked.” Mostly, it was good enough to solve 80% of the use cases. As always, the remaining 20%, which is where delegation lives, will take the majority of the effort to achieve.”

A Digital Identity Digest Delegation in a Multi-Actor World: It’s Not Just OAuth Anymore Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 10 seconds 00:00 / 00:12:03 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

Delegation, especially in the digital world, spans every sector and silo you can think of, from personal issues to business needs. A caregiver needs to manage prescriptions for an incapacitated family member. An executive assistant files expense reports on behalf of a CEO. An AI agent moves money between your bank accounts, ideally without draining your savings in the process. Real life involves multiple actors, multiple roles, and a messy, shifting web of consent and authority.

Unfortunately, most of our digital systems still behave as if we’re playing a single-player game. Delegation, the ability for one party to act clearly and securely on behalf of another, is not a nice-to-have. It never really was; just ask anyone who had to get into someone else’s accounts after that someone else passed away. But agentic AI has turned what was treated as an edge case into a foundational requirement for how we live and interact online.

In my first post on delegation, I wrote about why this matters. Now let’s consider what today’s technical foundations offer and why what we have today isn’t enough.

OAuth: Great for Authorization. Awkward for Delegation.

If you work anywhere near digital identity, you know OAuth 2.0 (I’d like directly to the spec, but there are SO MANY SPECS in the OAuth family. It’s crazypants.). OAuth 2.0 is the backbone of how we let one service act on behalf of a user. It’s how you click “Sign in with Google” or allow a fitness app to access your calendar.

For basic authorization, OAuth is brilliant. But for complex, human-centric delegation? Not so much.

In most OAuth implementations, delegation looks like “Alice-to-Alice” sharing. Alice authorizes a service, and when that service acts, it looks like Alice herself is taking the action. There’s no clear, auditable distinction between actions initiated directly by Alice and actions performed on her behalf.

When the stakes are low, that’s fine. When delegation needs to be explicit, limited, and verifiable, you know, in healthcare, finance, or enterprise environments, it starts to fall apart.

RFC 8693: Token Exchange – Helpful, but Not Plug-and-Play

There is important work happening inside OAuth to handle more sophisticated delegation patterns.

RFC 8693 (OAuth 2.0 Token Exchange) defines a way to trade one token for another. It creates the foundation for services acting “on behalf of” a user and enables more traceable chains of authorization.

This is real progress. It opens the door to:

Services that act as authorized intermediaries, Audit trails that reflect delegated authority, Clearer boundaries between who initiated which actions.

But it has its own issues.

As shared by engineers working with these standards today, RFC 8693 is a framework, not a turnkey solution. It’s incredibly useful if someone does the heavy work of designing the exact policies, constraints, and usage patterns that fit a specific environment.

There are no general-purpose, plug-and-play implementations. To put it another way, RFC 8693 gives you the ingredients. It doesn’t bake the gluten-and-dairy-free-but-still-tasty cake.

OAuth 2.1: Important Cleanup, Not a Delegation Revolution

OAuth 2.1 is currently moving through the IETF process; that means it is still a draft, and you shouldn’t think of it as a stable specification. It consolidates best practices from OAuth 2.0 and improves security by:

Requiring Proof Key for Code Exchange (PKCE) for all clients, Removing risky flows like the Implicit and Resource Owner Password Credentials grants, Tightening rules around redirect URIs to prevent common attacks.

These are much-needed improvements to make OAuth deployments more secure and consistent.

However, OAuth 2.1 does not introduce major new delegation capabilities. If you were hoping for a seamless way to model multi-actor delegation as a standard feature, OAuth 2.1 will disappoint you. It’s a maintenance and modernization release, not a redesign of delegation models.

What’s Still Missing?

When people talk about “richer delegation models,” they are typically looking for capabilities that OAuth alone doesn’t fully deliver today:

Contextual constraints: Delegating narrowly, following the model of “only access this resource, only for this task, only during this window.” Clear actor chains: Recording “Bob is acting for Alice” rather than obscuring delegation behind a generic authorization. Lifecycle management: Ensuring delegation expires automatically when the situation changes (e.g., a role change or time limit). Auditability: Maintaining reliable logs that show exactly who acted, when, and under what authority. Transitivity control: Defining whether and how a delegated authority can be further delegated to others.

OAuth, with extensions like Token Exchange and Rich Authorization Requests (RAR), can enable some of this when carefully implemented. (Those last three words should fill you with trepidation, just sayin’.) But it doesn’t guarantee it, and it leaves much of the structure up to each deployment. (What could possibly go wrong?)

That gap matters, especially as systems get more complex, regulatory scrutiny increases, and agentic AI becomes more common.

Exploring Other Delegation Models

Recognizing these gaps, others in the identity community are exploring additional models beyond pure OAuth:

User-Managed Access (UMA): Built on top of OAuth 2.0, UMA allows resource owners to define fine-grained sharing policies. It offers strong concepts for delegation but has seen limited real-world adoption due to its complexity. Verifiable Credentials and Decentralized Identifiers (VCs and DIDs): These technologies allow an agent to present cryptographically verifiable proof of delegated authority. They are still maturing but hold significant promise for trusted delegation between humans, organizations, and AI agents. Enterprise Mission Profiles: Some organizations are developing tailored delegation frameworks for specific industries, building on OAuth or PKI to meet regulated needs without relying on consumer-grade assumptions.

Each approach recognizes the same fundamental reality: digital systems must become much better at supporting explicit, constrained, auditable delegation.

Why I’m Writing About This

To be clear, I’m not one of the people writing these specifications. I’m not here to offer a new protocol or propose another working group. No, seriously, we do not need another working group. My goal is to build a bridge between people who have resources to throw at this problem and the groups working on the problem now. .

There is a growing group of implementers, architects, and security leads who are starting to notice the cracks:

Delegation models are messy. AI agents are bumping into walls. Critical systems are relying on brittle workarounds.

At the same time, important, thoughtful work is happening in standards bodies like the OpenID Foundation and the IETF to address delegation challenges, but those efforts aren’t widely understood yet.

If you’re feeling frustrated that “surely OAuth already handles this,” or worried that your project’s AI agent has no clean path to delegated authority, you’re not wrong.

The people working on these specs know there’s a gap. They’re working hard to close it. They are amazing. But building better delegation models will take time, feedback, and collaboration from across the industry, not just inside the standards track.

Delegation Isn’t Solved Yet, But It’s Solvable

Delegation today is a patchwork of partial solutions. But it doesn’t have to stay that way.

With better tools and more attention to what real-world delegation actually requires, we can build systems that reflect the complex, messy, multi-actor world we live in. It’s not going to change quickly, but that doesn’t mean we shouldn’t be focusing our attention on fixing the problems.

If you enjoyed this post, you might find a few other posts on my blog of interest:

Agentic AI and Authentication: Exploring Some Unanswered Questions Understanding NHIs: Key Differences Between Human and Non-Human Identities Unlock the Secrets of OAuth 2.0 Tokens (and Have Fun Doing It!)

Want to stay updated? I write about digital identity and related standards—because someone has to keep track of all this! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here] 

Transcript

[00:00]
Welcome to A Digital Identity Digest, the audio companion to the blog at Spherical Cow Consulting. I’m Heather Flanagan, and every week I break down interesting topics in the field of digital identity—from credentials and standards to browser weirdness and policy twists.

If you work with digital identity but don’t have time to follow every specification or hype cycle, you’re in the right place.

Let’s get into it.

Why Are We Talking About Delegation Again?

[00:00:26]
Welcome back. Today, we’re revisiting the topic of delegation, but this time we’re diving into the technical side—what today’s systems offer, why it’s not enough, and where the real gaps lie.

[00:00:41]
If you’re familiar with OAuth, hang in for 30 seconds. If not, no worries—here’s the short version:

[00:00:50]
OAuth is a protocol that lets you authorize one service to access something you control without handing over your password.

[00:00:57]
It’s why you can “Sign in with Google” or allow a calendar app to sync your schedule—without giving up full control of your account.

OAuth: The Backbone of Modern Delegation

[00:01:04]
OAuth is the underlying plumbing for online access delegation. When it works well, it’s great. But when it falls short (and spoiler alert: it does), it results in messy workarounds and real security gaps.

[00:01:25]
Originally, digital systems were built around a clean model: one user, one identity, one device, one intent. And while that worked for about 80% of use cases, the remaining 20%—where delegation lives—takes the most effort to get right.

Real Life Is Messy: The Rise of Multi-Actor Systems

[00:01:47]
Fast forward to today: real life is messy, with overlapping authority and complex actors.

[00:02:00]
Think about it:

A caregiver managing a family member’s medical appointments An executive assistant filing expenses for a CEO An AI agent managing your bank accounts (ideally without buying a Tesla)

[00:02:15]
Delegation has never been a “nice-to-have” feature. It’s always been critical—just ask anyone who’s had to manage a deceased relative’s online accounts.

[00:02:25]
Now, with AI entering the picture, delegation has gone from edge case to foundational design problem—and most systems aren’t ready.

What OAuth Gets Right (and Where It Breaks)

[00:02:39]
OAuth 2.0 is well-known in identity circles. It’s a powerful authorization protocol, especially for simple use cases like:

Signing in with Google Granting apps access to calendar or contacts

[00:03:17]
But for complex, human-centered delegation, things start to fall apart. Here’s what typically happens:

Alice authorizes a service The service acts Logs show Alice did it—even though it was the service

[00:03:41]
That’s okay when the stakes are low. But when it’s an AI agent booking travel, paying bills, or managing healthcare? Not so much.

[00:03:52]
You don’t want to give your AI or family member unlimited, untraceable access.

[00:04:03]
But you also don’t want it blocked at every turn. Systems need to recognize that it’s acting with limited, delegated authority.

The Need for Rich, Constrained Delegation

[00:04:12]
Without rich, constrained delegation, you either:

Grant too much access and lose control Or block useful actions completely

[00:04:22]
Neither option is ideal. And OAuth—at least as widely implemented—wasn’t designed for this kind of nuanced delegation.

RFC 8693: Token Exchange to the Rescue?

[00:04:32]
OAuth isn’t standing still. One key development is RFC 8693—the token exchange spec. It enables services to act on a user’s behalf with audit trails and chains of authority.

[00:05:06]
Sounds promising, right?

[00:05:06]
But here’s the catch: RFC 8693 is a framework, not a turnkey solution. It gives you the ingredients, not the cake.

[00:05:31]
If your project assumes token exchange will “just work” for delegation—good luck. You’ll need to profile it properly, define scopes, and create policies tailored to your environment.

What About OAuth 2.1?

[00:05:40]
OAuth 2.1 is in the works. It tightens up security and standardizes key improvements:

PKCE is now mandatory Risky flows (like resource owner passwords) are removed Redirect rules are stricter

[00:06:13]
These are great changes. But let’s be clear: OAuth 2.1 is a maintenance release. It’s not a new model for delegation.

What We Actually Need for Delegation

[00:06:39]
When people say we need “richer” delegation, they mean:

Contextual constraints
(e.g., access this resource for this purpose within this timeframe) Clear actor chains
(e.g., Bob is acting for Alice—and the system knows it) Lifecycle management
(e.g., permissions expire automatically with role changes) Auditability
(e.g., logs that track who did what, when, and on whose behalf) Transitivity control
(e.g., delegate-of-a-delegate rules with tight boundaries)

[00:07:59]
Especially with AI, you may want a delegate (human or agent) to be able to re-delegate—but only for specific purposes and within strict limits.

The Problem with Current Systems

[00:08:08]
Without fine-grained control, delegation chains either collapse into chaos or simply don’t work.

And right now, very few systems—or standards—can handle controlled, conditional re-delegation well.

Other Delegation Models to Watch

[00:08:42]
Outside of OAuth, some promising models include:

User Managed Access (UMA)
Fine-grained sharing policies—but limited adoption Verifiable Credentials & DIDs (Decentralized Identifiers)
Let agents cryptographically prove they’re authorized—but still maturing Enterprise Mission Profiles
Customized frameworks tuned for high-compliance environments like banking

[00:09:31]
All of these agree on one thing: one user, one device, one intent no longer reflects the real world (if it ever did).

Why This Matters

[00:09:44]
I’m not writing OAuth specs, and I’m not proposing another working group (please, no more working groups).

[00:09:53]
What I am trying to do—through this podcast and blog—is build a bridge.

Because:

More architects and implementers are realizing delegation is messy AI agents are bumping into walls Critical systems are relying on brittle workarounds So, Where Do We Go from Here?

[00:10:14]
Standards bodies like the OpenID Foundation and IETF are doing excellent, thoughtful work. But that work isn’t always widely understood or accessible.

[00:10:45]
If you’re frustrated that “surely OAuth handles this”—you’re not alone. It doesn’t. Yet.

[00:11:04]
Delegation isn’t solved—but it is solvable. With better tools and more attention to real-world needs, we can build systems that reflect the messy, beautiful, multi-actor world we live in.

And while it won’t happen overnight (hello, technical debt), it’s absolutely worth doing.

Thanks for Listening

[00:11:27]
That’s it for this episode of A Digital Identity Digest.

If this helped make things clearer—or at least more interesting—share it with a friend or colleague. You can connect with me on LinkedIn @hlflanagan.

If you enjoyed the show, don’t forget to subscribe and leave a review on Apple Podcasts or wherever you listen.

You can also read the full post at sphericalcowconsulting.com.

Stay curious. Stay engaged. Let’s get these conversations going.

The post Delegation in a Multi-Actor World: It’s Not Just OAuth Anymore appeared first on Spherical Cow Consulting.

Thales and Proximus consortium will enhance the resilience and efficiency of NATO’s Communications and Information Agency business network prezly Tue, 06/10/2025 - 08:30 NATO Communications and Information Agency (NCIA) has awarded a contract to a consortium formed by Thales, a global leader in high technology, and Proximus, Belgium’s leading telecommunications provider. This strategic partnership will operate and manage some key infrastructure elements for NCIA’s business network, ensuring enhanced resilience, security, and operational efficiency across five NCIA locations.

The infrastructure will be supported using cloud based technology, providing NCIA’s personnel with highly secure and efficient access to essential IT services, facilitating real-time communication, collaboration and data management across multiple sites.

This modernisation is an opportunity to enhance capacity, improve compatibility, and upgrade systems to ensure optimal performance.

Under the terms of the contract, Thales and Proximus will deliver a fully managed service, providing:

infrastructure as a service (IaaS) on a certified and accredited cloud; end-user devices as a service (DaaS) for personnel; robust cybersecurity solutions, ensuring a highly secure digital environment; advanced networking capabilities at NCIA sites for seamless connectivity; comprehensive platform administration services; scalable cloud services for secure storage and high-performance computing.

Thales is providing a secure cloud infrastructure and a fully managed service, while Proximus is delivering a secure multi-domain laptop and is upgrading the Wi-Fi networks at The Hague and Braine L’Alleud, as well as enabling a high speed connection to their Cloud for 5,000 users at NCIA sites.

“Together with Proximus, Thales reaffirms its commitment to strengthening NATO’s digital resilience, ensuring secure, high-performance and future-proof IT infrastructure to support the Alliance’s evolving needs. By outsourcing commodity services to trusted industry leaders, NCIA is taking a forward-looking approach that ensures a fully managed, secure, and scalable solution." said Alex Bottero, VP Network and Infrastructure Systems, Thales.

"This strategic project reflects our commitment to providing cutting-edge connectivity, mobility, and security solutions. We are proud that Proximus has been chosen for this large-scale project, which will enable NATO to strengthen its digital capabilities with a secure and scalable infrastructure. Thanks to our collaboration with Thales, we are confident that we will be able to meet NCIA's needs and support its essential missions." adds Anne-Sophie Lotgering, Enterprise Market Lead at Proximus.

With stringent performance metrics and service level agreements (SLAs) in place, this solution will guarantee high availability, security and operational stability for NCIA’s ecosystem.

About Proximus Group

Proximus Group (Euronext Brussels: PROX), is a provider of future-proof connectivity, IT and digital services, headquartered in Brussels. The Group is actively engaged in building a connected world that people trust, so society blooms.

The Domestic segment is focused on providing state-of-the art telecommunications and IT services in the Benelux. In Belgium, core products and services are offered under the Proximus, Mobile Vikings and Scarlet brands for the residential market and Proximus NXT for the Enterprise market. The Group is also active in the Netherlands (Proximus NXT) and in Luxembourg (Tango and Proximus NXT).

Proximus Global overarches the international activities of the Group, gathering the strengths of BICS, Telesign and Route Mobile. Encompassing the entire value chain from P2P Voice & Messaging and Mobility services to CPaaS and Digital Identity, Proximus Global is in a unique position to become a global digital communications leader.

The Group has the ambition to build the #1 gigabit network for Belgium and plays a central role in creating inspiring digital ecosystems, while fostering an engaging culture and empowering ways of working. Building upon these strengths, Proximus aims to contribute to an inclusive and sustainable digital society, delight customers with an unrivalled experience and achieve profitable growth both locally and internationally to deliver long-term value for stakeholders.

With 13,131 employees, imbued with Proximus' Think Possible mindset and all engaged to offer a superior customer experience, the Group realized an underlying Group revenue of EUR 6,430 million end-2024.

For more information, visit www.proximus.com & www.proximus.be.

About Thales

Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.

The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.

Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.

/sites/default/files/prezly/images/Generic%20banner%20option%202%20%282%29_51.png Contacts Cédric Leurquin 10 Jun 2025 Type Press release Structure Defence and Security Defence The infrastructure will be supported using cloud based technology, providing NCIA’s personnel with highly secure and efficient access to essential IT services, facilitating real-time communication, collaboration and data management across multiple sites. prezly_764119_thumbnail.jpg Hide from search engines Off Prezly ID 764119 Prezly UUID def521c4-951c-43d6-876f-25d773828c3f Prezly url https://thales-group.prezly.com/thales-and-proximus-consortium-will-enhancenthe-resilience-and-efficiency-of-natos-communications-and-information-agency-business-network Tue, 06/10/2025 - 10:30 Don’t overwrite with Prezly data Off

The future of anti-submarine warfare: the promise and potential of Project CABOT Language English simon.mcsstudio Tue, 06/10/2025 - 08:28

Project CABOT – the Royal Navy’s planned Anti-Submarine Warfare (ASW) barrier in the North Atlantic – isn’t simply about detecting and tracking submarines; it’s about total situational awareness, from space to seabed, across a vast, opaque operating environment.

It’s a monumental challenge as much as it is a tremendous opportunity – one that will test the Navy and push the ingenuity of industry to new heights.

Continuous capability evolution at revolutionary speed

Earlier this year, the Royal Navy outlined its plans to commission a persistent barrier in the North Atlantic to hunt out hostile actors trying to enter allied waters.  Known as “Project CABOT”, this would be comprised of networked uncrewed vehicles (UVs) equipped with advanced sensor systems capable of both active and passive sonar deployment. This barrier promises to be transformative in its ultimate strategic value and revolutionary in terms of the pace at which the Navy wants it to be developed.

Yet Project CABOT will need to be delivered and deployed in a fundamentally evolutionary fashion. Technological leaps can be astonishingly swift if you’re happy to ‘move fast and break things.’ The Navy, of course, can’t afford to do this – its ASW capability needs to be continuous if it’s to be effective. This is why delivery of CABOT will require scaling existing systems and processes, as well as seamlessly integrating newly uncrewed with lean-crewed assets.

Six key development areas crucial to CABOT’s success

Project CABOT presents several key opportunities for industry to contribute innovative solutions. With opportunity comes challenge, of course, and Thales has learned from long experience that we must address the most consequential of these, not in series, but in parallel. 

This means we need to look at the sensing capability of the proposed system-of-systems as a whole. There seem to me to be six key development areas:

First, advancing long-range underwater communication and secure data transfer to enable seamless information flow and enhance the overall effectiveness of the ASW barrier. Realising this will require robust, reliable, and secure supporting infrastructure.

Second, successfully managing a wide range of environmental factors will ensure the ongoing effectiveness of the ASW barrier, since acoustic conditions in the ocean vary widely due to varying temperatures, salinity, currents, and the unique topography of the operating area. And while we bear in mind the impact of the environment on the barrier’s operation, we must simultaneously minimise the barrier’s impact on the environment.

Third, achieving extended operational endurance of UVs is a critical requirement for sustained effectiveness. Most existing UVs can only stay on task for a few days. Real-world deployments will typically be far longer. Solutions that prioritise reliability, robustness, and longevity over the very-latest technology may often be better.

Fourth, the Navy needs to reuse and retool existing assets wherever possible. However, this isn’t a simple matter of installing an autonomous captain to previously crewed vessels. If any small, seemingly inconsequential part of an autonomous system’s deployment, maintenance and/or operation has been originally designed with a human in the loop (e.g. a grease nipple designed to be maintained by a crew member), the vessel’s autonomy – and therefore its effectiveness – is fundamentally compromised.

The devil’s in the data

Addressing these four development areas may turn out to be the easy part because the fifth issue that we need to consider within the system-wide context is that of data transfer and storage. Naval systems already generate colossal amounts of data. Industry partners will need to address this challenge as part of Project CABOT.

Finally, realising the potential of data fusion, processing and exploitation is paramount (and perhaps the most difficult challenge of all). Not only will data proliferate as CABOT is delivered, it will also diversify. New sensors will produce more types of data, at different speeds, at different times, and in different formats. If all this data is to be turned into actionable insights, it’s going to need to be synthesised swiftly and effectively, using tools and techniques that have yet to be battle tested.

This challenge is inseparable from the question of where to process all this data in a way that balances security with operational effectiveness. On shore? At the edge? There’s no “right” answer – it’s a question of judgement as much as technical expertise.

Technological transformation demands cultural adaptation

Naval Command understands, just as Thales does, that technical challenges are often the tip of the iceberg.

Roles and responsibilities across the service will inevitably change as CABOT gets underway, as technologies advance and the threat evolves. Many crews and individuals will need to do things differently; others will need to learn how to do different things. This brings with it new opportunities for growth, development and enhanced operational capabilities.

Not only will new tactics, techniques and procedures need to be developed and implemented, there will be a considerable training burden associated with CABOT if service personnel are to learn to operate and trust new automated and autonomous systems. All too often, technologists become so focused on relieving one set of cognitive burdens that they forget that new technologies and workflows – however intuitive – risk introducing others. If the Navy’s new ASW barrier is to disrupt the adversary more than the Royal Navy, it’s crucial that industry partners keep this issue front of mind.

Rising to meet the challenge

With Project CABOT, the Royal Navy has presented industry with something it has long sought: the chance to solve identified problems rather than to deliver already-specified solutions. It’s a remarkable opportunity and an exciting prospect. After all, companies like Thales are full of highly motivated, highly experienced experts who relish the opportunity to address these challenges.

Project CABOT should also be a daunting prospect to any organisation thinking of taking up the challenge. Where you’re no longer merely responsible for delivering against defined requirements, you’re accountable for delivering the operational outcomes.

For Project CABOT to succeed it requires industry partners to rise above the role of suppliers and actively ensure its success as strategic allies to the Navy. Technical expertise will be worth little without a correspondingly deep understanding of the Navy’s operational imperatives. And neither of these things will be enough without the willingness to do the hard yards and embrace the challenges to ensure the project’s success. As the saying goes, a ship is safe in the harbour, but that’s not what ships are built for.

/sites/default/files/database/assets/images/2020-10/%C2%A9%20Thales%20-%20Films06_%20Pathmaster_dms_UWS__photo1_websiteBanner%201600x430.png 10 Jun 2025 United Kingdom Project CABOT – the Royal Navy’s planned Anti-Submarine Warfare (ASW) barrier in the North Atlantic – isn’t simply about detecting and tracking submarines; it’s about total situational awareness, from space to seabed, across a vast, opaque operating environment. Type News Hide from search engines Off

Order could have a ripple effect on private-sector identity management for contractors.

Interview with Patrice Caine in Ouest France Language English adam.roberts Mon, 06/09/2025 - 19:28

Article published by Ouest France on 7 June 2025. Translated with the kind permission of Ouest France. Read the article in French on Ouest France website: ENTRETIEN. Le PDG de Thales : « J’alerte sur le risque de déclassement de notre industrie spatiale ».

Europe needs to make every effort in the field of space

From managing climate data to defending the country, a lot is playing out in space. Europe has assets, but the Thales boss warns of the risks of being left behind.

Europe is re-arming. Could the lack of engineers hinder France’s ambitions in the defence sector?

Every year, 40,000 students graduate from engineering schools, but France Industrie estimates that we need at least double that number. The other challenge is to attract as many young women as possible into science. Without an increase in the number of engineers, there will be no economic sovereignty. 

Does this present a problem for your business?

Thales has no trouble finding the people it needs. Last year, we hired 8,000 people around the world and received one million job applications. We are fortunate to also have our own academies – around thirty of them, currently – to recruit and train internally. 

Is a standard engineering degree no longer sufficient?

Just because you know how to solve equations doesn’t mean you can become an expert in underwater acoustics overnight. On the other hand, SMEs and mid-cap companies, which are a vital part of our country’s industry, do not have the same resources, and may struggle to find the people they need.

The Ukrainian defence industry won’t be present at this year’s Paris Air Show. Do you have partnerships with the country?

We already have many defence partnerships with countries in the Middle East and Asia that are looking to build their capabilities. We do this via our subsidiaries, through joint ventures or simple business partnerships. We do have ongoing talks with Ukraine, but until they’ve come to fruition, I prefer to remain cautious.  

There is no defence indutry without factories. The CGT [a French trade union] is worried about the risks of deindustrialisation. Do you share its concern?

We share the same ambition with all the major trade unions: to make industry a priority. The share of this sector within GDP (gross domestic product) has gone from 20% to 10% in just a few decades. We are largely outperformed by Germany, for which this sector represents 24% of GDP, but also by the UK, which has major research centres and a solid industrial base. The exception in Europe, unfortunately, is France, which has massively deindustrialised over the last twenty years.

Can France get back in the race?

Since 2017, the French President has made reindustrialisation a priority focus of development. This is a long-term effort that must be sustained if we are to return to 12%, then 15% and, hopefully one day, to 20% of GDP. This can only be achieved over a decade and with sustained effort.

Aren’t the many redundancy plans recently announced within the industry an indication that this policy has failed?

No, I don’t think that they are – I think this is proof that we must maintain these effort to reindustrialise and work harder than ever on the competitiveness of French industry.

A parliamentary commission of inquiry is looking into subsidies to large companies. What are your thoughts on that?

It seems to me that it is right to be accountable for public authority support given to companies. However, I don’t agree with those who criticise the French tax credits that are the envy of – and copied by – many countries. France has high-quality research and high-level engineers. For example, 19,000 research engineers at Thales in France are dedicated to R&D, in which we invest more than €4 billion a year. However, our country is not competitive in terms of costs. Without the CIR [research tax credit], on a basis where the cost in France would be 100, the UK is at 72, Spain at 56 and India at 29. With the CIR, France is down to 73 and just about in the middle range. The CIR is vital to maintaining research centres across the country. 

What are the risks involved?

If you let research centre go, it’s likely that factories will eventually close down. We need to offer prospects to all young people, regardless of their level of qualification – not just engineers, but also workers and technicians. 

Do your subcontractors (SMEs and mid-caps) benefit from this research support?

The CIR is open to all companies. If they are involved in research, SMEs and mid-caps can benefit from the CIR on the same basis as large companies. 89% of CIR beneficiaries are SMEs.  

Is this what allows you to develop Thales site in Cholet today?

Cholet plays a key role in modernising the armed forces by developing radio communications, as well as cybersecurity, electronic warfare and satellite communication systems. The strong demand from defence customers and in particular from the Armed Forces Ministry, combined with the excellence of our products, are the two foundations of the dynamics of our Cholet site.

What are your ambitions on this site and in the west of France?

In Cholet, we are drawing on an investment and transformation plan that will allow us to continue the expected ramp-up in production. We already have a new logistics hub there, which has been operational since mid-2024. A new R&D centre of excellence will be operational by mid-2025. Finally, a new industrial site for the production of equipment and systems will complete this development in 2028.

What does the Atlantic coast region bring to Thales?

The west of France is a good reflection of how Thales is rooted in France. It’s an area of new technologies, and the cradle of telecoms and innovations of the future, thanks to a dense industrial landscape and the strength of the Breton education system. The latter has one of the best baccalaureat [high school diploma] success rates in France. Thales has had a strong presence in Brittany since 1983, with more than 3,000 employees at its sites in Brest (underwater acoustics), Rennes (sovereign cybersecurity), Etrelles (microelectronics, including for the Rafale) and Cholet. 

Space have become a key issue for sovereignty. Is Europe devoting enough funds to the space sector?

Every three years, there is a very important meeting: the ministerial conference, where the countries that contribute to the European Space Agency announce their funding for the next three years. This event will take place at the end of 2025. It is this budget that will then be passed on to the European space industry and in particular to Thales. If the contributions from different countries, and in particular France, decrease, I would once again warn that we risk downgrading our industry.

But is Europe not already behind the US in this area?

We are at world-best level! And not just in relation to the Americans, but also to the Chinese, who are investing heavily in this area. India also aspires to become an autonomous space power on par with the US, China and Europe. 

And yet it’s in this sector that you cut a thousand jobs a year ago.

In 2024, Thales Alenia Space launched an internal mobility plan without any forced departures. 1,000 people in France were impacted. The size of our growing high-tech company and the diversity of our defence, aerospace and cybersecurity businesses have made it possible to carry out these mobilities internally. 

Was it not in response to demands from the financial markets?

It is an adaptation plan aimed at responding to a profoundly changing market. We want to remain a leading global space player. The accessible market for commercial geostationary telecommunications satellites has been halved over the past four years. In the observation, exploration and navigation market, the space industry is largely supported by institutional players that make up two-thirds of Thales Alenia Space’s customers, such as the CNES [the French national space research centre] and the European Space Agency. There is a ‘European miracle’ that has allowed us to remain at the world-best level. But if countries decide to invest less, there is a risk of downgrading. Being left behind means running the risk of never getting back into the race. 

And in the end, you decided to suspend the plan… 

The vast majority of Thales Alenia Space’s adaptation plan, announced in March 2024, has been completed in accordance with the trajectory set by the company. It is continuing for those who are yet to benefit from it. This plan is absolutely necessary in order to restore the profitability and therefore the sustainability of our space business by carrying out internal mobility and without forced departures in France. As originally planned, the adaptation plan is subject to quarterly reviews in consultation with the social partners, who are informed of progress and forecasts. 

How do you explain the delays in the FCAS (Future Combat Air System) project?

From the operational concepts to the technological choices, these are very long-term investments. The first phase of the programme, as far as we’re concerned, aims to mature key technologies around future sensors and communications as well as the concept of the combat cloud. As for phase two, it is not up to Thales to comment. 

The Sunday questions  How do you relax when you head up a company present in several dozen countries?
Managing Thales is much more than a job; it’s a passion. And this passion has always given me the energy to forget about being tired! I’ll relax when I retire... as late as possible! What does a good Sunday look like (family, hobbies, sport…). Is there a time when you turn off your phone?
Whenever I can, I spend time with my family; it’s my way to recharge my batteries. And to share simple pleasures: a little bit of sport, do maths homework with my sons, or start learning to play an instrument to share their passion for music. Can you share with our readers a memory that is dear to you, related to Sundays?
My best Sundays have always been those when I am simply in France with my family. 

 

 

/sites/default/files/database/assets/images/2025-06/HD-ThalesPC.jpg 09 Jun 2025 Patrice Caine Group Thales Group Chairman & CEO Patrice Caine talks to Ouest France about the space industry, rearming, reindustrialisation and the next generation of engineers. Type News Hide from search engines Off

Free your developers to innovate! Auth0 simplifies identity, enhancing security and accelerating product launches.

A new analysis by Frances data protection authority, CNIL, estimates that the GDPR has delivered significant cybersecurity benefits across the EU, preventing cyber-related losses of up to 1.4 billion since its 2018 implementation, Cybernews reports.

Computer Weekly reports that SailPoint is expanding its identity security platform with agentic AI features designed to manage and govern the growing use of AI agents within enterprises.

A new report reveals a troubling disparity between European businesses confidence in their fraud defenses and the growing prevalence of identity-related attacks, according to Biometric Update.

A new report by LSEG Risk Intelligence reveals that around 1.25 million children in the U.S. were victims of identity theft between July 2021 and July 2022, resulting in $1 billion in losses, according to Cybernews.

Hey folks 👋

We asked, you answered. And, well... you really like Journaling.

We heard from dozens of you after our last scoop, and your feedback gave us a lot of ideas.

So many, that we went back to the drawing board, cleared the clutter, and built a better way to Journal with Kin.

What’s new with Kin🚀

From version 0.3.2.0 (the latest update as of now), you’ll find:

New Journal, who’s this? 📖

The Journal has had some massive quality-of-life updates. Take a look:

• A whole new look to Kin’s Journal, to make it easier to use

• Editable Journal titles, so keeping track becomes easier

• Morning- and Evening-specific Journal prompts, to help you start and end your days

• ‘Brain dump’ mode - no prompts, just space for you to write (or speak!)

• Customizable Journal templates - so you can build whatever works best for you

You Journal. Kin replies. 💬

The way Kin treats your Journal entries has also changed.

Now, if you start an entry and leave it half-finished, it becomes an ‘in-progress’ entry, not a draft.

Once you’re done, Kin opens up a new Chat conversation, dedicated to helping you reflect on your feelings, and potentially consider solutions (depending on how you’ve set your Kin’s behaviour).

That last part is what we were asked for the most. Because now, you’re not just writing in a Journal. Your Journal is hearing you.

And if you don’t want to reflect right now (or at all)? Just close the conversation. You don’t need to come back to it - Kin will still commit it all to memory.

The concerns, moods, patterns, and questions you share - all still saved privately, all still on-device - allow Kin to provide the best support and conversation it can to you.

We can’t think of any other AI Journal with that level of privacy and personalization.

When you talk to Kin, it talks back - and only talks you.

A couple more updates 📈

• We improved Kin’s stability improved across weak connections. It still needs internet access to function currently, but now the app should load even when no connection is present

• Kin’s Memory system overhaul is still in progress (as always)

We still want to hear from you 📝

The Journal update being out doesn’t mean we’re done taking feedback.

Now, we need to know how you find the changes - are they what you wanted? Are there other ways Kin could better serve you?

Clara might be back working on new things behind the scenes, but that doesn’t mean you shouldn’t let her - or any of the team - know your thoughts.

As always, you can reply to this email, drop us a message in our Discord server, or simply shake or screenshot the app to trigger a ticket submission.

Our current reads 📚

Tool: An ultra-realistic AI voice generation tool
READ - ElevenLabs

Article: AI friends are a good thing, actually
READ - digitalnative.tech

Article - OpenAI partners with legendary Apple designer Jony Ive to develop new AI wearable
READ - The Guardian

Article - What happens when people don’t understand how AI works?
READ - The Atlantic

Our online vibe✨

In a departure from our usual TikTok videos, one of our team has started an article series on the more technical aspects of Kin and AI technology.

Read the first one, on why Kin needs a brand-new memory system, below.

Read article

This week’s Super Prompt 🤖

“What parts of myself am I hiding away from?”

If you have Kin installed and updated to the latest version (0.3.20), you can hit the link below to start exploring the sides to your identity you might be neglecting.

As a reminder, you can do this on both Android and iOS.

Open prompt in Kin

Don’t stop talking 🗣

The Journal only evolved because you asked it to - much like any aspect of Kin.

If we’re going to keep growing, and expanding the capability of personal, ethical AI, then we need your voice too.

Keep telling us what you think - the good, the bad, and the ugly. All of it improves Kin for all of us.

For now though, I’ll see you in the next one. Don’t forget to Journal tonight.

The KIN team

The EU Digital Identity Wallet is set to reshape how businesses handle identity verification, authentication, and data exchange. 

While the potential is vast, its real-world impact will depend on adoption, regulation, and business use cases.

In our recent conversation with Esther Makaay, VP of Digital Identity at Signicat, she shared insights on how the EUDI Wallet will affect industries such as payments, travel, and organizational identity. 

Here’s what you need to know:

KYC refresh is more than regulatory hygiene. Done right, it protects your business, improves customer satisfaction, and reduces operational drag. By applying a risk-based approach and the right technology, you can refresh client records with precision, automate up to 90 percent of the process, and turn compliance into a competitive asset.

Why KYC Refresh Matters

A KYC refresh is the periodic process of reviewing and updating client information to ensure it reflects their current risk profile. It is not optional. Whether required by a regulatory cycle, triggered by a risk event, or prompted by a jurisdictional policy update, KYC refresh is now expected as part of any ongoing customer due diligence framework.

What used to be a back-office task has become a front-line control. It protects your institution against fraud, enforcement action, and reputational damage. But for too many firms, it still means a mess of emails, PDF forms, manual reviews, and irritated clients.

Common Pitfalls in Traditional KYC Refresh Workflows

Most firms still treat KYC refresh as a reactive checklist. This approach is slow, manual, and prone to error.

Data is pulled from outdated systems or spreadsheets Customers are asked for information they have already provided Compliance analysts must manually compare documents, validate changes, and log notes in isolated systems Refresh cycles are static, not risk-based, meaning high-risk clients may go unchecked while low-risk clients are over-screened There is no audit trail that links what was reviewed, when, by whom, and what changed

The result is poor visibility, increased regulatory exposure, and customer frustration.

A Better Model: Risk-Based and Automated

Leading firms are shifting from reactive reviews to proactive KYC refresh cycles. This means segmenting clients by risk and automating the work accordingly.

High-risk clients

Refresh most frequently or upon trigger events. Include document re-verification, new screening, updated risk assessments, and potential escalation to enhanced due diligence.

Medium-risk clients

Refresh regularly. Use automation to confirm key data, update watchlist screening, and verify continued activity alignment with stated business purpose.

Low-risk clients

Refresh less often or on auto-pilot via continuous monitoring. Use passive data checks, behaviour monitoring, and automated triggers to flag changes in risk exposure.

How to Implement a Modern KYC Refresh Strategy 1. Segment your customers by risk

Review your onboarding profiles and determine which customers are due for a refresh. Consider geography, industry, ownership complexity, transaction history, and past risk indicators.

2. Set triggers and schedules

Combine fixed intervals with dynamic events. Triggers can include address changes, document expiry, transaction anomalies, adverse media alerts, or policy shifts.

3. Automate outreach and collection

Use pre-filled digital forms, smart questionnaires, and self-service portals to request updated information. Eliminate the need for manual email follow-ups and one-size-fits-all templates.

4. Validate documents automatically

Use document authentication and biometric checks to verify IDs and ownership documents. Apply liveness checks and passive face match for returning users.

5. Refresh screening in real time

Screen updated profiles against sanctions, PEP lists, adverse media, and fraud databases. Record all hits and resolutions in an audit-ready format.

6. Maintain a continuous audit trail

Capture every action, update, and risk score adjustment. Your refresh process should be defensible, not just compliant.

Why iComply is Purpose-Built for KYC Refresh

With iComply, refreshing client profiles is no longer a manual project. It is a systematic, automated part of your risk lifecycle.

Edge-processed document authentication and 3D biometric verification

Configurable risk scoring and tiered refresh cycles

Smart workflows that adapt to client profile and regulatory context

Integrated screening with global sanctions, PEP, and adverse media data

Detailed, exportable audit logs and reporting summaries

Frictionless customer experience with self-service updates and fewer requests

Whether your trigger is a scheduled review or a jurisdictional change, iComply helps you execute the refresh with minimal friction and maximum confidence.

KYC Refresh is Not Just a Task. It’s an Opportunity.

When you modernize your refresh process, you reduce risk, enhance client satisfaction, and demonstrate operational maturity to your regulators and your board.

Compliance is not just about checking boxes. It is about protecting your reputation, accelerating onboarding, and preserving trust.

Reduce manual work. Improve accuracy. Stay compliant. Start your free trial of iComply today.

These six principles will guide how we design and build a better, faster, and more delightful Developer Experience at Auth0.

Identiverse 2025: IAM providers plot authentication without the TSA pat down to deliver ‘fast pass’ to frictionless logins.

Security pros warn that the leaked data could be used to launch profiling, phishing, or other targeted attacks.

In this podcast episode, we explore the power of data-driven identity leadership and how organizations can leverage analytics to enhance their identity security strategies.

This segment explores how IAM and PAM managed services are helping companies reduce risk, simplify operations, and stay ahead of evolving security challenges.

In this session, Amir Ofek, CEO of AxoniusX, shares how Axonius is modernizing IGA with real-time enforcement, unified asset-to-identity context, and a radically different approach to controlling access across dynamic environments.

“Have you ever thought, how facial ID recognition plays its crucial role in ID verification? No! Get ready! This blog post is going to be special for you.” 

 

In this digital age, where digital security is paramount for all agencies, facial ID recognition has emerged as a cutting-edge solution for ID verification.

But here is a question often raised by many users: What is this? How is it shaping the future of ID verification? 

This blog post is an answer to such questions. In this guide, we will have a detailed discussion on this topic. 

Read this content from start to end carefully….

 

What is Facial ID Recognition?

After hearing this term, you would have understood it. Facial ID recognition is an innovative biometric technology that analyzes the facial features of users. It utilizes AI, ML, and their sophisticated algorithms to verify whether and map the facial geometry, like the distance between your eyes, the shape of your jawline, and other facial features.

Here you would be thinking, how does this technology work? Don’t worry! The upcoming section is the answer to this question.

 

How Facial ID Recognition Works?

In this section, we will discuss a step-by-step guide on how facial ID recognition works for ID document liveness detection SDK. 

 

Step 1: The system captures some images of users or scans their faces using a high-quality scanner.

Step 2: Software driven by AI identifies the facial features of users, like jawlines, distance between eyes, etc.

Step 3: Now, the system compares the scanned face with the database of images.

Step 4: Finally, the decision is made based on the similarity score. It ensures whether the fake ID scanner confirms the matches or not.

 

Role of Facial ID Verification in Shaping the Future of ID Verification

Let’s uncover the cornerstone section of this blog, which is all about the role of facial ID recognition in shaping the future of fake ID verification.

1. Enhanced Security

After the arrival of facial ID recognition, users have eliminated their worries related to security during ID verification. As we have hinted earlier that this technology is driven by AI software.

So, this is the greatest benefit of this integration of AI and ML with this technology, that security has been increased from 10 to 1000.

How this technology further shows its magic will be discussed in the next headings.

 

2. Frictionless User Experience

Those days have gone when old traditional methods of security like entering passwords, answering questions, and others were at their peak. These ways were undoubtedly time-consuming and boring.

However, technology has brought this innovative method of verification. This facial ID recognition is free of such tension of time and hassles. 

You can verify the users’ and their documents’ realness or fakeness within a few minutes. Additionally, it always provides the system with accurate results. Such accuracy is not exclusive to humans. They can sometimes make some mistakes during verification. That’s really great…….

 

3. Spoofing Prevention & Liveness Detection

We should be very thankful to AI and deep learning, which have provided us with an opportunity to differentiate between real faces and fake 3D images and videos. This is called facial liveness detection. 

The two main types of face liveness detection play a crucial role in identity verification. 

Active livness detection: This type of facial liveness detection verifies whether the users have presented the real or fake ID documents and images to the system. They are said to perform some specific actions like blinking, head-moving, and others to identify whether the users are physically present or using fake identities.

Passive liveness detection: In this type, users are identified by their skin and facial features. Additionally, they are also identified through their blood flow. 

 

4. Real-time Verification 

We will ask a very simple question of you: Are security guards exclusive to real-time verification of criminals? Hoping!  You will say, no! 

This is true! Humans can perform their duty for a specific time. Even sometimes, criminals can manipulate them during their duty time. 

However, manipulating this technology is not child’s play. This whole system is driven by algorithms. Now you can understand the efficiency of a fake ID scanner used by this system. 

If we derive a formula for this technology, it is a combination of real-time, error-free, and accurate detection of theft.

 

What About Our Service?

In this section, we will tell you about our new cutting-edge service.

After reading this role of facial ID recognition, many users ask, How to get it? How can we generate or get such algorithms to identify the theft? So, our service name is Recognito. Let’s give its brief overview.

Recognito is a top developer of face recognition algorithms recognized by NIST FRVT and a leading provider of identity verification solutions. Specializing in cutting-edge face recognition, advanced liveness detection, and accurate ID document verification, the company delivers secure and reliable digital identity services. 

Their technology is trusted across various industries for its high accuracy, speed, and compliance with global standards in biometric security and identity verification.

For more information, you can visit one of our service pages GITHUB.

Would you ever like to gain benefit from our service? Whether yes or no! We want your feedback.

 

Final Thoughts

Facial ID recognition is quickly changing how ID verification works. It uses smart technology like AI and machine learning to scan and match people’s faces with their records. This method is fast, safe, and very accurate. 

Unlike old ways of checking identity, like passwords or manual checks, facial ID is easier and quicker. It also helps stop fake IDs and detect real users using liveness checks. Real-time detection adds even more security by making it harder for criminals to cheat the system. Services like Recognito are making this advanced technology available to more people and businesses. With strong accuracy and security, facial ID recognition is shaping a better and safer future for digital ID verification. It’s time to trust this new way of staying secure and protected.

What are your opinions about this blog post? Whenever you need our services, we will be available for you as your friends……….

 

APAC cyber-attacks are being fuelled by AI according to a number of reports issuing warnings for key trends in 2025.

Technode Global issued a warning in February that businesses across the Asia-Pacific (APAC) region were confronting a significant escalation in cyber-attacks driven by artificial intelligence (AI).

The post APAC cyber-attacks fuelled by AI appeared first on Veracity Trust Network.

Ocean Protocol Update || 2025 1. Introduction

Turns out if you spend all your time building, June sneaks up on you. And we wouldn’t have it any other way. 2025’s been moving fast, and so have we. Here’s what we’ve been building and where we’re headed next.

First things first, let’s start with what you already know: Ocean Protocol was founded to level the playing field for AI and data. Over the years, we’ve built a versatile tech stack that combines AI and crypto, allowing secure, private, and decentralized data sharing.

The past few months have been all about putting real tools into your hands, improving workflows, and setting the stage for what’s next. With the launch of the new Ocean Nodes Visual Studio Code extension, developers and data scientists can now run free compute-to-data jobs straight from their editor, with zero friction, for developing and testing. You can read more about it here.

Adoption of Ocean Nodes is growing steadily, and we’re starting to see more community-driven use cases emerge. On the enterprise side, Ocean Enterprise is progressing toward a production-ready launch. Meanwhile, we’re actively building on real-world applications and partnerships to make decentralized AI practical and usable — like the ones with Netmind and Aethir.

Let’s explore what else we’ve been building, and where we’re headed next in the second half of 2025.

Ocean Nodes: This is the innovative solution our core team developed to democratize large models, decentralize them, and help monetize and protect IP. Since the launch on August 15, 2024, more than 1.4M nodes have been installed across over 73 countries, marking a significant leap toward decentralizing data computation. Predictoor has matured with enhanced models, dashboards, and insights, helping users discover pathways to profitability. Ocean Enterprise Collective, an independent initiative, now unites 12 organizations spanning 8 countries and 9 industries, enabling businesses to leverage a fully compliant and secure version of Ocean Protocol. 2. Goals for 2025

In this update, we’ll break down our 2025 goals and highlight how they’ll enable you, whether you’re a data scientist, developer, enterprise, or crypto enthusiast, to innovate and thrive.

2.1 From Predictoor baseline, make $ trading

About Predictoor. In Ocean Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. The “earn $” part is key, because it fosters usage.

Predictoor involves two groups of people:

Predictoors: data scientists who use AI models to predict what the price of ETH, BTC, etc will be 5 (or 60) minutes into the future. The scientists run bots that submit these predictions onto the chain every 5 minutes. Predictoors earn $ based on sales of the feeds, including sales from Ocean’s Data Farming incentives program. Traders: run bots that input predictoors’ aggregated predictions, to use as alpha in trading. It’s another edge for making $ while trading.

Predictoor is built using the Ocean stack. And, it runs on Oasis Sapphire; we’ve partnered with the Oasis team.

Predictoor traction. Since mainnet launch in October 2023, Predictoor has accumulated about $2B total volume. [Source: DappRadar].

2024 core goal review. Predictoor’s primary goal throughout 2024 was “traders to make serious $”. If that is met, then traders will spend $ to buy feeds; which leads to serious $ for predictoors. The Predictoor team worked towards this primary goal throughout 2024, testing trading strategies with real $. Bonus side effects of this were improved analytics and tooling.

2025 core goal. Obviously “make $ trading” is not an easy task. It’s a grind taking skill and perseverance. The team has ratcheted, inching ever-closer to making money. As of early 2025, the live trading algorithms are starting to bear fruit. The team will continue to grind, towards the goal “make serious $ trading”. We can expect this to be the main progress in Predictoor in 2025. Everything else in Predictoor will follow.

2025 bonus. We’re a few months into 2025. Our collaborators at Oasis have launched WT3, a decentralized, verifiable trading agent that uses Predictoor feeds for its alpha.

2.2 Launch Ocean Nodes C2D.2

Since launching Ocean Nodes in August, nearly 1.4M nodes have been deployed globally, becoming the foundation of decentralized AI infrastructure.

What’s new in 2025?

Free Compute Jobs: Developers can run test algorithms using limited runtime directly inside their development environment.

2. VS Code Extension:

This extension brings Compute-to-Data directly into VS Code, allowing users to: Write and run algorithms on real datasets Monitor job progress in real-time Customize environments using Docker or private keys Publish to the Ocean stack directly from their editor

What’s next?

With Ocean Nodes C2D.2, we’re focused on making the platform even more intuitive and powerful.

Our vision is to support data scientists to easily write and monetize algorithms, allow businesses to quickly spin up and validate data-driven business cases, and enables developers to build dApps with minimal effort.

To achieve this goal, we are simultaneously focusing on three key initiatives:

Redesigning the compute infrastructure Grow our community of data scientists and engage them in using compute Build real-world business cases on top of compute

For b. and c. we will work in close collaboration with the community of data scientists that we built throughout the years with our data challenges.

The development plan

The end goal: to create a sustainable network of compute environments. To do this, we need users to have as little friction as possible before starting to build on top of the stack. Here’s how we’re doing it:

Free Compute Jobs Visual Studio Code Extension Paid Compute Jobs: Now that the above is out, we are focused on the paid jobs. Whilst it may sound simple, the mechanisms are more complicated. Also, we are introducing a new payment model that is more flexible and based on the time it takes to compute. Configurable Nodes: Node owners can enable or disable specific functionalities, such as free environments tied to incentives. Multistage Compute: Manage complex AI pipelines seamlessly

All these new functionalities will be included in the Visual Studio Code extension, so make sure to download that and get yourself familiar with it before the next updates.

The end goal is to facilitate the creation of models. For this, we need to integrate GPUs. Together with the data scientist community, we will create easy and intuitive flows to train models and provide ways for inference on created models.

While the features keep rolling out we will also keep working on creating relevant analytics for the network of nodes and improving the nodes dashboard.

Expanding Ocean Nodes Through Strategic Partnerships

In 2025, Ocean Protocol has formed key partnerships to enhance the capabilities of Ocean Nodes:

NetMind AI: As the first external GPU provider for Ocean Nodes, NetMind contributes nearly 2,000 high-performance GPUs. This collaboration empowers developers and data scientists to train and scale AI models more efficiently within the decentralized ecosystem. Aethir: Aethir brings its decentralized cloud computing infrastructure to the Ocean Nodes network. This integration provides AI developers with scalable and cost-effective resources to build, scale, and deploy AI models, further advancing the decentralized AI landscape.

These partnerships significantly bolster the Ocean Nodes infrastructure, offering enhanced computational power and scalability for AI development within the Ocean Protocol ecosystem.

3. Ocean Enterprise

What is Ocean Enterprise?

Ocean Enterprise is a free open-source enterprise-ready data ecosystem software solution that enables companies and public institutions to securely manage and monetize proprietary AI & data products and services in a trusted and compliant environment.

What is the goal for 2025?

After extensive design and development in close collaboration with the business community, Ocean Enterprise v1 (OE v1) will be released in Q3 2025. Powered by Ocean Node, OEv1 is meant to be used by companies that are looking to turn digital goods into profits and leverage the exciting new capabilities of compute-to-data in a compliant enterprise offering.

OE v1 is designed to ensure compliance with the most recent EU data regulations and comes with features dedicated to enterprise use cases. The main features of OEv1 include data space interoperability, access control based on Self Sovereign Identities (SSI), cloud-agnostic design, e-money payment, advanced Intellectual Property licensing, and easy onboarding. The release will include a demo environment that will allow users to test all OEv1 features as well as a deployment kit that will enable easy onboarding and deployment.

Once OE v1 is released, the existing ecosystem of more than 100 companies and institutions with 400+ solutions across different domains who are already using current versions of Ocean will be able to start onboarding onto Ocean Enterprise and move towards bringing their enterprise-grade environments into production throughout 2025. Future updates to OE are planned towards the end of 2025 and exciting new features are already being considered such as enhanced asset encryption and indexing, detailed seller dashboard, machine-readable asset descriptions, and enhanced privacy protection for computation results.

Ocean Enterprise is being developed by the Ocean Protocol Collective, a non-profit association dedicated to developing a free open-source, collectively-governed, compliant version of Ocean Protocol designed specifically for enterprise products & projects.

The Ocean Enterprise Collective includes business representatives from over eight countries and nine different industries including aerospace, agriculture, energy, health, human resources, manufacturing, and the public sector. Interested in becoming a member of the Ocean Enterprise Collective Team? Ready to explore how Ocean Enterprise can transform your business?

Contact the team at info@oceanenterprise.io.

4. Ongoing Initiatives Ocean Predictoor Data Farming: Data Farming remains a cornerstone of Ocean’s ecosystem. This is Ocean’s incentives program, where you can earn OCEAN rewards by making predictions via Ocean Predictoor. Ocean Nodes incentives: Naturally, the program will continue to evolve as the Ocean Nodes do. We will align incentives with C2D.2 updates, encouraging adoption and rewarding engagement. These changes will always be communicated in advance so the node owners have time to react. Community Engagement: We’ve already reached Season 12 of our Zealy campaigns, with targeted challenges and rewards. We’ll pause them until the end of Q3, so keep an eye on our socials to know when we’re re-launching them. 5. What’s Coming in H2 2025

With the foundation set in H1, the second half of 2025 is all about scaling impact and maturing our products. Here’s what’s coming next:

Paid Compute Jobs: Introducing a flexible payment model to monetize compute jobs Inference Workflows: Supporting full model development pipelines from training to deployment Ocean Enterprise Onboarding: Moving early adopters into production environments Real-World dApps: Expanding the use of Ocean tech into industries like real estate and energy Analytics Dashboard Improvements: Deeper insights for node operators and users Incentive Program Updates: Realigning rewards with new feature rollouts 6. Conclusion

We’re halfway through 2025, and the focus is clear: sharpen the tools, reduce friction, and support real use cases. From Ocean Nodes VS Code Extension to Ocean Enterprise, everything we’ve released so far is about helping you build faster, better, and with more confidence.

Whether you’re here to develop AI models, monetize your data, or just experiment with compute-to-data, Ocean is the stack you can build on, but, most importantly, build with.

Thanks for being part of it. Let’s keep building.

Ocean Protocol Product Update 2025 — Half Year Check-In was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

Global regulators including AUSTRAC, FCA, FINRA, FinCEN, and the EU’s AMLA are tightening Know Your Business (KYB) and Ultimate Beneficial Ownership (UBO) rules. Legacy methods for identifying and verifying UBOs are too slow, too manual, and too risky. But with the right systems, UBO discovery can become a competitive advantage. Automating KYB enables firms to reduce onboarding times, increase customer satisfaction, and slash manual effort by 90 percent – all while exceeding the regulatory bar.

The Shift Toward Verified Ownership

Firms today face growing pressure to not just know their clients but to understand who ultimately owns or controls them. UBO identification is no longer a tick-box exercise. It’s central to anti-money laundering obligations, reputational risk management, and trust in the global financial system. Whether you’re operating in the UK, EU, US, or Australia, regulators are demanding more transparency, faster disclosures, and ongoing oversight of ownership structures.

Regulatory Expectations Are Clear – and Increasing

AUSTRAC mandates that reporting entities identify and verify the ultimate beneficial owners of customers, particularly for higher-risk customers and complex structures.

FCA requires that firms identify and verify UBOs of corporate customers and understand control mechanisms, including voting rights and indirect influence.

FINRA enforces Customer Due Diligence (CDD) rules, requiring firms to identify the natural persons who own or control legal entity customers.

FinCEN has implemented the Corporate Transparency Act, mandating detailed beneficial ownership reporting for nearly all corporations, LLCs, and similar entities in the United States.

EU AMLA legislation sets consistent rules across member states, including central UBO registers and tighter requirements for verifying cross-border ownership chains.

The message is consistent: firms must discover and document beneficial owners with precision and speed. Excuses tied to complexity or resource constraints are no longer acceptable.

The Problem: Manual Processes Can’t Keep Up

Most compliance teams still rely on a tangled mix of email chains, spreadsheets, static PDF forms, and fragmented data vendors to complete UBO discovery. These methods result in:

Days or weeks to onboard complex corporate structures Inconsistent data that can’t withstand audits or enforcement scrutiny Frustrated clients who feel like they’re doing your job for you A Better Approach: Automate, Map, Monitor

Firms that invest in purpose-built KYB platforms gain far more than just efficiency. With the right technology, UBO discovery becomes a competitive differentiator.

1. Gain a Competitive Advantage

Fast onboarding isn’t just nice to have – it’s critical to your success. When your competitors take days to review complex structures, and you deliver decisions in minutes, you win more deals in less time. That’s the bottom line. Rapid UBO discovery across jurisdictions creates momentum for sales, onboarding, and operations. You reduce friction and show clients that you are serious about compliance without making them feel punished by it.

2. Increase Customer Satisfaction and Loyalty

Clients don’t want to feel like suspects. Repeated document requests and contradictory forms make onboarding feel adversarial. Automating document collection and verification helps you engage clients with clarity, consistency, and confidence. That’s not just better service – it’s brand protection. Happy clients are loyal clients. Loyal clients refer business.

3. Reduce Manual Work by 90 Percent

When your KYB system collects, enriches, and monitors beneficial ownership information in real time, your team stops firefighting and starts delivering value. Automated workflows replace redundant data entry. Smart questionnaires adapt to risk. Alerts notify your analysts when something changes, instead of expecting them to spot it manually. The result is a smarter team with more time to focus on high-value work.

iComply’s KYB Engine: Built for Beneficial Ownership

iComply’s KYB platform is designed to accelerate and secure UBO discovery at scale:

Automated document collection and prefilled forms

Intelligent UBO mapping, linking, and monitoring

Sanctions, PEP, and adverse media screening for all related parties

Ongoing monitoring and refresh cycles based on your risk triggers

Audit-ready reporting in a single click

All sensitive user data is processed at the edge – on the user’s device – ensuring compliance with data residency, GDPR, and privacy laws no matter which jurisdiction they are in at the time of verification. One platform. No vendor sprawl. No surprises.

Where the Market Is Going

Most firms see KYB and UBO checks as a cost centre. That mindset is obsolete. Regulators now expect beneficial ownership transparency as a condition of market access. Banks, PSPs, and law firms will increasingly be judged by how well they identify and assess their clients’ true owners. That means compliance teams who adopt automation early will not only survive – they’ll bring their firms into the lead.

You don’t need more forms. You don’t need more emails. You need a system that does the work for you. Accelerating UBO discovery isn’t about cutting corners. It’s about building trust, faster. With iComply, you can meet global KYB requirements, onboard clients with confidence, and leave manual ownership checks behind—for good.

Start your free trial. Automate beneficial ownership. Take control.

The Monetary Authority of Singapore (MAS) has taken a decisive step forward in addressing one of the financial sector's most pressing challenges: how to properly assess and verify wealth derived from digital assets. In May 2025, It published comprehensive best practices on Source of Wealth (SoW) due diligence, specifically addressing the complexities of cryptocurrency holdings among high-net-worth individuals.

Agentic identity and security platforms (AISP) are quickly becoming the standard for security, says Aragon Research.

The FBI is urging all iPhone and Android users to be alert to an insidious toll fee texting scam from China widely regarded as “an infrastructural attack on our phones, not a single campaign.”

It follows an urgent FBI and Cybersecurity and Infrastructure Security Agency (CISA) warning in December 2024 to stop sending texts messages over unsecured networks and use encrypted messaging and calling systems instead.

The agencies warn texting between Android phones and iPhones is vulnerable (iPhone to iPhone and Android to Android is reportedly safe) due to “Chinese hacking of U.S. networks that is reportedly ‘ongoing and likely larger in scale than previously understood.’”

Encrypted channels are considered the best defense against these attacks.

“Encryption is your friend” for texts and phone calls, Jeff Greene, CISA’s executive assistant director for cybersecurity, told NPR. “Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible, if not really hard, for them to detect it. So our advice is to try to avoid using plain text.”

MySudo all-in-one privacy app offers end-to-end encrypted messaging and video and voice calls. Download it for iOS or Android now.

Get MySudo Desktop and the MySudo browser extension.

Toll smishing texts are rapidly spreading across America

The recent spate of smishing texts are claiming an unpaid toll of $6.99 but are really designed to steal the recipient’s credit card and identity.

The Anti-Phishing Working Group (APWG) says the attackers are registering tens of thousands of domains to mimic state and city toll agencies and attract clicks. They’re also making similar-looking text message using “an upgraded phishing kit sold in China, which makes it simple to send text messages and launch phishing sites that spoof toll road operators in multiple U.S. states.”

The toll smishing attacks are rapidly spreading “from state to state.” The FBI is urging people to delete the texts immediately.

Authorities are reminding Americans that “legitimate agencies usually send invoices via official mail, not random emails or texts.”

Learn more about the toll smishing attacks. If you receive a toll smishing text, the FBI advises you to:

File a complaint with the Internet Crime Complete Centre (IC3). Be sure to include: The phone number from where the text originated The website listed within the text. Check your account using the toll service’s legitimate website. Contact the toll service’s customer service phone number. Delete any smishing texts you receive.

You can also report toll scams to the Federal Trade Commission (FTC) at reportfraud.ftc.gov or your local consumer protection agency.

Spam texts are on the rise

According to Robokiller, more than 19 billion spam texts were sent in the U.S. in February alone.

Always be alert to the possibility of scams texts and emails and NEVER CLICK THE LINK OR GIVE YOUR INFORMATION. If you think the content of the message might be correct, go straight to the company’s legitimate website (e.g. your toll service’s website) and log into your account to check.

If you think you’ve been scammed, check your accounts and change your passwords even if you haven’t made a payment to the scammers. Dispute any unfamiliar charges on your accounts.

Remember, legitimate agencies will communicate with you about unpaid tolls through official post and not via texts and emails.

The APWG says people receiving any sort of scam text can “help update alerting/blocking mechanisms that protect billions of devices and software clients worldwide” by reporting the texts to the FBI’s IC3.gov or directly to them at apwg.org/sms.

MySudo can protect you from smishing and phishing attacks

Sick of scammers? Fight back with MySudo.

First, download MySudo for iOS or Android.

Then, set up a dedicated “Car Bills” Sudo digital identity within MySudo, and use it specifically for opening and paying tolls and all other car-related services you want to include.

Only ever use your “Car Bills Sudo” phone number and email address when communicating with and logging into these services. Do not use your personal phone or email.

If a suspected smishing text about an outstanding toll or any other supposed debt comes into any other Sudo (you can have 9 Sudos, depending on your plan) or to your personal phone number, then you will know it’s a scam and delete it.

If a text about a toll comes into your official “Car Bills Sudo” you’re more likely to consider whether it’s from the legitimate service provider and not a scammer. But still stay vigilant and check with the legitimate service provider, remembering they’re more likely to contact you by official mail. If the message turns out to be a scam, you can either:

Ignore it, or Block the scammer’s number, or Reset your “Car Bills” Sudo phone number, or Delete the “Car Bills Sudo” altogether and cut off the scammers. They won’t be able to reach you again.

Go one powerful step further by always using the MySudo virtual card within your dedicated “Car Bills Sudo” to pay your toll account and any other car-related bills. That way, even if you fall victim to a scam, the scammer does not have your personal credit card. They have your Sudo virtual card, which you can easily cancel or close and move on.

The data protection strategy behind MySudo is called compartmentalization.

Learn more about how MySudo can help you protect your information, communicate securely, and organize your life.

You might also like:

New to MySudo? Start Here

2024 was the Biggest Year for Data Breaches: Here’s How to Stay Safe in 2025

The Top 10 Ways Bad Actors Use Your Stolen Personal Information

How to Take Back Control of Your Digital Footprint: Get RECLAIM 1.1!  

Americans Say Data Privacy is a Human Right: 3 Apps that Achieve It 

The post FBI Says Secure Your Texts + Beware Toll Smishing. Get MySudo Now! appeared first on Anonyome Labs.

Learn how Auth0 and Amazon Web Services can enhance fan engagement for sports organizations.

Cloud deployments of the Cisco Identity Services Engine could let attackers access sensitive data.

The post Eight Bold Startups Define Next Generation of Fintech at Money20/20 Europe appeared first on Indicio.

The post Flawless User Onboarding with FIDO2 Authentication: Simplifying the Process appeared first on uqudo.

Congress has been urged by Federal Trade Commission Chair Andrew Ferguson to bolster its version of the Children's Online Privacy Protection Rule as the agency intensifies its clampdown on erring websites and service providers under its recently updated COPPA rule, according to The Record, a news site by cybersecurity firm Recorded Future.

Valid account credentials without multi-factor authentication continued to be the dominant initial access vector in cyberattacks last quarter, accounting for 56% of all cybersecurity incidents during the first three months of 2025, Infosecurity Magazine reports.

Major U.S. local newspaper publisher Lee Enterprises had information from 39,779 individuals, including their Social Security numbers, compromised as a result of an attack by the Qilin ransomware-as-a-service operation in February, which allegedly led to the exfiltration of 350 GB of data, reports The Record, a news site by cybersecurity firm Recorded Future.

New AI multi-agent system to assist organizations in scaling up identity governance and administration.

Millions of pilfered AT&T records exposed AT&T had a database with over 86 million customers' information purportedly exfiltrated by the ShinyHunters hacking operation from a Snowflake environment reuploaded on a Russian cybercrime forum earlier this month after being initially exposed in mid-May, according to Hackread.

Predictoor DF144 rewards available. DF145 runs June 5th — June 12th, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 144 (DF144) has completed.

DF145 is live today, June 5th. It concludes on June 12th. For this DF round, Predictoor DF has 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF145 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF145

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF144 Completes and DF145 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

Choosing the right AML software for your business is crucial, especially with so many options available today. To select the best AML solution for banking, focusing on core features for effective compliance and risk management is key.

The post Top 10 AML Software for Banks to Watch in 2025 first appeared on ComplyCube.

Supplier Relations and Sustainable Procurement Label: Thales recognised again for its excellence in sustainable procurement Language English adam.roberts Thu, 06/05/2025 - 11:02

The French Ministry of Economy, Finance and Industrial Sovereignty, along with the Conseil National des Achats* (CNA), has renewed the ‘Supplier Relations and Sustainable Procurement’ label awarded to Thales for a period of three years.

This label covers nearly 70% of the Group's procurement in France.

This distinction honours companies or public entities maintaining sustainable and balanced relationships with their suppliers, through the application of the commitments outlined in the ‘Supplier Relations and Sustainable Procurement’ charter, as well as the implementation of the recommendations of ISO 20400, the international standard for responsible procurement.

Thales is among 119 French private or public organisations (major contractors, mid-sized enterprises, small and medium-sized enterprises, and public entities) that have been labelled, collectively representing around €176 billion in annual purchases.

With over €4 billion in procurement spending in France, the vast majority of which is sourced from SMEs and mid-sized enterprises, we contribute to the development of critical industrial and technological hubs across France. To meet the growing expectations of our customers and stakeholders, we have a responsibility to maintain high standards of ethics and responsible conduct while supporting the ecological transition throughout our value chains.

Roque Carmona, Chief Procurement Officer

Through its Integrity and Corporate Responsibility Charter and its Procurement governance, Thales supports its suppliers in upholding commitments related to ethics and sustainability. The supplier selection process at Thales includes criteria that value Corporate Social Responsibility (CSR) commitments, particularly in terms of integrity, environmental performance, cybersecurity, and commitment to diversity and inclusion.

In this context, Thales has established 280 action plans with its suppliers, covering 45% of the carbon footprint of the Group's purchases of goods and services. 

Thales is also a founding member of Pacte PME (a French organisation working to open up opportunities for SMEs to do business with large companies) and a signatory of the bilateral agreement with the French Ministry of Armed Forces to support SMEs, mid-sized enterprises, and startups in France.

Procurement at Thales in figures: €9.2 billion in procurement spending in 2024, with €4 billion in France €2,8 billion in goods and services purchased from more than 3,800 small and medium-sized suppliers in France 17,000 suppliers across the world 100% of new suppliers committed to the principles of Thales's Integrity and Corporate Responsibility Charter each year

 

About the Supplier Relations and Sustainable Procurement Label:

In 2017, the Supplier Relations and Sustainable Procurement Label (RFAR) replaced the Responsible Supplier Relations Label (RFR), which was first established in 2012. This label is part of the ongoing effort initiated in 2010 by the Médiateur des entreprises** and the Conseil National des Achats* (CNA) through the Supplier Relations and Sustainable Procurement Charter. This label is granted for a period of three years, subject to annual verification. The evaluation is conducted based on the ISO 20400 framework, structured into five areas: Commitment to a sustainable procurement approach Quality of relationships with suppliers and subcontractors Respect for the interests of suppliers and subcontractors Integration of corporate social responsibility into the procurement process Impact of procurement on the economic competitiveness of the ecosystem
 

* French equivalent of the Chartered Institute of Procurement & Supply
**The French Médiateur des entreprises assists economic actors (both public and private) in resolving their commercial disputes, particularly in matters related to payment delays and contractual relationships.
 

/sites/default/files/database/assets/images/2025-06/RespPurchBanner.jpg 05 Jun 2025 Corporate Responsibility Responsability The French Ministry of Economy, Finance and Industrial Sovereignty, along with the Conseil National des Achats* (CNA), has renewed the ‘Supplier Relations and Sustainable Procurement’ label awarded to Thales for a period of three years. Type News Hide from search engines Off

Luxembourg, 5th June 2024 – Kerdo.io, a Luxembourg-based digital securities platform focused on institutional-grade investment structuring, has partnered with Tokeny, the leading onchain finance operating system, to enable the tokenization and digital distribution of real-world assets across Europe.

Through this collaboration, Kerdo.io is launching a new wave of tokenized investment products—including real estate, hedge funds, private equity, and private debt—designed to simplify access to private markets for European professional investors.

Combining deep capital markets expertise with advanced blockchain infrastructure, Kerdo.io streamlines the creation and management of alternative investment opportunities. Leveraging Tokeny’s white-label T-REX tokenization platform, Kerdo.io delivers a seamless, compliant, and user-friendly experience throughout the full lifecycle of digital securities.

Private markets are becoming increasingly popular, but due to a lack of infrastructure, they remain largely manual and paper-based. Tokenization offers a powerful solution, yet technology barriers have slowed adoption. We’re proud to partner with Kerdo to help them overcome these challenges and deliver an e-commerce-like experience to their end investors. Together, we’re accelerating access and unlocking new possibilities across the investment landscape. Luc FalempinCEO of Tokeny At Kerdo.io, we’re bridging traditional finance and digital assets. Tokeny’s on-chain operating system allows us to simplify the complexity behind tokenization and launch high-quality investment products that are easier to access and manage. Federico BasileFounder of Kerdo.io About Kerdo.io

Kerdo.io is a Luxembourg-based digital securities platform offering structuring and lifecycle management of tokenized investments. Built by capital markets professionals, Kerdo.io enables the seamless creation and subscription of investment products backed by real-world assets, including real estate, private equity, hedge funds, and private debt.

Website

About Tokeny

Tokeny is a leading on-chain finance operating system. It has pioneered compliant tokenisation with the open-source ERC-3643 “T-REX” standard and advanced white-label software solutions. The enterprise-grade platform and APIs unify fragmented on-chain and off-chain workflows, integrating essential services to eliminate silos. Tokeny enables the seamless issuance, transfer, and management of tokenized securities. By automating operations, offering innovative on-chain services, and connecting with any desired distributor, Tokeny helps financial players attract more customers and improve liquidity. Trusted worldwide, Tokeny has successfully executed over 120 use cases across five continents and has facilitated $3 billion worth of on-chain transactions and operations.

Website | LinkedIn | X/Twitter

The post Kerdo.io Partners with Tokeny to Bring Tokenized Alternative Investments to European Professional Investors appeared first on Tokeny.

For passionate football fans, catching live matches without subscription fees is key. In 2025, navigating free streaming options can be tricky, with varying quality and reliability. This guide cuts through the noise, presenting the Top 10 Websites to Watch Football for Free, ensuring you find stable, high-quality streams for all your favorite leagues and never miss a goal this year.

Introduction To Top Websites To Watch Football For Free

For football fans, watching live matches is essential, but high subscription costs can be a barrier. Thankfully, many platforms let you watch football for free. However, quality, stability, and safety vary greatly. This guide will introduce you to the top websites to watch football for free, helping you find reliable streams for major leagues and enjoy every game without cost, while also ensuring a smooth and safe viewing experience.

Why You Should Watch Football for Free Online?

In 2025, the appeal of watching football for free online is stronger than ever. With rising subscription costs for traditional TV channels, free streaming offers a convenient and accessible alternative. It breaks down financial barriers, allowing every fan to catch live matches from top leagues and tournaments globally, right from their device. This method ensures you never miss a moment of the action, providing unparalleled flexibility and cost savings for truly passionate supporters.

Cost Savings

One of the most compelling reasons to watch football for free online is the significant cost savings it offers. In an era where cable television packages and premium sports subscriptions can run into hundreds of dollars annually, free streaming platforms eliminate this financial burden. This allows passionate fans to avoid expensive monthly fees, redirecting those savings to other priorities or simply enjoying the sport without the added economic pressure, making top-tier football accessible to everyone.

Accessibility

Beyond financial benefits, watching football online for free provides unparalleled accessibility. You are no longer confined to a living room TV; instead, you can catch every thrilling moment of a match on various devices, including your phone, laptop, or smart TV, from anywhere with an internet connection. Whether you’re commuting, traveling, or simply away from your main screen, this flexibility ensures you never miss a crucial goal or a game-changing tackle, fitting seamlessly into your modern lifestyle.

Variety

Free online football streaming truly shines in its variety of content. Unlike traditional local TV channels that often only secure broadcasting rights for a limited number of major leagues, these online platforms typically provide access to a vast array of global leagues and tournaments. This means you can follow not just the Premier League or Champions League, but also niche competitions, less-publicized domestic leagues from around the world, or even youth and women’s football, expanding your horizons as a true football connoisseur.

Flexibility

Finally, the flexibility offered by free online football streaming is a huge draw for modern fans. These platforms often provide more than just live streams; many offer options for watching highlights shortly after matches or even full replays if you miss a game. This freedom from fixed schedules and without long-term commitments allows you to consume football content on your terms, fitting it into your busy life and ensuring you can catch up on all the action at your convenience.

Criteria for Choosing the Top Websites To Watch Football For Free

With countless options promising free football streams, finding truly reliable and safe websites is crucial for an uninterrupted viewing experience. Not all free platforms are created equal; many come with frustrating issues like excessive ads, poor quality, or even security risks. To genuinely enjoy every goal and thrilling moment without compromise, it’s essential to understand the key criteria for choosing the top free football streaming websites.

Legality

When seeking to watch football for free online, prioritizing legality is paramount to avoid potential risks. The best platforms either host content with official broadcast rights or provide links to legal, publicly available streams. While entirely free, completely legal sources for major commercial leagues are rare, discerning users should look for signs of legitimacy, such as clear disclaimers, professional website design, and minimal redirects. Opting for sites that respect intellectual property helps you enjoy the game without contributing to piracy, safeguarding yourself from legal issues or malware often associated with illicit streaming.

Stream Quality

A crucial factor for an enjoyable viewing experience is stream quality. Top free football streaming websites should deliver high-definition (HD) streams as a standard, ensuring sharp visuals and clear details of the game. Equally important is minimal buffering or lag, allowing for smooth, uninterrupted viewing of fast-paced action. While achieving perfect stability can be challenging for free services, the best platforms invest in robust servers and efficient content delivery networks to provide a consistent, high-quality picture that truly captures the excitement of live football.

Safety

Safety is a non-negotiable criterion when choosing free streaming platforms. Reputable websites should be free from malware, excessive and intrusive ads, or phishing risks that could compromise your device or personal information. Be wary of sites demanding suspicious downloads, displaying an overwhelming number of pop-ups, or redirecting you to unfamiliar pages. Prioritizing platforms that demonstrate a commitment to user safety, often indicated by an “https://” URL and a clean, trustworthy interface, is essential for a worry-free football viewing experience.

User Experience

A seamless user experience significantly enhances the pleasure of watching football online. The best free streaming websites feature easy-to-navigate interfaces, allowing you to quickly find matches, browse schedules, and access streams without frustration. Mobile compatibility is also vital, ensuring a smooth experience whether you’re watching on a phone, tablet, or smart TV.

Availability

Finally, availability plays a key role in accessibility. The top free football streaming websites should either be accessible globally or provide clear information and workarounds for geo-restrictions. This ensures that fans, regardless of their geographical location, can tune into their desired matches. Websites that consistently offer live links for a wide range of international and local tournaments demonstrate superior availability, ensuring you can follow your favorite teams and leagues from anywhere in the world.

Top 10 Websites to Watch Football for Free in 2025

For passionate football fans, catching live matches without subscription fees is key. In 2025, navigating free streaming options can be tricky, with varying quality and reliability. Here are your top 10 websites to watch football for free in 2025.

Live Soccer TV

Live Soccer TV is a highly comprehensive and reliable platform that serves as an essential guide for football fans worldwide. While it primarily acts as a scheduling hub, it offers detailed information on where to watch matches, including links to official streams and legal broadcasters across a vast array of global leagues and tournaments. Its key advantage lies in its legality and extensive coverage, encompassing both major and niche leagues, all without requiring any user registration. The main consideration is that it mostly redirects users to other platforms rather than hosting direct streams, meaning the ultimate viewing experience depends on the linked service. To use it, simply visit livesoccertv.com to find upcoming match schedules and discover where to access the streams.

YouTube (Official Channels)

For a legitimate and high-quality viewing experience, YouTube’s official channels from leagues or individual teams are an excellent resource for football content. Many official entities offer free live streams for select matches, particularly youth leagues, pre-season games, or specific tournament stages, alongside a wealth of high-quality highlights, replays, and behind-the-scenes content. The main benefits include guaranteed legality and superior stream quality. However, not all matches are broadcast live, and availability can vary significantly by region due to geo-restrictions. Users can search directly for official league or team channels on YouTube, and a reliable VPN might be necessary to access geo-restricted content.

Pluto TV

Pluto TV stands out as a popular free, ad-supported streaming service that includes dedicated sports channels relevant to football enthusiasts. Channels like beIN Sports Xtra and Fox Sports (though content can vary by region) occasionally offer live football matches but are more commonly known for providing football highlights, replays, analysis, and sports-related documentaries. Its main pros include being completely free with no signup required and wide support across multiple devices. Access is straightforward: visit pluto.tv on your web browser or download its dedicated app.

Tubi

Tubi is another significant player in the free, ad-supported streaming market, offering a variety of content that includes sports channels like Fox Sports. For football fans, this means access to football highlights, replays of past games, and occasional live events, though the emphasis is more on curated sports content rather than extensive live match schedules. Tubi is a legal platform that does not require an account, making it highly accessible. It’s also very mobile-friendly, offering a seamless experience on smartphones and tablets. The main con is its limited live match availability, often focusing more on replays and football documentaries. To use Tubi, simply visit tubitv.com or download the app on your preferred device.

BBC iPlayer (UK only)

For football fans residing in the UK, or those with a reliable UK VPN, BBC iPlayer is a premier legal and free platform. It offers free live football streams for select matches, particularly those involving the UK national teams, FA Cup ties, or specific Premier League games if the BBC holds broadcasting rights. Its major advantages are high-quality, legal, and ad-free viewing for users within the United Kingdom. The significant limitation is its strict geo-restriction to the UK, and users also typically require a valid UK TV license to access its full content. To use it, access bbc.co.uk/iplayer, ensuring your IP address is registered as being within the UK, potentially via a VPN.

SportRAR

SportRAR is a well-known aggregator that compiles free streams for football and a wide array of other sports. It’s particularly popular for providing access to streams for major leagues globally. However, like many free aggregators, some links may be unreliable, leading to broken streams or constant buffering. Users should also be prepared for potential ad issues, though often manageable. To use it, visit sportrar.tv and cautiously select the football streams that appear to be most stable.

Footybite

Footybite is a platform specifically tailored for football fans, making it a go-to destination for many seeking free streams. It offers an extensive selection of free live streams and highlights for various global tournaments and leagues. A significant advantage is its dedicated focus on football, often providing multiple stream links for a single match, allowing users to choose the most stable option. However, users should exercise caution as some links may lead to unofficial sources or sites with intrusive advertising. The general usage involves accessing Footybite and checking for active streams for upcoming or live matches.

Social442 TV

Social442 TV positions itself as a football-centric community and streaming site, offering live streams, highlights, and analysis for a variety of leagues. Its strength lies in its dedicated focus on football and its community-driven aspect, which can provide a richer experience for fans. However, accessing its content typically requires account creation, which might be a barrier for some users seeking instant access. Additionally, as with many free streaming platforms, the stability of some streams may vary, especially during peak viewing times. To utilize its features, users need to sign up at social442.com for access.

Red Bull TV

Red Bull TV is a high-quality streaming platform primarily known for extreme sports, but it also offers free streams for select football events. These often include niche tournaments, youth football championships, or unique football-related documentaries sponsored by Red Bull. Its advantages include no signup requirement, consistently high-quality streams, and broad multi-device support. The main drawback for dedicated football fans is its limited football coverage, as its primary focus remains on action and extreme sports. Users can visit redbull.tv to check for any available football streams, which are typically well-produced.

Facebook Video

Facebook Video has become an unexpected platform for watching football for free, particularly for user-generated content and streams from smaller leagues or local tournaments. Both individual users and pages (including some official ones from smaller clubs or regional associations) may feature live streams for football matches. Its main pros are being completely free and highly accessible with a standard Facebook account. However, inconsistent stream quality is a significant drawback, as it relies heavily on the uploader’s connection and equipment. Official content from major leagues is also quite limited. Users can find streams by searching for “live football” or specific match names on facebook.com/watch.

Tips for Safe and Smooth Websites to Watch Football for Free

Here are the key tips to consider:

Use a Reliable VPN

A Virtual Private Network (VPN) is your best friend when watching football for free online. A VPN encrypts your internet connection, hiding your IP address and making your online activity private. This is crucial for two reasons:

Bypassing Geo-Restrictions: Many free (and even some legal) streams are limited to specific countries. A VPN allows you to connect to a server in a different country, making it appear as if you’re browsing from there, thus unlocking geo-restricted content. Enhanced Security: Free streaming sites can sometimes be malicious or riddled with trackers. A VPN adds a layer of security, protecting your data from potential threats and preventing third parties from monitoring your streaming habits. Choose reputable VPN services like NordVPN, ExpressVPN, or Surfshark for optimal performance and security. Employ an Ad Blocker

One of the most common frustrations with websites to watch football for free is the sheer volume of intrusive advertisements, including pop-ups, pop-unders, and auto-playing video ads. These not only disrupt your viewing but can also be a source of malware. Installing a robust ad blocker (like Herond Shield of Herond Browser, AdBlock Plus, or AdGuard) as a browser extension is highly recommended. This will significantly reduce the number of ads, improve page loading times, and create a much smoother, safer viewing environment. Some browsers like Herond Browser have built-in ad blockers.

Maintain a Strong Internet Connection

A fast and stable internet connection is fundamental for websites to watch football for free with minimal buffering. For HD quality, aim for a minimum download speed of 5-10 Mbps, with higher speeds (25 Mbps+) being ideal for Full HD or 4K.

Check Your Speed

Regularly run an internet speed test to ensure you’re getting the promised bandwidth from your provider.

Wired Connection

If possible, use an Ethernet cable to connect your device directly to your router. This provides a more stable and faster connection than Wi-Fi.

Reduce Network Congestion

During streaming, close unnecessary tabs, applications, and background downloads on your device and other devices connected to your network.

Keep Your Software Updated

Ensure your operating system, web browser, and any streaming apps are always up-to-date. Software updates often include security patches and performance improvements that can prevent vulnerabilities and enhance streaming quality. Outdated software can be a gateway for malware and lead to compatibility issues that cause buffering or crashes.

Be Wary of Suspicious Links and Downloads

Free streaming sites, especially aggregators, can sometimes redirect you to unknown or malicious pages.

Look for HTTPS

Always check that the website’s URL begins with “https://” (indicating a secure connection) rather than just “http://”.

Avoid Unknown Downloads

Never download any software, plugins, or executables prompted by a streaming site unless you are sure of its legitimacy. These are common vectors for malware.

Close Pop-ups Safely

If a pop-up appears, try to close it using the small “x” button on the pop-up itself, rather than clicking anywhere else on the screen, which could activate a malicious link.

Consider Browser Choice

Some browsers are inherently more privacy-focused or offer better performance. Herond Browser, for instance, has a built-in ad blocker and prioritizes privacy. Using a browser with good security and performance features can naturally contribute to a safer and smoother streaming experience.

By implementing these tips, you can significantly enhance your experience of watching football for free online, enjoying every moment of the game with peace of mind and minimal interruptions.

Conclusion

By understanding the importance of legality, stream quality, safety, user experience, and availability, you can confidently choose platforms that deliver the matches you want, without the hidden costs or risks. Remember to leverage tools like VPNs and ad blockers for enhanced security and a smoother viewing experience.

Whether you prefer official highlights on YouTube, legal ad-supported streams from Pluto TV, or carefully vetted aggregators, the power to choose websites to watch football for free is truly at your fingertips. Embrace these resources and tips, and prepare to enjoy every thrilling moment of the beautiful game throughout 2025, without missing a single kick.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Top Websites to Watch Football for Free in 2025 appeared first on Herond Blog.

Vietnam Space Committee, OSB Group and Thales Partner to Promote Education and Innovation in Space Technologies prezly Thu, 06/05/2025 - 10:18

Vietnam has been building a national framework to advance Space activities over the past decade. Its national strategy for space technology development until 2030 aims to drive the sector forward in socio-economic development, technological innovation and environmental monitoring. Thales and Thales Alenia Space align with these ambitions, with the objective of this partnership to raise awareness and promote education on the immense potential of Space sciences and technologies.

Through the scope of this MoU, VSC Office, OSB, Thales and Thales Alenia Space will work on jointly developing and deploying training programmes in background and advanced topics in space telecommunications, satellite navigation, and space exploration. From joint research and early outreach in initiatives like STEM (Science, Technology, Engineering, Mathematics) to youth and academic institutions, Thales, Thales Alenia Space and their partners are working to build local technology expertise and capabilities in the coming generations.

Thales Alenia Space will bring its global expertise in space systems and technologies, together with Thales that will draw on its 30-year history in Vietnam for the aerospace, defence and cybersecurity and digital sectors. These capabilities complement those from the VSC Office who is the primary advisor for the Vietnamese government in its national space development strategies and policies, and with OSB, a leading local, high-tech telecom satellite network agency,

“Many governments are looking to satellites and communications technologies as the cornerstone in bringing connectivity, promoting economic development and safeguarding a country’s national security and sovereignty. Vietnam has keen ambitions for its Space sector, including the future VINASAT 3, which will bring state-of-the-art connectivity to millions. I am very optimistic on this partnership, signed in the framework of the Strategic Comprehensive Agreement between France and Vietnam, which builds on the 30-year legacy we have in Vietnam.” said Nicolas Bouverot, Vice-President for Asia at Thales.

“Thales Alenia Space is proud to develop this partnership with the Vietnam Space Committee Office and OSB Group. This collaboration will leverage on Thales Alenia Space’s longstanding capabilities in satellites systems while supporting the development of local talent to nurture innovative space technologies.” said Olivier Guilbert, Vice-President Export Sales at Thales Alenia Space.

 

About Thales

Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.

The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies. Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.

 

Press contact

Thales, Communications, Asia

Serene Koh - serene.koh@asia.thalesgroup.com

 

PLEASE VISIT Thales Group

 

 

 

/sites/default/files/prezly/images/sans%20A-1920x480px_85.jpg Contacts Cédric Leurquin 05 Jun 2025 Type Press release Structure Space Vietnam On 27th May 2025, the Vietnam Space Committee Office (VSC Office), OSB Group and Thales signed a Memorandum of Understanding (MoU) to collaborate on Education, Applications and Innovations in Space Sciences and Technologies. The MoU was signed in Hanoi by Mr. Tran Dinh Toan, Vice Chairman and Deputy CEO, OSB Group, Dr. Doan Ha Thang, Director of Vietnam Space Committee Office, Ministry of Science and Technology, and Mr. Nicolas Bouverot, Vice-President, Thales Asia, during French President Emmanuel Macron’s State Visit to Vietnam. Witnessing the signing was Mr. Eric Lombard, French Minister of the Economy, Finance and Industry and Mrs. Phan Thi Thang, Vice Minister of Vietnam’s Ministry of Industry and Trade. Hide from search engines Off Prezly ID 764706 Prezly UUID 251f3a05-3ab9-4a3a-bc0a-3ddcca27828d Prezly url https://thales-group.prezly.com/vietnam-space-committee-osb-group-and-thales-partner-to-promote-education-and-innovation-in-space-technologies Thu, 06/05/2025 - 12:18 Don’t overwrite with Prezly data Off

The Herond x Monad (Heronad) Campaign invites users to dive into the Monadverse through a thrilling series of six quests, blending the innovative capabilities of Herond Browser with the high-performance Monad blockchain. Designed to engage and excite the community, this campaign highlights the power of combining cutting-edge browser technology with scalable blockchain infrastructure to deliver epic rewards and foster ecosystem growth.

What is Heronad?

The Heronad campaign is one of Herond latest community campaign, launched on April 15, 2025. It features six engaging quests where participants can earn exclusive Monad NFTs and prizes over 20,000 $MON. The campaign highlights Herond’s ultimate ad-blocking solution, offering a clean online environment by effectively blocking all ads and Monad’s high-throughput, EVM-compatible Layer 1 blockchain, which supports up to 10,000 transactions per second with single-slot finality. This initiative introduces and promotes Herond Browser to Monad blockchain users, showing them the speed and convenience of the Browser.

Why Joining the Herond x Monad Campaign?

Participating in the Heronad event series offers a range of compelling benefits for users diving into the Monadverse. First, participants can compete in six engaging tasks to secure exclusive rewards, with all who complete all tasks earning a full set of Monad NFTs and $MON rewards for various activities, providing both digital collectibles and potential value. Additionally, giveaways throughout the series offer further chances to win $MON tokens and NFTs, boosting participation incentives.

By joining, participants connect with a vibrant Web3 community, contribute to the growth of innovative blockchain and browsing technologies, and position themselves at the forefront of decentralized ecosystem development, all while showcasing their skills in a dynamic, rewarding campaign.

How to Participate in the Herond x Monad Campaign Getting Started with Herond Browser Download and Setup

Download Herond Browser through this link.

Join the Community

Joining Herond’s community:

X: https://x.com/HerondBrowser

Telegram: https://t.me/herond_browser Discord: https://discord.gg/herondbrowser

Understanding Campaign Quests

During the event, there are 2 main phases that players need to pay attention to.

Phase 1 of the Heronad event series, running from April 15 to April 17, 2025, kicks off with an exciting announcement on April 15, introducing the campaign and its six-task series designed to reward participants with a full collection of Monad NFTs.

Hosted on the X platform, with additional announcements on Telegram and Discord, this phase features a $MON giveaway to draw in users. To participate, users must like, retweet, tag three friends, and provide their wallet address to enter the prize draw. On April 17, 50 randomly selected participants will each receive 10 $MON, totaling 500 $MON in prizes.

Phase 2 of the event series spans from April 18 to May 12. This event invites participants to engage in a thrilling six-task challenge to earn a full collection of Monad NFTs. Announced across X, Discord, and Telegram, this phase emphasizes active participation, with only those who complete all six tasks eligible for the grand prize.

The top 100 users who successfully finish every task will receive the exclusive Monad NFT collection, along with additional allocations determined by referral rankings, rewarding both dedication and community engagement.

Quest Structure & Information Phase 1: Introducing the event series Time: April 15 – 17. Announcement on April 15 and awarding on April 17 Implementation platform: X + announcement on Telegram and Discord

This phase aims to:

Giveaway $MON to attract users Introduction to the upcoming event series including 6 tasks to receive full collection of NFT Monad

Implementation method: Like + Retweet + tag 3 friends + wallet address to receive the prize

Prize: 500 $MON (10 $MON for 50 random people)

Phase 2: 6 task event chain Heronad Quest 1 begins with a fun warm up. Users only need to perform a few simple tasks as follows: Download Herond: https://herond.org Have a Herond account and spend 14+ days on Herond Browser Follow @HerondBrowser and @monad_xyz Hangout in Telegram http://t.me/herond_browse and Discord http://discord.gg/herondbrowser Level up to Verified on Discord and dive into Action Surge (details in Discord) Continuing with Quest 2, to stay validated for the campaign, you need to: Join the Action Surge event on Discord: http://discord.gg/herondbrowser Earned at least 15 points from Action Surge by May 5th!

*Note: Joining Action Surge isn’t just a requirement, it’s your gateway to AMAZING rewards.

Quest 3 is on the go and you need to invite some of your friends to join the fun by the following steps: Create your unique invite link within our Discord server. Each new friend who joins via your link and achieves the “Verified” role counts as 1 referral point. Follow the #referral-leaderboard channel on Discord to see your rank!

*Note: The Top 10 will share the 200 $MON prize pool. TOP 3 will each score a super cool Monadverse Chapter 1 NFT. Further than that, as OG/Early Supporters, you’ve automatically completed this quest!

Quest 4 asks you to snag your very own Heronad NFT on @MagicEden and boost your chances for more opportunities. Join at: https://magiceden.io/mint-terminal/monad-testnet/0x1790ce27384412e93f842a1271c4b2836aab84a1 Timeline: April 28th to May 2nd Price: 0.5 $MON per NFT Supply: 10,000

For OG/Early Supporters only: You get the Heronad role for free. Automatically updated on Discord.

For Heronad Holder Benefits: Join an exclusive giveaway for 500 $MON + Purple Frens NFT! Head to Discord to find out how http://discord.gg/herondbrowser

Quest 5 & 6 has just landed, and here are the instructions for players: For Quest 5, the quest link will be posted on Galxe to fill in the information. Users who complete all tasks will receive the Early Supporter role (users who already have this role will be upgraded to OG) In addition to Quest 6, there will be a quest asking users to post 1 article about what they like when using Herond Browser on X + hashtag #HerondBrowser #Heronad NFT reward + $MON for 10 posts with the highest interactions (Like + Comment + Retweet)

Reward: 200 $MON (10 people with the highest interactions) + 10 NFT Monad chapter 1 (5 people with the highest interactions)

Giveaway results will be announced on May 9th. Results of users eligible to receive full collection of NFT Monad will be announced on May 12th. Rewards will be transferred within 7 working days. Claiming Rewards NFT Rewards

If the prize is NFT Rewards. The process to claim is that the players join Discord, then go to the #submit_ticket channel, create a ticket, notify the admin to claim the NFT.

$MON Prizes

If you win $MON on Galxe, Galxe will automatically pay the reward to the player’s wallet address (Galxe collects player information in Quest 5 & 6)

If you win $MON in Quests on X, join discord, go to the ticket submission channel, create a ticket and notify the admin to claim.

Tips for users to be successful at the event

To maximize your success as a participant in the Heronad event series, follow these practical tips tailored to help players excel in the campaign’s structure and secure rewards like the full Monad NFT collection and $MON tokens

Act Fast in Phase 1 (April 15 – 17, 2025)

Jump into the initial giveaway by liking, retweeting, tagging three friends, and submitting your wallet address on X, as announced on April 15. With 50 random winners receiving 10 $MON each (totaling 500 $MON), early participation boosts your chances. Follow Herond and Monad’s X, Discord, and Telegram channels to stay updated on announcements and deadlines.

Complete All Six Tasks in Phase 2 (April 18 – May 12, 2025)

To qualify for the full Monad NFT collection, reserved for the top 100 participants, diligently complete all six tasks in the event series. Check X, Discord, and Telegram regularly for task details and ensure you meet each requirement. Missing even one task disqualifies you, so stay organized and track your progress.

Maximize Referrals for Bonus Rewards

Your ranking for additional allocations in Phase 2 depends on referrals, so invite as many friends as possible to join the campaign. Share your referral link strategically on social platforms or within Web3 communities, emphasizing the chance to win $MON and NFTs. More referrals increase your chances of ranking higher among the top 100.

Engage in Giveaways for Extra Prizes

Throughout Phase 2, additional $MON and NFT giveaways will be offered. Actively participate in these opportunities by following campaign updates and completing any required actions, such as liking posts or joining community events. These giveaways provide extra chances to earn rewards beyond the main tasks.

Join the Community for Support and Updates

Engage with the Heronad community on Discord and Telegram to get real-time tips, ask questions, and share strategies with other players. Community channels often provide clarifications on tasks or exclusive hints, helping you stay ahead. Participating in discussions can also keep you motivated and informed.

Set Up a Compatible Wallet Early

Ensure you have a wallet compatible with the Monad blockchain to receive $MON and NFTs. Follow any provided guides from Herond or Monad to set it up correctly before the Phase 1 giveaway deadline (April 17) and Phase 2 task completion (May 12). A verified wallet prevents delays in claiming rewards.

Stay Informed and Plan Ahead

Regularly check campaign announcements to understand task requirements and timelines. Create a schedule to tackle the six tasks in Phase 2, as some may require time or specific actions. Staying proactive ensures you don’t miss deadlines or opportunities to rank among the top 100.

By following these tips, you can enhance your participation in the Heronad event series, increase your chances of earning the exclusive Monad NFT collection, $MON tokens, and referral-based rewards, and fully immerse yourself in the exciting Monadverse community.

Conclusion

In conclusion, the Heronad event series, launched on April 15, 2025, offers participants a thrilling opportunity to engage with the innovative ecosystems of Herond Browser and the Monad blockchain while competing for exclusive rewards. This campaign not only rewards dedication but also immerses you in the future of privacy-focused browsing and high-performance blockchain technology, making it a must-join for Web3 enthusiasts eager to shape and benefit from the Monadverse

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Heronad Campaign: Unlock Rewards in the Monadverse appeared first on Herond Blog.

Ethereum’s switch to a Proof-of-Stake (PoS) system has totally changed how people can get involved in keeping the network secure and running smoothly. By staking your ETH, you’re not just helping secure the Ethereum blockchain – you’re also earning passive income! With more platforms supporting Ethereum Proof of Stake than ever before, it’s easier for investors to stake their ETH safely and effectively. In this blog, we’ll dive into the top five platforms that make Ethereum Proof of Stake simple, rewarding, and beginner-friendly.

What is Ethereum Staking?

Ethereum staking is a way to earn rewards by helping keep the Ethereum network secure. It involves locking up your ETH to support transaction validation and network security. In return, participants, called validators, earn rewards for their role in maintaining the blockchain.

This system started after Ethereum upgraded to a proof-of-stake (PoS) model during the Ethereum Merge. Instead of using energy-heavy mining, the network now selects validators to confirm transactions based on how much ETH they have staked. This shift makes the network more energy-efficient and secure. However, validators must act responsibly—any dishonest behavior can result in penalties or loss of funds.

For everyday users, staking offers a way to earn passive income without needing to trade actively. By staking ETH through trusted platforms, users can contribute to the network and grow their holdings over time. However, it’s important to choose a secure staking method to protect your investment.

How Does Ethereum Staking Work?

Ethereum staking allows you to earn rewards by locking up your ETH to support the network’s security and operations. To become a validator, you need to stake at least 32 ETH, which enables you to propose and confirm new transaction blocks. This role comes with rewards but also carries risks; dishonest actions can lead to penalties, including slashing, where a portion of your staked ETH is forfeited.

If you don’t have 32 ETH or prefer not to manage a validator node, staking pools offer an accessible alternative. These platforms allow you to stake smaller amounts by pooling your ETH with others. The platform manages the technical aspects, and you earn rewards proportional to your contribution, minus any service fees.

Staking rewards can vary based on network activity and the total amount of ETH staked. On average, annual returns range from 4% to 7%. By staking your ETH, you’re not only earning passive income but also contributing to the security and scalability of the Ethereum network.

Top 5 Platforms Supporting Ethereum Proof of Stake Bybit

Bybit is a leading cryptocurrency exchange renowned for its user-friendly interface and innovative financial products. Among its diverse offerings, Bybit provides Ethereum 2.0 Liquid Staking, enabling users to stake their ETH with ease and flexibility.

Key Features of Bybit’s Ethereum 2.0 Liquid Staking:

Accessibility: Users can stake as little as 0.01 ETH, making staking accessible to a broad audience. Zero Gas Fees: Bybit covers all gas fees associated with staking, ensuring a cost-effective experience for users. Derivative Tokens: Upon staking, users receive stETH tokens, representing their staked ETH. These tokens can be traded or utilized within the platform, providing liquidity and flexibility. Daily Rewards: Stakers earn daily rewards, allowing for consistent passive income generation. User-Friendly Interface: Bybit’s platform is designed to cater to both novice and experienced investors, simplifying the staking process and integrating seamlessly with other trading tools.

Bybit’s commitment to simplifying the staking experience is further demonstrated through its On-Chain Earn feature, which removes complex technicalities and provides direct access to staking opportunities. Bybit’s Ethereum 2.0 Liquid Staking offers a comprehensive solution for users seeking to participate in Ethereum’s proof-of-stake mechanism, combining accessibility, flexibility, and user-centric design.

Lido

Lido is a decentralized liquid staking platform that allows users to stake any amount of ETH without the need to run their own validator nodes. In return, users receive stETH tokens, which represent their staked ETH and accrue staking rewards over time.

Key Features:

Liquidity Through stETH Tokens: Lido’s stETH tokens provide liquidity to stakers, enabling them to trade, hold, or utilize these tokens across various DeFi platforms while still earning staking rewards.  DeFi Integration: stETH can be used as collateral in DeFi protocols such as Aave and Curve, allowing users to engage in lending, borrowing, and other financial activities without unstaking their ETH. No Minimum Staking Requirement: Unlike solo staking, which requires a minimum of 32 ETH, Lido allows users to stake any amount of ETH, making staking more accessible to a broader audience. Decentralized and Secure: Lido operates through a decentralized protocol, enhancing security and transparency for its users. 

By offering these features, Lido has become a popular choice for Ethereum holders seeking to participate in staking without sacrificing liquidity or requiring significant technical expertise.

Frax Finance

Frax Finance offers a cutting-edge staking solution through its innovative Frax Ether (frxETH) system. Designed to balance liquidity and stability, Frax allows users to participate in Ethereum staking without the technical barriers of running validator nodes or meeting the 32 ETH minimum requirement. This makes Frax Finance an attractive platform for both beginners and experienced investors seeking a more flexible staking experience.

Key Features:

Dual-Token Model (frxETH & sfrxETH): Frax operates with two tokens—frxETH, pegged 1:1 to Ethereum, and sfrxETH, which accrues staking rewards. This system enables users to stake ETH while maintaining liquidity and earning passive income. High-Yield Staking Rewards: sfrxETH holders benefit from competitive staking yields, making Frax one of the highest-yielding liquid staking platforms available. Seamless User Experience: Frax Finance’s user-friendly design ensures easy navigation and smooth staking processes, catering to both novice and seasoned crypto users. Integration with DeFi Ecosystem: frxETH and sfrxETH can be used across various DeFi platforms, expanding utility and maximizing earning potential. Decentralized and Transparent: Frax Finance prioritizes decentralization and transparency, offering users confidence in the platform’s security and governance.

Frax Finance’s innovative approach to staking makes it a standout option for those seeking both stability and liquidity in the Ethereum staking landscape.

Binance

Binance stands as one of the largest and most reputable cryptocurrency exchanges worldwide, offering a wide range of staking options, including Ethereum. Its global presence and extensive user base make it a trusted platform for both beginner and experienced investors seeking a seamless staking experience.

Key Features:

Simplified Ethereum 2.0 Staking: Binance removes the technical barriers of Ethereum staking, allowing users to stake ETH without managing validator nodes or meeting the 32 ETH requirement. Competitive Rewards: Binance offers attractive staking rewards, making it a profitable choice for users aiming to maximize returns. Robust Security: With advanced security protocols and insurance funds, Binance ensures a secure environment for staking and asset storage. Integrated Ecosystem: Users can leverage additional features such as trading, lending, and DeFi integrations within Binance’s expansive ecosystem. User-Friendly Interface: The platform is designed for ease of use, providing a smooth staking process for both beginners and seasoned investors.

Binance’s blend of security, competitive rewards, and a user-friendly interface makes it a top choice for Ethereum staking in 2025.

EigenLayer

EigenLayer is an innovative decentralized protocol designed to expand Ethereum staking through its unique restaking mechanism. It allows users to redeposit their staked ETH or liquid staking tokens (like stETH) to secure Ethereum’s Layer 2 networks and other middleware solutions. This process not only enhances Ethereum’s scalability and security but also offers users the opportunity to earn additional rewards.

Key Features

Restaking Mechanism: Enables users to restake ETH or liquid staking tokens, maximizing capital efficiency and increasing potential returns. Layer 2 Support: Strengthens Ethereum’s Layer 2 ecosystems by providing additional security and decentralization. Enhanced Rewards: Offers extra incentives for participants who contribute to network security through restaking. Decentralized Security Model: Leverages Ethereum’s decentralized validators to secure new protocols without compromising safety. Innovative Investment Opportunity: Appeals to advanced and tech-savvy investors seeking new ways to optimize staking rewards.

EigenLayer’s pioneering approach to restaking introduces a dynamic strategy for boosting returns and supporting Ethereum’s evolving infrastructure, making it an exciting option for forward-thinking investors.

Conclusion

Ethereum Proof of Stake has opened exciting opportunities for earning passive income while making the network safer and more scalable. Whether you’re a beginner or a seasoned investor, platforms like Bybit, Lido, Frax Finance, Binance, and EigenLayer offer secure and rewarding ways to stake your ETH. No matter your experience level, these platforms make it easy to join in and grow your crypto holdings.

About Herond Browser

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Platforms Supporting Ethereum Proof of Stake appeared first on Herond Blog.

Every time you open a web browser, you’re inviting a whole host of third parties—advertisers, websites, ISPs, and even government agencies – to track your every move. But what if you didn’t have to accept that as the status quo? What if there were browsers specifically designed to protect your data and safeguard your privacy while still delivering fast, reliable performance? In this guide, we’ll explore the top browsers that offer an unmatched balance of speed and security, helping you take back control of your online experience.

5 Elements of a Secure Browser You Should Look For

Before we dive into the best browsers, let’s take a moment to understand the key features that make a browser truly secure. Here’s what you should be looking for when making a decision about which browser to use:

Encryption: A secure browser ensures that your connection is encrypted, which means that even if hackers try to intercept your data, they won’t be able to read it. Without encryption, you’re leaving your data wide open for theft. Privacy Features: The best browsers go beyond simply offering incognito modes. They actively block third-party trackers and cookies, preventing advertisers from following your every click. Privacy-first browsers also minimize the data they collect, ensuring your browsing history remains private. Frequent Updates: Security is an ongoing battle. That’s why a good browser will update frequently to patch vulnerabilities and keep hackers at bay. Frequent updates ensure that the latest threats don’t compromise your browsing experience. Sandboxing: A powerful security feature that isolates web pages from one another, preventing malicious websites from compromising the rest of your system. In simple terms, it keeps potential threats confined, so they can’t reach your personal files or sensitive data. Anti-Phishing & Malware Protection: The best browsers automatically block phishing attempts and harmful websites. This feature adds an additional layer of protection by preventing you from accidentally visiting sites that could steal your personal information or infect your device with malware.

With these elements in mind, let’s explore the browsers that stand out in terms of speed, security, and functionality.

Top 10 Fast, Secure, and Best Web Browsers to Use

If you’re still relying on the default browser that came with your device, it might be time for an upgrade. Here’s a list of the top browsers that provide the perfect mix of speed, privacy, and security:

Herond Browser

Herond Browser sets itself apart in the crowded world of web browsers. It’s not just fast—it’s built for the future, offering top-tier security, blazing performance, and Web 3.0 integration, all in one package.

Unmatched Privacy and Security

At its core, Herond prioritizes privacy. With the Herond Shield, it blocks ads, trackers, and harmful websites. SSL certificates secure your connection, while Tor integration (coming soon) will add even more layers of protection. Plus, the Advanced Security Alert System (ASAS) keeps you one step ahead of online threats, making it a truly secure option for privacy-conscious users.

Seamless Web 3.0 Integration

Herond is ahead of the curve in the Web 3.0 revolution. It seamlessly integrates with Herond Wallet for decentralized digital asset management, giving users the tools to explore blockchain technology directly from the browser. It’s an experience designed for the decentralized web, putting users in full control of their data and assets.

Blazing Fast Performance

Speed is another standout feature. Herond loads pages up to three times faster than most browsers, ensuring that your browsing experience remains smooth and efficient. Whether you’re multitasking or streaming, Herond handles it all without slowing down.

User-Centric Design and Ecosystem

Herond’s design is all about customization. With a user-friendly interface and flexible settings, you can personalize your browsing experience. And with tools like Herond ID for decentralized identity management, Herond offers an integrated ecosystem that goes beyond just being a browser.

Looking for a fast and secure browser? Learn how to download Herond Browser on a computer and enjoy top-tier privacy and Web 3.0 features. Plus, Herond is already available on both the CH Play and App Store for your mobile device, offering a seamless and convenient browsing experience wherever you are.

Google Chrome

Google Chrome remains one of the most popular browsers, and for good reason. It’s fast, efficient, and well-integrated with Google’s ecosystem. Chrome frequently updates its security features and provides a seamless user experience. However, while Chrome does have robust security protocols, it is notorious for collecting data for advertising purposes. If privacy is a top priority for you, Chrome can be configured for enhanced privacy, but there are more privacy-conscious options available.

Mozilla Firefox

Mozilla Firefox stands as one of the best open-source browsers with a strong commitment to privacy. It offers an excellent speed-to-security ratio, with advanced privacy features like anti-tracking and phishing protection. Firefox also lets users customize their privacy settings, allowing you to decide what data gets collected. Plus, Firefox’s community-driven, open-source nature means that it’s constantly being updated and reviewed for security vulnerabilities.

Brave Browser

Brave takes privacy and security to the next level. This browser blocks ads and trackers by default, which not only protects your data but also boosts browsing speed. Brave’s integrated HTTPS upgrade ensures that you’re always browsing securely. Additionally, Brave’s innovative reward system allows users to earn cryptocurrency by viewing privacy-respecting ads—an excellent bonus for those looking to balance privacy and functionality.

Microsoft Edge

Microsoft Edge has come a long way since its earlier versions. Built on the same open-source Chromium engine that powers Chrome, Edge has improved in terms of speed and security. It includes features like built-in phishing and malware protection, as well as a secure password manager. Edge also boasts privacy tools like tracking prevention and a dedicated InPrivate mode. While not as privacy-focused as some others, Edge offers a well-rounded browsing experience with strong security features.

Safari

Safari has been the go-to browser for Apple users for years. It delivers excellent performance on macOS and iOS devices, especially when it comes to speed. Safari also offers strong privacy protection, with features like Intelligent Tracking Prevention, which helps block advertisers from following your every move online. It’s an ideal choice for those within the Apple ecosystem who want solid security without sacrificing performance.

Opera Browser

Opera is often overlooked but packs a punch with its robust security features. Built-in tools like a free VPN, ad blocker, and fraud protection make Opera a secure choice. The browser also boasts excellent speed performance, even with all these features running. Opera is an especially great choice for users who want a browser that provides a variety of privacy and security tools in one package, without needing extra extensions.

Tor Browser

When privacy is the top priority, Tor is the go-to choice for many. Tor’s ability to encrypt internet traffic and route it through multiple nodes makes it the best tool for users who need ultimate anonymity. Tor prevents tracking, stops unwanted surveillance, and shields your identity by masking your IP address. However, the trade-off for this high level of privacy is speed—Tor is slower than most browsers due to its complex encryption process. But for those who prioritize anonymity over speed, it’s the best choice.

Vivaldi

Vivaldi is a highly customizable browser that offers excellent speed and security. It comes with a built-in ad blocker, custom search engines, and advanced privacy features, giving you control over what data gets collected. Vivaldi allows you to configure almost every aspect of your browsing experience, from the interface to security settings, making it a great option for users who like to tweak things to their exact specifications.

Epic Browser

Epic Browser is designed with privacy in mind. It blocks all tracking cookies, advertisements, and even automatically forces secure HTTPS connections. Epic is known for its simple, no-frills interface and its commitment to keeping your data private. By default, Epic doesn’t store your browsing history or any personal data, and it doesn’t allow for any syncing, which is perfect for users who prioritize privacy above all else.

Conclusion

Choosing the right browser is more than just about convenience—it’s about security, speed, and privacy. The browsers we’ve discussed offer various features that cater to different user needs, whether you’re looking for an anonymous browsing experience, a super-fast option, or an all-around secure browser.

Ultimately, the best browser for you depends on your priorities. If privacy and security are your top concerns, browsers like Brave, Firefox, and Tor should be at the top of your list. If you’re after speed and integration with other services, Chrome and Edge will suit you well. And if you want the perfect balance between speed, privacy, and security, consider trying Herond or Vivaldi. Whichever you choose, remember that it’s time to take control of your online experience and make sure your browsing is as fast and secure as possible.

About Herond Browser

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Top Fast and Secure Web Browsers to Use in 2025 appeared first on Herond Blog.

Starting in August 2025, the UK mandates identity verification for company directors and Persons with Significant Control (PSCs) under the Economic Crime and Corporate Transparency Act 2023. While GOV.UK’s One Login system offers a verification route, recent security concerns have emerged due to its loss of certification. iComply provides a robust, privacy-focused alternative that not only meets but exceeds these new requirements, ensuring secure and compliant identity verification.

 

The Changing Landscape of Corporate Director Identity Verification in the United Kingdom

The UK’s corporate environment is undergoing significant reforms aimed at enhancing transparency and combating economic crime. Central to these changes is the requirement for identity verification of key individuals involved in companies.

Key Requirements: Who Must Verify: All new and existing company directors Persons with Significant Control (PSCs) Individuals submitting filings to Companies House Verification Methods: Directly through Companies House via GOV.UK One Login In-person at designated UK Post Office branches Through Authorised Corporate Service Providers (ACSPs) Timeline: Voluntary verification available from April 8, 2025 Mandatory verification for new appointments from Autumn 2025 12-month transition period for existing directors and PSCs to comply

Failure to comply may result in criminal offenses and the inability to serve as a director. 

 

Real-World Implications: A Compliance Officer’s Perspective

Consider James, a compliance officer at a reputable UK corporate services firm. James is tasked with onboarding a new client, a multinational corporation with a complex ownership structure. Navigating the intricate web of subsidiaries and stakeholders, James must ensure that all directors and PSCs are properly verified to meet the upcoming regulatory requirements.

Utilizing iComply’s advanced identity verification solutions, James efficiently:

Automates the collection of necessary identification documents Conducts thorough checks against global watchlists and sanctions Generates audit-ready reports to demonstrate compliance

This streamlined process not only saves time but also provides peace of mind, knowing that the firm adheres to the highest standards of regulatory compliance.

 

Concerns Surrounding GOV.UK One Login

While GOV.UK’s One Login system offers a digital route for identity verification, recent developments have raised concerns:

Loss of Certification: In May 2025, One Login lost its certification under the Digital Identity and Attributes Trust Framework (DIATF) due to its biometric authentication provider, iProov, failing to renew compliance. Security Vulnerabilities: The system has been reported to comply with barely half – only 21 – of the 39 outcomes detailed in the National Cyber Security Centre’s Cyber Assessment Framework, indicating significant shortcomings in information security. Privacy Concerns: The centralized nature of One Login raises potential privacy issues, with critics highlighting the risks of “ID phone home” scenarios where user interactions could be tracked, monitored, or controlled remotely.

These issues underscore the importance of choosing a reliable and secure identity verification solution.

 

iComply: Exceeding Standards in Identity Verification

iComply offers a comprehensive identity verification solution that not only meets but surpasses the UK’s new regulatory requirements:

Advanced Verification Techniques: Employing document authentication, hybrid (active and passive) liveness detection, and concurrent biometric verification within a secure video session. Privacy-First Approach: Prioritizing user privacy through decentralized verification methods, reducing the risk of data breaches associated with centralized systems. Continuous Compliance Monitoring: Staying ahead of regulatory changes to ensure ongoing compliance and security. User Empowerment: Providing users with control over their personal data, fostering trust and confidence in the verification process.

 

Enhancing Corporate Transparency

The implementation of stringent identity verification requirements aims to:

Prevent Fraudulent Activities: By ensuring that only verified individuals can hold key positions within companies. Improve Data Accuracy: Enhancing the reliability of information within the Companies House register. Strengthen Public Trust: Demonstrating a commitment to transparency and accountability in the corporate sector.

iComply’s KYB and KYC solutions align with these objectives, offering tools that support businesses in maintaining integrity and public confidence.

As the UK moves towards stricter identity verification mandates, businesses must adapt to ensure compliance and protect their reputations. iComply stands as a trusted partner in this transition, offering advanced, privacy-focused solutions that meet and exceed regulatory standards.

Contact us to learn why James’ firm chose iComply for secure, compliant, and trustworthy identity verification on directors, beneficial owners, and PSCs in the United Kingdom.

DigiCert's Ashley Stevenson explores why unifying PKI and IAM is essential to closing identity-related trust gaps.

The post Identity as a Big Data Problem appeared first on Radiant Logic.

Imprivata's Chip Hughes discusses how outdated methods create friction, increase risk, and undermine compliance.

Learn how identity solutions like Auth0 N2W SSO help adapt to new App Store rules and unlock revenue with secure web payments.

Multiple malicious packages were discovered on npm, PyPI and RubyGems repositories.

Robust Research Data Management (RDM) is the backbone of reliable digital twins, ensuring consistent, accurate, and scalable data inputs. Without it, even the best models can mislead. myLaminin, a blockchain-enabled RDM platform, empowers organizations to govern data across systems with integrity and flexibility. With features like immutable audit trails and customizable storage, myLaminin helps digital twin projects stay accurate, compliant, and future-ready.

Cybernews reports that almost 2.7 million U.S. patients' profiles and 8.8 million appointment records have been inadvertently exposed by an unsecured MongoDB database believed to have been owned by U.S. dental marketing firm Gargle.

Telegram data targeted by Fastlane-impersonating RubyGems packages BleepingComputer reports that threat actors have launched a supply chain attack involving a pair of RubyGems packages impersonating widely used Fastlane CI/CD plugins to compromise Telegram data.

A new era for UK defence begins with bold choices – Thales is ready Language English simon.mcsstudio Wed, 06/04/2025 - 14:20

A new era for UK defence doesn’t begin with equipment – it begins with bold choices. The Strategic Defence Review (SDR) sets that tone, and Thales is ready to respond.

The SDR is a clear signal of intent: to transform the UK’s defence posture with greater readiness, resilience, and technological advantage to deter adversaries. It outlines the Government’s commitment to strengthening our Armed Forces and supporting industry to deliver the next generation of capabilities in AI, autonomy, and secure, digitally enabled systems.

But these ambitions must be more than statements – they require strategic collaboration, sovereign investment, and trusted industrial partners with the ability to act.

Thales in the UK: Delivering the Defence Dividend

Thales stands ready to support the Government’s vision, with the people, expertise, partners and infrastructure to deliver sovereign innovation at pace.

We employ more than 7,000 people across 16 sites in the UK. Our supply chain sustains over 16,000 jobs, generating £2 billion annually in gross value added to the UK economy – a true defence dividend. We develop and deliver AI-enabled, autonomous systems and integrated mission solutions that give our Armed Forces the battle-winning edge they need.

These capabilities are not theoretical. They are being designed, engineered and deployed today by Thales teams across all four nations of the UK.

With the SDR’s focus on digital integration and data-enabled decision-making, Thales is uniquely placed to deliver the secure communications, sensor fusion, and cyber-secure systems that enable faster, smarter operational effects. This is the unseen advantage — the digital edge — that makes the UK's next-generation platforms truly battle-winning.

We don’t just deliver capability – we build resilience.

Meeting the ambition of the SDR means investing in more than platforms. It requires agile, scalable solutions that can respond to future threats, and a defence ecosystem that brings together government, primes, SMEs and academia.

That is why Thales is committed to building a collaborative, innovation-led supply chain. Through long-term partnerships, sovereign technology development and digital-first integration, we are helping the UK move at the pace of relevance.

This is a decisive moment – and a national opportunity.

The Strategic Defence Review is more than a policy document. It is a moment to reset, refocus, and re-energise how we defend our people, our interests and our allies.

At Thales in the UK, we’re proud to play our part in that mission – and to help shape the future of defence with the technologies, talent and trusted partnerships that matter most.

/sites/default/files/database/assets/images/2025-06/A-new-era-for-UK-defence-begins-Banner_0.png 04 Jun 2025 SDR AI autonomy United Kingdom Thales responds to the UK’s Strategic Defence Review, outlining our commitment to sovereign innovation, resilience and technology leadership. Type News Hide from search engines Off

Thales Unveils State-of-the-Art Inflight Entertainment & Services Lab at its Engineering Competence Centre in Bengaluru prezly Wed, 06/04/2025 - 12:19 The new lab, dedicated to development of Inflight Entertainment (IFE) solutions and advanced tools for support and services to airlines, reinforces India’s strategic position as an innovation hub for Thales. Our engineers at Thales in India will design, develop, and test innovative solutions to support the needs of Indian airlines and global customers. Aligned with Aatmanirbhar Bharat vision, the facility will significantly contribute to localisation of R&D activities along with job creation in India.

Thales today unveiled a state-of-the-art Inflight Entertainment (IFE) and Services lab at its Engineering Competence Centre (ECC) in Bengaluru. Aligned with the vision of ‘Aatmanirbhar Bharat’, this lab will serve as a hub for the design, development, and testing of next-generation IFE systems. The lab is equipped with advanced tools to support and serve airlines in India and around the world.

The inauguration ceremony was held in the presence of Honourable Minister of Industries, Government of Karnataka, Shri MB Patil, Consul General of France in Bengaluru Mr Marc Lamy, executives from Air India, Indo-French Chamber of Commerce & Industry, along with Olivier Flous, Senior Vice President, Engineering and Digital Transformation, and Francois Colonna, Director Engineering Competence Centre, Bengaluru from Thales, among other dignitaries.

Thales’s Engineering Competence Centre in Bengaluru is a key force driving the development of advanced aerospace and defence solutions. With the addition of the new IFE and Services lab, Thales is further expanding its R&D capabilities in India supporting the country’s journey to become a global innovation hub for civil aviation. This state-of-the-art facility replicates an aircraft equipped with an IFE system, allowing for comprehensive testing and an immersive customer experience review. The lab is a hub for software design, development, and rigorous testing crucial for secured aircraft data deployment, alongside meticulous hardware inspection and testing.

Commenting on the inauguration, Hon’ble Minister Shri MB Patil said, "Today's inauguration of Thales’s Inflight Entertainment and Services Lab at its Engineering Competence Centre reinforces Bengaluru's position as a global innovation hub. It's a testament to Karnataka's robust aerospace and defence ecosystem. Thales's footprint in India, particularly here in Bengaluru, is already substantial and has been contributing significantly towards the growth of aerospace, defence and cybersecurity & digital identity for years. Their Engineering Competence Centre has become an integral part of the local industry. Many congratulations to the Thales team for this significant milestone that will strengthen the aviation sector not just within Karnataka, but across the nation.”

Mr Marc Lamy, Consul General of France in Bengaluru, said, “Thales is a name synonymous with French excellence, a global leader at the forefront of advanced technologies. The inauguration of this IFE (Inflight Entertainment) and services lab is a moment of immense pride, reflecting the vibrant spirit of innovation and partnership that defines both our nations, France and India. This perfectly embodies the spirit of the upcoming year 2026 designated by President Emmanuel Macron and Prime Minister Narendra Modi as the ‘Indo-French Year of Innovation’.”

Olivier Flous, Senior Vice President, Engineering & Digital Transformation, Thales, said, “The inauguration of our new lab dedicated to Inflight Entertainment solutions and support and services for airlines marks a significant step towards enhancing both the passenger experience and operational efficiency of carriers. This new facility at our Engineering Competence Centre in Bengaluru underscores our commitment to the ‘Aatmanirbhar Bharat’ vision, developing future-ready aviation technologies in India, for India, and for the world. We look forward to continue leveraging our global technological expertise and India’s vast talent pool to foster a robust local civil aviation ecosystem.”

About Thales

Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.

The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.

Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.

About Thales in India

Present in India since 1953, Thales is headquartered in Noida and has other operational offices and sites spread across Delhi, Gurugram, Bengaluru and Mumbai, among others. Over 2200 employees are working with Thales and its joint ventures in India. Since the beginning, Thales has been playing an essential role in India’s growth story by sharing its technologies and expertise in Defence, Aerospace and Cyber & Digital sectors. Thales has two engineering competence centres in India - one in Noida focused on Cyber & Digital business, while the one in Bengaluru focuses on hardware, software and systems engineering capabilities for both the civil and defence sectors, serving global needs. Thales significantly contributes to the growth of India’s aviation sector. Thales provides avionics and IFE systems for many Indian civil aircraft. It also provides solutions to enhance airport security and is working on an advanced UTM system for drone operations. The Group has also established an MRO facility in Gurugram to provide comprehensive avionics maintenance and repair services to Indian airlines.

/sites/default/files/prezly/images/sans%20A-1920x480px_84.jpg Documents [Prezly] PR - Thales Unveils State-of-the-Art Inflight Entertainment & Services Lab.pdf Contacts Cédric Leurquin 04 Jun 2025 Type Press release Structure Aerospace India Thales today unveiled a state-of-the-art Inflight Entertainment (IFE) and Services lab at its Engineering Competence Centre (ECC) in Bengaluru. Aligned with the vision of ‘Aatmanirbhar Bharat’, this lab will serve as a hub for the design, development, and testing of next-generation IFE systems. The lab is equipped with advanced tools to support and serve airlines in India and around the world. prezly_764328_thumbnail.jpg Hide from search engines Off Prezly ID 764328 Prezly UUID 80468bfa-c406-47db-8698-5574856a3278 Prezly url https://thales-group.prezly.com/thales-unveils-state-of-the-art-inflight-entertainment--services-lab-at-its-engineering-competence-centre-in-bengaluru Wed, 06/04/2025 - 14:19 Don’t overwrite with Prezly data Off

[Amsterdam] Money 20/20 — “The world’s leading, premium content, sales and networking platform for the global money ecosystem” — has selected Indicio as one of eight startups “transforming the world of money.”

The announcement was made today during the Money 20/20 conference in Amsterdam.

“This is tremendous recognition for Indicio and our technology’s capacity to turn verifiable identity into the ubiquitous payment method of the future,” said Heather Dahl, CEO. “The banking and financial sector has started to realize the power of Verifiable Credentials to create industry-spanning solutions that cover everything from seamless account access to digital assets, privacy-preserving biometric authentication, and identity for agentic AI. All these have tremendous value to business and customers alike. But the payoff is even bigger when you start to see how decentralized identity can be a secure payment rail for instant, independent, peer-to-peer transactions — digital infrastructure you can create with your phone.”

To underscore how rapidly this future is coming, Indicio just announced Indicio ProvenAI. ProvenAI is a simple way to implement verifiable identity for AI agents and their customers, so each can authenticate the other before the customer gives consent to access data. It is the latest addition to Indicio Proven, the company’s platform for interoperable decentralized identity solutions and the latest product in its suite of financial service applications.

“Simply put, the vast potential of agentic AI in banking and finance is constrained by the problems our technology solves,” said Dahl. “With Verifiable Credentials, we are able to give AI agents verifiable identities, we enable secure communication between agent and customer that can be initiated by the agent, and we provide a simple way for the customer to give consent to the AI requesting access to their data.”

Indicio’s identity solution for AI follows on its ground-breaking solution to the problem of AI-generated identity fraud.

“With the emergence of deepfakes, we saw an opportunity to translate our travel solution — the world’s first digital passport credential based on standards set by the International Civil Aviation Organization — into a financial one,” said Dahl. “At  the core of this is ‘government-grade digital identity’ using authenticated biometrics.”

Indicio’s ability to combine authenticated biometrics with Verifiable Credentials means that a remote liveness check or biometric scan can be instantly crosschecked against an authenticated, tamper-proof copy of a person’s biometrics that the person holds on their phone. When added to a KYC credential, financial institutions have an enormously powerful, reusable  authentication solution at a fraction of the cost of conventional identity verification.

“The beauty of it is that the biometric data stays with the person — there’s no need for enterprises  to store people’s biometric data to verify it,” said Dahl. “This is a breakthrough for consumers — and a gateway to better account login and security. We know from the travel sector that many people are willing to use and trust  biometrics if they can be sure their data is protected. With Indicio, people have custody and control of their most valuable data and can share it in a way that’s instantly verifiable.”

Indicio has been leading the decentralized identity sector with these kinds of innovations, but it has also recently entered the European digital wallet market with another tech first: a simple way to combine credentials built to Europe’s digital identity specifications with credentials from outside Europe that have been built to different global standards.

“Our goal is to make every kind of credential format — digital travel credentials, EU credentials, mobile driver’s licenses — all work with each other and be easily combined in seamless workflows, including in the world of money,” said Dahl. “We successfully showed that this was possible earlier in the year in an international travel trial with Aruba, Delta Air Lines, and SITA.

“This seamless interoperability creates a single customer journey, bridging companies, industries, and sectors to meet a consumer’s needs. Interoperability is the key to a single digital market in a micro as well as macro sense.

“We call it decentralized identity,” said Dahl, “but it’s really a way to connect anywhere to everywhere in a trusted, privacy-preserving way. It’s a foundation for seamless interaction, payments, agentic AI and a new kind of internet.”

In line with the company’s commitment to be the leader in global interoperability, Indicio is currently incorporating the Mobile Driver’s License (mDL) into its Proven platform. The company will also be developing the technology for government-issued digital passport credentials based on the ICAO DTC 2 specification with its global partner SITA in the EU Aptitude Trial.

To learn more and see a demonstration of the technology in action you can explore Indicio’s banking and finance solutions, or take a look at our highly customizable flagship product Indicio Proven®. If you have any questions our team would be happy to answer them or talk through a specific use case, please contact us here.

##

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post Indicio “poised to transform the world of money” — Money20/20 appeared first on Indicio.

Modernize security with Detection-as-Code. Learn how to automate threat detection & response using DevSecOps & tools like Fastly's WAF Simulator.

Google cites "patterns of concerning behavior" with China- and Hungary-based certificate authorities.

The malware has evolved with new features and spread globally in the past three months.

The post Indicio launches ProvenAI platform for authenticating AI agents appeared first on Indicio.

While attack methods vary on these incidents, it’s not clear if multiple threat actors are involved.

Here’s five ways teams can manage agentic AI security.

Learn how to implement fine-grained authorization in Java RAG systems using LangChain4j and Auth0 FGA to secure your AI applications.

Auth0 May 2025 updates: async auth (CIBA), CLI tools, real-time event streams, and customizable Universal Login. Enhance security, UX, and integrations.

BleepingComputer reports that leading U.S. outdoor apparel and equipment brand The North Face has confirmed that its customers' data had been pilfered following a credential stuffing intrusion against its website in April.

NSO Group has filed an appeal to reject last month's jury ruling that ordered a $167 million payment to WhatsApp after infecting over 1,400 users of the messaging app with spyware as part of an attack campaign six years ago, TechCrunch reports.

Streamlining Security: HYPR and HID Merge Physical and Digital Access The notion of “access” no longer coincides with a single connotation. Within a sprawling landscape of digital identities and physical spaces, modern enterprises are confronted with the daunting task of securing each of these spaces from all possible angles. The struggle to secure virtual and physical access incurs productivity setbacks and security vulnerabilities. The introduction of the virtual world was supposed to provide convenience and efficiency, but the resulting balance between digital and physical access has left organizations scrambling to address each separately.

But what if there was a way to streamline access, fortify security, and empower employees all at once?
A Unified Solution for Every Use Case

HYPR and HID have partnered to deliver one converged access solution with hardware- and software-based passkeys in a single platform. Whether your workforce needs smart cards for regulated environments, mobile-device credentials for remote workers, or both, this solution flexes to your policies and compliance requirements:

Hardware-Based Passkeys: Ideal for high-security sites and regulated industries (finance, manufacturing, healthcare). Software-Based Passkeys: Perfect for contractors, hybrid staff, and deskless workers. Mixed Workforces: Assign each user the credential type that matches their role; no system overhaul required.

By registering and verifying identities at enrollment, HYPR’s identity verification establishes a chain of trust from day one. HID’s smart cards then become both your physical badge and your FIDO credential, unlocking doors and business applications with a single tap.

A Leader in Trusted Identity Solutions

HID is a global leader in Identity and Access Management, specializing in the issuance, authentication, and management of digital identities for millions of users. As an active member of the FIDO Alliance, HID strongly advocates for passwordless authentication. We recognize that the transition from traditional password-based authentication to passkeys varies for each organization. Therefore, we have partnered with strategic vendors such as Microsoft and HYPR to deliver solutions that meet businesses wherever they are in their passwordless journey. Whether leveraging the power of physical access cards, the Crescendo portfolio, or our software solutions, our mission is to become the trusted leader in delivering confidence to navigate within a digital world.

Key Benefits of the HYPR | HID Integration Stronger Security 
Deploy phishing-resistant, device-bound passkeys, with no password fallbacks, across every environment. Only verified users gain access to sensitive systems or secure areas. Flexible Deployment 
Support hardware and software passkeys from the same console. Simplified Administration
Manage Crescendo Cards and HYPR credentials through one pane of glass. Reduce provisioning steps, lower maintenance costs, and accelerate onboarding.
Faster Onboarding
Enable self-service enrollment – no pre-issued certificates or IT hand-holding required. New hires, contractors, and partners get up and running in minutes. Increased Productivity
One credential for doors, desktops, and apps means fewer helpdesk tickets and smoother user experiences. Employees focus on work, not passwords. Compliance Ready
Built on FIDO-certified technology, the solution supports zero trust initiatives and audit requirements across industries. Frictionless User Experience for Enterprise Access

No employee walks into their building, sits down at their desk, opens their computer, and starts working. The users at your organization use ID badges to gain entry to the office. They then use a number of authentication methods to access their workstations and applications. HID and HYPR’s solution acknowledges these existing methods and improves the speed and efficiency of your infrastructure rather than changing it or overcomplicating it. 

Single Credential for Physical and Digital Access

To provide a unified physical and digital access experience, the HYPR and HID integration leverages the power of the Crescendo Cards, which support PIV and are FIDO-certified. Acting as a single, secure credential, they allow users to unlock office doors and log in to workstations. Notably, the Crescendo tools streamline the management, provisioning, and recovery of these cards, relieving administrative burden. Users can self-enroll their Crescendo Cards for both domains of access, eliminating complex onboarding processes. If a card is lost or stolen, organizations are assured of quick and secure recovery.

Simplifying Security in the Face of Modern Threats

By converging physical and digital access, HYPR and HID eliminate the silos and manual gaps that adversaries exploit. Users self-enroll, IT manages everything centrally, and security teams gain continuous assurance that only verified humans enter your systems and spaces.

Learn more about how the HYPR | HID integration can address your most demanding access use cases while reducing risk, accelerating onboarding, and maximizing your existing investments.

Read the full Solution Brief 

“Most digital systems were built around a simple model: one user, one identity, one device, one intent. If you need more than that, that’s what password sharing is for, right? (Note: that was sarcasm.) Who needs delegation?“

A Digital Identity Digest Acting on Behalf of Others: Delegation, Consent, and Messy Reality Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 10 seconds 00:00 / 00:12:18 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

Reality, which has definitely included sharing passwords, has always been messier.

From caregivers managing health portals, to coworkers submitting expense reports on behalf of others, to kids navigating school systems with help from their parents, the need for delegation is everywhere. But digital identity systems still mostly assume a clean one-to-one world. And when real life demands “acting for someone else,” we’re left cobbling together workarounds such as password sharing, manual overrides, and endless customer support calls.

Now, with the rise of agentic AI, where digital agents can take actions independently, the challenge of delegation has found new urgency. If humans already can’t delegate to other people cleanly in digital systems, what happens when software needs to do it?

Delegation isn’t new. But it’s getting urgent.

You may also be interested in some of my earlier posts, “Agentic AI and Authentication: Exploring Some Unanswered Questions” and “What AI Agents Can Teach Us About Fraud in Consumer Identity.”

Delegation: Beyond Permission Tokens and Role Switching

Delegation sounds simple: authorize one party to act on behalf of another. I wish it were that simple! Alas, today, “delegation” often gets boiled down to clumsy versions of permission tokens or role-switching.

Let’s take a real-world example. I’m paraphrasing from George Fletcher‘s LinkedIn article on Delegated Authorization (are you following George? You need to be following George).

Alice managed medical and supplement accounts for herself and her spouse Bob. After Alice’s death, Bob needed access to those accounts to make changes. But because most systems didn’t support delegation, the only option was for Bob to impersonate Alice, using her password, risking terms-of-service violations and creating an audit mess.

This is hardly rare. Across industries, you see:

Healthcare: Caregivers trying to manage appointments and prescriptions without “breaking” patient portals. Workplaces: Expense approvals getting “proxy-approved” by executive assistants without clear delegation records. Education: Parents struggling to fill out school forms because online systems assume the student is the sole user. Customer Service: Agents needing to fix a customer’s problem but lacking any secure way to act on the customer’s behalf.

In these cases, systems often lean on role-switching (“pretend to be someone else”) or manual overrides (“fax us a form”). Neither solution is scalable, auditable, or user-friendly.

Why Agentic AI Turns the Pressure Up

If delegation was already broken for humans, AI makes the problem even harder. (The irony here, given AI is supposed to make everything easier, does not escape me.)

Picture an AI financial assistant you authorize to move money between your accounts. That AI is acting on your behalf, but today’s systems aren’t designed to distinguish “the customer” from “the customer’s agent.” There’s no standard way to represent delegated credentials. No clear audit trail showing who (or what) took which action.

Without robust delegation models, AI agents risk being blocked from useful actions or allowed to act too broadly without sufficient consent or guardrails.

This isn’t just a futuristic thought experiment. Real discussions (like those at The Identity Salon) have flagged problems ranging from AI in banking to AI-powered scheduling assistants accessing your work calendar.

Delegation Models (and Why They’re Still Not Enough)

We’ve tried to tackle delegation before. Some of the main models include:

OAuth “Alice-to-Alice” Sharing: Useful for limited access (like “this app can see your calendar”), where you grant a service permission to act on your behalf. But even though another app is doing the work, the system still treats it as if you personally took the action, which isn’t the kind of clear, separate delegation we often need. User-Managed Access (UMA): A step forward in enabling a touch more complexity, UMA (a spec out of the Kantara Initiative) allows Bob to act for Alice with his own identity. Unfortunately, adoption of UMA has been slow. On-Behalf-Of Models in “OAuth 2.0 Token Exchange” (RFC 8693): Helpful for service-to-service delegation, but lacking lifecycle management and human-centric constraints. Persona Chaining: Several efforts have proposed ways to create sub-identities for delegation, but they tend to introduce ambiguity over time and often fail to take hold in real-world systems. Why? Because chaining authority adds complexity: it’s harder to define clear boundaries, enforce policy constraints, and ensure reliable audit trails as the chain grows. Without strong governance, persona chains risk becoming security liabilities instead of flexible solutions.

Each model solves part of the puzzle. None solves it completely. Especially once you factor in:

Contextual constraints (“only for this task,” “only until next Tuesday”). Transitivity (“Bob can act for Alice—but can’t pass that authority to Carol”). Auditability (“who did what, when, and why”). Lifecycle management (“delegation expires automatically when conditions change”). Real-World Enterprise Reflections

Healthcare and personal AI agents are one thing, but don’t think the enterprise gets to avoid this pain.

In HR systems, managers often need to submit forms on behalf of employees. Without built-in delegation, companies end up granting broad admin rights, creating security risks and compliance headaches. (There’s a reason digital identity is one of the most successful attack vectors there is today.)

In expense systems, executive assistants often “act for” executives, but technically submit expenses “as” the executive. Good luck untangling that when auditors come knocking. Or not. You deserve at least a slap on the wrist if that’s what you’re doing.

Even in research settings, project leads sometimes need to act on behalf of students or postdocs to access grant portals or finalize submissions, but systems rarely support clear, limited delegation.

Delegation Isn’t Optional Anymore

As George Fletcher put it, we need ways for one party to prove:

They have the right to act on someone else’s behalf. They are the specific person (or agent) authorized. Their actions are constrained by clear, enforceable policies.

Without this, delegation remains a patchwork of risky workarounds.

And with AI agents entering the mix, “I’ll just share my password” is no longer an acceptable fallback.

If we want a digital world that reflects real human (and increasingly agentic) relationships, delegation needs to be a first-class feature, not an afterthought. But it’s not going to be easy. Whatever new specifications technologists come up with will have to contend with legacy systems that have no idea how to implement those specifications (I wrote about the long-tail of implementation not too long ago). The technical debt here is crazypants.

In the next post, I’ll dive into where I think existing delegation models fall short and what a more complete, future-ready solution could look like.

Want to stay updated? I write about digital identity and related standards—because someone has to keep track of all this! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here] 

Transcript

[00:00]
Welcome to A Digital Identity Digest, the audio companion to the blog at Spherical Cow Consulting. I’m Heather Flanagan, and every week I break down interesting topics in the field of digital identity—from credentials and standards to browser weirdness and policy twists.

If you work with digital identity but don’t have time to follow every specification or hype cycle, you’re in the right place.

Let’s get into it.

Delegation Sounds Simple — Until It Isn’t

[00:00:29]
Today, we’re diving into a problem that’s bigger than it sounds: delegation.

If that word makes your eyes glaze over, hang on. Because without solving the delegation problem, everything from caregiving to AI agents managing your bank accounts is held together with virtual duct tape and hope.

What Is Delegation, Really?

[00:01:03]
Digital systems were built on a simple model: one user, one identity, one device, one intent. Clean. Predictable.

But real life doesn’t work like that.

[00:01:17]
Delegation happens all the time. You hand your kid your phone to check in at the orthodontist. A coworker approves an invoice while you’re in the air. Your partner logs into the utility company’s website to pay a bill.

Delegation is normal behavior. It’s how families, companies, and governments function. Ever heard of a power of attorney? Same idea, different paperwork.

[00:01:48]
But our systems still assume we all live alone on little digital islands. One user, one device. No help allowed.

How People Actually Delegate

[00:02:00]
When you try to act for someone else, you usually end up doing one of three things:

Share a password (bad, and you know it) Fill out a 1990s-style form Spend an afternoon lost in customer support limbo

[00:02:24]
Delegation isn’t a corner case. It’s everyday life. And as AI agents enter the mix, the cracks in our one-user model become more obvious—and more dangerous.

Real Life Example: Bob and Alice

[00:02:41]
Let’s talk about a real-world example, using Bob and Alice. Because in Identity Land, everyone is Bob and Alice.

[00:02:49]
Alice manages all the medical and supplement accounts for her household. When she dies, Bob needs to access those accounts to cancel services, update info, settle things.

[00:02:59]
But that’s not easy. Most sites don’t support real delegation. Bob’s options:

Steal or guess Alice’s password (which is illegal) Fax around a death certificate like it’s 1997

[00:03:24]
Even if he gets in, the system doesn’t know Bob is acting with Alice’s consent.

[00:03:35]
This isn’t an extreme case. Parents managing care for kids, adult children helping with banking, executive assistants scheduling meetings—it’s all delegation.

We designed our systems as if these use cases don’t exist.

And Then Came AI Agents

[00:03:59]
Let’s make it even messier by adding AI.

[00:04:05]
Imagine you have an AI assistant that can act on your behalf: book flights, order groceries, pay bills, move money. Maybe it even negotiates your internet bill.

You’ve told it what it can do—and it works. Until it doesn’t.

[00:04:24]
When the AI tries to update your address or cancel a subscription, the system says: Who are you, and why should I trust you?

[00:04:56]
Right now, there’s no standard credential that says, “I’m an authorized agent.” No way to prove the agent isn’t just stealing your identity.

So you either get blocked at every step, or you let the AI act freely—with no oversight, audit trail, or way to revoke access.

[00:05:22]
Either scenario is a nightmare.

[00:05:24]
This isn’t theoretical. Visa and Mastercard are already testing AI agents that act on your behalf. People are plugging them into banking tools, medical apps, productivity workflows.

But the tools weren’t built for real delegation.

Existing Models Aren’t Enough

[00:06:04]
There have been attempts to fix this:

OAuth 2.0 — Lets Alice share access, but it still looks like Alice did everything User Managed Access (UMA) — Great concept where Bob acts for Alice as Bob, with permission. But not widely adopted OAuth Token Exchange — Works well for backend services, but not for actual humans Persona Chaining — Create sub-identities, then lose track of them

[00:07:00]
Each solves part of the problem, but none cover the full picture—especially when you need context, limits, expiration, and audit trails.

Delegation in the Enterprise? Worse.

[00:07:25]
You’d think enterprises would have this figured out. Nope.

[00:07:30]
HR managers need to do things on behalf of employees. But instead of targeted delegation (like submitting vacation requests but not seeing salary), they get full admin rights.

[00:07:40]
Executive assistants submit expenses for executives all the time. That’s fine—until an audit shows $6,000 in upgrades and spa charges, and the system logs show the executive clicked “submit.”

Maybe they did. Maybe they didn’t.

[00:08:12]
Yes, this really happens. Especially in older ERP or expense systems, or in underfunded orgs without fine-grained access controls.

[00:08:49]
Even well-funded companies often rely on temporary access, shared accounts, and informal workflows that make real audit trails impossible.

[00:09:12]
Unless the system supports delegated authority as a first-class feature, it always looks like the executive made the request. Not the assistant.

Broken Delegation = Risk and Waste

[00:09:31]
Every time delegation is handled poorly, it:

Slows down work Increases friction Creates security risks Forces people into workarounds

[00:09:48]
Delegation isn’t an edge case. It’s just life. And ignoring it breaks everything.

What Needs to Change

[00:10:02]
We need ways for people and agents to prove:

They have the right to act for someone else They are who they say they are Their actions are constrained, auditable, and revocable

[00:10:28]
Without that, delegation stays chaotic—and automation doesn’t work.

[00:10:39]
Fixing this isn’t easy. It means:

Updating protocols like OAuth and UMA Building support for verifiable credentials Creating governance models that aren’t just “hope and vibes”

[00:10:53]
And then there’s the technical debt—so large it might have its own zip code. Updating protocols doesn’t magically update software. Apps have to evolve too.

[00:11:17]
If we want digital systems that reflect real life, delegation has to be a first-class feature.

What’s Next

[00:11:25]
In Part Two, I’ll dig deeper into where today’s models fall short—and what it’ll take to build delegation that doesn’t suck.

Thanks for Listening

[00:11:42]
That’s it for this episode of A Digital Identity Digest.

If this helped make the messy world of digital identity a little clearer—or at least more interesting—please share it with a friend or colleague. Connect with me on LinkedIn @hlflanagan.

And if you enjoyed the show, subscribe and leave a review on Apple Podcasts or wherever you listen.

You can read the full post at sphericalcowconsulting.com.

Stay curious. Stay engaged. Let’s keep the conversation going.

The post Acting on Behalf of Others: Delegation, Consent, and Messy Reality appeared first on Spherical Cow Consulting.

In one of our latest podcast episodes, we were joined by Rob White, Head of Identity Services at Samsung Wallet, for an in-depth conversation about the future of mobile driver’s licenses (mDLs) and digital identity.

With decades of experience in mobile wallets and payments, Rob shared Samsung’s vision for making identity more secure, convenient, and privacy-preserving. From user trust and interoperability to commercial use cases and government partnerships, the conversation covered the key hurdles and opportunities shaping the next phase of digital identity in the U.S.

Below are the key insights and takeaways from the session.

Fastly's Q1 2025 Threat Report: Key insights on web attacks, bot traffic, and how to defend your apps & APIs. Read the full report now.

A New Identity is SC Media’s ongoing column series exploring the future of digital identity: where policy, product, and practicality collide.

Explore the benefits of combining AI and identity management to improve user experience and accelerate innovation.

Anonyome Labs was among the world’s leading experts on the future of digital identities and cybersecurity at the 2025 European Identity and Cloud Conference in Germany in May.

Anonyome’s CTO Dr Paul Ashley presented on implementing hardware security modules in digital identity wallets, and Chief Architect Steve McCown discussed fighting AI deepfakes with personhood credentials.

The four-day EIC 2025 saw 300 experts share solutions to the complex challenges of human-centric digital identity in the face of accelerating artificial intelligence (AI) capabilities, and other developments in cutting-edge identity and cloud technologies.

Implementing hardware security modules in digital identity wallets

Dr Ashley explained how digital identity wallets can be enhanced through HSM integration to fulfill the requirements of the EU Digital Identity Wallet framework and analyzed each credential standard’s compatibility with various HSMs’ cryptographic capabilities. He focused on examining the secure enclave capabilities on iOS and Android phones and Yubikey 5C NFC devices to support different verifiable credential presentation proof signature profiles and strong holder binding. Dr Ashley explained:

The secure enclaves on iOS and Android phones offer limited cryptographic flexibility for supporting various verifiable credential proof signature profiles, restricting the types of credentials and signing algorithms that can be utilized.
Approximately 50% of current Android phones lack secure enclaves, limiting accessibility to this functionality for a significant portion of the population.
Yubikey 5C NFC provides greater cryptographic flexibility and the added benefit of compatibility across the user’s wallet devices.
None of the mentioned options are currently certified for EUDI Wallet use.
Exploring the potential of remote HSMs like those from ubiqu as a solution to the identified limitations presents an intriguing avenue for future consideration.

Watch Dr Ashley’s presentation.

Steve McCown made two appearances at EIC 2025: he presented a “101” on personhood credentials (PHCs) and was part of an expert panel examining real-world implementations, emerging standards, and practical challenges in digital identity.

Benefits and challenges of personhood credentials

In his “101” Steve looked at the evolution of the “personhood” concept as a way of proving a user is a real human and not a bot in an AI world. He identified some of the significant benefits of PHCs, such as reducing impact of sockpuppeting, mitigating bot attacks, and verifying a person’s delegation to AI agent, but also warned of potential challenges, including:

Equitable access: can PHCs affect access to digital services?
Free expression: will people feel safe using PHCs?
Checks on power: how will PHCs affect tech providers?
Robustness of attack and error: how might PHCs be vulnerable to errors or subversive compromise?

Steve’s talk underscored the idea that the web faces a critical inflection point: as AI-generated content proliferates and platforms demand increasingly invasive identity verification, we risk creating a digital environment where every interaction requires credentials—essentially a “papers, please” culture for the internet. Privacy-preserving approaches to personhood verification can help prevent this dystopian outcome while still enabling necessary trust.

Watch Steve’s presentation.

The expert panel explored how technologies such as zero-knowledge proofs and selective disclosure can preserve individual privacy while meeting legitimate verification requirements. The discussion addressed pressing questions around maintaining an open web, preventing privacy violations, and safeguarding human agency in increasingly digital environments.

Steve was joined on the panel by Ankur Banerjee, Co-chair of Technical Steering Committee, Decentralized Identity Foundation; Drummond Reed, DIF Community Member; and Sebastian Rodriguez, Strategy Advisor, Privado.ID.

Watch the panel discussion.

Hosted by KuppingerCole, the annual European Identity and Cloud Conference is Europe’s premier event on digital ID, security, privacy, and governance in an AI-driven world. This year’s conference, which attracted 1500 attendees to 230 sessions over four days, focused on shaping the future of digital identities.

Anonyome Labs was proudly a silver sponsor of the conference, which is now in its 18th year.

See the EIC 2025 wrap-up.

Anonyome Labs and cheqd discuss learnings from the EIC

Following the 2025 EIC, Dr Ashley spoke to cheqd CEO Fraser Edwards about the key learnings from the conference, particularly:

The latest developments in decentralized identity and verifiable credentials and progress towards the EU DI Wallet
AI agent identity and the issues around delegating trust to AI agents and providing authorization control

Listen to their conversation.  

Anonyome Labs’ suite of robust, market-ready software products have been deployed by leading brands across diverse industries worldwide. By offering developer-ready SDKs and APIs, Anonyome enables the seamless integration of decentralized identity capabilities for wallets, issuers, and verifiers. This supports the global shift towards decentralized and user-centric digital identity management, empowering organizations to adopt secure, scalable, and future-proof solutions.

Explore Anonyome Labs’ verifiable credentials solution

Schedule a demo

Read our whitepaper: Inside the Anonyome Platform.

You might also like:

KuppingerCole Greenlights Anonyome Labs’ Verifiable Credential Solution in $50B Future Industry cheqd and Anonyome Labs Partner to Transform Digital Identity  Anonyome’s DI Mobile Wallet SDK Now Offers Even More DI Trust Infrastructure Options Go Inside Version 3.0 of the Most Advanced Mobile Wallet SDK on the Market Verifiable Credentials – the Killer Feature of Decentralized Identity

The post Anonyome Talks Digital Wallets, Personhood Credentials & AI at EIC 2025 appeared first on Anonyome Labs.

Knowing your AI agent will be the cornerstone of successful agentic AI — along with knowing it’s your customer who’s interacting with it. ProvenAI and decentralized identity provide the compliance, security, and trust needed to deliver a smarter future for everyone.

SEATTLE, WA: June 2, 2025: Indicio today announced the development of Indicio ProvenAI, a digital identity infrastructure for AI agents and people to safely and securely authenticate each other and for people to be able to consent to share their data with an AI agent. ProvenAI’s use of Verifiable Credentials provides the trust needed for AI agents and agentic AI to access and use personal data for complex problem solving, enabling a revolution in digital products and services.

As AI agents begin to take on sensitive tasks—from travel planning to financial services—we need to verify who they are, confirm who they represent, and ensure they access our data and act only with our permission. ProvenAI brings a trusted identity layer to AI by using standards-based Verifiable Credentials and privacy-preserving protocols to establish cryptographic trust.

“AI is quickly moving into personal and high-stakes spaces where identity, consent, and data control are essential,” said Ken Ebert, CTO of Indicio. “ProvenAI gives developers and organizations the tools to build agents that can prove who they are and prove who you are—securely, privately, and with your permission.”

ProvenAI addresses a fast-emerging need across sectors like travel, finance, education, where AI is already being deployed. It is ideal for customer-facing AI systems, like chatbots that book travel, process loan applications, or assist with student services—where trust, authentication, and compliance are non-negotiable.

How ProvenAI Works Prove the AI agent is legitimate
AI agents present Verifiable Credentials to prove their identity and authorization when interacting with users or services. This prevents spoofing and phishing attempts, builds trust in automated interactions, and ensures that users are engaging with the correct application—not a fake or malicious impersonator. Consent to share personal data
Users share their identity information with the AI agent using Verifiable Credentials, giving explicit consent and control over what’s shared. This not only ensures privacy but also provides the agent with high-quality, authoritative data directly from the credential itself—improving accuracy, reducing errors, and enabling more relevant responses. Authenticate users without revealing data
ProvenAI uses biometric-linked credentials and zero-knowledge proofs to verify a user’s identity without exposing personal or sensitive information. This protects privacy, prevents data leakage, and enables strong authentication without the need to store or transmit raw biometric data—reducing risk for both users and organizations.

ProvenAI is built on Indicio Proven and aligned with EUDI, ISO, and W3C standards, delivering global interoperability with support for wide range of standardized credential formats—including SD-JWTs, mdoc/mDL, JSON-LD, and AnonCreds—and widely used communication protocols like DIDComm and OpenID4VC.

Join the ProvenAI Webinar

Learn more at the ProvenAI webinar on Wednesday, June 25 at 7:00 AM PT, featuring Ken Ebert, Mike Ebert, and Trevor Butterworth. The session will explore the technology, use cases, and how AI developers can get involved early.

Register here: https://www.meetup.com/indicio-identity-community/events/308142110/ 

For more information, visit indicio.tech or contact press@indicio.tech.

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post Indicio announces ProvenAI: A privacy-preserving identity infrastructure for AI agents appeared first on Indicio.

While the Canonical apport package flaw, tracked as CVE-2025-5054, could be leveraged to facilitate data leaks through PID-reuse, the systemd-coredump bug, tracked as CVE-2025-4598, could be abused to force crash a SUID process that would be replaced with a non-SUID binary to enable data exposure.

Extensive customer support services, including custom phishing page requests and tutorials, have helped Haozi gain traction among less sophisticated threat actors, with the PhaaS operation immediately gaining nearly 2,000 followers on Telegram after its initial community on the encrypted messaging app was dismantled.

Attacks began with the distribution of malicious emails containing QR codes or HTML attachments redirecting to phony Microsoft login pages, which have been underpinned by unique PHP resources, according to an analysis from Trustwave's Threat Intelligence Team.

We’re excited to share the latest updates on Permissioning the City (PtC). Our vision to transform how urban spaces are managed and shared by communities has taken some exciting steps forward with the development of our MVP (Platform 1.0).

Introducing the MVP — Platform 1.0

Check out our new video highlighting the core functionalities and vision behind the product. (Not all functionalities described in the video are currently accessible but the backend is there!)

Our MVP focuses on three critical areas:

Space Discovery: Making it easier to discover and access information about underutilised spaces. Rule-making: Enabling communities to collaboratively create, adjust, and iterate rules using our rule-template system. Community Decision-Making: Facilitating inclusive decisions and structured deliberation through an ‘explained vote’ system.

Throughout this development, we’ve actively worked with stakeholders — from commercial and non-commercial space managers to event organisers, artists, and administrators. Our three dedicated in-person workshops allowed us to test ideas such as collaborative rule-making, refine features, and fine-tune our feedback system directly with potential users. You can see our video here which features these engagements.

Our Recent Highlights

We’re excited to share some achievements from the past year:

Dubai World Government Summit: Featured in the Edge of Government exhibition, showcasing global innovations in public governance. Digital Innovation Award: Selected by South Korea’s Ministry of Science and ICT for the 2025 Digital Innovation Awards. Funder Validation: Successfully presented MVP to our funder, the National IT Industry Promotion Agency (NIPA), receiving encouraging support and validation. New Funding Secured: NIPA renewed our support for 2025–2026! We’re collaborating with regional institutions across South Korea— Incheon, Yongin, Daegu, and Jeonnam — to expand testing across private homes, shared offices/kitchens, and public squares. Melbourne Design Week: With RMIT, collaboratively exploring the potential of digital permission architectures in unlocking Australian cities. See event info here. What’s Next?

Next, we’re diving deep into testing the MVP across real-world environments to answer key governance and knowledge/data related questions, such as:

Self-selecting permissioning group with responsibility sharing:

Does this feature allow us to find a generally permissive balance of concerned parties, and find considerate and consensual ways for space to be activated? Should there be special members of the permissioning group which should always be involved as a safeguard, e.g. the space owner? (One way we can test this is having the permissioning group decisions reviewed by a responsibility holder — if the veto is never used, it would suggest that the responsibility holder may not necessarily always need to participate.) How do we avoid “tragedy of the commons” situations after something goes wrong? What processes do we need to define how these responsibilities are assigned as part of rule-making?

Rule-focused feedback:

Does focusing feedback on rules rather than individuals encourage compliance and reduce negative behaviours?

Asynchronous deliberation:

Will our voting system, which allows explanations and discussions, lead to broader consensus?

Collective intelligence generated through the use of the platform:

What meaningful data can we (responsibly) collect that will benefit both communities and local authorities — creating a positive feedback loop? What are the possible external use cases for this intelligence? What stakeholders might be interested? E.g. evidence-informed masterplanning Developing Platform 2.0: AI-Supported Adaptive Permissioning

Our new grant enables us to move towards Platform 2.0, a transformative phase introducing conversational, AI-supported dynamic permissioning. While decisions by peers will remain at the heart of Permissioning the City, AI will be used only to facilitate this process. Instead of cumbersome forms, users will interact naturally, negotiating space access through intuitive dialogues powered by small Language Models (sLLMs).

Highlights of Platform 2.0 include:

Adaptive permissions: Permissions that evolve dynamically based on real-time feedback, context, and outcomes. Trust & verification: Layered verification combining human, sensor, and machine inputs, secured by decentralised identity systems (DIDs) and privacy-enhancing technologies. Legal automation: Automatically generated contracts and insurance agreements based on the intents and care commitments agreed by peers. Conversational interfaces: Natural language dialogues facilitate real-time rule negotiations and dynamic governance. Core Design Questions Driving Platform 2.0 Dynamic cities: How can adaptive governance replace static control, fostering real-time, participatory space management? Decentralised trust: What robust verification systems (e.g., blockchain, multi-level checks) ensure permissions remain trustworthy? Contextual rule-making: Can organic rule creation emerge effectively from lived behaviours and evolving contexts? AI governance support: How effectively can AI agents assist in managing real-time space usage and adaptive rules, such as matching between space needs and availability, or proposing rule adjustments based on peer feedback? Dialogic permissions: Can we structure legal permissions conversationally, moving beyond rigid contracts to flexible, understandable agreements? Collaborative Development

The Permissioning the City Korean consortium includes key technology and government partners working towards shared outcomes.

Dark Matter Labs: Leading the conceptual design and back-end permissioning architecture Authrium: Providing decentralised identity (DID) solutions and zero-knowledge proof (ZKP) mechanisms to ensure privacy AP I&D: Managing conversational infrastructure and developing small language models tailored to localised AI engines DaonPlace and o2pluss: Responsible for civic branding, UI/UX design, and integrated payment systems Incheon Technopark, Jeonnam Information and Culture Industry Promotion Agency, Yongin City Industrial Promotion Agency, Daegu Technopark, and Inha University are jointly coordinating live pilot testing, local experimentation, and integration with the public sector systems to drive the development and deployment of Platform 2.0

We are finding that civic tech development in this phase is less about centralised, in-house production and more about building ecosystems — compiling modular parts from loosely connected collaborators. We’re enthusiastic about this next chapter in transforming how cities manage shared spaces — moving towards flexible, community-led, and intelligent permissioning solutions. Stay tuned for more updates as we continue this exciting journey!

An open invitation

We are only at the beginning of a journey to transform cities, and we are always looking for people to work with. If you want to support the development of PtC, or apply PtC in your own context or space, reach out to us at: ptc@darkmatterlabs.org.

Thanks to:
The team at Dark Matter Labs
Project/product holder: Eunsoo Lee, Eunji Kang
Strategic design: Calvin Po, Fang-Jui ‘Fang-Raye’ Chang
Software development: Donghun Ohn, Shu Yang Lin
Strategic and technical adviser: Indy Johar, Gurden Batra, Theo Campbell
Project administration: Doeun Kim

Design collaboration (UX & Branding)
GRAFIK P.L-F: Hyojeong Lee, Yuna Shin

Community engagement and coordination
Parti

Strategic coordination
Heedae Kim (Daegu Technopark)

Video production
LEJ Production

Research collaboration
Zeynep Uğur (HU University of Applied Sciences Utrecht)

Permissioning the City 2025 Update was originally published in Permissioning the City Product Journey on Medium, where people are continuing the conversation by highlighting and responding to this story.

With financial crime at all all-time high, AML Watchlist Screening Software has become a critical tool for financial institutions, fintech, and regulated enterprises. Learn more about how Watchlist Screening can help.

The post The Power of AML Watchlist Screening Software first appeared on ComplyCube.

KILT Protocol is entering an exciting new phase in its mission to enable real-world trust on the internet.

KILT’s technology, products, and tokenomics are undergoing a complete transformation with the goal of becoming a leader in the decentralized identity (DeID) sector. Developments include:

The establishment of the KILT Foundation dedicated to supporting the growth and success of KILT protocol. Expansion of the team and advisory council. A bold new product strategy to fulfill consumer app demand, complimenting our earlier focus on infrastructure and enterprise/government integrations. Growth beyond Polkadot to Base and the EVM world; opening to a user base orders of magnitude larger than before. Tokenomic improvements including a halt of inflation, and novel token utility. Continued pursuit and development of enterprise and government integrations; high-level working relationships with some of the world’s largest organizations.

With an ambitious new outlook, KILT is expanding and improving its contribution to Web3, the next phase of the internet where identity is portable, credentials are verifiable, and users retain full control.

Read on to find out about some of the products and updates for 2025 which will take the network to the next level, providing multichain tools around DeID for everyday internet users, enterprise and developers.

New Products and Services

The new KILT product portfolio will include the Clans InfoFi platform; the Sporran super app; decentralized identifiers (DeIDs) for individuals and as a service (DaaS); KILT Pay, linking credentials with real-world payments; and a software development kit (SDK) bringing KILT to Ethereum-compatible blockchains. These and more are are under active development and are planned to roll out through 2025, beginning with Clans in the next few weeks.

Clans: Rewards in the Attention Economy

The attention economy just got an upgrade! Built on KILT, Clans is a mobile-first InfoFi platform that lets you earn rewards for engaging with others and creating content — directly tied to your activity on X (Twitter). Available on iOS and Android, Clans enables you to rise through the ranks while supporting your favorite projects across any network.

In Web3, community is currency.

But building meaningful communities requires more than Discord bots or bounty boards. It needs measurable attention economics, social proof, and incentives aligned with contribution.

Post-to-Earn Mechanics: Join campaigns, post content, and earn Roar Points based on real engagement (likes, reposts, replies) and mindshare. Leaderboard Dynamics: Rise through the ranks and earn exclusive rewards by supporting campaigns. Mobile-First UX: Available on iOS and Android, Clans facilitates effortless engagement, particularly for mobile-first communities globally. Beyond KILT: Ecosystem-agnostic infrastructure allows other protocols to launch viral growth campaigns using Clans. Fully mobile-native; Clans turns attention into ownership. Sporran 2.0: Your Identity Super App

The Sporran 2.0 “Super App” brings decentralized identity to the real world. Not limited to Web3 and with frictionless onboarding, this multi-functional app lets you authenticate a decentralized single sign-on (SSO) and access secure digital signing (DIDsign), KILT Pay, and third-party integrations. So now you can manage your identity, credentials and tokens across the internet just using your phone.

Reimagining the Web3 Wallet.

Today’s Web3 wallets are great for storing tokens but fall short in managing identities and credentials, and providing utility. With Sporran 2.0, KILT is transforming its identity wallet into a multi-functional super app that unlocks decentralized identity in your daily digital life.

Claim & Present Credentials: Easily manage your KILT-based verifiable credentials (DIDs, attestations, proofs). Built-In Security: Leverages TEE (Trusted Execution Environments) and MPC (Multi-Party Computation) for secure credential and key management. Access Mini-Apps: Use Sporran as your gateway to DIDsign, KILT Pay, and third-party integrations. Single Sign-On (SSO): Authenticate seamlessly across dApps and Web2 platforms using KILT-issued credentials, eliminating the need for passwords or traditional wallets. Powered by OpenID Connect (OIDC) with relayers, for a secure, single sign-on access across services. Sporran is a Web3-native passport; not just for access, but for utility. DIDsign 2.0: The Web3 Signing Platform for Everyday Use

A decentralized alternative to DocuSign and Adobe Sign, DIDsign 2.0 is a verifiable, privacy-preserving signing platform. Based on the internationally-recognized W3C decentralized identifiers (DIDs), you can create and control your digital identity, storing it on your own device. With DIDsign you can use decentralized identities for document signing and credential-based access via your phone or device, with signatures verifiable on-chain without revealing document content. The platform also enables multi-party signing, great for quick and transparent contract approvals.

Bringing decentralized signature infrastructure into everyday workflows.

KILT is reimagining DIDsign as a fully-featured decentralized signing platform: a verifiable, privacy-preserving alternative to DocuSign and Adobe Sign.

Legally-Sound Document Signing: Sign contracts, agreements, NDAs, and invoices using decentralized identifiers and timestamped hashes. Credential-Based Authentication: Only signers with required credentials (e.g., verified KYC or professional affiliations) can access and sign. Auditability Without Surveillance: All signatures are verifiable on-chain, while document contents remain off-chain and encrypted. Team Collaboration: Manage multi-party signing flows, track progress, and issue countersignatures — all inside a unified interface. From DAOs signing grants to enterprises managing staffing contracts — DIDsign 2.0 brings decentralized signature infrastructure into everyday workflows. KILT Pay: Credential-Aware Payments Infrastructure

KILT Pay links your identity with real-world payments using verified credentials. This allows users and platforms to transact safely and seamlessly. Integrated with payment services, KILT Pay can be used for credential-based anti-money-laundering (AML) controls or non-custodial Know Your Customer (KYC) requirements without leaking personal data.

Web3 payments need more than just wallets and QR codes — they need verified, compliant identity.

KILT Pay bridges on-chain credentials with real-world payments, enabling merchants, platforms, and users to transact safely and seamlessly. Keep an eye on KILT X for announcements of collaborations with leading payment integrators.

Credential-based checkout and AML controls — without leaking personal data. Onboarding tools for fintechs, exchanges, and DAOs requiring non-custodial KYC. Pay for services with a tap, while proving eligibility or jurisdiction — no passwords, no screenshots, no friction. EVM SDK: KILT Identity for Every Chain

The EVM Software Development Kit (SDK) expands KILT identity solutions beyond the Polkadot ecosystem, bringing them to Ethereum-compatible blockchains. The TypeScript SDK makes it easier for developers to integrate KILT as identity middleware, with cross-chain portability and credentials that can be utilized by smart contracts across Ethereum, Base, Arbitrum, Optimism, Polygon and all Ethereum-compatible blockchains.

KILT’s identity layer becomes composable across ecosystems.

We will be releasing a complete EVM Software Development Kit (SDK) that brings KILT’s credential primitives to Ethereum-compatible chains.

Solidity Libraries: KILT credentials can be natively verified by smart contracts across a range of blockchains, including Ethereum, Base, Arbitrum, Optimism, Polygon, and other Layer 2 solutions. Cross-Chain Credential Portability: Credentials issued on KILT, validated across ecosystems. TypeScript SDK: Simplifies backend and frontend development with credential APIs. This makes KILT de facto identity middleware for the EVM universe. DID-as-a-Service (DaaS): Developer-Friendly Identity APIs

Verifiable identity shouldn’t require a PhD in cryptography.

DID-as-a-Service is KILT’s turnkey developer suite that lets any builder integrate decentralized identifiers and verifiable credentials into apps, platforms, and products — with just a few lines of code. Not limited to Web3 platforms, these can be used for secure log-ins, credential gating or age-restricted content, and embedded identity layers.

Use Cases: Identity-based logins for DeFi or Web2 portals. Credential gating for token sales, age-restricted content, or governance. Embedded identity layers for wallets, exchanges, AI agents, and more. Available via RESTful APIs and SDKs, DaaS lowers the barrier for integrating identity into high-scale applications. Token Migration

To pave the way for KILT’s ambitious multichain future, the community voted to migrate the KILT token to a new contract on the Base network. This process will begin in the near future; details will be announced on KILT X (Twitter). KILT holders will be required to migrate their tokens either via supported exchanges or manually by a self-custody route. A detailed how-to guide will be published via X and the KILT blog before migration begins.

The new token contract, the migration contract, and migration portal have recently completed a security audit with Certik.

These new developments on KILT Protocol aim to bring more trust and security to the internet without compromising on privacy. Follow KILT updates on X or on the blog. 🔗 A Unified Identity Layer for the Decentralized Internet: Why It Matters

Identity is the missing layer in decentralized infrastructure.

Without scalable, privacy-preserving, and composable identity primitives:

DAOs can’t onboard contributors with trust. DeFi protocols can’t scale responsibly or compliantly. Content and engagement can’t be credibly incentivized. Signing documents still relies on centralized Web2 vendors.

KILT solves this — with infrastructure, UX, and interoperability baked in.

📣 Get Involved

Whether you’re a:

dApp Builder looking to integrate login, credentials, or document signing, Ecosystem Project wanting to launch community campaigns via Clans, Enterprise seeking a decentralized e-signature alternative, Digital Identity Framework integration. User exploring DID-based identity ownership…

KILT is ready for you.

👉 Explore: Website: https://www.kilt.io Docs: https://docs.kilt.io Twitter/X: @KiltProtocol Email: hello@kilt.io

The decentralized internet will not scale without decentralized identity.
KILT is building the core infrastructure to power it — one credential, one signature, one community at a time.

Welcome to the new era of trust. About KILT Protocol

KILT is an identity blockchain for generating decentralized identifiers (DIDs) and verifiable credentials, enabling secure, practical identity solutions for enterprise and consumers. KILT brings the traditional process of trust in real-world credentials to the digital world, while keeping data private and in possession of its owner.

NexG Bhd is making a $15.38 million investment in a new production plant to manufacture high-security identity documents, part of its broader strategy to expand internationally, according to Biometric Update.

A growing number of South African organisations are grappling with shadow IT and unapproved AI tools, highlighting both the benefits and security risks of emerging technologies, according to identity security experts at CyberArk, according to ITWeb.

Nortons latest cyber threat analysis warns of a dramatic rise in AI-powered cybercrime, highlighting an urgent need for adaptive security measures, SecurityBrief United Kingdom reports.

A data breach at Cooper University Health Care may have compromised the personal and medical information of over 57,000 individuals, the health system confirmed this week, according to NJ.com.

The rapid rise of agentic AI is triggering fresh concerns over digital security, as the lack of robust human identity verification leaves systems open to fraud, unauthorized actions, and compliance breaches, reports Biometric Update.

In deze aflevering van de Data Sharing Podcast duiken we in de wereld van pensioenen en keuzebegeleiding. Host Caressa Kuk spreekt met Stefan Taubert (Stichting Pensioenregister) en Robert Harreman (Ockto) over hoe je mensen écht kunt helpen bij pensioenkeuzes en welke rol persoonlijke data daarin speelt.

The post Market & Buyer’s Guide for Anti-Money Laundering appeared first on Liminal.co.

🤝 Partnership Spotlight

Safle x DetaSecure Integration

We’re thrilled to announce a new partnership with DetaSecure! They provide next-gen solutions that protect your apps, DApps, data, and systems against today’s most complex threats. Their focus on AI security, blockchain risk, Web3 protection, and more helps businesses stay one step ahead.

Their vision is to build Smart Security Solutions for a Decentralized World, as well as recently introduced: OVF — Open Validation Framework

They are solving these problems with

⚡️ Decentralized Validators

⚡️ Restaking Security via @eigenlayer

⚡️Incentive-based reward systems

⚡️ Cross-chain validation support

Details you can find here: https://x.com/ovfxyz/status/1924924324844085723

We have explored integrating an embedded wallet solution for their platform, OVF, which aims to solve AI data validation challenges using blockchain with seamless Web3 onboarding, as well as working with the multichain module!

The partnership has the strength to get the next million users with secure data!

📣 Marketing Highlights

🎯 KYP (Keep Your Player) Dashboard Campaign is Live!

We’ve launched a targeted ad campaign to promote the KYP Dashboard Survey an initiative to collect critical insights from the Web3 gaming ecosystem.

👾 Who’s it for?

Blockchain game developers, aggregators, gaming enthusiasts, and Web3 visionaries.

🎁 Why participate?

First 20 respondents get $5 in USDT, Safle tokens, and early access to the KYP dashboard. Your feedback will directly influence our next-gen analytics and retention tools.

👉 Take the survey now: https://hgbopbs0vss.typeform.com/safle 👈

🛠 Product Updates

1. Login via Safle

The Safle embedded wallet now supports social login, allowing users to seamlessly authenticate using platforms like Google or Discord. This login mechanism is global, i.e. it’s not tied to any specific integration partner and works uniformly across the entire platform. It simplifies user onboarding while maintaining a consistent and secure authentication flow.

🚀 Ready for release

2. Developer Dashboard

The developer dashboard streamlines partner onboarding by providing a centralized interface to manage integrations and monitor usage. It offers key analytics such as total users created, login trends over time, and insights into inactive users. This empowers partners with actionable data and simplifies the overall integration experience.

🔧 User activity analytics for partners in development

Thank you for your continued support in shaping the future of Web3 with Safle.

The Safle Team

🚀 More updates coming soon!

The Heronad Campaign invites users to dive into the Monadverse through a thrilling series of six quests, blending the innovative capabilities of Herond Browser with the high-performance Monad blockchain. Designed to engage and excite the community, this campaign highlights the power of combining cutting-edge browser technology with scalable blockchain infrastructure to deliver epic rewards and foster ecosystem growth.

What is Heronad?

The Heronad campaign is one of Herond latest community campaign, launched on April 15, 2025. It features six engaging quests where participants can earn exclusive Monad NFTs and prizes over 20,000 $MON. The campaign highlights Herond’s ultimate ad-blocking solution, offering a clean online environment by effectively blocking all ads and Monad’s high-throughput, EVM-compatible Layer 1 blockchain, which supports up to 10,000 transactions per second with single-slot finality. This initiative introduces and promotes Herond Browser to Monad blockchain users, showing them the speed and convenience of the Browser.

Why Joining the Herond x Monad Campaign?

Participating in the Heronad event series offers a range of compelling benefits for users diving into the Monadverse. First, participants can compete in six engaging tasks to secure exclusive rewards, with all who complete all tasks earning a full set of Monad NFTs and $MON rewards for various activities, providing both digital collectibles and potential value. Additionally, giveaways throughout the series offer further chances to win $MON tokens and NFTs, boosting participation incentives.

By joining, participants connect with a vibrant Web3 community, contribute to the growth of innovative blockchain and browsing technologies, and position themselves at the forefront of decentralized ecosystem development, all while showcasing their skills in a dynamic, rewarding campaign.

How to Participate in the Herond x Monad Campaign Getting Started with Herond Browser Download and Setup

Download Herond Browser through this link.

Join the Community

Joining Herond’s community:

X: https://x.com/HerondBrowser

Telegram: https://t.me/herond_browser Discord: https://discord.gg/herondbrowser

Understanding Campaign Quests

During the event, there are 2 main phases that players need to pay attention to.

Phase 1 of the Heronad event series, running from April 15 to April 17, 2025, kicks off with an exciting announcement on April 15, introducing the campaign and its six-task series designed to reward participants with a full collection of Monad NFTs.

Hosted on the X platform, with additional announcements on Telegram and Discord, this phase features a $MON giveaway to draw in users. To participate, users must like, retweet, tag three friends, and provide their wallet address to enter the prize draw. On April 17, 50 randomly selected participants will each receive 10 $MON, totaling 500 $MON in prizes.

Phase 2 of the event series spans from April 18 to May 12. This event invites participants to engage in a thrilling six-task challenge to earn a full collection of Monad NFTs. Announced across X, Discord, and Telegram, this phase emphasizes active participation, with only those who complete all six tasks eligible for the grand prize.

The top 100 users who successfully finish every task will receive the exclusive Monad NFT collection, along with additional allocations determined by referral rankings, rewarding both dedication and community engagement.

Quest Structure & Information Phase 1: Introducing the event series Time: April 15 – 17. Announcement on April 15 and awarding on April 17 Implementation platform: X + announcement on Telegram and Discord

This phase aims to:

Giveaway $MON to attract users Introduction to the upcoming event series including 6 tasks to receive full collection of NFT Monad

Implementation method: Like + Retweet + tag 3 friends + wallet address to receive the prize

Prize: 500 $MON (10 $MON for 50 random people)

Phase 2: 6 task event chain Quest 1

Heronad Quest 1 begins with a fun warm up. Users only need to perform a few simple tasks as follows:

Download Herond: https://herond.org Have a Herond account and spend 14+ days on Herond Browser Follow @HerondBrowser and @monad_xyz Hangout in Telegram http://t.me/herond_browse and Discord http://discord.gg/herondbrowser Level up to Verified on Discord and dive into Action Surge (details in Discord) Quest 2

Continuing with Quest 2, to stay validated for the campaign, you need to:

Join the Action Surge event on Discord: http://discord.gg/herondbrowser Earned at least 15 points from Action Surge by May 5th!

*Note: Joining Action Surge isn’t just a requirement, it’s your gateway to AMAZING rewards.

Quest 3

Quest 3 is on the go and you need to invite some of your friends to join the fun by the following steps:

Create your unique invite link within our Discord server. Each new friend who joins via your link and achieves the “Verified” role counts as 1 referral point. Follow the #referral-leaderboard channel on Discord to see your rank!

*Note: The Top 10 will share the 200 $MON prize pool. TOP 3 will each score a super cool Monadverse Chapter 1 NFT. Further than that, as OG/Early Supporters, you’ve automatically completed this quest!

Quest 4

Quest 4 asks you to snag your very own Heronad NFT on @MagicEden and boost your chances for more opportunities.

Join at: https://magiceden.io/mint-terminal/monad-testnet/0x1790ce27384412e93f842a1271c4b2836aab84a1 Timeline: April 28th to May 2nd Price: 0.5 $MON per NFT Supply: 10,000

For OG/Early Supporters only: You get the Heronad role for free. Automatically updated on Discord.

For Heronad Holder Benefits: Join an exclusive giveaway for 500 $MON + Purple Frens NFT! Head to Discord to find out how http://discord.gg/herondbrowser

Quest 5 & 6

Quest 5 & 6 has just landed, and here are the instructions for players:

For Quest 5, the quest link will be posted on Galxe to fill in the information. Users who complete all tasks will receive the Early Supporter role (users who already have this role will be upgraded to OG) In addition to Quest 6, there will be a quest asking users to post 1 article about what they like when using Herond Browser on X + hashtag #HerondBrowser #Heronad NFT reward + $MON for 10 posts with the highest interactions (Like + Comment + Retweet)

Reward: 200 $MON (10 people with the highest interactions) + 10 NFT Monad chapter 1 (5 people with the highest interactions)

Giveaway results will be announced on May 9th. Results of users eligible to receive full collection of NFT Monad will be announced on May 12th. Rewards will be transferred within 7 working days. Claiming Rewards NFT Rewards

If the prize is NFT Rewards. The process to claim is that the players join Discord, then go to the #submit_ticket channel, create a ticket, notify the admin to claim the NFT.

$MON Prizes

If you win $MON on Galxe, Galxe will automatically pay the reward to the player’s wallet address (Galxe collects player information in Quest 5 & 6)

If you win $MON in Quests on X, join discord, go to the ticket submission channel, create a ticket and notify the admin to claim.

Tips for users to be successful at the event

To maximize your success as a participant in the Heronad event series, follow these practical tips tailored to help players excel in the campaign’s structure and secure rewards like the full Monad NFT collection and $MON tokens

Act Fast in Phase 1 (April 15 – 17, 2025)

Jump into the initial giveaway by liking, retweeting, tagging three friends, and submitting your wallet address on X, as announced on April 15. With 50 random winners receiving 10 $MON each (totaling 500 $MON), early participation boosts your chances. Follow Herond and Monad’s X, Discord, and Telegram channels to stay updated on announcements and deadlines.

Complete All Six Tasks in Phase 2 (April 18 – May 12, 2025)

To qualify for the full Monad NFT collection, reserved for the top 100 participants, diligently complete all six tasks in the event series. Check X, Discord, and Telegram regularly for task details and ensure you meet each requirement. Missing even one task disqualifies you, so stay organized and track your progress.

Maximize Referrals for Bonus Rewards

Your ranking for additional allocations in Phase 2 depends on referrals, so invite as many friends as possible to join the campaign. Share your referral link strategically on social platforms or within Web3 communities, emphasizing the chance to win $MON and NFTs. More referrals increase your chances of ranking higher among the top 100.

Engage in Giveaways for Extra Prizes

Throughout Phase 2, additional $MON and NFT giveaways will be offered. Actively participate in these opportunities by following campaign updates and completing any required actions, such as liking posts or joining community events. These giveaways provide extra chances to earn rewards beyond the main tasks.

Join the Community for Support and Updates

Engage with the Heronad community on Discord and Telegram to get real-time tips, ask questions, and share strategies with other players. Community channels often provide clarifications on tasks or exclusive hints, helping you stay ahead. Participating in discussions can also keep you motivated and informed.

Set Up a Compatible Wallet Early

Ensure you have a wallet compatible with the Monad blockchain to receive $MON and NFTs. Follow any provided guides from Herond or Monad to set it up correctly before the Phase 1 giveaway deadline (April 17) and Phase 2 task completion (May 12). A verified wallet prevents delays in claiming rewards.

Stay Informed and Plan Ahead

Regularly check campaign announcements to understand task requirements and timelines. Create a schedule to tackle the six tasks in Phase 2, as some may require time or specific actions. Staying proactive ensures you don’t miss deadlines or opportunities to rank among the top 100.

By following these tips, you can enhance your participation in the Heronad event series, increase your chances of earning the exclusive Monad NFT collection, $MON tokens, and referral-based rewards, and fully immerse yourself in the exciting Monadverse community.

Conclusion

In conclusion, the Heronad event series, launched on April 15, 2025, offers participants a thrilling opportunity to engage with the innovative ecosystems of Herond Browser and the Monad blockchain while competing for exclusive rewards. This campaign not only rewards dedication but also immerses you in the future of privacy-focused browsing and high-performance blockchain technology, making it a must-join for Web3 enthusiasts eager to shape and benefit from the Monadverse

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Heronad Campaign: Unlock Epic Rewards in the Monadverse appeared first on Herond Blog.

A sidebar is a familiar element in web design, typically positioned on the left or right side of a webpage. It provides quick access to key information, enhances user experience, and improves website functionality. However, not all sidebars are beneficial. If poorly designed, they can clutter the page, distract users, or even slow down loading speeds.

So, how can you make the most of a sidebar? What are the best ways to optimize it for a smoother workflow? This article will guide you through everything you need to know.

Learn more: Why is my laptop so slow? How to speed up

What Is a Sidebar and Why Does It Matter?

A sidebar is a section of a webpage that contains supplementary content. It can include navigation menus, article categories, ads, search boxes, and other useful widgets.

The role of a sidebar depends on the website type. On news sites, it helps readers find related articles. For personal blogs, it showcases post categories or featured content. In e-commerce, a sidebar often houses product filters to streamline the shopping experience.

According to a HubSpot study, 42% of users still rely on sidebars for navigation, while 58% focus solely on the main content. This indicates that while sidebars remain valuable, they must be thoughtfully designed to avoid reducing user engagement.

How a Sidebar Enhances User Experience

Some websites have eliminated sidebars to emphasize their primary content. However, for many, this is still essential. It offers several key benefits:

Faster information access: Users can find relevant content without excessive scrolling or menu navigation. This is especially useful for content-heavy sites like news portals, blogs, and forums. Increased conversion rates: A well-optimized sidebar can house call-to-action (CTA) buttons, advertisements, or sign-up forms to grab attention. Crazy Egg reports that properly designed sidebars can boost click-through rates by up to 40%. Better SEO performance: Internal links in sidebars help Google index content more effectively, improving website rankings on search engines.

Learn more: How to Record a Video on Your Mac

5 Simple Ways to Optimize Your Sidebar for Productivity

Sidebars can either streamline your workflow or create unnecessary distractions. Here are five essential tips to make yours more effective.

Prioritize Essential Content

One of the biggest mistakes in sidebar design is overcrowding it with too much information. A cluttered sidebar overwhelms users and makes it harder to find relevant content. Instead, focus on the most important elements.

An effective sidebar should include only a search bar, post categories, popular articles, and clear CTAs. If your site is an e-commerce platform, keep it simple by displaying only product filters and shopping cart access. Personal blogs can highlight categories and featured posts without overloading the space.

Utilize WordPress Widgets Wisely

For WordPress users, optimizing a sidebar is much easier with widgets. These built-in tools allow you to add elements like article categories, recent posts, social media links, and email sign-up forms without touching code.

However, not all widgets add value. Too many can clutter the page and slow down your site. Carefully select only those that truly enhance user experience.

Choose the Right Position

There’s no universal rule for sidebar placement, but statistics show that 70% of websites position it on the right. This placement prevents it from disrupting reading flow, making it the preferred choice for content-driven sites.

On the other hand, e-commerce sites often place sidebars on the left to make product filtering more intuitive. If your website prioritizes navigation and interactivity, consider a left sidebar.

Reduce Distractions

A sidebar should aid user navigation, not become a source of distraction. Excessive ads, animated banners, or irrelevant links can clutter the space and reduce efficiency.

Regularly review your sidebar and remove unnecessary elements. If ads are essential, limit them to one or two strategically placed banners rather than flooding the sidebar with promotions. Google’s research suggests that cleaner, distraction-free sidebars help retain users 30% longer.

Personalize the Sidebar Experience

Customization is key to a truly effective sidebar. Allowing users to tailor their sidebar content enhances engagement and usability.

For example, a blog can let users select preferred categories to display. An e-commerce site can enable shoppers to save filter settings for future searches. Personalized experiences lead to higher satisfaction and better interaction rates.

How to Create and Modify a Sidebar in WordPress

WordPress provides multiple ways to add and edit sidebars. If your theme supports sidebars, simply navigate to Appearance → Widgets, where you can drag and drop elements as needed. For more advanced customization, use the Customize tool under Appearance to preview changes in real time.

If your theme lacks sidebar support, you can manually edit the functions.php file or install a plugin like Simple Custom Sidebar to add new sidebar functionality.

Important Considerations for Design

A well-designed sidebar should be simple, intuitive, and distraction-free. Here are key factors to keep in mind:

Regular performance checks: Ensure that your sidebar genuinely enhances user experience. If it doesn’t contribute to engagement or conversions, reconsider its content and design. Remove unnecessary elements: Not every website benefits from a sidebar. If it doesn’t add value, either streamline it or remove it entirely. Conclusion

A sidebar can be a powerful tool for improving navigation, boosting conversions, and enhancing SEO if used correctly. Thoughtful design and optimization ensure that it serves its purpose without overwhelming users. By implementing the five optimization tips outlined in this article, you can maximize the efficiency of yours, streamline your workflow, and create a more user-friendly website.

Learn more: How to Extract Text from Images: A Simple Guide

About Herond Browser

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post What is a sidebar? 5 Easy Ways to Boost Your Workflow appeared first on Herond Blog.

Ever wondered why a link opens in an app instead of your browser, or vice versa? Knowing how to detect if a URL opens in a browser or app is crucial for improving user experience, streamlining app development, and analyzing data effectively. Whether you’re a developer, marketer, or casual user, this quick guide offers simple, practical methods to identify URL behavior. From using tools and code to leveraging handy tips, discover how to easily detect if a URL opens in a browser or app and take control of your digital navigation!

Introduction about URL opens in browser or app

Understanding whether a URL opens in a browser or an app is essential for enhancing user experience and optimizing digital navigation. This introduction explores why detecting URL behavior matters and previews quick, effective methods to identify it.

What is URL?

A URL (Uniform Resource Locator) is the address used to locate a resource on the internet, such as a webpage, image, or file. It typically consists of a protocol (e.g., https://), a domain name (e.g., www.companyabc.com), and a path to the specific resource (e.g., /page), enabling browsers or apps to access and display content.

What do we need to know about URL?

To effectively navigate the internet, it’s essential to understand URLs (Uniform Resource Locators), which serve as addresses for locating online resources like webpages or files. Knowing a URL’s structure – protocol (e.g., https://), domain, and path – helps users and developers ensure seamless access to content in browsers or apps. URLs also play a key role in SEO, marketing, and security, enabling better user experience, campaign tracking, and safe browsing practices.

Why Detect If a URL Opens in a Browser or App?

Knowing how to detect if a URL opens in a browser or an app is essential for enhancing user experience and improving data analysis. Understanding URL behavior ensures links function as intended, boosting efficiency across various tasks.

Common Use Cases App Development: Ensuring URLs Trigger Apps (Deep Linking)

Detecting if a URL opens in a browser or an app is critical for app developers to ensure seamless deep linking, where URLs direct users to specific content within an app, such as a song in Spotify or a post in a social media app. By verifying whether a URL triggers the intended app (e.g., using schemes like “spotify://”) or falls back to a browser, developers can test and refine app functionality. This process ensures a smooth user experience and compatibility across platforms.

Digital Marketing: Tracking User Behavior Across Browsers or Apps

In digital marketing, detecting if a URL opens in a browser or an app helps marketers track user behavior and optimize campaigns. Understanding whether a promotional link directs users to a mobile app (for higher engagement) or a website (for broader reach) allows for better targeting and performance analysis. For instance, a campaign link for an e-commerce app might be tested to ensure it opens the app for logged-in users or a browser for new visitors. Tools like Google Analytics or Branch.io can leverage this data to refine strategies.

Link Testing: Verifying URLs Function Correctly on Different Platforms

Detecting if a URL opens in a browser or an app is vital for link testing to ensure URLs work as intended across various platforms. SEO professionals, content creators, or QA testers need to verify that links function correctly on iOS, Android, or desktop environments. By detecting if a URL opens in a browser or an app, testers can identify and fix broken links or misconfigured redirects, ensuring reliability and user satisfaction.

Benefits Enhances User Experience

Detecting if a URL opens in a browser or an app significantly improves user experience by ensuring links lead to the intended destination. For instance, a URL designed to open the Spotify app should seamlessly launch the app for users who have it installed, rather than redirecting to a browser, which can be frustrating. By confirming URL behavior, you can prevent misdirects and provide a smooth, intuitive navigation experience across devices, whether users are accessing content on iOS, Android, or desktop. This clarity makes digital interactions more enjoyable and efficient for everyone.

Optimizes Marketing Campaigns

For digital marketers, detecting if a URL opens in a browser or an app is key to optimizing campaign performance. Understanding whether a promotional link directs users to a mobile app (for higher engagement) or a website (for broader reach) allows marketers to tailor strategies and track user behavior effectively. For example, a campaign for an e-commerce app can be refined by ensuring links open the app for logged-in users. Tools like Google Analytics rely on this data to measure conversions, making it essential to detect if a URL opens in a browser or an app for data-driven marketing success.

Supports Debugging in Web/App Development

Detecting if a URL opens in a browser or an app is crucial for developers debugging web or app functionality. Misconfigured URLs, such as those failing to trigger deep links or universal links, can disrupt app features or user flows. By verifying whether a URL opens the intended app (e.g., a payment app like PayPal) or falls back to a browser, developers can identify and fix issues like broken links or incorrect redirects. This process ensures apps and websites work seamlessly across platforms, saving time and enhancing reliability during development.

Methods to Detect If a URL Opens in a Browser or App

Below are practical methods to identify whether a URL directs to a browser or an app, ensuring seamless navigation and functionality across platforms.

Manual Testing Manual Testing on Devices

Manual testing is a straightforward way to detect if a URL opens in a browser or an app.

Open the URL on a device (smartphone, tablet, or PC) using a browser or messaging app. Observe whether it launches a browser (e.g., Chrome, Safari) or an app (e.g., YouTube, Spotify). Test on multiple platforms (iOS, Android, desktop) to account for app installations or settings. Tip: If the app is installed, URLs like “youtube.com” may open the YouTube app; otherwise, they default to a browser. Inspecting URL Schemes

Checking the URL’s protocol can reveal whether it’s designed for an app or browser, making it a reliable method to detect if a URL opens in a browser or an app.

Examine the URL for app-specific schemes (e.g., “youtube://” for YouTube, “spotify://” for Spotify). Use tools like Postman or a browser’s address bar to input the URL and check for redirects. Verify if the device has the associated app installed, as this influences behavior. Tip: Custom schemes typically trigger apps if installed; otherwise, they may prompt a browser fallback. Using Browser Developer Tools

Browser Developer Tools offer a technical approach to detect if a URL opens in a browser or an app, perfect for developers needing detailed insights.

Open the URL in a browser and access Developer Tools (press F12 or right-click > Inspect). Check the “Network” tab for redirects or app-specific responses. Run navigator.userAgent in the console to identify the environment (browser or app). Tip: Use extensions like “User-Agent Switcher” to simulate app environments for testing. Leveraging Analytics or SDKs

Analytics tools and SDKs provide automated ways to detect if a URL opens in a browser or an app, ideal for marketers and developers tracking user flows.

Integrate tools like Google Analytics or Mixpanel to monitor where users land (browser or app). Use SDKs like Branch.io or Firebase Dynamic Links to track deep link behavior. Check platform-specific configs, such as Apple’s Universal Links or Android’s App Links. Tip: These tools log detailed data, helping confirm whether a URL triggers an app or browser. Using Online Tools or Extensions

Online tools and browser extensions simplify the process to detect if a URL opens in a browser or an app, especially for non-technical users.

Use tools like Redirect Checker or URL Profiler to analyze URL paths and redirects. Install browser extensions like “User-Agent Switcher” to mimic app or browser environments. Test the URL across different devices or emulators to verify behavior. Tip: Ensure tools are updated to support modern app protocols for accurate results. Tips for Optimizing URL Detection

To effectively detect if a URL opens in a browser or an app, applying optimization techniques ensures accuracy, efficiency, and a seamless process. These practical tips help streamline URL behavior analysis for developers, marketers, and everyday users, enhancing workflows and user experiences across platforms.

Test Across Multiple Platforms

URL behavior can vary depending on the device or operating system. So cross-platform testing is crucial to detect if a URL opens in a browser or an app.

Test URLs on iOS, Android, and desktop devices to observe differences. Check if apps like YouTube or Spotify are installed, as this affects whether the URL opens in the app or browser. Use emulators or virtual devices to simulate environments without physical hardware. Tip: Document results for each platform to identify patterns and ensure consistent behavior. Use Analytics Tools for Insights

Analytics tools provide valuable data to detect if a URL opens in a browser or an app, especially for tracking user behavior in marketing or app development.

Integrate Google Analytics or Mixpanel to monitor where users land after clicking a URL. Set up event tracking to capture app launches versus browser redirects. Analyze reports to identify trends, such as higher app engagement on mobile devices. Tip: Use UTM parameters in URLs to track specific campaigns and their outcomes. Optimize Deep Linking

Deep linking ensures URLs direct users to specific app content, and optimizing this process helps accurately detect if a URL opens in a browser or an app.

Configure Universal Links (iOS) or App Links (Android) correctly in app settings. Test deep links with tools like Branch.io or Firebase Dynamic Links to confirm app triggers. Verify fallback behavior to ensure URLs open in a browser if the app isn’t installed. Tip: Regularly update app configurations to align with platform changes. Ensure Security Checks

Security is critical when testing URLs to detect if a URL opens in a browser or an app, as malicious links can harm devices or compromise data.

Verify URLs come from trusted sources to avoid phishing or malware risks. Use URL scanners like VirusTotal to check for suspicious behavior before testing. Enable browser security features or extensions like Herond Shield for safe navigation. Tip: Avoid testing unverified URLs on personal devices; use a sandbox environment instead. Conclusion

Detecting if a URL opens in a browser or an app is a vital skill for enhancing user experiences, optimizing marketing campaigns, and streamlining app development. From manual testing and inspecting URL schemes to using browser tools, analytics, and extensions, the methods outlined in this guide make it easy to identify URL behavior accurately. Start applying these techniques today to ensure seamless navigation across platforms!

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Detect If URL Opens in Browser or App: Quick Guide appeared first on Herond Blog.

Introduction to web shortcut on desktop

Want to access your favorite websites with a single click, without navigating browsers or bookmarks? To create a web shortcut on desktop is to place a direct link to a website or web-based app right on your desktop, simplifying your online experience. Perfect for work, study, or casual browsing, web shortcuts save time and keep your digital tasks organized.

What is a web shortcut?

A web shortcut is a clickable icon or file on your desktop or device that directly opens a specific website or web-based application in a browser when clicked. Essentially, it acts as a quick link to access online content without manually typing the URL or navigating through bookmarks. For example, a web shortcut for “youtube.com” can launch YouTube instantly in your default browser. Web shortcuts save time, streamline workflows, and help organize frequent tasks, making them ideal for users, professionals, or students accessing websites regularly.

What is web shortcut used for?

A web shortcut is used to provide quick and convenient access to frequently visited websites or web-based applications directly from your desktop, streamlining digital tasks for users, professionals, and students. Web shortcuts are ideal for managing workflows, accessing tools like Google Docs or Spotify, conducting research, comparing products, or testing marketing campaign pages, making them a versatile tool for organizing and enhancing your online experience.

Why You Should Create a Web Shortcut on Desktop?

Creating a web shortcut on your desktop can transform how you access online content, making navigation faster and more efficient. Whether you’re a student, professional, or casual user, understanding why to create a web shortcut on desktop can save time and streamline your digital tasks. Here are the key reasons to adopt this simple yet powerful tool.

Key Benefits Saves Time and Effort

A web shortcut eliminates the need to type URLs or search through bookmarks, providing instant access to your favorite websites or web-based apps.

Example: A shortcut to “gmail.com” lets you check email with one click. Benefit: Reduces repetitive tasks, allowing you to focus on what matters. Boosts Productivity

For those juggling multiple tasks, creating a web shortcut on desktop organizes access to essential tools like Google Docs, Trello, or project dashboards.

Example: A shortcut to a Trello board speeds up project management. Benefit: Streamlines workflows, especially for professionals and students handling multiple online platforms. Simplifies Access to Web-Based Apps

Web shortcuts can link to web-based apps (e.g., Spotify, Notion) or Progressive Web Apps (PWAs), mimicking native app functionality without installation.

Example: A Spotify shortcut opens the web player instantly. Benefit: Offers app-like convenience directly from your desktop. Facilitates Research and Comparison

Web shortcuts make it easier to open multiple sites for research, shopping, or data comparison.

Example: Shortcuts to Amazon and eBay simplify price checks. Benefit: Speeds up decision-making by providing quick access to relevant sites. Use Cases Managing Work or Study Tools

For professionals and students, creating a web shortcut to desktop streamlines access to productivity tools like Google Docs, Trello, or learning platforms.

Example: A shortcut to a Google Docs project or Canvas course page speeds up task management. Why It Matters: Organizes workflows, reducing time spent navigating to essential tools for work or study. Conducting Research or Comparisons

Researchers, shoppers, or analysts can create a web shortcut on the desktop to quickly open multiple sites for data collection or product comparisons.

Example: Shortcuts to Amazon, eBay, and Walmart for comparing prices or product features. Why It Matters: Accelerates information gathering, making research or shopping decisions faster and more efficient. Supporting Marketing and Testing

Marketers and developers benefit from web shortcuts to access campaign landing pages, analytics dashboards, or test URLs.

Example: A shortcut to a marketing campaign page for quick performance checks. Why It Matters: Simplifies monitoring and debugging, enhancing efficiency in digital marketing or development tasks. Step-by-Step Guide to Create a Web Shortcut on Desktop

Creating a web shortcut on your desktop allows instant access to websites or web-based apps, saving time and boosting productivity. Whether you’re using Windows, macOS, Linux, or targeting web apps, this guide provides simple steps to create a web shortcut on desktop tailored to your platform. Follow these methods to streamline your digital workflow.

Creating a Web Shortcut on Windows

This method uses browser features or manual creation to create a web shortcut on desktop for Windows users.

Using a Browser (Chrome, Edge, Firefox, Herond Browser): Open the desired website in your browser (e.g., “youtube.com”). In Chrome, go to Menu > More Tools > Create Shortcut, check “Open as window” (optional), and click Create. In Edge or Firefox, drag the URL from the address bar to the desktop. In Herond Browser, go to three dashes on the top right -> Save and Share -> Create Shortcut -> then name the shortcut. Manual Method: Right-click on the desktop, select New > Shortcut. Paste the website URL (e.g., “https://www.youtube.com“), click Next, name the shortcut, and click Finish. Tip: Customize the shortcut icon by right-clicking > Properties > Change Icon. Creating a Web Shortcut on macOS

macOS users can create a web shortcut on desktop using Safari or Chrome for quick access.

Using Safari: Open the website in Safari (e.g., “gmail.com”). Click the Share icon and select Add to Dock, or drag the URL from the address bar to the desktop. Using Chrome: Open the website, go to Menu > More Tools > Create Shortcut. Check “Open as window” for an app-like experience, then click Create. Tip: Move the shortcut to the Applications folder for a cleaner desktop. Creating Shortcuts for Web-Based Apps

Web-based apps or Progressive Web Apps (PWAs) can have shortcuts that mimic native apps when you create a web shortcut on desktop.

Using Chrome or Edge: Open the web app (e.g., “open.spotify.com”). Go to Menu > More Tools > Create Shortcut (Chrome) or Install App (Edge). Check “Open as window” and click Create to add the shortcut to the desktop. Tips for Optimizing Web Shortcuts

Once you create a web shortcut on desktop, optimizing these shortcuts ensures they are efficient, organized, and user-friendly. These practical tips help maximize the functionality of your web shortcuts, saving time and enhancing your digital workflow, whether for personal use, work, or study.

Organize Shortcuts for Easy Access

Keeping your desktop tidy and shortcuts well-organized makes it easier to find and use them.

Group related shortcuts into folders (e.g., “Work,” “Study,” “Personal”) on your desktop. Name shortcuts clearly (e.g., “Gmail Work” instead of “Shortcut1”) to avoid confusion. Place frequently used shortcuts in an easily accessible spot, like the top-left corner of the desktop. Tip: Limit the number of shortcuts on the desktop to prevent clutter and maintain a clean workspace. Customize Shortcut Icons

Personalized icons improve recognition and make your shortcuts visually appealing.

Right-click the shortcut, select Properties (Windows) or Get Info (macOS), and choose “Change Icon.” Use website favicons or download custom images (e.g., a YouTube logo for a YouTube shortcut). Ensure icon images are high-resolution for clarity, ideally 32×32 or 64×64 pixels. Tip: Consistent icon styles (e.g., all square or circular) create a professional look. Test Shortcuts Regularly

Testing ensures your shortcuts function correctly and open in the intended browser or app.

Click each shortcut to verify it opens the correct website or web-based app. Check if the shortcut uses your preferred browser (e.g., Chrome, Firefox) by setting it as default. Update URLs if websites change (e.g., a redirected landing page). Tip: Test after browser updates or system changes, as they may affect shortcut behavior. Use Shortcuts for Progressive Web Apps (PWAs)

PWAs offer app-like functionality, and optimizing shortcuts for them enhances usability.

In Chrome or Edge, open the web app (e.g., “open.spotify.com”), go to Menu > More Tools > Create Shortcut. Check “Open as window” for a standalone app-like experience and save to the desktop. Pin PWA shortcuts to the taskbar (Windows) or Dock (macOS) for quick access. Tip: PWAs like Notion or Spotify may work offline, adding versatility to your shortcuts. Conclusion

Creating a web shortcut on desktop is a simple yet powerful way to streamline your online experience, saving time and boosting productivity. Whether you’re accessing frequently visited websites, managing work tools, or launching web-based apps, the steps outlined – using browsers, manual methods, or PWAs – make it easy to set up shortcuts on Windows, macOS, or Linux. Let’s start creating your web shortcut with out advise below!

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post How to Create Web Shortcut on Desktop: Quick and Easy Steps appeared first on Herond Blog.

Learn how Fastly boosted Super Bowl 2023 traffic by 46% with the same server fleet, improving performance, sustainability, and reducing carbon impact.

Hey Herondians!

What’s new in Herond land? This month, we’re bringing you the details on the latest Herond Browser update, celebrating the grand finale of the Heronad community campaign, and wrapping up the thrilling Season 3 of our Action Surge Discord event. Ready to explore?

Product Updates

The latest iteration of the Herond Browser, Version 2.1.6, is now live across all your devices!

In this update, we’ve upgraded the core framework to improve performance, stability, and responsiveness. This means snappier interactions, smoother feature behaviors, and better integration for future updates. Plus, improved bug tracking and error recreation tools help developers diagnose issues faster, leading to a more reliable experience for everyone.

In addition to these core improvements, we’ve also addressed wallet inconsistencies for a better, seamless experience and included a set of minor patches and important security updates, keeping Herond up-to-date with the latest data sets.

Our goal with Version 2.1.6 is to strengthen our foundation to support the many future updates we have in store. For a detailed look at all the changes, check out the full changelog on this X post.

Community and Events Heronad Campaign

The Heronad campaign has officially concluded, and what a journey it was!

We managed to pick out 26 lucky folks who each received the complete Monadverse NFT collection, Chapters 1 through 6, directly from us for completing all the Heronad Quests.

Over the campaign’s impressive 24-day run, we saw over 2700 of you jumping in, with thousands of interactions lighting up both X and Discord. And speaking of sharing the love, we showered you all with over 12,000 $MON in rewards.

Plus, it was amazing to see over 1,634 unique wallets mint the Heronad NFT in just five days!

In total, we gave away over 150 NFTs from the coveted Monadverse collection, spreading the Monadverse spirit far and wide. Thank you to everyone who participated and made the Heronad campaign such a vibrant success!

Action Surge – Season Three

Remember how we decided to keep the good times rolling by extending Season 3 all the way to May 12th? Well, it was totally worth it! Thanks to the Heronad vibes, we decided to pump up the rewards even more than usual.

Over the entire season, we held a whopping 8 giveaways, and you guys walked away with over 5,350 $MON worth of prizes! That included some seriously cool stuff like 12 Monadverse Chapter 1 and 4 NFTs. Even a Purple Frens NFT worth over 2,000 $MON found a lucky owner! We love being able to share these with you.

And the best part? We welcomed over 700 new friends who decided to join our Discord family! It’s always great to see the community growing.

Looking Ahead

The Herond Poker Tournament is making its comeback with more friends, partners, and greater rewards. Action Surge will be evolving to offer more impactful benefits. Plus, stay tuned for the next Herond Browser update, where we’re focusing on the VPN aspect.

Thanks for being part of the Herond journey. We’ll see you next month!

About Herond Browser

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Herond Browser: May 2025 Report appeared first on Herond Blog.

In a transformative move for the decentralized technology ecosystem, Kwaai and Verida today announced their intent to join forces to create a world-leading, end-to-end decentralized AI platform. This union brings together two highly complementary open-source technology stacks to empower a new generation of private, personalized, and user-owned AI applications.

The combined organization will unify Verida’s decentralized data and connectivity infrastructure with Kwaai’s decentralized AI systems to build a comprehensive, open-source solution to realize sovereign AI.

Working with Reza and the Kwaai team has been inspiring. Their dedication to open source, long-term thinking, and community building aligns perfectly with our mission to make personal technology and AI accessible to everyone. Our technologies complement each other in exciting ways, and we’re thrilled to take this step together. Chris Were, Verida CEO.

Verida’s gracious contribution accelerates the Kwaai mission by providing complementary components of personal data connectors and shared storage. By merging our two communities, we follow the example of Linux in demonstrating the power of open source to transform an industry. Reza Rassool, Kwaai Chair.

Today, Verida and Kwaai signed a memorandum of understanding to support the contribution of Verida’s technology to the Kwaai project. This agreement reflects our commitment to bringing our communities together and jointly exploring the future role of the VDA token and network.

A Shared Mission

At the heart of this initiative is a unified mission: to build open-source, decentralized, human-centric AI that prioritizes sovereignty, accessibility and personal agency.

This is not just a technology partnership — it’s a global movement towards reclaiming control over data, computation, and decision-making in the age of AI.

By joining forces Verida and Kwaai are accelerating the realization of personal AI, that empowers individuals, respects data sovereignty and leverages decentralized infrastructure to ensure user control.

Open source ecosystems thrive on modularity, and we expect the personal AI stack to involve multiple technologies working together. Verida’s decentralized identifiers make it possible to link diverse sovereign services — including compute, storage, and messaging. Verida’s encrypted decentralized database is just one of several storage components expected to power a flexible, full-featured personal AI platform.

About Kwaai Kwaai is a rapidly growing community of 850+ AI volunteers — a technical and policy think tank of designers, builders, and researchers supported by over 30 partner organizations. KwaaiNet: a peer-to-peer fabric supporting distributed AI — Built by the People, For the People. KwaaiNet aggregates unused and unsold processing in residential, enterprise, and cloud computing to deliver a digital public infrastructure accessible to all. KwaaiNet comprises a three-layered sandwich of a shared storage network, a community inference layer, and an Intentcasting network. Kwaai builds Personal AI focused on empowering individuals, respecting data sovereignty, and leveraging edge infrastructure such as KwaaiNet. The Kwaai Fundamental AI workgroups are driving cutting-edge research to enhance AI efficiency and capability. Areas of exploration include GraphRAG architectures, sub-quadratic neural networks, physics-informed neural models, state space modeling, and privacy-preserving methods like homomorphic confidential computing.

The Verida ecosystem includes:

A global community of 85k X followers, 30k Discord members, multilingual ambassadors, application builders, and data integrators Data connector framework enabling users to export and connect their existing data and services — like Gmail, Telegram, Slack etc. Self-sovereign confidential compute to facilitate private operations on personal data and services A proven decentralized database network for storing encrypted personal data Verida Vault web application enabling people to manage their data and connections Decentralized identifier and API key implementations to support personal identity and key management Verida Network Transition

The current Verida Storage Network, which has served as a critical testbed for decentralized storage and early AI integration, will cease operations on June 6, 2025. All users and builders must export their data before this date.

Going forward, the next iteration of Verida’s open-source infrastructure — tailored specifically for decentralized AI — will be developed and supported under a dedicated working group in the Kwaai community.

A New Vision for the VDA Token

Verida and Kwaai joining forces presents a unique opportunity to review the utility and scope of the existing VDA token. Originally designed as a decentralized storage credit, the combined organization has a much broader scope and the VDA token to become the basis for a universal community-driven economy for decentralized AI infrastructure. This will support access to personal storage, compute, and inference across a fully integrated, decentralized AI stack.

How You Can Get Involved

Join the growing community of decentralized AI pioneers:

Join the Kwaai Community: kwaai.ai/home/sign-up Investigate running a KwaaiNet Node: kwaai.ai/kwaainet Follow Verida and Kwaai on X to stay updated What’s Next?

This is a high-level announcement. In the coming weeks we will share more detailed plans with actionable steps members from both communities can take to support a smooth integration of technology, community and other key stakeholders.

Stay tuned. The future of decentralized, ethical, user-owned AI starts now.

Kwaai and Verida Join Forces to Accelerate the World’s First Open Source Personal AI Platform was originally published in Verida on Medium, where people are continuing the conversation by highlighting and responding to this story.

In a recent conversation with Paul Grassi (Principal Product Manager for Identity Services at Amazon), he mentioned that the ecommerce giant wants to move from verification to acceptance.

Traditionally, Amazon handled all the heavy lifting: scanning physical documents, running credit checks, and matching selfies to confirm a user’s identity. While effective, those steps create extra friction for customers and risk collecting more data than necessary.

Now, Amazon aims to accept digital ID credentials that have already been verified by trusted issuers (like state governments). 

Shyft Network, the trust protocol, has entered into a partnership with GetBit, a mobile-first cryptocurrency exchange in India, to support scalable regulatory readiness in one of the world’s fastest-growing digital asset markets.

As India sharpens its focus on regulation and responsible innovation in the crypto space, exchanges like GetBit are proactively stepping up. Through this partnership, GetBit will integrate Veriscope, Shyft Network’s compliance infrastructure, providing a seamless solution for FATF Travel Rule compliance. Unlike traditional approaches, Veriscope facilitates the exchange of verified user data between Virtual Asset Service Providers (VASPs) using cryptographic proof — ensuring compliance without compromising user privacy or operational efficiency.

For emerging exchanges operating in rapidly evolving markets, building trust through transparent and compliant infrastructure is critical. This collaboration reflects a growing demand for solutions that bridge the gap between privacy, decentralization, and regulatory alignment.

“As the digital asset space in India matures, there is a clear need for tools that simplify compliance without burdening users or platforms,” said Zach Justein, co-founder of Veriscope. “GetBit’s commitment to secure and accessible crypto aligns with our mission to embed privacy and compliance into the fabric of blockchain infrastructure.”

GetBit’s mobile-first approach, intuitive interface, and growing user base position it as an accessible onramp for crypto participation in India. The exchange emphasizes simplicity, transparency, and regulatory readiness — principles that resonate strongly in today’s market environment.

With this integration, GetBit joins a growing list of regional platforms across India choosing Veriscope to meet regulatory requirements without friction. The move reflects Shyft Network’s broader push to enable secure, compliant digital finance infrastructure in high-growth economies.

‍About Veriscope

Veriscope is the only frictionless FATF Travel Rule compliance solution, enabling VASPs to securely verify and share user data through cryptographic proof. Built on Shyft Network, it reduces complexity and risk while protecting user autonomy — trusted by leading VASPs worldwide.

About GetBit

GetBit is a user-focused Indian crypto exchange offering a simple and secure mobile-first trading experience. With an emphasis on regulatory alignment and market accessibility, GetBit is committed to supporting the next wave of crypto users in India.

Shyft Network and GetBit Powering Privacy-Preserving Compliance in India was originally published in Shyft Network on Medium, where people are continuing the conversation by highlighting and responding to this story.

Sometimes I cry Sometimes I lie Sometimes I try Sometimes I fly But mostly inside? I die

Continue reading on Clubwritter »

Web3 + AI + Fortune : Combination, New product Web3 + AI + Fortune-telling: A New Combination

Dear Metadium community,

Metadium will be showcasing real-world use cases of DID services. We will be introducing a variety of services that integrate with Metadium DID.

The first of these is the fortune-telling service ‘majoo’, which we are excited to share with you.

🌠 Introducing the Fortune-telling Service “majoo”

Fortune-telling has long been a subject of great public interest. Majoo reinterprets this in a modern way by offering “personalized daily insights tailored to your current state and personality.”

On June 16, 2025, the Metadium-powered fortune-telling service majoo will officially launch.

Majoo goes beyond basic fortune-telling. It offers personalized analysis of one’s temperament and flow using Metadium DID and AI technology.
It’s not just entertainment — it’s a guide for self-awareness and actionable life decisions.

▶️ Download majoo
Coming to Google Play and App Store in June.

🌟 Real-World DID Usage and AI Technology Power the Expansion of the Metadium Ecosystem

Majoo is a service that combines Metadium’s DID technology with AI.

As more people use majoo, the number of users issuing and utilizing Metadium DID will naturally increase.
The more frequently DID is applied in real-world services, the more it becomes embedded in practical ecosystems, ultimately accelerating the growth of Metadium’s overall infrastructure.

“Every new user makes Metadium stronger in the real world.”

The AI applied in majoo doesn’t just automate results. It analyzes your daily state, behavioral patterns, and personal tendencies to offer fortune readings that feel truly tailored to you.
As a result, user satisfaction and retention increase, and DID adoption happens naturally.

Furthermore, Metadium’s quick integration of AI — one of today’s most prominent tech trends — shows its commitment to staying on the cutting edge.
This strategic move enhances the user experience and drives the evolution of Web3 services in the Metadium ecosystem.

📢 Stay Updated — Join the Metadium Community

To receive updates on future releases and DID-based service announcements, subscribe to our community:

Website | https://metadium.com Discord | https://discord.gg/ZnaCfYbXw2 Telegram(EN) | http://t.me/metadiumofficial Twitter | https://twitter.com/MetadiumK Medium | https://medium.com/metadium

Thank you.

Metadium team.

Web3 + AI + 운세: 새로운 조합

안녕하세요, 메타디움 팀입니다.

메타디움 DID의 실생활 서비스와의 결합, AI 서비스 출시 등 다양한 사례들이 매주 순차적으로 공개될 예정입니다.

그 첫 번째로, 운세 서비스(“마주”)의 출시와 메타디움 DID 도입을 소개드립니다.

🌠 운세 서비스 ‘마주’ 소개

운세는 오랜 시간 많은 사람들이 관심을 가져온 주제입니다. 시대가 바뀌어도 ‘나를 알고 싶다’는 사람들의 본질적인 욕구는 여전히 유효하며, 그만큼 운세는 언제나 친숙하고 강력한 접근점이 되어줍니다.

2025년 6월, 메타디움 기반 운세 서비스 ‘마주(majoo)’가 정식 출시됩니다.

‘마주’는 단순한 운세를 넘어 매일 달라지는 나의 성향과 흐름에 맞춘 운세 경험을 제공합니다. 단순한 엔터테인먼트를 넘어 자기이해와 실생활 행동의 가이드가 제공됩니다.

▶️ ‘마주’를 만나보세요!

GooglePlay / AppStore 에 6월 출시될 예정입니다.

🌟 DID 실사용과 AI기술이 메타디움 생태계를 확장합니다

마주는 메타디움 DID와 AI기술을 결합한 서비스입니다.

‘마주’를 사용하는 사람들이 많아질수록, 메타디움 DID를 발급 및 활용하는 사용자도 함께 늘어나게 됩니다.

DID가 실제로 사용되는 사례가 많아지면 많아질수록, 메타디움 기술은 더 많은 서비스와 연결되고, 이는 메타디움의 생태계 성장으로 이어질 것입니다.

“한 명의 사용자가 늘어날 때마다,

메타디움은 현실 속에서 더 강해집니다.”

마주에 적용된 AI 기술은 단순히 운세를 자동으로 보여주는 수준을 넘어, 사용자의 성향과 흐름을 읽고, 실제 생활에 밀접한 가이드를 제공합니다. AI가 생성한 맞춤형 운세는 사용자에게 더 높은 만족도와 몰입을 유도합니다.

AI는 현재 가장 주목받는 기술 트렌드 중 하나입니다. 메타디움은 기술 흐름에 민감하게 반응하고, 적극적으로 DID 생태계에 접목하고 있습니다. 이는 단순히 기술 도입을 넘어, 미래형 Web3 서비스로의 진화를 가속화하는 전략적 선택입니다.

📢 매주 발표되는 소식을 받기 위해 메타디움 커뮤니티를 구독하세요

마주(운세)를 시작으로, 다양한 분야에서 DID의 적용과 AI 기술 활용 사례, 협업 소식이 매주 이어집니다.

Website | https://metadium.com Discord | https://discord.gg/ZnaCfYbXw2 Telegram(EN) | http://t.me/metadiumofficial Twitter | https://twitter.com/MetadiumK Medium | https://medium.com/metadium

감사합니다.

메타디움 팀.

Web3 + AI + Fortune : Combination, New product was originally published in Metadium on Medium, where people are continuing the conversation by highlighting and responding to this story.

Discover how Fastly helped a major North American broadcaster overlay customized ads on live streams—without adding latency.

On 29 May 2025, the US Department of the Treasury Office of Foreign Assets Control (OFAC), in coordination with the Federal Bureau of Investigation (FBI), sanctioned an entity called Funnull along with an associated individual, Liu Lizhi. Funnull is a Philippines-based cloud infrastructure provider that allegedly serves thousands of illicit websites such as phishing sites, fake trading apps, gambling websites, and pig butchering scams. In the accompanying press release, OFAC stated that Funnull has directly facilitated $200 million in victim-reported losses from pig butchering scams.

According to OFAC, Funnull has acquired IP addresses from mainstream cloud service providers to sell to cybercriminals to host illicit content. It is, therefore, reportedly a key enabler of so-called "infrastructure laundering", whereby cybercriminals relay their malicious traffic through U.S. cloud providers. The majority of cryptocurrency investment scam websites reported to the FBI are linked to Funnull. 

Funnull also provides additional services to cybercriminals such as automatically generating large numbers of similar website names and web design templates. Furthermore, Funnell obtained a code repository that allows web developers to maliciously alter code to redirect visitors of legitimate websites to scam ones, some of which OFAC was able to link to Chinese criminal money laundering.

As part of this action, OFAC sanctioned two cryptocurrency addresses on Ethereum and Tron. The two addresses have received more than $4 million.

The sanctioned Tron address has received funds directly from Huione Pay, part of Huione Group, which was recently found by the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) to be an entity of primary money laundering concern. Huione Pay is a payments and foreign exchange business, which our previous research has linked to laundering of the proceeds of pig butchering scams. 

Effective budgeting for data management is key to research compliance and sustainability. Under NIH’s Data Management and Sharing (DMS) policy, institutions must plan early for costs like storage, curation, repository fees, and compliance. These must be detailed in grant budgets. Platforms like myLaminin help by enabling accurate cost forecasting, secure storage, and efficient data stewardship—supporting institutions in meeting funder expectations.

Predictoor DF143 rewards available. DF144 runs May 29th — June 5th, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 143 (DF143) has completed.

DF144 is live today, May 29th. It concludes on June 5th. For this DF round, Predictoor DF has 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF144 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF144

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF143 Completes and DF144 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

Understanding KYC API Pricing is critical to choosing the right provider in 2025. Learning what factors push up pricing can help you secure the best deal for your organisation. This guide breaks down everything you need to know.

The post A Guide to KYC API Pricing in 2025 first appeared on ComplyCube.

At Ping, we are fully committed to providing customers with software they can deploy, run, and manage themselves—on their terms. This is especially critical for industries with strict compliance mandates, data sovereignty requirements, or architectural constraints that make public cloud or SaaS unsuitable. Whether you're in financial services, government, telecommunications, or healthcare, Ping’s self-managed platform gives you the control and flexibility you need—without compromising on innovation.

 

This release provides new features and capabilities for the many customers and partners who rely on Ping’s self-managed software to meet the most complex identity and access needs in regulated, high-scale, private cloud or hybrid environments.

 

With support for Ping SDKs, DevOps, Kubernetes, containers, virtual machines, and IaaS platforms like AWS and GCP, customers can confidently deploy Ping’s identity solutions in private and public cloud environments. These deployments are accelerated by a growing library of automation tooling, infrastructure-as-code templates, and partner-delivered services, reducing operational complexity and accelerating time to value.

 

Ping is uniquely suited to solve the most complex identity challenges for the world’s largest enterprises at any scale, for any identity type, via any deployment method.

 

These updates to the self-managed products now provide even deeper integration and alignment with the broader Ping portfolio—bringing together modern orchestration, zero trust enforcement, digital trust services, and hybrid deployment flexibility under one cohesive platform.

Will Groah’s record of business success, his experience in technology, and his deep knowledge of the decentralized identity industry will help propel Indicio’s market adoption and expand our success in delivering world-first solutions to customers in travel, education, and financial services.

By Trevor Butterworth

Seattle: MAY 28,2025: Indicio is delighted to announce that Will Groah has joined the Indicio Board of Directors to help the company chart its expansion as a global leader in decentralized identity technology and biometric authentication.

Will comes to Indicio with considerable experience in defense, national security, and technology, and having successfully built a company from zero to 300 employees with a successful exit. He has extensive experience in nurturing technology startups to sustainability and beyond.

“Will is one of Indicio’s earliest champions,” said Indicio CEO Heather Dahl. “He saw the transformative power of the technology we were building and how it could be deployed across every sector. Just as important, he also saw the strength of the team behind it — and our approach to business and our customers.”

“It’s easy to be carried away by new technology and to have visions,” said Will, “but it’s another thing to carry out technology transformation. That requires sweat, dedication, and really effective teamwork. I could already see decentralized identity as an era-defining technology — it makes the exchange of information, the underlying architecture of the digital world, faster, safer, and more streamlined — and that has a host of benefits. But with Indicio, I saw this vision becoming reality through an extraordinary display of willpower, talent, and ambition. That’s why I couldn’t wait to get onboard to contribute.“

Indicio has the energy of a juggernaut — and this team’s optimism, their astounding speed at problem solving and delivery, their total dedication to customers no matter what timezone — it’s all inspiring. They’ve proven the technology, the business model, and the ability to execute with global partners and customers. And now the market is taking off. At Indicio, it’s afterburner time — and I’m here for it.”

Will is a board member, advisor, and investor to several high-growth healthtech, sportstech, and fintech segments. Current projects include advising the development of a regional hospital system’s innovation division, board and advisor for sports tech management start-ups, and coaching.

“Will is a tremendous asset to Indicio because he brings so much experience with startup technology companies and with our investors,” said Ken Ebert, CTO at Indicio. Every team member has a deep appreciation for his insights, enthusiasm, and support. He is as tireless as we are and continually pushes us to think in novel ways and to formulate new applications and approaches to scale our business.” 

“There’s a bigger picture to the technology and solutions Indicio is implementing,” said Will. “It’s one where the world is being unnecessarily taxed by legacy technologies and approaches to identity and data. Taxed in terms of cost, taxed in terms of friction, taxed in terms of frustration. Indicio has created a technology for trust that eliminates this tax, leaving the world in a much better place. Better for business, because it is so much more efficient to act on trusted data. Better for people, because everything is simpler and seamless and more secure, and they have control over their personal data. Everything is trustworthy — provable and proven. I’m honored — along with a stellar team of advisors —to be helping Indicio build this future.”

Will joins Tom Plofchan as a strategic advisor. Read Tom’s announcement here.

About Indicio

Indicio is a global leader in identity verification, combining verifiable credentials with biometric authentication to create secure, interoperable solutions that enhance efficiency without compromising privacy or security. Our award-winning enterprise platform, Indicio Proven®, eliminates redundant checks and streamlines information verification with portable, reusable identity credentials. Built on privacy-preserving, standards-based technology, Indicio ensures seamless interoperability across industries while lowering costs and improving speed. With proven success in travel, finance, and government, we transform identity verification into a scalable, future-proof business advantage. Learn more at indicio.tech.

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post Entrepreneur and investor Will Groah joins Indicio as a board member and advisor to accelerate decentralized digital identity growth strategy appeared first on Indicio.

You’ve no doubt heard the saying, ‘Don’t put all your eggs in one basket’, but have you ever thought how it applies to data privacy?

The egg/basket advice is basically about spreading risk and diversifying assets, right? If all your valuables (eggs) are in one place (basket) and that place is compromised (basket breaks), you’ll lose all your valuables. Eggs are fragile and baskets break, so you’re facing a real risk, but it’s one you can easily mitigate by spreading your eggs across more baskets.  

And that’s where the link to data privacy comes in. If we put all our personal information in one place (the internet) by using it everywhere we interact online, then we risk losing all that information in one incident (data breach, identity theft, credit card fraud etc.). What’s more, we risk having it correlated by data brokers or ad tech, stolen by hackers, or sold by the service operator itself.

Here’s how it works: data broking services can collect enough data to determine (or infer) a user’s legal identity online, then they can track that user across the many different services and sites they access. By tracking users in this manner, these applications can correlate enough datapoints to assemble the full set of personally identifiable information (PII) about the user. This PII can divulge highly sensitive information about the user, such as medical history, personal finance, employment, social relationships and so on. Usually, this type of PII is information the user would prefer to remain private (at least outside of the context in which they want it to be used). On top of that, the user is at risk of those applications storing the information indefinitely, selling it to other organizations, or having it exposed through a data breach.

So, in our digital lives, ‘Don’t put all your eggs in one basket’ is really talking about compartmentalization—categorizing and separating our personal data into many different compartments to reduce the impact when it is compromised. Compartmentalization recognizes no system is perfect, breaches are always possible, so it’s wise to manage the risk. You might lose an egg or two, but you won’t lose them all.

Compartmentalization is widely regarded as the most powerful way to protect personal information. It means limiting access to information to only those people or organizations who need it in order to perform a certain task or function. Originating in the military with classified information, the concept can be further understood with another military term: ‘managing the blast radius’. In information security, compartmentalization is equally about spreading the risk so if there’s any impact (breach) we’ve limited the damage to our personal information and the harm and recovery effort are far less.

We already compartmentalize in the offline world. We organize our closets (socks in one drawer, gym clothes in another), our banking (separate accounts for everyday expenses, bills, savings and emergencies), and our email (filed in folders). We even compartmentalize our daily interactions (work/social) and our weekend activities (social engagements vs. family time). Compartmentalization in the online world is essentially the same—but arguably far more urgent.

Compartmentalization gives people control.Our digital privacy can feel as fragile as those eggs, but we can act to protect it in much the same way by separating our personal information into different compartments and limiting impact.

MySudo app makes compartmentalization simple.The MySudo app is based on the concept of a Sudo digital identity that allows users to talk, text, email, browse and pay privately and securely. A Sudo is a customizable digital identity that intentionally differentiates from a user’s legal identity and mitigates the risk to that user’s highly sensitive PII.

We all have many online accounts, and when we repeatedly use the same personal information to access these accounts, they become linked together. If a breach occurs on just one of those accounts, all our other accounts and their associated data are also at risk of being compromised.

Users can create up to nine different Sudos and use them in any context (e.g. for banking, selling on classifieds, catching up with friends, and booking travel). MySudo is compartmentalization at its simplest and best.

You might like:

Why Compartmentalizing Your Private Data is Simple with MySudo

How MySudo Lets You Control Who Sees Your Personal Info Online and in Real Life

From Yelp to Lyft: 6 Ways to “Do Life” Without Using Your Personal Details

Americans Say Data Privacy is a Human Right: 3 Apps that Achieve It How to Take Back Control of Your Digital Footprint: Get RECLAIM 1.1!  

The post Why Compartmentalization is the Most Powerful Data Privacy Strategy appeared first on Anonyome Labs.

The post The Evolution of KYB in the Banking and Digital Platforms Revolution appeared first on uqudo.

What Fortnite’s Darth Vader Reveals About the Future of AI NPCs

Recently, Fortnite made headlines by introducing a voice-interactive Darth Vader NPC powered by AI. Using advanced voice synthesis and language models, players could speak directly to Vader and receive real-time, dynamic responses. While groundbreaking, this move also sparked debate, especially around voice actor rights, AI safety, and content moderation.

At Union Avatars, we’ve been working on similar AI-powered NPCs in collaboration with NVIDIA, but with a core difference: we’re building tools designed to empower creators and companies to ethically bring avatars to life.

A New Era for NPCs

Through our partnership with NVIDIA ACE (Avatar Cloud Engine), we’re enabling developers to transform any 3D character into an intelligent, interactive NPC with:

Conversational AI that responds naturally and contextually Custom 3D avatars, created from a selfie or designed from scratch Real-time voice and animation, powered by NVIDIA’s Audio2Face technologies

Whether you’re building a game, a virtual store, or an educational platform, our tech makes it easy to create lifelike NPCs that feel truly human.

What Makes Our Approach Different?

Unlike the Darth Vader case, where concerns have been raised about replacing voice actors and lack of control over AI behavior, we focus on creator control, transparency, and ethical deployment. Here’s how:

Consent and custom voice options: use your own voice or synthetic voices with full permissions Full behavior control: define what your NPC can or can’t say, with safe and brand-aligned prompts No-code setup: our AI NPC system is accessible to both developers and creative teams The Future of NPCs Is Here

We believe AI-powered avatars are not just a trend, they’re a new creative frontier. Whether it’s a helpful shop assistant in a virtual store or a or a front desk assistant in a hotel, Union Avatars is building the tools to make them possible.

Want to see it in action?

Ready to Build Smarter NPCs?

With Union Avatars and NVIDIA ACE, the future of interactive characters is already here. Whether you’re creating games, virtual worlds, or branded experiences, we give you the tools to bring AI-powered avatars to life ethically, creatively, and at scale.

🔗 Explore the full demo and start building today.

The post AI NPCs in Fortnite? Here’s Why Union Avatars Is Already Ahead appeared first on Union Avatars.

In the fast-moving world of blockchain infrastructure, selecting the right foundation is no longer just a technical decision. That’s why House Party Protocol (HPP) is proud to announce an integration with Arbitrum, the leading Ethereum Layer 2 ecosystem, to power the HPP chain. This announcement represents a major step forward in HPP’s vision to build a truly AI-native, data-centric Layer 2 that empowers decentralized intelligence, real-world data tokenization, and autonomous digital organizations.

From the outset, HPP has been envisioned as more than just another chain. Now actively under development, it is being purpose-built to support a new class of applications powered by AI, decentralized data, and verifiable logic. These next-generation use cases demand scalability, modular architecture, and seamless compatibility with Ethereum.

With AIP-22 officially approved, HPP will launch its new Layer 2 based on the Arbitrum Orbit Stack, becoming one of the first AI-centric networks in the Arbitrum ecosystem uniquely backed by an enterprise-grade Layer 1 (Aergo Mainnet).

In the coming months, HPP will:

Pursue grant and integration opportunities with the Arbitrum Foundation Align with leading Arbitrum-native DeFi protocols to secure liquidity Launch developer incentives, quests, and community onboarding campaigns to accelerate adoption

This announcement is about more than infrastructure. In an industry often dominated by short-term trends, both Arbitrum and HPP are committed to long-term utility, decentralized governance, and sustainable growth. As we build toward a future where AI and blockchain converge, HPP and Arbitrum are laying the foundation for a new category of applications — intelligent, autonomous, and decentralized from the ground up.

HPP x Arbitrum: Building the AI-Powered Layer 2 of the Future was originally published in Aergo blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

When it comes to compliance, decentralization is changing the game. As regulations tighten and cyber threats grow, financial institutions are turning to innovations like edge computing, self-sovereign digital identity (SSI), and AI-powered transaction monitoring with blockchain-secured logs to protect sensitive data and streamline KYC, KYB, and AML processes.

These technologies make compliance not only stronger but smarter—here’s how they’re reshaping the future of risk management.

 

1. Edge Computing: Secure Data at the Source

Traditional compliance systems transmit customer data to multiple cloud servers and subprocessors—introducing risks along the way.

Edge computing eliminates those vulnerabilities by encrypting and verifying data directly on the user’s device or at a local edge node before it’s ever transmitted. This means:

Minimal data exposure: Sensitive information never travels further than it needs to. Faster processing: Verification happens in real-time, cutting down delays in customer onboarding. Built-in compliance: Local data processing aligns with regulations like GDPR and CCPA by keeping data within jurisdictional boundaries.

 

2. Self-Sovereign Digital Identity: Empowering Customers and Reducing Risk

SSI puts customers in control of their own verified identity data. Instead of handing over unnecessary personal information during onboarding, customers share only what’s needed through secure, verifiable credentials.

For compliance teams, this means:

Less liability: No need to store excessive customer data, reducing your exposure in the event of a breach. Enhanced verification: SSI credentials are cryptographically secure and harder to forge. Better customer experience: Clients appreciate the transparency and convenience of sharing verified information without repeated forms or unnecessary data requests.

 

3. AI-Powered Transaction Monitoring and Blockchain-Secured Logs

Blockchain-secured transaction logs provide an immutable, transparent record of transactions, while AI-powered monitoring enhances fraud detection. Instead of static or batch reviews, AI scans blockchain-based records in real-time to:

Identify complex transaction patterns that signal money laundering. Flag connections to sanctioned individuals or flagged entities. Analyze historical and current data simultaneously to detect trends, not just single red flags.

The combination of blockchain’s tamper-proof nature and AI’s processing power strengthens audit trails and improves AML screening accuracy without increasing manual workloads.

 

The Decentralized Advantage

Edge computing ensures that data stays local. SSI reduces your liability footprint by decentralizing identity control. AI-powered monitoring transforms static reports into proactive, real-time risk detection. Together, these innovations make compliance faster, more secure, and more customer-friendly—without compromising on privacy or performance.

Decentralization isn’t just the future of compliance—it’s happening now. With iComply’s platform, you can embrace these innovations to strengthen your KYC, KYB, and AML processes. Let’s lead the way to a more secure, decentralized future.

To support FAIR and Open Science principles, research projects must capture metadata across three categories: descriptive (e.g., title, keywords), administrative (e.g., funding, ethics), and technical (e.g., file formats, tools). Structured metadata makes research discoverable, accessible, ethical, and reusable—extending its value. Tools like myLaminin streamline this through integrated metadata capture and research data management.

Fight bots, not customers! Learn to balance security & user experience. Insights from Fastly & industry experts. Watch the webinar now!

Indicio’s decentralized identity technology supports the broadest range of open standards, credential formats, and communication protocols to facilitate global interoperability.

By James Schulte

As more governments step into the world of digital credentials, the Mobile Driver’s Licence (mDL), is emerging as the first credential that many people will likely carry in their digital wallets. But a digital driver’s license isn’t the whole journey when it comes to digital identity: It’s just one of many different digital credentials that we’ll use to prove who we are and to share data in a verifiable, tamper-proof way. 

This is why Indicio supports the widest possible range of open standards, credential formats, and advanced communication protocols for deploying decentralized identity: SD-JWT, W3C Verifiable Credentials, AnonCreds, JSON-LD, Open Badges 3.0,  DIDComm, OID4VC, and yes, mDL.

Because real-world identity isn’t a single road. It’s a map of different paths, winding through industries, ecosystems, and use cases.

Here, we explain why mdoc/mDL is joining the list of technologies supported in the Indicio Proven® technology stack.

mdoc/mDL

A Mobile Driver’s License (mDL) is a type of document that resides on a mobile device, generically known as an mdoc. Thus, an mDL is a particular type of mdoc, one that enables the attributes of a driver’s license to be held on a mobile device in a machine-readable way. The mDL is specified by the ISO/IEC 18013-5:2021 standard. 

Presently, 30 U.S. states have implemented or are implementing mDLs. In March 2025, the European Union’s Parliament mandated a uniform mobile driving licence that will work with EU-specified digital wallets by 2030.   

Some of the benefits of an mDL include:

Improved security: Each time you present an mDL for verification, it generates a new cryptographic presentation of the data.  Interoperability: As an mDL follows the international mdoc standard, it can be used across states and countries. All mDLs have the same data structure and are verified in the same way. A recent example of the mDL’s interoperability comes from New Zealand’s NZ Verify App, which enables mDL credentials issued from a growing list of regions to be verified. Offline availability: An mDL is designed to be either presented online or in person using Bluetooth Low Energy or NFC for “tap & go,” “scan & request,” or “tap & hold” interactions with an electronic mDL reader, which allows an mDL to be verified without either party needing to be online. Privacy: The mDL allows data in the license to be selectively disclosed, so you can share just your age or address, for example, without revealing anything else.

One peculiarity: part of the mDL spec ensures that issuers — governmenst — can’t see where licenses are being verified, so a specific holder can’t be tracked and profiled; but, another part of the spec also makes this possible, so user privacy is dependent on how a specific mDL instance is implemented.  

When an mDL/mdoc isn’t the best fit

If your identity authentication needs require more information than that contained in a driver’s license, then you need to use Verifiable Credentials (VC). These  can be configured to hold different kinds of data in a tamper-proof way, including biometrics, and can use secure communication protocols for semantically rich interaction between credential holders, issuers, and verifiers. 

For example, you can create a digital equivalent of a passport with a Verifiable Credential, and you can integrate that with other credentials (such as a visa and boarding pass credential) to share more complex data. An mDL is and always will be just a driver’s license. 

The mdoc format does not have the same flexibility in terms of data formats or communication protocols. If you are a school district issuing staff IDs or a company setting up passwordless login, Verifiable Credentials are a better option. Similarly, if you want to issue diplomas or certificates, the Open Badges 3.0 format meets these specific needs best. 

The mdoc/mDL is also a comparatively complex technical specification to implement, whereas a simple VC solution can be up and running in hours and a country-level deployment can be implemented in a few weeks.

One credential will not rule them all

We’re not moving toward a world where one credential will rule all use cases. We’re heading toward a world where different credentials work together. 

Governments are issuing mDLs but they will also issue digital passport credentials (ICAO DTC Type 2 credentials). Many organizations will want to implement DIDComm to take advantage of secure communication with credential holders, or they may choose to use OID4VC to take advantage of their existing authentication protocols.

Each use case brings its own needs for implementation, interoperability, privacy, simplicity, and usability.

Indicio connects digital identities

Indicio was the first to successfully combine two key global credential formats and protocols in a single workflow for international travel: DTC Type 1 using AnonCreds and DIDComm and IATA One ID using OID4VC.

Now, we’re adding mdoc/mDL to our stack. 

We’re committed to giving our customers the best solution for their needs and to making that solution interoperable.

Whether you’re just getting started or already deep into development, we’re here to help you choose the right specifications and credentials for your project—and make sure they work seamlessly with everything else.

Want to talk about which credential type is right for your project?
Get in touch with us at Indicio

###

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post mdoc, mDL, and choosing the right digital credential for the job appeared first on Indicio.

🤝 Partnership Spotlight Keep Your Players with Safle A Growth Toolkit for Web3 Games

We’re building the next generation of growth tools tailored for Web3 gaming and we want your input.

If you’ve ever faced:

⚡️ Limited insights into player behavior ⚡️ Fragmented player identities across games ⚡️ Ineffective incentive mechanisms

We’re inviting game developers, community managers, and studios to help shape our KYP (Keep Your Player) initiative.

➡️ Contribute your expertise

Token2049 Dubai + Game Terminal V2 Partnership

Earlier this month, our team attended Token2049 Dubai, where we engaged deeply with leading builders in blockchain gaming.

🔗 Event Recap

Also, we’ve partnered with Game Terminal V2, an emerging aggregator bringing 10–20 games to our platform. Safle’s infrastructure will power:

Unified identity logins In-depth player analytics through Lens integration

This marks another leap in positioning Safle as the go-to infra layer for Web3 gaming.

📣 Marketing Highlights Strategic Foundations for a New Era

While we kept social channels intentionally low-key, we’ve been laying the groundwork for major upcoming campaigns:

Promoting KYP (Keep Your Player) metrics across Web3 gaming communities Engaging with builders and studios to refine our offerings Preparing launch content for Project Phoenix a community-powered initiative for Web3 security awareness

Born from a recent X (Twitter) compromise, Project Phoenix is turning adversity into action under the banner of #GuardTheChain. We’re creating a library of:

Blogs Videos & GIFs Real user stories

… all aimed at building a safer, more resilient Web3 space.

Previous Highlights Recap 🧠 Thought leadership post on identity-first Web3 gaming: Read Here GTM strategy in development for Unified ID Partner game onboarding content coming soon 🛠 Product Updates ✅ Recently Completed Cross-chain swaps integrated on embedded wallets — enabling seamless swapping and bridging of assets across networks. 🛡 Upcoming Enhanced social login rollout Unified ID campaign rollouts and partner onboarding

Thank you for your continued support in shaping the future of Web3 with Safle.

The Safle Team

🚀 More updates coming soon!

A crash course on securing AI agents and humans

Luxembourg & San Salvador, El Salvador, 27 May 2025 – Tokeny, a leading provider of onchain finance solutions, has been selected by Ditobanx, a licensed Digital Asset Service Provider (DASP) in El Salvador, to facilitate the successful launch of COINGT, a $325 million tokenized infrastructure initiative.

Backed by shares in the Interoceanic Corridor of Guatemala (CIG), the token represents a major milestone in the tokenization of real-world assets (RWAs) and sets a new standard for blockchain-driven infrastructure financing in Latin America.

The launch of COINGT was carried out under the regulatory approval of the National Digital Assets Commission of El Salvador, leveraging the country’s forward-thinking legal framework for digital assets.

Every market is different, and local leadership is essential. This launch is a perfect example: we provide the technology, while Ditobanx brings the regulatory expertise, market access, and everything else needed to make tokenization work smoothly. Latin America has huge potential, and infrastructure is the foundation for its growth. By making financing more accessible, Ditobanx is accelerating regional development in a way that was previously out of reach. Luc FalempinCEO of Tokeny

CIG is a transformative infrastructure project connecting the Atlantic and Pacific Oceans through a 372-kilometer corridor. The initiative includes two deep-sea ports, a double-track railway, a hydrocarbon pipeline, and large-scale industrial and logistics zones. Designed to position Guatemala as a key logistics and energy hub, the project is expected to have significant economic and social impact across Central America.

Tokenization opens up financial access. Infrastructure financing has long been inaccessible to many, especially in developing regions. Through COINGT, we’re enabling local and international investors to participate in a transformative project that will reshape trade, logistics, and opportunity across Central America. Guillermo ContrerasCEO of Ditobanx

El Salvador is moving beyond Bitcoin headlines and quietly building the first regulated digital asset economy in the region. With Ditobanx as a licensed DASP and Tokeny providing the white-label and institutional-grade onchain finance operating system, COINGT demonstrates how regulatory clarity, onchain compliance, and local operators can work together to bring real-world tokenization to life. It offers a blueprint for how other emerging markets can unlock capital through compliant tokenization innovation.

About Ditobanx

Ditobanx is a digital financial solutions company dedicated to transforming the way individuals and businesses interact with their finances. With a strong presence in Latin America and plans for expansion, Ditobanx continues to innovate to provide the best financial tools on the market.

About Tokeny

Tokeny is a leading onchain finance operating system. Tokeny has pioneered compliant tokenization with the open-source ERC-3643 T-REX standard and advanced white-label software solutions. The enterprise-grade platform and APIs unify fragmented onchain and offchain workflows, integrating essential services to eliminate silos. It enables seamless issuance, transfer, and management of tokenized securities. By automating operations, offering innovative onchain services, and connecting with any desired distributors, Tokeny helps financial actors attract more clients and improve liquidity. Trusted globally, Tokeny has successfully executed over 120 use cases across five continents and facilitated 3 billion onchain transactions and operations.

Website | LinkedIn | X/Twitter

The post Ditobanx and Tokeny Partner to Bridge the Atlantic and Pacific Oceans With Tokens appeared first on Tokeny.

The UK’s National Cyber Security Centre (NCSC) has recently evaluated and addressed the potential threats and risks associated with Artificial Intelligence (AI) in cyber security.

Following the Bletchley Park AI Safety Summit in 2023, the UK and a number of other countries, signed a declaration that, for the good of all, AI should be designed, developed, deployed, and used, in a manner that is safe, in such a way as to be human-centric, trustworthy and responsible.

The post The impact of AI in cyber security appeared first on Veracity Trust Network.

“The tech is ready for decentralization. The governance is not.“

A Digital Identity Digest Why Governance Decides If Decentralization Works Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 10 seconds 00:00 / 00:11:23 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

This is the final post in a four-part series exploring decentralization not as a buzzword, but as a series of hard tradeoffs that digital infrastructure teams, architects, and strategy leads must navigate.

In Engineering Meets Economics, we explored why resilience depends on the ability to shift between centralized and decentralized systems, not cling to one model. In How Decentralized Are You Willing to Pay For?, we talked about the very real costs of optionality: complexity, coordination, and duplicated capabilities. And in Redefining Success, we looked at why our success metrics often reinforce centralization—even when it’s no longer serving us.

So if we know decentralization has value, and we know it’s technically feasible… why does it still fail in practice?
Because the tech might be ready, but governance is lagging behind. This makes sense because governance means politics, and politics are hard.

Decentralization Doesn’t Mean Disorder

Most enterprise folks hear “decentralization” and think:

Increased risk Lack of visibility Slower coordination No one in charge when something breaks

But that’s not a property of decentralization; it’s a symptom of missing or immature governance.

We see this all the time in digital identity:

A federation that works technically, but has no process for resolving disputes A wallet ecosystem that’s privacy-preserving, but can’t agree on what metadata is mandatory An access system that’s delegated, but lacks revocation mechanisms that everyone honors

If you’re a technologist, this probably sounds familiar. Governance gaps show up as operational issues: broken policy syncs, inconsistent audit trails, revocation flows that only work in theory. If your service mesh or access broker assumes everyone interprets “suspend access” the same way—but no one agreed on what that means—you’ve built an elegant mess.

When decentralization fails, it’s often not because the protocols were bad. It’s because we didn’t define who gets to decide, update, delegate, or enforce—and under what terms.

Governance Is Infrastructure

If decentralization is the design pattern, governance is the scaffolding.

And here’s the important part: we already know how to build decentralized tech. The internet itself is built on decentralized protocols: DNS, BGP, email, and even identity federations. We have working models. We know how to distribute trust and authority technically.

What’s missing isn’t architecture, it’s agreement.

We can make it happen at scale. But without governance, decentralization becomes friction, not flexibility.

Governance defines:

Who holds authority How power shifts over time What happens when participants disagree How trust is established and withdrawn

For CIOs and digital strategy leaders, it’s a core risk management issue. Weak governance delays implementation. It also increases legal exposure, regulatory risk, and recovery costs when things go wrong. It makes vendor transitions expensive. And it turns architecture decisions into lock-in faster than most teams realize.

In enterprise environments, we already know how to manage distributed control.

We decentralize org charts … with reporting lines, SLAs, and escalation paths We allow teams to own systems … within shared standards and budgets We outsource critical functions … with contracts and enforcement mechanisms

We don’t expect everyone to act independently. We expect them to act accountably within a structure.
I think we should treat digital infrastructure the same way.

Examples Worth Learning From

Across the identity and trust space, we’re starting to see governance taken seriously as more than a compliance exercise. It’s a strategic enabler for an organization.

The Trust Over IP Foundation’s Governance Stack Working Group is actively developing models and interoperability standards for governance frameworks that support legal, business, and social trust. Their work includes templates and specifications for governance architecture, trust assurance, and certification—tools that make decentralized systems both usable and accountable. Projects like SCITT at the IETF are tackling supply chain integrity by designing trust architectures that include not just technical assertions, but clear governance of who can issue, verify, and rely on those assertions. Wallet ecosystems are (slowly) recognizing that success will depend not just on cryptography, but on common rules for inclusion, suspension, and dispute resolution.

If you work in identity, you’ve probably seen this up close: great protocols with no shared process for trust anchors, no agreement on metadata, no real mechanism for shared accountability. We don’t need another working group (says someone who loves to manage working groups). We need rules for when and how trust changes.

Identity professionals often sit closest to the tension and are best positioned to help shape how governance gets built. If you’re part of IAM, you’re part of the governance problem and the solution. Don’t wait for someone else to define the structure you’ll be bound by later.

What Governance in Decentralization Means for Your Team

If you’re building toward decentralization, whether in authentication, cloud strategy, data sharing, or infrastructure, ask yourself:

Who gets to define the rules of engagement? What happens when two participants disagree? How does a new participant join—and how can they be removed? Are you solving the governance questions before the technical ones lock you in?

The hard part isn’t building the system—again, we kind of know how to do that—but deciding who can change it later.

Final Thought: Governance Is Not Overhead, It’s Capability

If you take only one thing from this series, let it be this: Resilience isn’t just a technical attribute. It’s a governance capability.

I’ve spent this series talking about how to shift, how much flexibility costs, and what we’re incentivized to build. But none of that matters if no one agrees on how to share control when it counts.

The good news? Governance is designable. It doesn’t need to be perfect. It needs to be intentional, so decentralization becomes a strength, not a source of uncertainty.

Because when the tech is ready but the governance isn’t, you don’t have a distributed system. You have a political standoff, and nothing gets done.

Want to stay updated? I write about digital identity and related standards—because someone has to keep track of all this! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here] 

Transcript

[00:00:00]
Welcome to the Digital Identity Digest, the audio companion to the blog at Spherical Cow Consulting. I’m Heather Flanagan, and every week I break down interesting topics in the field of digital identity—from credentials and standards to browser weirdness and policy twists. If you work with digital identity but don’t have time to follow every specification or hype cycle, you’re in the right place.

[00:00:26]
Let’s get into it.

[00:00:29]
Hey everybody. Welcome back. This is the third episode in our series on centralization and decentralization and the balance between the two.

If you’re just tuning in now, here’s what you’ve missed:

In episode one, we explored why resilience isn’t about being centralized or decentralized. It’s about being able to move between the two models when circumstances change. In episode two, we looked at the real cost of building that kind of flexibility. Because optionality isn’t free. It takes planning, coordination, and a willingness to invest before you need it. Why Is Decentralization Often a Hard Sell?

[00:01:01]
And that brings us to today’s topic. Why is decentralization often still such a hard sell, especially inside enterprises?

[00:01:09]
One answer is that most of our success metrics reward centralization.

[00:01:15]
If we don’t challenge how we’re defining success, we’re going to keep optimizing for systems that look great—right up until the point that they don’t.

Centralization and Scale

[00:01:22]
Let’s talk about that in tech. We don’t just love things at scale; we know how to do things at scale fairly well.

[00:01:31]
When we’re working with centralized systems, we know the playbook:

Throw more hardware at it Replicate the databases Spin things up in other regions Set up failovers, caching, and routing magic to absorb traffic

And that totally works—up to a point. Even when control is centralized, we’re very good at scaling the infrastructure around it.

[00:01:50]
When it comes to decentralized models, we know how to do that too. We just don’t plan that way as often.

[00:01:56]
At least not anymore. Think about the protocols from the early days of the Internet: DNS, BGP, SMTP. They’re not flawless or simple, but they work at global scale because they were built to distribute control and survive failure.

[00:02:14]
Everyone gets a piece of the responsibilities in those protocols. Everyone can operate within a shared structure. That’s decentralized centralization, and we did it really well.

The Problem with Success Metrics

[00:02:25]
But now, today’s challenge: most of the success metrics we use today, especially in enterprise systems, still push us towards centralization.

[00:02:33]
Why? Because it looks faster, is easier to explain, and is a lot easier to report on.

[00:02:40]
But when success is only measured by how tightly we can control the system, we end up building architectures that aren’t particularly flexible. And that’s a problem.

Centralization Helped Us Grow—But Does It Still?

[00:02:49]
Now let’s step back for a moment. You might be thinking, “Well, yes, but centralization is what helped us grow as a company, helped us grow at speed.” And yes, you are absolutely right. Centralization often is what helps organizations move fast, simplify complexity, and work at scale. It gives you:

Clean handoffs Predictable systems Fewer moving parts Optimized performance without needing to get everyone to agree on everything

And when you’re trying to move quickly, those things are real advantages.

[00:03:19]
But the thing is, those advantages—whether from your infrastructure perspective or your market perspective—don’t last forever.

[00:03:30]
Markets might shift, regulations might change, vendor lock-in might become a liability, and the systems that helped you grow start to hold you back.

[00:03:40]
There’s a great idea from supply chain strategy that applies here: the faster your environment moves, the more important it becomes to reconfigure quickly.

[00:03:48]
And that’s where centralized success starts to crack—not because it failed technically, but because it couldn’t adapt fast enough.

[00:03:56]
So the question isn’t, “Didn’t centralization help us grow?” It’s, “Can we keep growing without the ability to be a little bit more flexible?”

Decentralization in Organizations

[00:04:07]
It’s kind of funny—we decentralize all the time, but just not when it comes to our infrastructure and definitely not our identity infrastructures.

Inside organizations, we break up control and distribute responsibility on purpose:

Teams have their own budgets Product groups make roadmap decisions Key performance indicators are set at the department level, not just at the company level

[00:04:31]
Why? Because trying to control everything from the top down slows you down. It’s more sustainable to align goals than to micromanage every function.

Take a typical enterprise product org as an example. One team focuses on mobile, another on partner integrations, a third on internal tooling. Each team moves independently within shared priorities. They don’t all escalate to the CIO to push code; they’re trusted to make decisions locally based on their goals and context. We don’t call that chaos—we call that autonomy and maturity.

[00:05:05]
Think of it like a city: every neighborhood has its own character, maybe its own rules, but they follow the same traffic lights, zoning laws, public services. That’s decentralization with coordination.

[00:05:17]
The control, to an extent, is distributed. If we can do this with people and even in governments—if we can handle distributed authority in complex orgs—why does decentralizing infrastructure sometimes feel so risky? It’s not because we can’t do it. It’s because we haven’t applied the same thinking to systems that we apply to teams of people.

Building Flexibility into Identity

[00:05:42]
If centralization has been our default version of success, what does success look like when you build in the flexibility to decentralize?

[00:05:50]
It doesn’t mean blowing up your current architecture, because that would probably be bad and you wouldn’t get very far.

[00:05:56]
It doesn’t mean ditching your identity provider or rebuilding everything from scratch, because that also wouldn’t make you very popular and probably wouldn’t get you very far. But it does mean designing for modularity and movement.

[00:06:07]
A successful, flexible identity system might include:

Federated logins that work across partners but don’t collapse if one party changes their trust model Credential issuance that’s anchored to your core directory but usable outside your domain Policy enforcement that supports delegation, so different teams or regions can adapt without rewriting global configurations Flexible authentication layers that can shift to support new protocols without breaking legacy systems

[00:06:42]
Another good example of flexible identity systems that don’t require a centralized focus.

[00:06:49]
Ask yourself in your organization:

Can you change identity providers without breaking logins for 50,000 users? Can you delegate trust without rerouting everything through one central system?

[00:07:03]
Are you prepared to adapt when legal or business requirements shift, or will you end up frozen and need to make a plan on the fly?

[00:07:14]
Being able to say “yes” to those things—that’s what success with flexibility looks like.

Key Takeaways

[00:07:25]
You don’t have to decentralize everything—and probably shouldn’t. But if your architecture can accommodate controlled divergence and flexibility, you’re set up for long-term success.

[00:07:43]
That’s what matters. That’s what’s really cool.

[00:07:46]
Here’s the takeaway from today.

[00:07:50]
Centralization isn’t the enemy. But if success only counts as scale, simplicity, or speed, that story can get brittle quickly.

[00:08:03]
We already know how to decentralize in our org charts and delegate decisions without chaos. We just haven’t always brought that thinking into our infrastructure and identity systems—but we could.

[00:08:15]
Success doesn’t have to mean one system to rule them all. It can mean systems that adapt without starting over. That adaptability only works when you’ve got governance built in to support it.

[00:08:30]
Our technology is almost good enough—sometimes more than good enough. But shared control takes more than configuration files. It takes structure, accountability, and intention.

Closing Thoughts

[00:08:53]
And remember, resilient systems don’t just run well—they recover well and grow on purpose.

[00:09:04]
That’s it for this week’s episode of the Digital Identity Digest. If this helped make things clearer or more interesting, share it with a friend or colleague and connect with me on LinkedIn @hlflanagan. If you enjoyed the show, subscribe and leave a rating or review on Apple Podcasts or wherever you listen. You can also find the full post at sphericalcowconsulting.com.

Stay curious, stay engaged, and let’s keep these conversations going.

The post Why Governance Decides If Decentralization Works appeared first on Spherical Cow Consulting.

Explore the decade-long evolution of Fastly's instant purge technology. Learn about our decentralized approach, challenges faced, and innovations in scalability.

We should still teach coding, AI can't replace the critical thinking, creativity, and problem-solving skills that programming instills.

Hong Kong has taken a decisive step toward establishing itself as a leader in the regulated digital asset space. On May 21, 2025, the Legislative Council passed the long-anticipated Stablecoins Bill, creating a comprehensive licensing regime for fiat-referenced stablecoin (FRS) issuers. This legislation marks another milestone in Hong Kong's strategic approach to virtual asset regulation, following its virtual asset trading platform (VATP) licensing regime implemented in 2024.

Are you curious to know about the Fake ID Checkers and their role in shaping the future of identity verification? If yes! This comprehensive blog post is for you.”

In this age, when there is a large number of methods to prevent fraud, Fake ID scanners have enhanced productivity at work. These scanners, being utilized by many agencies and other institutions controlling the finance.

However, did you ever think, how these scanners work? What is the key technology behind them? 

As far as our doubt goes, you will respond, No!. To convert your no into a yes, we have created this comprehensive blog post for you. 

Buckle up! You have to read this guide comprehensively…..

What are Fake ID Checkers?

After reading this name, you would have understood their purpose. Fake ID scanners are online digital tools that are used to determine whether the ID documents presented by users are real or fake. These scanners are used for the ID document recognition SDK.

Driven by sophisticated algorithms, these tools are not immune to committing errors. They always provide you with accurate results. When it comes to facial ID recognition, these detectors have brightened the future of this innovative technology used for security.

 

Key Technologies Behind the Fake ID Checkers

Now, it’s time to reveal how these ID scanners play their role in ID document liveness detection SDK. We will introduce you to some technologies behind them.

1. Optical Character Recognition

If you are in the ocean of technology, you must have heard about this cutting-edge innovation. Basically, OCR is about extracting text from images and other documents within a few seconds, optimizing the workflow. 

Fake ID Scanners are integrated to this technology. When ID documents are represented to these scanners, they effectively extract their engraved text for further verification. After this extraction, the system ensures their realness or fakeness and marks these documents for further processing.

So, let’s have a very simple question: Have you ever heard about this innovative technology, OCR? Don’t forget to tell….

 

2. Facial ID Recognition

A critical part of the confirmation procedure is matching the face on the document with the person presenting it. 

Facial ID recognition technology compares the photo on the ID with a live selfie or video of the user. Advanced systems use liveness detection to ensure the selfie isn’t a photo or video replay, minimizing deceiving efforts. 

This biometric authentication step adds a layer of security, especially for digital platforms that don’t have a physical presence to manually inspect IDs. In combination with document analysis, facial ID recognition offers a holistic approach to identity verification. 

 

3. Deeper Analysis of Documents

Fake ID checkers go beyond superficial examination. They analyze fake ID verification documents for deeper inconsistencies. 

For example, the system might look at fonts, spacing, data alignment, and metadata embedded in document barcodes. If something seems off, like a date of birth that doesn’t match the facial features or a document format that’s inconsistent with government-issued patterns, the forged ID checker flags the document as doubtful.

 

4. AI And Machine Learning

These scanners are responsible for real-time and quick response, spreading the fragrance of AI and ML, and their sophisticated algorithms. Isn’t it great that you are combining many technologies and making a bunch of the first line of defence against fraud? Amazing……

 

Benefits of Using a Fake ID Checker

Now, you would probably be thinking, what are the benefits of using these fake ID scanners in the ID document recognition SDK? Don’t worry, just read this section carefully….

Accuracy: To err is human, not such tools. As hinted previously, these tools integrate AI and ML algorithms, ensuring the fastest and precise results. Scalability: If we talk about handling a large amount of data related to facial recognition ID, these scanners show their unbelievable magic in enhancing security. Real-time verification: Not only for one or two hours, but these tools will provide you with the same accurate results in real-time. So, time does’t matter, just fucking the manipulating attempts of criminals very badly. Risk reduction: After reading the previous headings, you would have understood their role in reducing the risks of document leakage and destruction by cyber criminals. 

Industries Leading the Way

Several sectors are already gaining the benefits of progressive fake ID verification systems:

Financial Services: Banks and fintech companies use fake ID checkers to onboard customers, issue loans, and prevent fraud.  E-Commerce & Marketplaces: Platforms confirm sellers and buyers to build trust and combat identity fraud.  Travel and Hospitality: Hotels and airlines use ID document recognition SDKs for continuous check-ins.  Online Gaming and Adult Services: Age-restricted platforms use facial ID recognition and document scanning to impose legal age limits.

Are You Looking for A Fake ID Scanner? Don’t Worry!

After reading such described comprehensive sections, many users raise a simple question: where to find such detectors or scanners? Are you also worried about this? Don’t worry, we are here with you with our great service, Recognito NIST FRVT top performer.

Before you ask about it, we will briefly tell you that Recognito is an algorithm developer that is used to streamline the process of securing online assets and information. This service will provide you with a fake ID detector, specializing in face recognition, liveness detection, and ID document verification.

However, if you didn’t understand this, you can visit our service page GITHUB.

Before You Go

Nowadays, when cyber criminals have adopted many different techniques to manipulate financial institutions, security has become the first priority. In this scenario, identity verification stands out, ensuring your online information and assets are safe and secure.

However, we have created this guide post related to fake ID scanners. This is because using such detectors enhances productivity at work, as they incorporate AI and ML and their algorithms. 

In the ending part of this guide, we have discussed two more sections. The first one is about the benefits of using these scanners. The second one is about some industries, benefit from these tools. 

If you are also working at a place where the ID document liveness detection SDK is crucial, never forget to make contact with Recognito.

Hey folks 👋

We’re back again with your regular Kin update.

This one’s about tightening bolts, peeking behind the curtain, and making journaling feel just a little more like you.

As usual, you’ll find this week’s super prompt at the end - so make sure to read on.

What’s new with Kin 🚀

Our dev team has been solidly in the trenches, tightening up bolts and preparing new features for you. Here’s what we can tell you right now:

We’ve been on a bug hunt 🐛

You might’ve noticed things feeling a little snappier, smoother, or less... weird (unless you’re using the Chaotic Kin personality 😛).

That’s because the team have been working especially hard on the reports from our community, polishing up the rough edges, improving responsiveness, and all-round squashing bugs.

This is an endless task, though - so if something still feels off to you, let us know. You can screenshot in-app or drop it in our Discord.

A new Journaling experience is almost here ✍

Like we’ve been saying for a while now, we’ve been reimagining what Journaling in Kin could feel like.

More flexible.
More personal.
More... you.

Now, though, it’s close to launch - and built from everything we’ve heard from your feedback so far.

Stay tuned. We’ll share how to try it as soon as it’s live.

Clara wants to talk to you 🤫

Our resident UX researcher, Clara, is reaching out in our Discord to interview users like you about a upcoming feature - a secret feature.

Whether you like sneak peeks, care about thoughtful design, or just wants to continue shaping what Kin becomes next, this is your chance.

If you’re signed up to our Discord server (you can do it here), you just need to drop Clara a DM to get started. You can also read her Discord announcement here.

(And no, we can’t tell you what the feature is yet. But we promise it’ll be worth it.)

Our current reads 📚

Article: Sam Altman wants ChatGPT to remember your whole life
READ - TechCrunch

Article: Nvidia sees ‘personal supercomputers’ as the next step in AI
READ - PCMag

Article: New Anthropic AI model threatens blackmail if told it’ll be deleted
READ: BBC News

Article: OpenAI updating its Operator AI agent to run on powerful reasoning model o3
READ: Reuters

Our online vibe ✨

Go here to check out one of our latest video, which is talking all about what ethical AI is, and how we’re spearheading it.

This week’s super prompt 🤖

“How have I changed over the last year?”

If you have Kin installed and updated to the latest version (0.3.17), click the link below to instantly start learning about the ways you’ve grown that you may not have noticed.

As a reminder, you can do this on both Android and iOS.

Open prompt in Kin

Spam us - it’s okay 📩

Hearing from all of you has allowed us to make Kin unique in the tech space.

You’re the key to that continuing.

So, whatever you have to say about Kin - bugs, ideas, praise, criticism….

We want it. Just reply to this email, ping us in Discord…

Reply to this email. Ping us in Discord. Or, take a screenshot and report it in-app 💬

Thanks for believing in Kin, and helping us build ethical, personal AI.

With you, we’re able to contribute to the future AI is meant to have.

Until next time,

The KIN team

BC 101 #5: Decentralized by Design — The Case for a VC-Free Future

In today’s crypto landscape, success is often measured by two metrics: exchange listings and token price performance. While these milestones can drive early attention, fundraising, and short-term engagement, they rarely guarantee meaningful long-term growth.

In fact, this structure often works against real innovation.

The Speculation Trap

The pressure to perform in public markets comes too early for many projects. As soon as a token is listed, price volatility becomes a distraction — if not a full-blown liability. Founders start chasing marketing campaigns instead of shipping updates. Teams stretch themselves thin juggling price optics, exchange negotiations, and community expectations, all while the original product roadmap collects dust.

This is not a bug in the system. It’s how the system was designed. Token-first strategies demand hype. Hype demands liquidity. And liquidity means listings, speculation, and the pressure to constantly “perform” for the market, often before a real product is even live.

Enter HPP: A Product-First Ecosystem

That’s where the House Party Protocol (HPP) offers a radically different approach.

HPP isn’t about launching speculative tokens or inflating valuations based on whitepapers and hype. Instead, it integrates post-VC or low-VC projects with proven traction and a shared commitment to sustainable, long-term growth.

By joining a network where the foundational infrastructure, exchange presence, and liquidity already exist, projects can skip the exhausting “token launch treadmill” and get back to what matters most: building.

Build Without the Noise

In the HPP model, speculative distractions are removed from the equation. There’s no need for immediate exchange listings or retail hype cycles. Each participating project either already has a listed token or operates without a massive VC pool waiting to be unlocked.

More importantly, token distributions within HPP follow a milestone-based vesting schedule, not arbitrary cliffs or backdoor unlocks. This ensures long-term alignment between builders, the community, and the ecosystem as a whole. There are just clear incentives to keep building.

For projects like Booost and VaaSBlock, instead of chasing token listings or short-term price spikes, they’re now focused squarely on delivering real products. They no longer need to divert resources to activities that don’t serve their core mission, freeing them to follow through on their original vision.

This is not just a technical detail. It’s a structural advantage. HPP was designed to prioritize execution over speculation, reflecting that in its governance, partnerships, and tokenomics.

A Model for the Next Crypto Cycle

If past bull markets were driven by ICOs, airdrops, and token-fueled speculation, the next phase of crypto will be defined by something much harder to achieve: resilience, credibility, and aligned incentives. HPP is building for that future and quietly leading the way.

This is where the House Party Protocol (HPP) stands apart.

HPP isn’t just decentralized in its technology — it’s decentralized by design. From its architecture to its governance and tokenomics, everything is structured to prevent any single entity from gaining outsized control. Even the core team’s tokens are locked for years and overseen by an independent, trusted custodian. No hidden agendas. No silent insiders.

In an industry that often treats “decentralization” as a branding tool, HPP is one of the few ecosystems where it’s structurally enforced. It’s not a slogan. It’s a principle.

HPP isn’t just another Layer 2. It’s a blueprint for a more sustainable crypto economy where product, progress, and purpose matter. And in this new phase of crypto, that might be the only bet worth making.

BC 101 #5: Decentralized by Design — The Case for a VC-Free Future was originally published in Aergo blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

There’s been a recent rush of excitement on LinkedIn about the vividness of the latest animations generated by image transformers.

In particular, there’s a film clip with vividly realistic robots, in various states of terrible helplessness, bemoaning the prompts that led to their dire situations. I think it’s just an amusing recursive take on the Fourth Wall, or a variation on M.C. Escher’s famous Drawing Hands that draw themselves into existence.

But in many of the LinkedIn comments, people are seeing signs of robots becoming self-aware.

Anthropomorphism is bad enough with Large Language Models, but with image transformers, it might get completely out of hand—like the way very early cinema goers ran screaming from the theatre, convinced a locomotive was about to burst out of the screen and plough into the crowd. This is a new and deeper level of the Deep Fake problem. Even when smart people know the moving images are software generated, they tend to think the animations are real.

I’m calling for “cognitive calm”. Let’s try to unsuspend disbelief.

I don’t mean to underestimate the importance of image transformers and the dizzying rate of progress. I just want people to remember that with all AI today, “it’s just a model”.

As I understand them, image transformers are like LLMs; they are both pattern extrapolation machines.

LLMs are sometimes poo-poohed for “merely” completing sentences. That’s a bit of a simplification but the jibe does capture the essential mindlessness of neural network AI models.

The truth is that the output of any LLM-based generator is an evidence-based prediction of how a passage of text is going to continue, in a way that is consistent with the prompt. Today’s trained LLMs reflect trillions of pieces of text sampled from the wild, from which are inferred deep statistical patterns, sufficient to generate sensible strings of sentences. The LLMs not only follow the rules of syntax and grammar but also follow stylistic conventions and other patterns found in the training text. Hence the name language model — it’s an empirical mechanical representation of how real-world text is constructed.

So, if sufficient writers happen to have described different aspects of the behaviour of blue coloured birds in winter, the LLM will be able to string together a fair number of sentences that are consistent with the whole of the body of work it has ingested. Throw in some randomness so the writing isn’t overly repetitive, some feedback loops and unwritten prompts about beginnings, middles and ends, and the result looks like a polished story which embodies the wealth of written experience on the subject.

Just as language transformers make predictions of sensible text passages based on patterns extracted from real life writing, vision transformers predict how things should probably look in brand new images, based on patterns in real world pictures.

AI is certainly amazing at generating reasonable images of complex things and interactions. Yet the properties and relationships of things are not perceived or deduced by these models or understood in any way. The exercise is not to model causality but only appearances.

None of the generative pretrained transformers (GPTs) simulate anything. There is no abstraction of real-world phenomena in mathematical equations; rather, there is merely a probabilistic calculation what things should look or sound like.

Consider what’s going on when an image model is trained on an apple falling from a tree (or rather, on billions of clips of similar objects moving under similar circumstances). Videos are digitised and coded to create arrays of data, which are fed into the neural net and crunched together with other arrays. Patterns in the data result in the iterative refining of a net’s constituent interconnections and weights, which collectively come to instantiate what’s been “learned” from the training. When similar patterns recur in the inputs, reinforcement results and certain weights are boosted.

It’s tempting to think that such an AI has learned the laws of physics through observation, but all it’s doing is establishing the statistics of how series of arrays of data tend to develop in particular ways. And so, based on its training, the image model can be prompted to calculate a sequence of arrays of reasonable data values to follow from some starting condition.

The AI is unaware that the array data structures were earlier designed by engineers to codify the intensity and wavelength of light sampled at different points by a two-dimensional camera sensor, and furthermore, that the sequencing of the arrays correspond to constant time intervals.  The AI doesn’t know that cameras are themselves models of the human retina.  It doesn’t have to know that, because it’s not watching a video—it’s only crunching data. An altogether different agent later on gets to experience the value arrays as periods of vision in which an apple is falling.

The image transformer has no more understanding of physics than an LLM has of the human condition. Sure, ChatGPT might be able compose a vivid story with compelling characters we identity with, to the extent it might even make us cry, but only after ingesting billions of arrangements of adjectives, nouns and verbs which were earlier designed by artists to evoke the emotional response.

If we feed an image model enough video with fruit and objects in motion, then we can prompt it to compute a string of arrays containing patterns that happen to correspond to what a falling apple looks like. Likewise, if a model is trained on millions of hours of humans going about their business, it will be able to generate patterns of pixels which to us look like other people talking and laughing, sharing a joke, or even doing something as complex as flirting.

The stuff of any neural network, whether it’s designed for language or vision, is nothing but interconnects and weights. It happens that some configurations of interconnects and weights can be mapped by humans onto real world features—patterns of lights and sounds—with which we identify.  But the model is only learning past patterns and extrapolating new ones.

There are no rules in the worlds which are modelled by these AIs—only statistics. We’ve probably all seen AI-generated images where hands have shifting numbers of fingers and people walk through walls. I appreciate the models are getting better but all the same, these sorts of errors illuminate exactly what it is that’s being modelled—and it was never understanding.

When an AI model for example predicts how a child will respond to a parent in some situation, verbally or visually, it has computed a lot of numbers which correspond to images and/or words which in turn seem sensible to us humans. Strictly speaking, it’s only a coincidence when the AI model comes up with something that’s even relatable let alone accurate.

Note: The images in this blog post are for illustration only. None were generated by AI; they’re the figments of a natural intelligence. 

The post When it comes to AI, do not suspend disbelief. appeared first on Lockstep.

Global independent analyst organization KuppingerCole has confirmed Anonyome Labs’ verifiable credentials product is a “next-generation identity solution for elevating user privacy and trust and mitigating fraud and impersonation during onboarding, authentication, and high-value transactions.”

KuppingerCole described Anonyome’s verifiable credentials (user-held digital identity) product as a “flexible and future-ready solution to support industries requiring rigorous identity verification and security, such as finance, healthcare, and education.”

The analysts confirmed Anonyome Labs offers a “customizable setup for quick deployment” that “stays current with emerging standards, has interoperability with all competitive credential formats, and is compatible with multiple ledgers and non-ledgers.”

“Threat detection and fraud prevention are crucial features designed into the Anonyome Labs’ verifiable credentials offering,” senior analyst, Anne Bailey, said.

KuppingerCole commended Anonyome’s solution to organizations looking to “leverage the paradigm shift towards user-held digital identities for increased security, trust, and privacy within consumer interactions across all communication channels.”

This independent greenlight for Anonyome’s verifiable credentials solution is significant given the global digital identity verification market is set to explode from $18.41 billion in 2025 to $50.07 billion by 2030.

Strong momentum for user-held digital identities and licenses in Europe and the USA is driving the growth, particularly the European Digital Identity (EUDI) wallet initiative associated with eIDAS 2.0 and supported in other regions including the United States with mobile driving licenses (mDL). 

KuppingerCole forecasts that by 2030, 2.6 billion individuals globally will be actively using digital identities.

KuppingerCole also acknowledged Anonyome Labs as a company, finding its “strength lies in its stability as a company with long-standing and proven revenue from other product lines which allows enterprise customers to launch their decentralized identity initiatives without worrying that their vendor will run out of funding, be acquired, or other disruptions in this emerging market.”

KuppingerCole made the findings in an executive view of Anonyome Labs’ approach to applying decentralized, reusable identity for onboarding and authentication use cases, to reintroduce trust, elevate security, and reduce fraud in multi-channel interactions.

Read the full KuppingerCole report.

What are verifiable credentials?

Verifiable credentials, also called reusable credentials or referred to as user-held digital credentials, are cryptographically protected identity documents issued by a government, bank or other authority which the user stores in a digital wallet on their device and shares with trusted connections (e.g. with their bank, healthcare provider, or university) to unlock services (e.g. proof of identity at a bank, proof of age at a bar, or proof of visa at an airport).

Underpinned by decentralized identity technology, reusable credentials enable secure registration and authentication for users, without the need for usernames, passwords, 2FA, or any third party controlling the process. See how they work.

For business, verifiable credentials mitigate fraud risk, restore customer trust, and improve consumer access control by creating uniformity across all access channels, such as apps, websites, branch offices, and call centers.

KuppingerCole describes the process this way:

“Once end-users have been onboarded with a mobile wallet and initial credential based off the government-issued ID have been issued, the organization can use it to onboard the user and unify all authentication processes across all channels, including online, in-person/in-store, and call center scenarios.

“For an in-store scenario, the store employee asks the end-user for their identifier (may be an email, PIN, or other attribute), pulls up the end-user profile and sends an authentication request to the user’s mobile wallet. The user then accepts the request and proceeds with the transaction.

“If an end-user gets an unexpected request, they can deny it, which also informs the store employee not to proceed with any transactions. The verifiable credential solution enables organizations to request credential verification from any channel, helping to secure and re-introduce trust into the onboarding process, contact centers, stores and branches, in verified chats, and in distributing alerts and messages to end-users.”

Why are organizations turning to verifiable credentials?

Almost every industry is being challenged with the urgent need to defend against increasingly sophisticated threats and attacks, particularly from generative AI, and to restore trust with their customers.

Significantly compounding this challenge of attack and mistrust is the vast disparity in authentication processes, from in-person to online to call centre, and between web and app interfaces. Inconsistencies frustrate users and heighten their fears and mistrust, because they don’t know whether to trust interactions coming from the organizations they’re dealing with.

Restoring trust and streamlining processes are critical – and reusable, digital, user-held identities achieve it.

KuppingerCole says:

“Verifiable credentials support diverse use cases across sectors like financial services, insurance, education, and healthcare. Well-suited use cases for the verifiable credentials product include any industry with privacy concerns and faced with identity fraud and eroding trust between end-users and services.

“In each of these industries, the verifiable credentials product can facilitate secure and tamper-proof identity verification for onboarding and authentication.”

Read 17 Industries with Viable Use Cases for Decentralized Identity

Explore Anonyome Labs’ verifiable credentials solution

Read the full KuppingerCole executive view on Anonyome Labs’ verifiable credentials

Read Verifiable Credentials – the Killer Feature of Decentralized Identity

Anonyome Labs empowers end users with privacy, cyber safety, and identity solutions. Since 2014, we’ve brought innovative solutions to market that enable both individuals and businesses.

Founded in 2004, KuppingerCole is a global, independent analyst organization headquartered in Europe. It specializes in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as technologies enabling Digital Transformation.

The post KuppingerCole Greenlights Anonyome Labs’ Verifiable Credential Solution in $50B Future Industry appeared first on Anonyome Labs.

The post How NFC Verification is Shaping the Future of Secure Access Control appeared first on uqudo.

Cloud and hybrid environments have expanded the attack surface, and cybercriminals are taking full advantage. The Cybersecurity and Infrastructure Security Agency (CISA) warns identity is the top target, making Zero Trust and identity-first security non-negotiable.

 

In fact, CISA has repeatedly warned that identity-related attacks are among the top vectors for cloud breaches. In its guidance on defending against cloud compromise, CISA stresses the need for:

Strong, phishing-resistant authentication

Centralized identity and access management (IAM)

Continuous monitoring of user behavior and access patterns

In short, Identity must be treated as the new perimeter.

 

Why? Because humans are still the weakest link in the identity chain. Phishing, password reuse, and credential theft continue to fuel most breaches, even with sophisticated infrastructure in place.

 

That’s why smart organizations put identity at the core, stopping attackers at the front door or catching them faster if they do get through.

Build a secure, scalable MCP Server with Fastly Compute. Learn to address vulnerabilities and ensure reliable performance for your LLM applications.

TL;DR

On June 1, UAGro Wallet goes live on iOS and Android, giving 500 K+ students and alumni instant, tamper-proof diplomas via blockchain. Extrimian’s SSI suite—Digital Credential Wallet, ID Connect API, and Academy—powers this leap, cutting verification time by 99.9%, eliminating fraud, and meeting GDPR, FERPA, and LGPD requirements.

UAGro Wallet & Extrimian: A New Era in University Credential Security

In 2024, universities worldwide lost over $600 million to fake diplomas, and manual verification still takes 5–14 days per record. On June 1, the Universidad Autónoma de Guerrero (UAGro) breaks this cycle with UAGro Wallet, a mobile app (iOS/Android) delivering verifiable credentials to 500 000 + students and alumni. Powered by Self-Sovereign Identity (SSI) from Extrimian, this project seals document fraud and transforms how diplomas, transcripts, and certificates are issued, stored, and verified.

1. The Credential Crisis in Higher Ed Fraud Costs Soar: $600 M+ lost yearly to forged diplomas and transcripts (Check Point 2024). Slow Manual Checks: Average 7 days per verification vs. 2 minutes with SSI. Security Gaps: Under 50 % MFA adoption in universities (UK Cyber Survey 2024).

These delays frustrate applicants and employers, drain staff hours (120 h→8 h monthly), and expose institutions to data-theft and compliance fines.

2. How SSI & Blockchain Fix Verification

Self-Sovereign Identity (SSI) hands control back to students. Instead of siloed servers, diplomas live in a Digital Credential Wallet—secure, private, and always available offline. Key benefits:

Cryptographic Security: Each credential is signed on a blockchain, making tampering impossible. Instant Trust: Employers verify in seconds without calls or faxes. Selective Privacy: Share only what’s needed (e.g., “Bachelor’s Degree, 2025” without grades). Built-in Compliance: GDPR, FERPA, LGPD covered by design.

Learn more in our SSI Use Cases and specifically for education: Education & SSI.

Verification of credentials and diplomas with UAGro Wallet Verifiable Credentials – powered by Extrimian

3. Extrimian’s SSI Suite at a Glance 3.1 Digital Credential Wallet Manage diplomas and certificates on mobile/web Offline access and immediate revocation Student-driven sharing via QR codes or links 3.2 ID Connect API & Dashboard No-code integration with SIS/LMS—go live in 1 day Real-time analytics: issuance, verifications, alerts Enterprise security: encryption, role-based access, audit logs 3.3 Extrimian Academy On-demand courses on SSI fundamentals and integration Hands-on labs for DIDs, VCs, and wallet workflows Certifications to prove your team’s expertise

Dive deeper into our offerings at:

University e-Learning Data Security Diploma & Credential Verification Fixing Data Fraud & Identity Theft 4. UAGro Wallet: A Case Study in Scale

Launching June 1 for iOS and Android, UAGro Wallet will:

Serve 500 000+ students and alumni across all campuses Store verifiable titles, certificates, and transcripts Eliminate paper-based bureaucracy and cut wait times to seconds

“Con UAGro Wallet, nuestros egresados podrán demostrar sus logros académicos en segundos y sin intermediarios,” destaca el Dr. Javier Saldaña, Rector de UAGro.

5. Real-World Impact & ROI MetricTraditional verificationWith Extrimian SSIVerification time7 days2 minutes (99.98 %↓)Cost per check$24.50$$ save via API requests consumeStaff hours/month120 h8 hFraud losses prevented$600 M/year$0 (bloqueo criptográfico)

Fuente: Check Point Research (2024), UAGro/Extrimian Report (2025).

6. Broader Use Cases Across Industries Corporate Hiring: Verify candidate degrees in seconds, reducing time-to-offer. Healthcare Licensing: Fast-track medical board approvals to improve patient care. Professional Bodies: Secure admission to bar, engineering, and CPA councils. EdTech Platforms: Issue microcredentials that stack into full degrees (Open Badges 3.0). Get Started Today Book a Demo → Contact Us Run a Pilot → Issue live VCs to a test cohort Train Your Team → Extrimian Academy Scale Campus-Wide → Automate credential workflows in SIS/LMS

External References & Further Reading Check Point, “8 Things You Should Know About Cyber Attacks on the Education Sector” (2024) UK Gov, “Cyber Security Breaches Survey 2024 – Education Institutions” UNESCO, “Building the Digital Credentials Ecosystem” Educause, “Cybersecurity Trends in Higher Ed”

Adopting decentralized identity with Extrimian not only ends the weeks-long verification grind but also locks out fraud, cuts costs, and puts students in control of their academic records. Welcome to the future of secure, scalable credentialing for higher education.

The post UAGro digital Wallet for Diploma Verification first appeared on Extrimian.

North Korean IT workers successfully infiltrating Fortune 500 companies by using stolen identities and sophisticated deception techniques.

The post ID Verification for Microsoft Entra: The Human Firewall first appeared on Identity Verification Orchestration.

Cetus Protocol, considered to be the largest liquidity provider on the SUI blockchain, experienced a security incident on 22 May 2025, beginning at around 10:30 UTC.

 

GN HEARTLAND

Read to the end for a terrifying use of the phrase “increase in crypto kidnappings”. Come to think of it, pretty scary out of context, too…

— playhaus

MONEY MONEY MONEY

TOKEN

PRICE CHANGE

PRICE

Solana ($SOL)

+5.31%

$178.24

Helium ($HNT)

+4.14%

$3.21

Pyth ($PYTH)

-18.44%

$0.14

Raydium ($RAY)

+1.01%

$3.33

(Price changes reflect past 7 days as of 5.22.25) The $11 Billion Battle for Circle

Ripple and Coinbase  are reportedly eyeing Circle, the company behind the USDC stablecoin, like it’s the last slice of pizza at a happy hour. Circle, which had been gearing up for an IPO, now finds itself at the center of a potential multi-billion dollar bidding war that could reshape the stablecoin landscape.

The stablecoin provider is reportedly shopping itself around at a $5 billion valuation. Ripple came out swinging with an initial offer between $4–5 billion, later upping the ante to as much as $11 billion, sweetened with a mix of cash and XRP tokens.

Coinbase hasn’t officially tossed a number into the ring, but their long-standing relationship with Circle could be a game-changer. They co-founded the Centre Consortium back in 2018 to govern USDC and still share revenue from USDC reserves.

  Why It’s a Big “Deal”

Stablecoins are the quiet workhorses of crypto ,  powering everything from DeFi to global remittances. USDC is one of the most regulated and institutionally friendly stablecoins on the market.

Whoever lands Circle doesn’t just get a product . They gain control over a regulated, dollar-pegged asset that bridges crypto and traditional finance. That’s huge for global positioning.

Also: market consolidation. Fewer players with more power could mean better interoperability or, on the flip side, increased centralization. Either way, it’s a pivotal moment.

What Would It Mean for the Buyer?

Ripple is a global payments firm focused on cross-border transactions. Adding USDC  one of the most trusted stablecoins - could accelerate Ripple’s mission to modernize money movement. With the XRP Ledger evolving post-SEC, controlling a compliant stablecoin gives Ripple a serious edge in attracting new use cases and adoption.

Coinbase, meanwhile, has skin in the game. That 50/50 revenue-sharing deal with Circle means they’re already benefiting from USDC. Acquiring Circle would deepen that advantage ,  giving Coinbase more control over a critical piece of crypto’s financial plumbing.

For either, it’s about infrastructure and influence. Stable value is critical to crypto’s usability. With PayPal, TradFi, and governments circling the space, locking down USDC means future-proofing their position.

  What Would It Mean for the Market?

If Ripple wins:

Tighter integration of USDC with the XRP Ledger USDC liquidity may shift to Ripple’s ecosystem Faster expansion into global payments

 

If Coinbase wins:

Stronger grip on U.S. stablecoin infrastructure More integration of USDC into Coinbase products Increased competitive edge as regulators scrutinize rivals like Tether

 

If Circle IPOs:

Circle retains neutrality Public accountability increases, possibly limiting flexibility   What Would It Mean for Users?

For users, a successful acquisition could bring:

Smoother transitions between fiat and crypto Faster, cheaper transactions Broader access to a trustworthy stablecoin

That said, more control in fewer hands always warrants a watchful eye.

 

What Next?

Looming questions remain.

Will regulators get involved? This level of consolidation may attract antitrust scrutiny.

Will other bidders emerge? Don’t count out TradFi or PayPal.

Will USDC remain neutral? Ownership could influence its use and perception.

Whatever the case, stablecoins are becoming as essential as cash and credit . Whoever wins Circle may shape the rules of the road.

— Branden

SPONSORED BY THE RUNDOWN AI

Learn AI in 5 minutes a day

This is the easiest way for a busy person wanting to learn AI in as little time as possible:

Sign up for The Rundown AI newsletter

They send you 5-minute email updates on the latest AI news and how to use it

You learn how to become 2x more productive by leveraging AI

Sign up to start learning.

The Case For — And Against — Institutional Integration

Over the past few months, a new wave of momentum has quietly reshaped the crypto landscape, as TradFi institutions and mainstream retailers step deeper into the world of digital assets. From Overstock’s blockchain experiments to Nike’s NFTs, PayPal’s stablecoin to BlackRock’s on-chain funds, the trend is accelerating. While it may lack the explosive energy of bull market euphoria, its implications run just as deep.

Institutional integration is not a new trend. Overstock became one of the earliest corporate Bitcoin adopters in 2014. But in 2024 and beyond, the landscape looks markedly different. Institutions aren’t just dipping their toes anymore. They’re building infrastructure, shaping regulation, and in many cases, bringing the crypto rails in-house.

According to Galaxy Digital, tokenized real-world assets managed by traditional finance surpassed $11 billion in Q1 2025. BlackRock, Franklin Templeton, and JPMorgan are all developing or deploying blockchain-based investment products. At the same time, brands like Adidas and Reddit are keeping their NFT experiments alive, running on public blockchains, but with controlled user experiences.

The economic effects are measurable. More liquidity, more user acquisition, and more diversified use cases. Chainalysis data from late 2024 shows a 41% increase in institutional transaction volume year-over-year. But retail adoption has only grown 8% in the same window, suggesting a concentration of influence and activity at the top end of the ecosystem.

The flip side is there’s now a paradox at play. The very institutions crypto sought to disrupt are now key players in its mainstreaming. This isn’t inherently negative, but it invites ongoing debate about decentralization, gatekeeping, and the long-term direction of the space.

A 2024 DappRadar report found that over 70% of brand-launched NFTs are minted on custodial platforms, meaning users rarely control their assets. Meanwhile, centralized stablecoins like PYUSD offer price stability and access, but often operate within closed systems, limiting composability and self-custody.

Yet, there’s a potential upside, too. With major players onboard, the industry gains credibility and regulatory traction that could ultimately benefit all participants. For developers, this means more resources. For users, it could mean more reliable on-ramps and protections. For institutions, it’s a chance to reimagine trust.

Whatever the case, it’s happening. TradFi and DeFi are doing the fusion dance, and real ones know Gogeta never (really) lost a fight. So no matter where you stand on the philosophical side, you shouldn’t should be asking, “Is institutional integration good or bad?” Instead, you should ask, “How do I play it?”

— Muhammed

SPONSORED BY SUPERHUMAN AI

Start learning AI in 2025

Keeping up with AI is hard – we get it!

That’s why over 1M professionals read Superhuman AI to stay ahead.

Get daily AI news, tools, and tutorials

Learn new AI skills you can use at work in 3 mins a day

Become 10X more productive

Sign up and start mastering AI

When Customer Data Becomes a Liability

Coinbase, America’s crypto darling, is currently downplaying one of the most serious breaches of consumer privacy in recent history. Meanwhile, it is inadvertently demonstrating how anti-money laundering (AML) and know-your-customer (KYC) laws create more harm than good when it comes to storing sensitive data.

In January 2025, Coinbase’s overseas employees betrayed user trust by selling access to sensitive customer information to criminals in exchange for what was likely life-changing sums of money. It was only disclosed in May because the criminals decided to ransom the data back to Coinbase for $20 million — which the company promptly refused, instead offering the same amount as a reward for the hackers’ capture.

What’s disturbing is how easily these low-level employees accessed sensitive information including ID photos, home addresses, token balances, and the last 4 digits of personal identification numbers. Set against the backdrop of rising crypto kidnappings across Europe, this data breach highlights an incredibly dangerous practice. The centralization of personal information will never be without risk, and these risks clearly outweigh any benefits, as repeatedly demonstrated by breaches like this and the infamous Equifax breach.

Coinbase shouldn’t have made this information available to low-level employees in foreign countries. Whatever legal team approved that deserves to be fired; the risks were glaringly obvious. But using cheap overseas labor for customer support is standard practice in tech. Which is where decentralized databases, with user-controlled authorization via ZK proofs and homomorphic encryption, come in.

This technology represents a genuine opportunity to comply with KYC laws while protecting user privacy. Unfortunately, we’re still far from implementing such infrastructure. KYC laws rarely prevent crime or enable effective enforcement. Meanwhile, Coinbase — one of the primary proponents behind the GENIUS act, enabling stablecoin legislation — seems focused on preserving their market position through web2-style regulatory capture.

Rumors are spreading on Twitter about retail users pulling their tokens off the exchange in protest, hoping to trigger a bank run. Their grievances go beyond this most recent breach of trust, hinging on suspicions that Coinbase might be using fractional reserve practices with institutional finance firms. I personallycan’t advocate for something potentially so destructive to users trapped on the platform if another FTX-like implosion occurred. But I won’t be upset seeing a bad actor face consequences.

(Full disclosure: I’ve always used Coinbase for onboarding due to their user-friendly interface, but knowing my data was likely compromised and fearing my crypto might be used to back “paper crypto,” I’m now exploring alternatives like MoonPay for future transactions.)

How do I know my data was compromised? The careful wording in Brian’s announcement suggested that if you transact less than once a month on average, you were probably affected, since “only 1% of our users who trade monthly were exposed.” Reading between the lines, this likely means long-term investors who buy and hold were the primary targets. Just watch the increase in crypto kidnappings to understand how serious this issue is about to become.

— El Prof

The post 52 – TradFi Fusion Dance appeared first on playhaus TV.

CX is the new competitive battleground — here’s how CIAM helps you attract, retain, and delight your users.

In the UK, various regulatory bodies enforce new requirements to reduce the potential for money laundering risks. As a result, UK businesses must adapt their approach to Anti-Money Laundering (AML) regulations to achieve full compliance.

The post A Complete Guide to AML Compliance UK first appeared on ComplyCube.

Global watchlist screening is one of the most effective ways of doing so. It plays a critical role in AML framework strengthening and adherence to international regulations. Learn more about how watchlist screening can help.

The post Global Watchlist Screening for Enhanced AML first appeared on ComplyCube.

Anti-Money Laundering (AML) screening is a significant aspect of the UK financial landscape, particularly for accountants with immediate access to customers' financial information. Learn more about AML for accountants in the UK.

The post AML Checks for Accountants UK: A Guide first appeared on ComplyCube.

Predictoor DF142 rewards available. DF143 runs May 22nd — May 29th, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 142 (DF142) has completed.

DF143 is live today, May 22nd. It concludes on May 29th. For this DF round, Predictoor DF has 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF143 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF143

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF142 Completes and DF143 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

The percentage of breaches that involved a third-party doubled in the last year, and 54% of firms were hit by a third-party sourced attack or breach; vendor access is now a top enterprise risk.1, 2

Traditional, siloed identity and access management (IAM) tools weren’t built to handle the scale, diversity, or fluidity of modern B2B ecosystems and supply chains.

Identity gaps, like stale accounts, overpermissioned access, and weak onboarding, create openings for fraud and data exfiltration.

B2B IAM enables continuous, adaptive trust to govern external access, reducing risk and improving third-party collaboration.

 

Businesses depend on a vast network of third-party organizations to drive innovation, speed, and scale in today’s hyper-connected economy. But behind that collaboration lies a critical security question: Can you trust every connection?

 

The truth is, while your internal security practices may be sound, the weakest point in your defense might lie just outside your organizational boundary — in your supply chain.

DDoS April 2025 report: US attacks surge. Get key insights, traffic trends, and actionable security guidance. Protect your apps now!

The Suomi.fi identity brokering service provides a list of authentication methods for the Tax Administration e-service. 

Nowadays, people handle so much sensitive information online that the need for strong authentication is apparent. People cannot rely on username and password authentication for services such as banking, insurance, health care and tax administration, to mention a few. Traditionally, in Finland, we have had three classes of strong authentication methods available for citizens: BankID, Mobile Certificate (Mobiilivarmenne) and the national ID card (HST card). Since the end of October 2024, a fourth type of official strong authentication method has been made available, hightrust.id. 

 

Overview – Hightrust.id

Hightrust.id is a digital wallet solution designed for mobile devices. It aims to offer a centralised solution for managing individuals’ online identity credentials without remembering various usernames and passwords or carrying several documents. When I write this, higtrust.id provides strong identity verification and legally binding electronic signatures, but the solution has much more potential. In this blog, I will review hightrust.id mainly as an authentication method. 

 

Hightrust.id as a Strong Authentication method 

It’s not every day that new, strong authentication methods are introduced. But what makes these methods strong? Multifactor authentication methods (MFA) are often seen as stronger options than methods that rely only on a username and password. However, MFA capability alone cannot define a particular method as an officially strong authentication method. It must undergo a complex certification process to prove the solution’s maturity. This is indicated by using a level of assurance (LoA) level. The National Cyber Security Centre of the Finnish Transport and Communications Agency, Traficom, makes the certification guidelines in Finland. From the current strong methods, BankID and Mobile Certificate are on the second highest LoA level of eIDAS Substantial and the HST card on the highest level of eIDAS High using the EU 3-step scale. Hightrust.id has been certified oto the highest level of eIDAS High, although when used in the Finnish Trust Network, it is registered  on the same LoA level as the Bank ID and Mobile certificate, eIDAS Substantial. 

 

Digital Wallets 

Generally, a digital wallet is an app that includes personal identity data (PID) based on different types of identity and payment documents and potentially additional attributes that could indicate, e.g., your profession or the organisation you work for. Soon, various kinds of cards, such as identity cards, driver’s licenses, debit cards, credit cards, and cryptocurrencies, can be added to the wallets. 

The hightrust.id digital wallet is a smartphone application that can be downloaded for free from Android’s Google Play or Apple’s App Store. The solution enables user identity verification in a smartphone application with a citizen certificate scanned from an HST card, and it can be used without a separate card reader. The user can also sign documents electronically using the app. Other cards supported now in the hightrust.id wallet include the Finnish Sote card (for healthcare workers) and the Finnish DVV organisation card (generally used by public sector employees).  

Another interesting digital wallet solution is the EU’s long-planned EUDI wallet, which will be launched around 2026 to 2027. The EUDI wallet will harmonise how EU citizens verify their identity across borders in different e-services. It ultimately provides a cross-border digital identity that will benefit citizens across the 27 EU nations. You can read more about it here. 

 

Citizen Digital Certificate 

A digital certificate is an identifier verified by a third-party organisation. It can be used to identify its subject and reliably sign in to information networks and systems. Several certificate types, such as server certificates, are available to identify Internet service providers and secure data exchange. The mobile certificate method is based on a certificate stored in a SIM card on a smart device. The certificate stored in an HST card is called the citizen certificate, and the user must enable it before use. Passports cannot be used for this because their chips do not include the citizen certificate. 

If you have not enabled the citizen certificate of your HST card, you can do it in hightrust.id app. This is a great feature, as previously this would require using a device with a smartcard reader or attaching a smart card reader to a computer. Your card must be issued after August 31, 2021, and you need a smartphone or tablet with a near-field communication (NFC) feature. Also, you must have the activation code that is delivered to you on paper separately from the card. This code is used to activate the citizen certificate and create a PIN1 for authentication and a PIN2 for signing. If you do not have the activation code available, you can visit the police station to get a new one for a fee. 

To start using the citizen certificate, do the following: 

Adding and confirming your email address in the hightrust.id wallet is essential. It speeds up the revocation operation of the citizen certificate in case you accidentally lose or break your phone or change it to a new one. 

Detailed instructions in Finnish, Swedish and English on how to proceed with all the steps are here.  

 

Signing in with the hightrust.id 

In the following example, I will sign in to a social and healthcare mobile application called Maisa. It is a personal health record (PHR) application used by some of the largest public health care regions. The app requires strong authentication due to the sensitive information it contains. Here are a few observations of the procedure.   

Maisa uses the Suomi.fi identity brokering service to provide all of the different strong authentication methods available. Since I use a mobile app to access the service, I must ensure that hightrust.id uses the app option. If using Maisa via computer, I would choose the QR-code scanning option and scan the QR-code from the computer screen using my phone. If I had several cards scanned in the hightrust.id application, I would choose the card manually, but since I have only one, it is selected automatically. Notice that the national ID card does not contain the social security number (HETU) but a SATU identifier (FINUID, Finnish Unique Identification Number). The SATU identifier will be changed to HETU in the background, utilising the national population information system. Face ID, fingerprint, or mobile device security code can be used to accept sending SATU to the population information system. After the SATU to HETU conversion, I need to give permission to send HETU information to Maisa. After this, I can start to use the service.  

The authentication operation did not require typing any information such as passwords or PIN codes since I have the Face ID option on my smartphone. Other options would have been a fingerprint or typing the smartphone’s security code. In both cases, the operation is effortless and does not require the user to remember any additional passwords or codes that he does not know already. 

 

Hightrust.id vs. other Strong Authentication methods 

Hightrust.id is not the only ID document-based authentication method on the market. Suomi.fi offers the HST card method, but the downside is that it requires a physical card and a card reader device, which is not handy for me to carry outside my home.  Also, there are various methods based on ID document scanning and taking pictures and videos of my ID documents and myself. These methods have many benefits, such as providing reliable authentication methods for people from countries outside of Finland and even outside of Europe and letting them use documents like passports, ID cards and driver’s licenses to verify their identity. However, even though many of these methods rely on advanced technologies, they are not officially certified strong authentication methods in Finland. You can read more about the ID document-based authentication methods here. 

BankID has traditionally been the most popular strong authentication method in Finland. It has been used since the 1990s, and most eService users in Finland are very familiar with it. Since BankID enables access to users’ bank accounts, the current recommendation is to use it carefully and only for the bank’s services. The other strong methods, including mobile certificates, hightrust.id and identification cards, should be used for everything else. They work practically everywhere except when logging into online banking. Lately, the mobile certificate method has gained popularity alongside BankID. If criminals gain access to your mobile certificate, they will get access to your online services, but not your bank account. HST card and the hightrust.id methods also offer their benefits. It is always a good idea to have several strong authentication methods available. This is important not only for safety reasons, but also for situations when the bank service is unavailable, for example, during a service break.   

See the table below for the basic characteristics of the different strong authentication methods. 

Method  Trust level (LoA)  Requirements  Password/PIN  eService Platform  HST card  eIDAS High  HST card,  

Card reader 

Authentication PIN, Signature PIN  Mainly Computer ***  BankID  eIDAS Substantial  Bank account  Password, 

PIN code and 

OTP code ** 

Computer & Mobile  Mobile certificate  eIDAS Substantial   Mobile device with Telia, DNA or Elisa subscription  PIN code,  

Anti-spam code (optional) 

Computer & Mobile  Hightrust.id  eIDAS Substantial   HST card * 

Mobile device with NFC chip, hightrust.id app 

Face ID, 

Fingerprint or 

Phone security code 

Computer & Mobile 

* The card must be assigned after the 31st of August 2021 

** Depending on the solution. Not all three are required during one session. OTP = One Time Password. 

*** Mobile card readers are not very practical. 

 

A critical part of any digital solution is the cost. Nothing comes for free, and the service provider must pay something to the identity broker service operators, Suomi.fi (public sector services) or the Finnish Trust Network (FTN, private sector services) to provide strong authentication methods for their clients. Sometimes, this includes an additional transaction-level fee paid per authentication transaction. But sometimes, we users must also pay a small fee for our chosen methods. See the table below for the basic pricing principles of strong authentication methods. 

Method  User fees  Service provider fees in FTN  HST card  HST card fee once every 5 years 

Optional card reader 

Transaction-level fees  BankID  Free – 0-4,50€/Month depending on bank  Transaction-level fees  Mobile certificate  Telia: Free 

DNA: 2,01€/Month 

Elisa: 2,99/Month 

Transaction-level fees  Hightrust.id  HST card fee once every 5 years  Transaction-level fees 

Prices checked and accurate as of 2025/04/11 

Conclusion 

Hightrust.id is a quick and convenient way to sign in to online services, especially when using online services on a mobile device. For those that already have a HST card, it is a great alternative to other sign in methods. 

The digital identity management and payment industry is constantly changing. Criminals are constantly developing new, innovative ways to hack into our bank accounts to steal our money. Usually, when security is increased, it means more steps for the user to log in. This in turn makes it more difficult to use services. We need innovations like hightrust.id to provide a solution that combines security, convenience and efficiency so that we can use electronic services with peace of mind. 

If you have questions about using authentication methods, get in touch with our expert IAM team!

 

About Megical Oy 

Megical Oy is a Finnish company founded in 2011, headquartered in Helsinki. The company’s main business is software design and manufacturing. The company’s subsidiary name is hightrust.id. 

The post Hightrust.id – a new official Strong Authentication method  appeared first on Ubisecure Digital Identity Management.

Auth0 delivers a faster, more efficient, and more cost-effective way to meet enterprise requirements on authentication, authorization, and security, enabling you to unlock large enterprise deals.

A pair of British retail giants are still scrambling to regain control of their computer systems nearly a month after massive cyberattacks disrupted their operations and cast a spotlight on the dangers of social engineering schemes targeting corporate IT operations. Despite the availability of technologies for preventing such breaches, most corporations remain vulnerable to this growing threat and the long-term damage it can inflict.

As of May 19, High Street retailer Marks & Spencer has yet to restore online shopping in the face of more than $80 million in lost profit from attacks that have also wiped $1.3 billion from its stock market value. According to the BBC, personal information of some portion of the retailer’s 9.4 million active online customers was compromised in the attack, which could include name, date of birth, contact details, and online order history.

Meanwhile, efforts remain underway at grocery chain Co-op to restock shelves and restore systems that were shut down in response to unfolding attacks days after similar assaults on Marks & Spencer. Despite its quick action, hackers had successfully extracted data related to a “significant number” of its customers, though it did not include bank or credit card information.

These and a number of other recent attacks appear to have been perpetrated by the hacker collective called “Scattered Spider” by some analysts, UNC3944 or Octo Tempest and “Muddled Libra” by others. We first posted about this particular cybercriminal network after its successful assaults on Caesars Entertainment and MGM Resorts International in Las Vegas.

A number of factors make this group especially troubling. First, the fact it’s been implicated in dozens of attacks spanning numerous industries worldwide dating back to 2022. Second, it’s believed to be made up of teenagers and young adults leveraging simple social engineering techniques and to infiltrate corporate systems for fun and profit.

A Tangled Web of Socially-Engineered Breaches

Even now, a clear picture of the UK attacks remains elusive. But judging from reports, it appears Spider’s playbook continues to forego approaches like credential stuffing or exploiting previously unrecognized vulnerabilities. Instead, they compromise corporate networks through clever conversations. In other words: They talk their way in.

In the M&S and Co-op attacks, the perpetrators appear to have used SIM swapping to bypass traditional forms of multifactor authentication (MFA). Either working with an insider, or tricking a call center rep, this typically involves scammers tricking a mobile services provider into transferring the victim’s number to a new SIM card, or even an e-SIM (a kind of virtual SIM that’s embedded in the victim’s device) to a device under the fraudster’s control.

They then tricked IT help desks at Co-op and a third-party supplier to M&S to gain access to the company’s systems, perhaps through a password reset request that was then authenticated using the fraudster’s device. In M&S’s case, it’s believed that once they had enough access, the infiltrators exploited the company’s instance of Microsoft Active Directory, which enables a user to log in once and gain entry to all systems for which the victims have permissioned access. From there, they were free to deploy ransomware to cripple the system.

Why ‘Mission: Impersonate’ Is Just Getting Started

Scattered Spider is believed to be a decentralized network composed largely of native English-speaking young people who coordinate in real-time over Discord, Telegram, and underground forums. As I mentioned, they rely on techniques that target people, not technology infrastructure. The group reportedly coordinates with a ransomware-as-a-service operation known as DragonForce that handles the encryption and extortion side of attacks like those on M&S and Co-op.

But here’s the thing. Scattered Spider isn’t just a threat group. It’s an economic model—one that has been leveraged by these or copycat groups in the weeks since the M&S and Co-op attacks. By early May, luxury department store Harrods reported it was also forced to disable some of its systems after it was hit by a cyberattack. Fashion retailer Dior, Danish food giant Alra Foods, and a growing list of other retailers and suppliers have been targeted.

As Metro aptly points out, the allure of these household names is threefold: “Big brand, big data, big target.” It’s also worth pointing out what they aren’t: Organizations in financial services, healthcare, or other high-regulated, attack-hardened industries. All it takes is one employee at a supplier, partner, or within the targeted company itself to click a malicious link or grant unwarranted access to company systems. And as wide as this attack surface may be, it’s also ever-expanding. By May 20, Google was warning there are signs Scattered Spider may be moving on from UK retailers and pivoting to direct cyber-attacks against retail sector targets in the US.

A Breach’s Bite Is Painful—and Costly

Crippled systems, disrupted sales, and headline-driven stock swings are just the immediate prices to be paid when organizations fall prey to threat groups like Scattered Spider. The average additional cost of a data breach on UK-based organizations is now $4.8 million per incident, according to IBM, and as high as $9.8 million for US-based companies. Worldwide, IBM estimates the price of each breach is climbing at a rate of 10% per year. And that’s before any regulatory fines and lawsuits.

The longer-term impact on revenue generation may also be profound for retailers. According to one 2025 survey, 70% of consumers would stop shopping with a brand that suffered a security incident. The fact that 1 in 5 consumers say they use the same passwords across work and personal online accounts means the fallout from successful attacks on retailers may have serious implications for companies in every industry.

As the M&S and Co-op attacks so vividly illustrate, traditional forms of MFA don’t cut it anymore. Cybercriminal enterprises like Scattered Spider continue to find innovative ways to acquire login credentials and circumvent things like one-time passcodes and limited biometric authentication systems designed to confirm the legitimate user is attempting to access company systems. And anyone with administrative access or successful SIM swap can register things like user biometrics to any device—or set up an alternative identity provider to bypass authentication measures all together. Yet while these challenges are real, they’re also not insurmountable.

Breach-Proof ‘Spider’ Repellant: ‘Liveness’-based
Biometric Authentication

With old-school forms of MFA proving so unreliable as a means of identity verification and new-school social engineering schemes on the rise, modern forms of biometric authentication are helping to set a new standard for security and convenience. Solutions certified to FIDO2, ISO/IEC biometric presentation attack detection, and NIST 800-63-3 specifications, for instance, use “live” biometric markers tied to a verified identity to provide reliable, strong authentication that’s impervious to account takeover.

Put simply, these solutions are built around the identity of the person accessing the account, instead of just the login credentials or device the person is using. Instead, these solutions offer machine-verified identity to government-issued credentials (driver’s license, state ID, passport, etc.) and enable phishing-resistant multifactor authentication when users log in to corporate systems.

1Kosmos, for example, uses the private key of a matched public-private pair in the user’s device as a possession factor (i.e., what you have), while a live facial scan becomes the “what you are” or inherence authentication element. Before access is granted to a site, app, or system, that live image scan is compared to an image captured during the user enrollment process. A match confirms the identity of the person is in fact the authorized user—and not a bot, deepfake, or imposter—with 99.9% accuracy.

The solution supports a consistent enrollment and authentication experience across all apps, devices, systems, and environments—including existing privileged access management systems.

Which means every organization—big British retailer or otherwise—can prevent breaches before they happen by squashing attempts from Scattered Spider or other threat actors to fraudulently infiltrate accounts.

To learn more about 1Kosmos, the only NIST, FIDO2, and iBeta biometrics-certified platform on the market, click here.

The post ‘Spider’ Strikes Britain: The Hacks at M&S, Co-Op & How to Stop Them appeared first on 1Kosmos.

What Is Synthetic Data? Synthetic data is information that is artificially generated by computers rather than real-world events. The goal...

After four packed days at the European Identity and Cloud Conference (EIC) in Berlin, we’re heading home with fresh perspectives, stronger relationships, and a clearer sense of where the digital identity industry is heading. 

Below are the top trends and takeaways we’re bringing back from the event.

The UK Government is looking into new laws which will help protect businesses from cyber threats.

As part of the Plan for Change set of milestones the Labour Government hopes to achieve by the end of the current Parliament, the new Cyber Security and Resilience Bill aims to boost protection of supply chains and critical national services, including IT service providers and suppliers.

The post New Cyber Laws to help protect UK business appeared first on Veracity Trust Network.

The post AML Compliance: Navigating the Challenges of Cryptocurrency and Digital Payments appeared first on uqudo.

London, 21st May 2025 – Apex Group, the leading global financial services provider, has announced the acquisition of a majority stake in Tokeny, the leading enterprise-grade tokenization solutions provider. The transaction, which will see Apex Group have 100% control over the next three years, follows the initial investment and strategic partnership with Tokeny announced in December 2023. This process marks a significant deepening of the relationship as Apex Group commits to lead the institutional adoption of tokenized finance.

This strategic milestone, where Apex Group will now take a controlling interest in Tokeny, is a clear signal of the firm’s belief in the transformative potential of tokenization for asset managers and institutional finance. It also reflects a broader commitment to delivering turn-key digital infrastructure that simplifies and accelerates the shift to greater liquidity and distribution across geographies. Both Tokeny talent and technology will become part of Apex Group enabling an effective integration within the firm to efficiently meet client needs.

As a majority owner, Apex Group is enhancing its ability to deliver comprehensive, future-proof solutions to our clients. Tokenization is a foundational shift in how assets will be managed, distributed, and accessed. Our strengthened partnership with Tokeny is key to delivering on our vision to be the infrastructure provider in the digital era of finance. Peter HughesFounder and CEO of Apex Group

Since the initial partnership announcement, Tokeny has seen growing adoption of its technology and standards by leading financial institutions. Its chain-agnostic infrastructure has been integrated into Apex Group’s offerings and deployed to tokenize assets for clients.

Tokeny’s solutions have been used to tokenize over $32bn in assets, having created ERC-3643, the technical market standard for compliant tokenization. The firm offers a full suite of capabilities covering the issuance, transfer, and lifecycle management of tokenized securities, enabling clients to tap into new liquidity channels and enhance operational efficiencies.

Expanding our partnership to now being part of Apex Group enables us to move faster and serve more institutions with a truly global footprint. In the last six years, we’ve built a robust tokenization infrastructure and an active ecosystem of partners. But to bring tokenization to scale, institutional distribution and credibility are key — and that’s exactly what Apex Group brings to the table. We’re proud to align with their vision to deliver tangible innovation to the financial industry. Luc FalempinCEO of Tokeny

The acquisition of Tokeny is a foundational step in Apex Group’s future strategy to lead the transformation of asset servicing by leveraging Web3’s blockchain technology, decentralized protocols, smart contracts and distribution to enhance efficiency, security and transparency.

About Apex Group

Apex Group is dedicated to driving positive change in financial services while supporting the growth and ambitions of asset managers, allocators, financial institutions, and family offices. Established in Bermuda in 2003, the Group has continually disrupted the industry through its investment in innovation and talent. 
Today, Apex Group sets the pace in fund and asset servicing and stands out for its unique single-source solution and unified cross asset-class platform which supports the entire value chain, harnesses leading innovative technology, and benefits from cross-jurisdictional expertize delivered by a long-standing management team and over 13,000 highly integrated professionals.

Apex Group leads the industry with a broad and unmatched range of services, including capital raising, business and corporate management, fund and investor administration, portfolio and investment administration, ESG, capital markets and transactions support. These services are tailored to each client and are delivered both at the Group level and via specialist subsidiary brands.

The Apex Foundation, a not-for-profit entity, is the Group’s passionate commitment to empower sustainable change.

About Tokeny

The award-winning fintech provides compliant tokenization with the open-source ERC-3643 token standard and advanced white-label software solutions for financial institutions.

The enterprise-grade platform and APIs unify fragmented onchain and offchain workflows, integrating essential services to eliminate silos. It enables seamless issuance, transfer, and management of tokenized securities. By automating operations, offering innovative onchain services, and connecting with any desired distributors, Tokeny helps financial actors attract more clients and improve liquidity.

Trusted globally, Tokeny has successfully executed over 120 use cases across five continents and facilitated 3 billion onchain transactions and operations.

Website | LinkedIn | X/Twitter

The post Apex Group Acquires Majority Stake in Tokeny to Catalyze Widespread Industry Tokenization Adoption appeared first on Tokeny.

Meet Rachel—an asset manager onboarding a boutique investment fund with international stakeholders. Before she can move forward, Rachel must navigate KYC, KYB, and AML checks to stay compliant. It’s a complex process, and mistakes can mean fines or reputational risk.

Here’s how Rachel’s experience differs when using manual methods versus iComply’s compliance platform.

Step 1: Collecting Client Information

Manual Process: Rachel emails forms, requests documents, and waits for incomplete responses. She sends follow-ups, and the back-and-forth delays onboarding.

With iComply: Rachel sends a secure, custom-branded onboarding link. The platform guides the client through document uploads and verifies everything in real time.

Result: Onboarding is fast and complete—no delays or missing data.

Step 2: Verifying Ownership

For corporate clients, KYB compliance requires identifying all beneficial owners with 25% or more ownership.

Manual Process: Rachel searches public records, cross-references shareholder lists, and struggles with foreign registries.

With iComply: The system pulls corporate filings and ownership details globally in seconds, even revealing hidden layers like trusts or holding companies.

Result: Rachel gets an audit-ready overview of the business structure without manual digging.

Step 3: AML Screening

AML regulations require checking clients and stakeholders against sanctions, PEPs, and adverse media lists.

Manual Process: Rachel manually inputs names into multiple databases and spends hours reviewing false positives.

With iComply: The platform screens individuals automatically and filters out irrelevant matches, flagging only genuine risks.

Result: Fewer false positives, faster resolutions, and more focus on real risks.

Step 4: Recordkeeping and Reporting

Compliance regulations require asset managers to store records securely and generate detailed reports during audits.

Manual Process: Rachel stores files in multiple folders and scrambles to compile audit reports from spreadsheets and emails.

With iComply: Every action is logged automatically. Rachel generates a detailed, audit-ready report with one click.

Result: Audit prep takes minutes, not hours.

A Tale of Two Experiences

In the manual workflow, onboarding takes days or weeks, frustrating clients and draining team resources. With iComply, onboarding is seamless—clients appreciate the professional experience, and Rachel’s team focuses on client relationships instead of admin work.

Key Compliance Considerations for Asset Managers Complete Due Diligence: Collect and verify customer information thoroughly. Ongoing AML Screening: Continuously monitor for sanctions, PEPs, and adverse media. Ownership Transparency: Identify beneficial owners, especially in complex structures. Data Security: Store sensitive information securely and comply with regulations like GDPR. Audit Readiness: Keep comprehensive records and generate reports easily.

Why iComply?

With iComply, Rachel cut onboarding time, reduced manual work, and stayed audit-ready with end-to-end encryption and automated reporting. Compliance became a competitive advantage—not a burden.

Is your compliance workflow helping or holding you back? Let iComply simplify KYC, KYB, and AML so you can focus on growing your clients’ wealth. Let’s get started.

“We are here with you with this comprehensive blog post. In this guide, we will tell you our discovery about the role of ID Document Liveness Detection.”

Hello dear readers! 

With the rise of modern technology, new innovative methods of security have been developed to defeat cyber criminals. From multiple-factor authentication to facial ID recognition, we have all types of security.

One such groundbreaking method of security that has revolutionized the way we fight against fake identities is ID Document Liveness Detection.

We have prepared this guide for its detailed explanation. Stay connected with us till the end….

 

What ID Document Liveness Detection Claims About It?

ID Document Liveness Detection SDK is mainly hailed as an innovation in technology that is used to ensure the presented ID is real during the verification. Driven by this technology, a fake ID detector scans the presented documents and then applies OCR on them to extract their text.

When the text is extracted, the system verifies and marks the documents and issues them for further processing. This technology is being used in all institutions, from banks to educational institutions, and from such institutions to finance.

When we present our stance in front of users, many of them raise a simple question: how does this technology stop identity fraud? Hoping! You will also ask us this question.

Don’t worry, the next section is the answer to your question.

 

How ID Documents Liveness Detection Stops Identity Fraud?

This section is a detailed part of this blog. In which we will describe the role of ID document Recognition SDK in preventing fraud in detail.

1. Artificial Intelligence Integration

When it comes to AI, we don’t think that there is any field where it has not left its everlasting impact. We can all understand this. Luckily! ID Recognition also integrates AI and its advanced algorithms. These algorithms are trained to provide real-time insights. 

In short, we can say that: from anyone’s entrance to returning from any institution, the system records all movements of them. Furthermore, AI is exclusive to providing faster results. We mean to say you can get anyone’s insights within a few seconds. Isn’t it great..

 

2. Better Document Analysis

There is a huge difference between document analysis and better document analysis. Did’t understand? Let us make you understand. If we give you some documents and say you to find whether they are fake or real. You might take a lot of time and could even miss subtle signs of tampering.

However, when you use this technology of ID recognition, the advanced algorithms analyze several features from A to Z, including;

Watermark Hologram Microtext UV features

And so on….

Now let’s ask a very simple question: Is such detection exclusive to humans? Absolutely not! So, this detection is the best feature of this technology.

3. Enhanced User Experience and Compliance

ID Document Recognition SDK not only strengthens the security but also enhances the user experience and compliance by making the verification simple and fast. This technology ensures consistent and smooth compliance onboarding while meeting strict regulatory standards such as KYC(Know Your Customer) and AML (Anti-Money Laundering).

Such efficiency and speed of this technology streamlines the process of verification that making it easy for both businesses and customers to comply with legal requirements.

 

4. Reduced Costs

One of the greatest roles of this technology is reducing the costs. A fake ID scanner is integrated with advanced machine learning models that reduce the need for manual verification. Additionally, the agencies don’t need to hire extra labor staff for manual verification. This feature eliminates the tension of errors committed by humans during verification. 

 

What About Our Service?

After hearing the role of this technology, many users probably think about how they can make use of this cutting-edge technology. This is where we provide them with Recognito(a face and ID recognition algorithm developer).

Our service is driven by NIST FRVT-evaluated algorithms. This integration ensures the highest level of accuracy, speed, and performance. Here, once again, a question arises: where can users use our service? You can also visit Recognito GitHub page for more info.

If you have the same question, the next section is for you.

Where Can We Use Recognito For ID Document Liveness Detection?

In this section, we will tell you where our service can be used or which institutions can benefit from this technology.

Banks: If you are handling the financial accounts while working in any bank, you can come across Recognito, which implements the same technology of verification. 

Universities and Colleges: Sometimes, cyber criminals try to manipulate educational departments and steal the key information of students and professors. Here, they can eliminate such an issue by using this ID recognition technology.

Healthcare sectors: It is a very surprising thing that many criminals attempt to steal patients’ key information with spoofing images and videos. This is where our service will show its magic and defeat the fake identities.

Telecommunication: Telecom providers often face fraud during new account opening and SIM registration. If you are the same provider, we suggest you check our service. 

Marketplaces: Markets are the major places where criminals make attacks. They destroy both online and offline money accounts of users. To defeat them, marketers can heavily benefit from ID Document Liveness Detection SDK. 

Our Final Thoughts

ID Document Liveness Detection plays a crucial role in preventing fraud and defeating online attacks made by criminals. This technology effectively extracts text from ID documents and then lets the system mark them for further processing.

This technology plays a great role that we have discussed in this guide in detail. This section starts from AI integration and ends with reduced costs. This role is such a groundbreaking one. However, many users remain confused about how to get such benefits.

To eliminate this confusion, we have brought Recognition for them, driven by NIST FRVT. In the end, we have discussed some major case uses of this innovative technology from banks to e-commerce marketplaces.

So, what is your feedback for our guide and service? You have liked them or havn’t you? We want your honest feedback…..

In 2025, the competition between the Nintendo switch vs switch lite continues to captivate gamers. Each device has its unique strengths and weaknesses, catering to different audiences. While the Switch offers enhanced features like TV connectivity and detachable Joy-Con controllers, the Switch Lite boasts a more affordable price point and a compact design, perfect for on-the-go gaming. In this article, we will benchmark both devices to help you determine which Nintendo Switch wins in 2025. Whether you prioritize performance, portability, or price, understanding the differences between switch vs switch Lite is essential for making an informed decision.

Key features of the Nintendo switch lite

The Nintendo Switch Lite is designed specifically for handheld gaming, making it a popular choice among gamers seeking portability.

Design and specifications of switch vs switch lite

The Nintendo Switch Lite features a sleek, compact design that prioritizes portability, making it an excellent choice for gamers who are always on the move. Weighing just 0.61 pounds, it is significantly lighter than its counterpart, the standard Switch. The device comes with a 5.5-inch LCD touchscreen that delivers crisp visuals, perfect for immersive gameplay.

Unlike the standard Switch, the Lite has integrated controls, providing a seamless and user-friendly gaming experience. With a battery life ranging up to 7 hours, the Switch Lite is designed to keep up with gaming sessions. In summary, when considering the differences in design and specifications, the switch vs switch Lite highlights Lite’s emphasis on portability and ease of use, making it a standout option for handheld gaming.

Joy-Con functionality and TV connectivity

One of the notable differences between the Nintendo Switch and Switch Lite lies in their Joy-Con functionality and TV connectivity. The standard Nintendo Switch allows users to detach Joy-Con controllers, enabling multiplayer gaming and a wide range of gameplay styles. Additionally, it supports TV connectivity, allowing players to enjoy their favorite games on a larger screen.

The Switch Lite is designed solely for handheld play and does not support detachable Joy-Con controllers or TV connectivity. This limitation means that while the Lite is perfect for solo gaming on the go. The product lacks the versatility of the standard Switch in terms of shared experiences and larger displays. Therefore, when weighing the features of Switch vs Switch Lite, the Lite’s lack of Joy-Con functionality and TV connectivity is a significant consideration for those seeking a more versatile gaming experience.

Comparing performance: Nintendo switch vs switch lite

When it comes to performance, the Nintendo Switch and Switch Lite cater to different gaming needs and preferences. Both devices utilize the same powerful NVIDIA Tegra processor, ensuring that they can run popular titles smoothly. However, the way each device is designed affects their overall performance and user experience.

Gaming performance benchmarks

When evaluating gaming performance benchmarks, both the Nintendo Switch and Switch Lite demonstrate impressive capabilities, but with distinct differences. The standard Switch excels in graphic fidelity while docked, allowing for higher resolution gameplay on larger screens. Meanwhile, the Switch Lite, optimized for handheld use, delivers a consistent performance with a slightly lower graphical output.

Games like “The Legend of Zelda: Breath of the Wild” and “Animal Crossing: New Horizons” perform admirably on both devices, though players may notice a slight difference in frame rates and loading times. Battery life also plays a role, with the Lite providing a longer duration for handheld gaming sessions. While both consoles offer great performance, the choice between Switch vs Switch Lite ultimately depends on your preferred gaming style.

Battery life comparison between switch vs switch lite

Battery life is a crucial factor for gamers, especially for those who prefer handheld gaming. The Nintendo Switch Lite offers a notable advantage in this area, with a battery life ranging from 3 to 7 hours, depending on the game being played and usage patterns. In contrast, the standard Nintendo Switch provides a battery life of approximately 2.5 to 6.5 hours when used in handheld mode.

While both devices allow extended gaming sessions, the Switch Lite’s focus on portability inherently enhances its longevity during on-the-go play. Therefore, when considering battery life, the differences between Switch vs Switch Lite highlight Lite’s superior endurance, making it an ideal choice for gamers who prioritize long-lasting play without the need for frequent recharging.

FeatureNintendo Switch OLEDNintendo Switch (Regular)Screen Size7 inches (OLED)6.2 inches (LCD)Display TypeOLEDLCDAudio QualityEnhanced audioStandard audioKickstandWide adjustable kickstandSmall, less stable kickstandBattery Life4.5 to 9 hours2.5 to 6.5 hoursStorage64 GB32 GBWeight0.93 pounds0.88 poundsPriceHigher price pointLower price point

With a vibrant 7-inch OLED screen, the OLED model offers richer colors and deeper contrasts. Additionally, improved audio quality and enhanced kickstand for tabletop mode provide added convenience and immersion. While both versions share the same core performance capabilities, the OLED model’s upgrades cater to those who prioritize display quality and sound. We will explore the key differences between the Nintendo Switch OLED and the regular model. We also compare these features in the context of Switch vs Switch Lite to help you make an informed decision based on your gaming preferences.

The differences between Nintendo switch and switch lite

Key differences include screen size, battery life, and multiplayer capabilities, which cater to various gaming styles and preferences. We’ll explore these distinctions in detail to help you determine the best fit for your gaming needs in the context of switch vs switch lite.

FeatureNintendo SwitchNintendo Switch LiteScreen Size6.2 inches5.5 inchesDisplay TypeLCDLCDDetachable Joy-ConYesNoTV ConnectivityYes (docked mode)NoBattery Life2.5 to 6.5 hours3 to 7 hoursWeight0.88 pounds0.61 poundsStorage32 GB32 GBPriceHigher price pointLower price pointMultiplayer SupportLocal and onlineLocal onlyGame CompatibilityAll Switch gamesAll Switch games Which one should you choose? The decision between switch vs switch lite:

As we progress into 2025, the choice between the Nintendo Switch and Switch Lite remains a significant consideration for gamers. Both consoles offer unique advantages that cater to different gaming styles and preferences.

Recommendations based on gaming preferences

Choosing between the Nintendo Switch and Switch Lite depends largely on your gaming preferences and lifestyle. If you enjoy gaming on a larger screen, value multiplayer experiences, the Nintendo Switch is the ideal choice for you. Its versatility makes it suitable for both casual gaming and more immersive sessions.

If you prefer a lightweight, portable console primarily for solo gaming, the Switch Lite is tailored for that experience. With its extended battery life and compact design, it caters perfectly to handheld enthusiasts. Understanding your gaming habits will guide you in deciding between these two options, making the comparison of Switch vs Switch Lite essential for every gamer.

Considerations for portability vs versatility

When evaluating gaming consoles, the balance between portability and versatility is crucial, particularly when comparing the Nintendo Switch and Switch Lite. The Switch Lite excels in portability, designed specifically for handheld play, making it easy to carry. Its lightweight and compact form factor cater to those who frequently travel or prefer gaming in various locations. On the other hand, the Nintendo Switch offers unmatched versatility, allowing users to play both handheld and docked. This adaptability is perfect for gamers who enjoy multiplayer sessions or want to switch between playing at home and on the move. Ultimately, your choice will depend on whether you prioritize portability or versatility, underscoring the importance of understanding the differences in Switch vs Switch Lite for your gaming experience.

Conclusion

In 2025, the decision between the Nintendo Switch and Switch Lite ultimately hinges on your personal gaming preferences and lifestyle. The Nintendo Switch stands out for its versatility, offering a hybrid experience that caters to both home and handheld gaming. Meanwhile, the Switch Lite shines in portability, making it the perfect companion for gamers who prioritize convenience and on-the-go play. By benchmarking their performance, battery life, and overall features, it’s clear that both consoles have unique strengths. Whether you choose the adaptable Nintendo Switch or the compact Switch Lite, understanding these key differences will ensure you select the console that best fits your gaming needs.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Switch vs Switch lite? Which Nintendo Switch Wins in 2025? appeared first on Herond Blog.

On May 19, 2025, Microsoft blogged the following potentially prophetic words: We envision a world in which agents operate across individual, organizational, team and end-to-end business contexts. This emerging vision of the internet is an open agentic web, where AI agents make decisions and perform tasks on behalf of users or organizations. In the current mad … Continue reading Birthing the Agentic Web →

Data theft and how to protect data in the face of increasing cases of data theft Recent Scandal in Argentina Highlights a Massive Digital Trust Gap

In a striking case that has stirred political and cybersecurity circles alike, Argentine authorities are investigating a social media influencer for allegedly misusing the CUITs (tax IDs) of five provincial governors to facilitate clothing imports under fraudulent barter agreements.

According to the La Voz article, the influencer was able to initiate import operations by impersonating state authorities, a move that points to critical failures in identity verification and data authenticity across public sector systems.

This incident isn’t just a political scandal — it’s a technological wake-up call.

What’s the problem: Identity in a Web2 World Is Broken

Let’s break down what went wrong:

Static identifiers (like CUITs) are publicly known and easily misused. No decentralized verification mechanism exists to confirm who is behind a given request. Paper-based or email-based authorizations can be forged or socially engineered. Lack of auditability and tamper-resistance in public records.

In short, Web2 identity systems were never designed for integrity-first governance.

Extrimian Solution: Verifiable Credentials and Decentralized Identity (DID)

This is where Extrimian’s technology stack comes in — providing next-generation digital identity solutions built for trust, transparency, and tamper-resistance.

With Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs), institutions and individuals can cryptographically prove who they are, what roles they hold, and what permissions they’ve been granted.

What this looks like in practice: Governors or their offices issue verifiable credentials signed with cryptographic keys. These credentials confirm roles, permissions, or authority to engage in specific transactions (e.g., import operations). Customs systems or regulatory APIs validate these credentials in real time. No credential = no action. And any attempt to forge or reuse expired credentials fails cryptographic validation instantly. Verifiable Credentials for Decentralized Digital Identity circuit
Why does a new data security system matter now?

Public institutions, regulatory bodies, and private sector players are increasingly vulnerable to identity-based fraud, whether it’s:

Fake authorizations for import/export activity. Impersonation of officials for grants or tenders. Abuse of state data for reputation laundering.

The Extrimian DID/VC framework prevents this by design:

Every claim is traceable, verifiable, and revocable. You control your identity, but institutions can trust it without intermediaries. AI systems or customs logic can automatically validate credentials without human review. How does Extrimian Technology work for data security? – Decentralized Identifiers (DIDs):

A new standard for digital identity, DIDs are globally unique, user-controlled identifiers that don’t rely on central registries. Unlike CUITs or email addresses, DIDs can’t be spoofed.

– Verifiable Credentials:

Credentials (like “Governor of Córdoba”) are digitally signed and timestamped. They’re issued by a trusted entity and can be shown (and validated) without revealing unnecessary personal data.

– Interoperability & Compliance:

Extrimian builds on W3C standards and works with Hyperledger, Ethereum, and other Web3 protocols — making the stack fit for enterprise and government adoption.

Use Case: Protecting CUITs and import authorizations

Let’s reimagine the current scandal with Extrimian in place:

Current ProblemExtrimian SolutionCUITs misused to authorize importsCredentials would require live cryptographic validationNo verification of who submitted paperworkEvery credential includes signer metadata and roleFraudulent authorization slips throughInvalid credentials are immediately rejected at the protocol layer

The result? No more impersonations. No more unchecked imports.

What is the best Data Theft and Security solution?

The CUIT scandal is emblematic of a global challenge. As governments digitize, identity without verification is a liability. By integrating verifiable credentials and DIDs, institutions don’t just stop fraud — they build digital trust for the AI era.

Contact us to protect your organization data

The post Fixing Data Fraud & Identity Theft first appeared on Extrimian.

How much does KYC cost businesses across the world, and how can you tell if the cost is justified? KYC compliance is a non negotiable to avoid both financial crime and hefty penalties. Learn more about cost efficiency in KYC.

The post How Much Does KYC Cost? first appeared on ComplyCube.

Powering a New Standard for Secure Proximity Authentication & Engagement in Unified Consumer Experiences Cincinnati, OH— May 20, 2025— LISNR®, the global leader in proximity engagement solutions, announced the launch today of Radius® 3.1, the next generation of its ultrasonic software development kit (SDK). With this release, LISNR expands its core technology to deliver a more complete, real-world solution for proximity-based authentication and engagement. The new Radius SDK unlocks fresh possibilities for digital identity, payment authentication, and proximity-driven marketing. It helps brands capture and act on their customers’ most important micro-moments by providing a seamless, hardware-agnostic way to detect presence, verify identity, and transfer data securely through ultrasonic technology. Feature Overview The release introduces: ToneLock: Three flexible options for payload security: Custom-value provides app developers with full control over which devices can receive data Account-based offers LISNR managed protection for all devices within your organization Time-based guarantees timely access through automated expiration windows AES-256 Encryption: End-to-end encrypted data payloads Zone 266: The perfect combo of range and speed for 1:1 or 1:many transactions All of this builds upon the existing core functionality that sets LISNR apart: Versatile Tone Profiles for Any Use Case: Zone or Point tones optimized for distance, throughput, or movement Callback Controls. Complete control over app logic for triggering engagements on tone detection Multichannel Transceiving. Simultaneous 2-way data exchange on up to three channels “This release marks a turning point for LISNR and our partners,” said Eric Allen, CEO of LISNR. “Ultrasonic technology is capable of far more than simply transmitting data—it’s about connecting merchants to customers, securely and in the moment, powering end-to-end engagements on and offline.”

Seamless Engagement, Multiplied Radius 3.1 transforms ultrasonic tech from a behind-the-scenes protocol to a customer-facing solution for meaningful, frictionless engagement across mobility, retail, digital wallets, rewards, digital identity, events, hospitality, healthcare, and beyond. Visit the LISNR website to learn more about the Radius SDK.

ABOUT LISNR®

Today’s customer expects seamless, secure, and context-aware interactions—anytime, anywhere. LISNR® helps brands deliver on that expectation by powering proximity engagement that works without dependence on hardware, connectivity, or QR codes. With millions of transmissions in over 100 countries, LISNR’s ultrasonic SDK (Radius®) and gamified consumer engagement platform (Quest) allow businesses to recognize presence, personalize experiences, and process transactions in real-time. From mobility and retail to fintech and hospitality, LISNR bridges the gap between digital and physical with proximity-first experiences that drive loyalty, revenue, and trust. For more information, visit LISNR.com.

The post LISNR Launches Next Generation Ultrasonic SDK for Radius appeared first on LISNR.

Join Mounaim Cortet at EBAday 2025 for a panel discussion on the future of Open Finance from 27 May 2025 till 28 May 2025 Trudy Zomer 20 May 2025 - 13:49 Paris

On 28 May, Mounaim Cortet, Vice President at INNOPAY, will be participating in a panel discussion on ‘The Future of Open Finance: The Impacts of New Regulation, Use Cases, and Business Models’ during EBAday 2025.

The session will explore the past, present and future of financial data access and how it paves the way for Open Finance, Banking as a Service and Embedded Finance. As part of the discussion, Mounaim will contribute insights from recent industry discussions on the Financial Data Access (FiDA) regulation. These include INNOPAY’s work on the FiDA “voice of the industry” report commissioned by the Euro Banking Association (EBA), highlighting both the strategic opportunities and challenges facing financial institutions.

Taking place on 27 and 28 May in Paris, EBAday is the leading annual event for payments and transaction banking professionals across Europe. It brings together senior executives from banks, fintechs, infrastructure providers, regulators, and industry bodies to discuss the trends shaping the future of payments and open finance.

Join the conversation and stay informed on how FiDA could shape the future of customer relationships, data infrastructure and innovation across the European financial ecosystem.

For more information and registration, go to the EBAday website

What if the real threat in the Hindu Kush Himalayas isn’t war, but collapse? What happens when melting glaciers, volatile politics, and fraying ecologies converge? Can we imagine security beyond borders — rooted in shared rivers, anticipatory governance, and a planetary ethic of care? What risks are we still refusing to see?

In June 2024, Dark Matter Labs was commissioned to develop a 75-year situational risk profile of the Hindu Kush Himalaya (HKH). The goal was to identify the potential of catastrophic risk in the region, i.e. to map a complex terrain of cascading environmental threats, political instability, and social vulnerabilities that might, under certain pressures, tip into systemic crisis. One aspect we sought to explore was how water insecurity could add to political tensions and even lead to conditions for conflict in the region.

At the time, we chose not to share the full analysis publicly. Some of the risk intersections we identified, particularly around water infrastructure, migration corridors, and conflict hotspots, felt too sensitive, too easily misinterpreted or potentially weaponised. However, given the return of heightened conflict between India and Pakistan, it feels important to share at least part of our analysis. The objective is not to claim prescience or take sides but help shift the conversation away from land and borders to something much more oriented towards the socio-ecological continuities in the region that are hurtling towards systemic collapse. We offer this summary of our learnings in relation to the ongoing conflict.

Figure 1. The Hindu Kush Himalayas. Image by Nieves López Isquierdo¹. An Overview of Recent Events

On April 22, 2025, gunmen opened fire on a group of tourists in the Himalayan resort town of Pahalgam in Indian-administered Kashmir, killing 25 visitors and a local guide². The brutality of the incident has shattered any evidence of tenuous calm in the region — a narrative that the Indian government has promoted since the abrogation of Article 370 in 2019 (which revoked Jammu and Kashmir’s constitutional autonomy). The Indian government blamed Lashkar-e-Taiba, a UN-proscribed terrorist organisation based in Pakistan, for the attack. Within days, New Delhi accused Islamabad of supporting the attackers and launched a diplomatic and economic offensive. India downgraded ties, expelled Pakistani diplomats, sealed its land borders, and suspended the 1960 Indus Waters Treaty — a crucial water-sharing arrangement between the countries that had previously survived three major wars between the two nations³. Pakistan, denying any involvement, bristled at the accusations and retaliated in kind. It closed its airspace to Indian flights, halted all trade, and nearly put a 50-year-old bilateral peace treaty, the Simla Agreement, on hold⁴.

For ordinary people on both sides of the border, the sudden freefall in relations and outbreak of military hostilities has been alarming. In some regions, air raid sirens and border skirmishes have become nightly occurrences⁵. Even far from the conflict zone, the social fabric has been strained. The killings have opened up India’s already frayed religious and ethnic fault lines. In some Indian cities, anger over the Pahalgam killings has spilled into mob violence and xenophobia. Muslims, especially Kashmiris, living in places like Punjab and New Delhi, have found themselves harassed, assaulted, or shunned, as many Indians scapegoat them for the actions of militants⁶. Social media disinformation and the use of AI-manipulated content and deepfakes has been rampant on both sides, which has only fuelled polarisation and jingoism⁷.

Entangled Continuums / Systemic Risks

As the two nations trade fire and fury, a deeper crisis continues to unfold. HKH spans 3,500 kilometers across eight countries, towering as the planet’s ‘Third Pole’ with its vast ice fields and alpine ecosystems. It is an awe-inspiring landscape of glaciers, snow-fed rivers, and narrow valleys teeming with life — and risk. Even before the latest military flare-up, scientists and strategists had been sounding alarms about a cascading chain of environmental threats. Climate change is hitting the HKH region hard and fast. Average temperatures in the mountains are rising faster than the global average and extreme weather events are becoming more frequent. If the world manages to limit global warming to +1.5°C, the Himalayas will likely experience about +2.0°C — enough to irreversibly alter its ecology. The spillover effects of such warming are already evident and will intensify: a third of all Himalayan glaciers could vanish, monsoon patterns are turning more erratic with heavier bursts of rain and longer droughts, and mountain disasters like landslides and flash floods are on the rise. All of this directly threatens the livelihoods and cultures of upland communities who have contributed almost nothing to global emissions but face outsize consequences.

Nowhere is the climate impact more dramatic than in the glaciers themselves. The HKH region holds about 73,000 square kilometers of glacier, a crucial store of fresh water that feeds Asia’s great rivers and provides water to over 240 million people in the HKH mountains, and an estimated 1.65–2 billion people downstream, affecting populations as far south as Vietnam. These glaciers are in rapid retreat. Recent assessments show that glacier loss in the 2010s was 65% faster than in the previous decade. By mid-century, the region is expected to hit ‘peak water’ — meaning melting glaciers will swell rivers to a maximum — after which water flows decline steadily as the ice reserves dwindle. If global warming is kept to 1.5–2°C, the Himalayas will still lose about 30–50% of their glacier volume by 2100. This is already an impossible target to meet. On the current trajectory of around 3°C of warming, up to three-quarters of the glacier ice could disappear by the end of the century. Such a loss would be catastrophic, causing both dangerous flooding in the near term and severe water shortages and food insecurity for decades thereafter. Food and water security for the HKH depend on the seasonal meltwater from glaciers. As one report starkly put it, “the people living in these mountains who have contributed next to nothing to global warming are at high risk” — and current adaptation efforts are nowhere near enough to help them cope.

Figure 2. Geodetic mass balance of glaciers in each region of the HKH and for the whole region (inset) for 1975–1999, 2000–2009, and 2010–2019. The size of the bars and their colour depend on changes in the average mass balance, expressed in metres water equivalent per year (m w.e. per year). The vertical black lines show the uncertainty. The bold numbers beside each basin give the glacier region in the Randolph Glacier Inventory⁸.Figure 3. Overview of all recorded cryospheric events in the HKH between 2015 and 2023⁹.

In such a fragile landscape of risk, India’s suspension of the Indus Waters Treaty is particularly ominous. The Indus River and its tributaries support 80 percent of irrigated agriculture in Pakistan as well hydropower. Pakistani officials warned that any attempt by India to choke the Indus River would be taken as an “act of war” and met with “full force”¹⁰, and are in the process of finalising a legal response¹¹. In other words, water — the most basic of shared resources — has become a potential weapon, and it is portentous for other resource wars to escalate in a time of climate-induced scarcity. Similarly, consider the Brahmaputra River (known as Yarlung Tsangpo in China) which winds from Tibet into India and Bangladesh. China’s construction of mega-dams upstream and its plans to possibly divert waters have caused consternation in India, which has responded with its own infrastructure projects in the region (notably the construction of India’s longest under-river tunnel across the Brahmaputra¹²). The risk here is that 50% of the Brahmaputra’s catchment is in Chinese-controlled territory. While not explicitly weaponised as in the case of the Indus Water Treaty, there is a threat to India and Bangladesh if Beijing opts to exert too much control. Climate change, in this context, is a risk multiplier: more erratic monsoons and faster glacial melt could lead to sudden floods one decade and crippling droughts the next, without any nation firing a shot. Or worse: forcing one side or both to push towards hot war. All the countries of the HKH are thus bound in a high-stakes environmental lottery. Upstream actions create downstream impacts, and an extreme event in one place — be it a cloudburst, landslide, or outburst flood from a glacial lake — can send ripples of disaster through valleys that span multiple nations.

It is also important to recognize how multiple hazards stack onto vulnerable mountain populations. A recent multi-hazard assessment of the HKH found that nearly half (around 49%) of the region’s people are exposed to more than one type of natural hazard — often simultaneously. Only 19% of the population resides in the safest third of the land area, whereas one-fifth live in the most dangerous 9% of land where floods, landslides, and wildfires overlap¹³. Many of the high-risk zones are precisely the densely populated mountain valleys and foothill corridors where development has concentrated. For example, the Kashmir Valley, Nepal’s Middle Hills, and parts of the Hindu Kush in Pakistan all feature towns and farmlands squeezed between steep slopes and flood-prone rivers. When heavy monsoon rains come or when a glacier lake suddenly bursts its banks, the damage can be enormous and quickly crosses borders. This was evident in 2010 when epic floods in Pakistan (triggered by unusual monsoon patterns linked to a warming atmosphere) affected 20 million people and even impacted parts of Indian Kashmir downstream. Likewise, a major landslide or earthquake in the Himalayas could dam rivers or reroute them, with downstream countries helpless to prevent flooding. Such cascading disasters are not hypothetical ; they are a question of when, not if. Each event can act as a threat multiplier: displacing communities, straining governments, and potentially fueling social unrest or migration that ignites new conflicts (fig. 4).

Figure 4. An illustrative 50-year Risk Profile for the HKH. Image by Prateek Shankar, Dark Matter Labs.

The Pahalgam terror attack and the ensuing military standoff occurred against such a backdrop of environmental fragility. In a very real sense, the skirmishes over borders and the looming crisis over glaciers are part of a single continuum of risk. Both stem from hyper-stressed systems that are increasingly interlinked. The HKH region faces an ‘entangled continuum’ of threats where a trigger in one domain (e.g., security) can exacerbate vulnerabilities in another (e.g., water and climate), and vice versa. It is no coincidence that as India and Pakistan were trading fire, they were also trading accusations over water and power supply. Nor is it a coincidence that even as soldiers were entrenched on the frontiers, families were worried about blackouts and crop irrigation back home. In this environment, a narrow focus on conventional, ‘hard’ security threats alone begins to look dangerously myopic.

This is why the lens of the nation-state, though institutionally powerful, is insufficient to understand what is happening in the region. The rivers of the HKH do not follow treaties or the speeches of political leaders in Delhi and Islamabad. They swell, split, and migrate. So do its communities, its vulnerabilities, and its threats. Treating each skirmish, each event, and each border incident as a contained political dispute misses the deeper story: the systemic weakening of a shared ecological and civilisational fabric. In the days following the Pahalgam attack, much of the attention had focused on questions of accountability and justice. But as long as that attention remains bounded by flags and frontiers, it misses this larger terrain of risk. This is and cannot be a region defined by conflict. It is defined by continuity. Migratory routes, trade flows, shared cosmologies, and mountain knowledge: these threads have always connected lives across what are now hard and militarized borders. The recent outbreak of conflict is not just the resurfacing of old grievances, but the fraying of such threads under new and regionally shared pressures — pressures which are barely acknowledged in public discourse in the region.

Figure 5. Development pathways and possible scenarios for the Hindu Kush Himalayas in 2080¹⁴.

As an informed public and as stakeholders in this region’s future, we must push our leaders to recognize the continuum of risk, these risk commons. It is no longer enough to simply ‘defeat terrorism’ or ‘secure the border’ in a vacuum. Security in the HKH needs to be reconceived as ecological and human security, requiring principled and mediated dialogue and joint strategies that span from the highest mountain peak to the lowest floodplain. Instead of viewing each other as primary threats, countries of the HKH — and more importantly their leaders — may need to see that they face a common threat which is the entangled crisis of climate warming, a more volatile planet, and the cascading disasters it will bring. We must imagine a renewed sense of planetary security that recognises the entanglement of these risks and our shared futures (e.g. shared data infrastructures, anticipatory risk modeling, whole-systems analysis and bold diplomatic innovation). Ultimately, a bullet fired or a treaty broken in anger is not just an act against a rival nation but against the shared life-support systems that all nations depend on.

This blog was written by Zehra Zaidi and Prateek Shankar (who are British-Pakistani and Indian respectively). It summarizes key findings from a June 2024 report titled “Crisis Landscapes at the Third Pole: Situational Risk Assessment of the Hindu Kush Himalayas” as part of the Planetary Civics mission at Dark Matter Labs. The full report can be made available on request.

Learn more about the mission on our alliance website: Planetary Civics Inquiry.

If you are interested in working with us on exploring potential systems interventions in the HKH, or would like to get in touch, please contact us at planetary-civics-inquiry@darkmatterlabs.org. Sources

[1] ICIMOD, Hindu Kush Himalayan Region, (icimod.org); Shresta, A.B. et al., (2015). The Himalayan Climate and Water Atlas: Impacts on climate change on water resources in five of Asia’s river basins, GRID-Arendal and CICERO.

[2] Sharma, Yashraj. “‘Burst Balloon’: How Pahalgam Attack Shattered Modi’s Kashmir Narrative.” Al Jazeera, 28 Apr. 2025. Source.

[3] Sharma, Harikishan. “What India’s Suspension of the Indus Waters Treaty Means for Pakistan — and for Itself.” The Indian Express, 24 Apr. 2025, Source.

[4] Shahzad, Asif, et al. “Pakistan Closes Air Space for Indian Airlines, Warns against Water Treaty Violation as Ties Plummet.” Reuters, 24 Apr. 2025. Source.

[5] Ahmed, Aftab, and Charlotte Greenfield. “India, Pakistan Accuse Each Other of Attacks as Hostilities Rise.” Reuters, 9 May 2025. Source.

[6] Sharma, Yashraj. “‘We’re Cursed’: Kashmiris under Attack across India after Pahalgam Killings.” Al Jazeera, 25 Apr. 2025. Source.

See also: Henry, Nikhila. “Hyderabad’s Karachi Bakery Vandalised as Protesters Demand a Name Change.” The Indian Express, 12 May 2025. Source.

[7] Kugelman, Michael. “Why Disinformation Surged during the India-Pakistan Crisis.” Foreign Policy, 14 May 2025. Source.

See also: Siow, Maria. “Misinformation warfare intensifies in India and Pakistan as conflict rages on’. South China Morning Post, 16 May 2025. Source.

[8] HI-WISE Report, Chapter 2, p. 34.

[9] HI-WISE Report, Chapter 3, p. 91.

[10] Shahzad, Asif, et al. “Pakistan Closes Air Space for Indian Airlines, Warns against Water Treaty Violation as Ties Plummet.” Reuters, 24 Apr. 2025. Source.

[11] “Pakistan Readying To Challenge India’s Suspension Of Vital Water Treaty Amid Rising Tensions”, Radio Free Europe / Radio Liberty, 29 Apr. 2025. Source.

[12] Dash, Dipak K. “Panel Green-Signals Under-River Tunnel across Brahmaputra; Returns 2 Projects in J&K Citing Deficiencies.” The Times of India, 16 Apr. 2025. Source.

[13] Rusk, J., et al. (2022b). Multi-hazard susceptibility and exposure assessment of the Hindu Kush Himalaya. Science of The Total Environment, 804. Source.

[14] P. Wester, A. Mishra, A. Mukherji, A. B. Shrestha (eds) (2019) The Hindu Kush Himalaya Assessment — Mountains, Climate Change, Sustainability and People, Springer Nature Switzerland AG, Cham, Chapter 4, p.101; see also Sanhita Sahasrabudhe and Udayan Mishra, Summary of the Hindu Kush Himalaya Assessment Report (2019), ICIMOD, p. 14.

The Risks We Share: Climate, Conflict, and Continuity in the Hindu Kush Himalayas was originally published in Dark Matter Laboratories on Medium, where people are continuing the conversation by highlighting and responding to this story.

IDnow’s collaborative research project, MAMMOTH, which explores ways of addressing bias in face verification systems, comes to an end in Autumn 2025. Here, we share a summary of the findings so far, and what it could mean for a more inclusive future of identity verification.

Face verification has emerged as an indispensable way for businesses to quickly and securely prove the identity of their customers. There are multiple reasons for its widespread adoption, including enhanced security, reduced operational costs, and elevated user experiences.

What is face verification and when is it used? 

Face verification is a form of biometric technology that uses the unique features of a face to confirm an identity. In the context of remote identify verification, it involves capturing a digital image of a person’s face, often in real time, and comparing it to the identity photo extracted from a submitted identity document. 

The ‘one-to-one’ matching process of face verification differs from the ‘one-to-many’ matching technique of face recognition, which involves identifying an individual from images of other individuals. 

When combined with liveness detection, 3D depth analysis, and AI-powered pattern recognition, face verification can verify identity documents and the actual person behind them to dramatically reduce account takeovers, synthetic identity fraud, and impersonation attempts while creating a seamless customer experience. 

From banking onboarding to airport security, face verification can transform time-consuming identity checks into seamless moments of trust. Beyond its commercial benefits, face verification offers significant social and economic advantages. It is particularly transformative in regions where many lack traditional forms of ID, providing an accessible means to verify identity and unlock services. 

However, despite its widespread use, many face verification systems are still underperforming for specific demographics, such as darker skinned people. 

In fact, a 2019 study by MIT Media Lab discovered that while face verification error rates for white men were just 0.8%, they jumped to 34.7% for darker skinned women.  

This demographic bias isn’t just a technical flaw – it undermines the right to equal access to essential digital services, such as opening bank accounts or registering for welfare or health services.

Undertaking a MAMMOTH project.

In 2022, alongside 12 European partners, including academic institutions, associations and private companies, IDnow set out to break down these barriers of bias. 

Funded by the European Research Executive Agency of the European Commission, the goal was to study existing biases and offer a toolkit for AI engineers, developers and data scientists so they may better identify and mitigate biases in datasets and algorithm outputs. 

In April 2025, I attended the ‘Addressing visual bias in Biometric Identity Verification‘ webinar to share some of the findings from the project, discuss how face verification biases arise and what can be done to address them. I was excited to share a solution to this very real problem in the digital world.

What’s the problem? Skin tone bias in ID verification.

State-of-the-art face verification models trained on conventional datasets show a significant increase in error rates for individuals with darker skin tones. This is due to an underrepresentation of minority demographics in public datasets. This lack of diversity in the data makes it difficult for models to perform well on underrepresented groups, leading to higher error rates for people with darker skin tones. This reinforces the urgent need for targeted solutions that address demographic imbalance in training data.

What’s the solution? The power of representation.

Ensuring face verification models are trained on a balanced dataset of images featuring characteristics typically absent from public datasets significantly improves model performance overall. For instance, as identity card photos may undergo color transformations applied by issuing bodies (e.g., governments), skin tone plays an important role, particularly if the calibration is not optimized for darker skin tones.  

This miscalibration can create inconsistencies between the captured selfie image and the individual’s appearance in the ID card photo, especially for those with darker skin tones. 

This shows that training using a demographically balanced real-world dataset that mirrors the specific characteristics and variability of identity card images can ensure more accurate and fair recognition for individuals with darker skin tones. 

To address this issue, IDnow proposed using a ‘style transfer’ method to generate new identity card photos that mimic the natural variation and inconsistencies found in real-world data. By augmenting the training dataset with synthetic images, it not only improves model robustness through exposure to a wider range of variations but also enables a further reduction of bias against darker skin faces.  

Various experiments on public and proprietary real-world datasets reveal that fine-tuning state-of-the-art face verification models with the proposed methodology yields an 8% improvement in verification accuracy, while requiring only 25% of the original training data. In doing so, the accuracy gap between skin tone groups was reduced by more than 50%, ultimately leading to a fairer face verification system. 

Incorporating learnings from the MAMMOTH project has enabled us to improve the IDnow face verification system so that we may better address ethnically diverse markets in Europe and beyond.

1. Photo ID.  2. Photo meeting conformity standards. 3. Selfie found in reference database. A synthetic solution to a real-world problem.

As the global adoption of biometric face verification systems continues to increase across industries, it’s crucial to ensure that these systems are accurate and fair for all individuals, regardless of skin tone, gender or age. By focusing on designing balanced, ID card-specific training datasets and leveraging synthetic data augmentation techniques, such as style transfer, we can significantly reduce bias and improve the robustness of these models. 

However, without a legal framework to ensure ethical standards are adhered to, even the greatest technological breakthrough will fall short of making a long-lasting social and economic impact. We are proud of the work we are doing to reduce bias in face verification systems and are hopeful that such guidance will become standard in global regulations, such as the EU AI Act. 

For a deeper dive into findings from the MAMMOTH project, watch the full webinar.

The MAMMOTH project ensured all security measures were followed to protect data and comply with internationally accepted standards and privacy regulations, including GDPR. 

The MAMMOTH project was funded by the European Union under Grant Agreement ID: 101070285. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or European Commission. Neither the European Union nor the granting authority can be held responsible for them.

By

Dr Elmokhtar Mohamed Moussa
Research Scientist, Biometrics Team
Connect with Elmokhtar on LinkedIn

As part of our ongoing series highlighting key contributors to the House Party Protocol (HPP), we spoke with Terry Kim, CEO of AlphaQuark, a core partner in the HPP ecosystem. AlphaQuark has positioned itself at the intersection of real-world assets (RWA), NFTs, and smart financial infrastructure, delivering tools to bring traditional asset valuation into the on-chain world. In this interview, Terry outlines how AlphaQuark is evolving alongside HPP, and why L2 scalability, AI integration, and cross-chain connectivity are unlocking the next frontier for tokenized assets.

Q1: How would you describe AlphaQuark’s role within the HPP ecosystem?
Terry Kim: AlphaQuark was built with a clear mission: to bridge real-world asset value into the blockchain economy. Within HPP, we act as the asset intelligence layer. We’re building not only tokenization systems but also pricing models, data integration tools, and evaluation protocols that let real-world assets interface with smart contracts. The result is a deeper connection between tangible value and programmable finance. In many ways, we’re the “what it’s worth” layer in an ecosystem that’s about verifying, trading, and applying that value.

Q2: How does AlphaQuark benefit from the transition to HPP Layer 2?
Terry Kim: L2 opens up much-needed bandwidth for complex asset logic. Valuation data changes frequently. Compliance checks, liquidity modeling, and even AI-based risk assessments all require more than static smart contracts. HPP Layer 2 gives us the ability to deploy more advanced contract logic and integrate AI agents without bottlenecking performance. It’s the infrastructure upgrade we needed to take AlphaQuark from issuing assets to operating living, evolving asset networks.

Q3: What is the possible shift for AlphaQuark after the launch of HPP?
Terry Kim: HPP marks a major turning point for us. We’ve always focused on building infrastructure for decentralized value, and with HPP Layer 2, we can now do that at scale and with far more sophistication. We’re not pivoting from traditional finance — we’re fully committing to building natively within Web3. This means optimizing for composability, data streaming, and AI-native integrations rather than relying on legacy compatibility. It’s a natural evolution of where we’ve been headed.

Q4: What makes AlphaQuark uniquely suited to contribute to a unified data and AI-first ecosystem like HPP?
Terry Kim: We’re already working with datasets that traditional DeFi protocols can’t handle: appraisal records, legal certificates, and real-world transaction history. Bringing these into the HPP ecosystem means integrating them with AI agents and verifiers. It also means building a common language for “what is valuable” across both human institutions and autonomous protocols. That’s a challenge we’re trying to solve.

Q5: What are some specific industries where AlphaQuark’s RWA infrastructure is seeing the most traction?
Terry Kim: Real estate is a big one, not just tokenizing properties, but bringing appraisal logic, loan terms, and insurance factors on-chain. We’re also seeing interest from insurance platforms, IP marketplaces, and even ESG data providers. They all need trust-minimized ways to package and transfer value. That’s what we will provide.

Q6: How is AlphaQuark leveraging smart contracts for asset valuation, and how will this evolve with L2?
Terry Kim: Right now, we use smart contracts to define valuation rules and create standardized RWA token formats. With HPP L2, we’ll be able to dynamically update those contracts with AI-supplied data. Imagine smart contracts that evolve based on real-time economic indicators, appraisal updates, or audit streams. We also see tremendous potential in AI-powered oracles, which can serve as a dynamic verification and data delivery layer for valuation logic. This will give RWAs a much more intelligent and adaptive pricing mechanism.

Q7: How do you approach data validation and compliance when bridging off-chain assets on-chain?
Terry Kim: We apply a mix of off-chain attestations, oracles, and verified issuers. The HPP ecosystem dramatically improves this with W3DB’s Verification-as-a-Service and Booost’s identity frameworks. That’s the beauty of an integrated ecosystem: we don’t have to build everything ourselves—we just connect to other verified components.

Q8: How do you see AlphaQuark integrating AI and autonomous agents?
Terry Kim: In two ways. First, AI will help process valuation data faster, especially in volatile or emerging markets. Second, autonomous agents can execute strategies like rebalancing asset portfolios, flagging suspicious price anomalies, or even initiating compliance actions. The endgame is programmable value, and AI is the logic layer that makes that real.

Q10: In 3–5 years, what role do you hope AlphaQuark will play in the future of on-chain finance?
Terry Kim: I hope we become the trusted layer for pricing and packaging real-world value. Whether it’s a digital twin of an asset, a structured NFT portfolio, or an AI-driven risk model, I want AlphaQuark to be the valuation oracle that DeFi and TradFi both trust. That’s the long game.

We’re the “what it’s worth” layer in an ecosystem that involves verifying, trading, and applying that value.

Open House: Interview with AlphaQuark CEO on Real-World Assets in the Age of HPP was originally published in Aergo blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

“What if centralized dominance is just what success looks like in our current system?”

A Digital Identity Digest Redefining Success: Centralization as a Feature or a Failure? Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 10 seconds 00:00 / 00:09:41 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can subscribe and listen to the podcast on Apple Podcasts or wherever you listen to podcasts.

Be sure to leave me a Rating and Review!

That’s not a defense of centralization; it is a challenge to how we think about centralization vs decentralization, and how we define progress in enterprise systems and platform design. In tech, success is often framed in terms of scale, speed, and adoption. The bigger you grow, the more central you become. And we rarely stop to ask: Is that centralization a feature… or a failure of imagination?

This is the third post in a series about decentralization in enterprise systems, not as an ideal, but as a spectrum of tradeoffs we all navigate:

In Engineering Meets Economics, I argued that flexibility is more valuable than ideological purity. We need systems that can move between centralized and decentralized states. In How Decentralized Are You Willing to Pay For?, I explored what that flexibility actually costs in time, money, tooling, and culture.

Today, I want to take a step back and ask: Why is it so hard to justify decentralization in the first place? What are we really rewarding when we call a system “successful”?

Success Metrics That Skew Centralized

Let’s be honest: most of our current incentives favor centralization. Consider how we measure success in enterprise or platform strategy:

Market share → the more users you serve, the more value you’re assumed to create Efficiency → fewer systems, fewer teams, tighter control Reliability → built-in resilience that looks like robustness, even when it’s just concentration Governance → top-down visibility, fast decision-making, single owners

These are all perfectly reasonable goals. But these goals bias us toward consolidation. And once centralized systems become dominant, they become self-reinforcing; technically, economically, and even culturally.

That said, even centralized dominance is rarely permanent. In his book Clockspeed (have you read that book? No? You should.), Charles Fine argues that competitive advantage, whether it comes from control of the supply chain, platform dominance, or speed to market, is always temporary. The faster your environment moves, the more critical it becomes to reconfigure quickly. That makes modular systems, distributed governance, and optionality not just design preferences, but survival traits.

In that light, centralization might get you to success, but it won’t keep you there.

What’s the Alternative? Success as a Balancing Act

So let’s ask a different question:

What if success isn’t just about growth, but instead about sustaining healthy tension between centralized power and distributed control?

That’s what good governance often looks like. It’s not pure autonomy or rigid hierarchy. It’s a structure that lets people collaborate without collapsing into uniformity.

This isn’t a utopian call for federating all the things. It’s a call to recognize when centralization is helping and when it’s masking fragility, dependency, or misalignment.

We decentralize within organizations all the time:

We spin up new product teams We delegate budget and decision-making to local units We distribute accountability through OKRs and KPIs

But we do it with clear guardrails, shared incentives, and coordination models. In those cases, decentralization is seen as a sign of maturity, not a threat.

So why do we treat infrastructure decentralization like chaos? (Probably because we don’t do it well, but we can fix that.)

What This Means for Architecture (and the Org Chart)

If we accept that centralization is often the default path, not necessarily the best one, then we need to build systems that allow for intentional divergence.

That means:

Designing systems that don’t break when more than one authority exists Structuring metrics to reward adaptability, not just consolidation Treating decentralization not as risk, but as a capacity for complexity

And yes, it also means knowing when centralization is a good choice because it simplifies the right things, not everything.

Rethinking the Goal

You don’t need to decentralize your stack into a thousand services. (Good gravy, can you even imagine the insanity?) But you do need to ask:

Are we building systems that grow toward concentration by default because that’s easier to explain, easier to pitch, or easier to measure? Or are we designing for the kinds of success that hold space for flexibility, autonomy, and resilience?

If centralization is the only outcome we allow ourselves to count, we’re optimizing for a world where fragility just looks like efficiency … until it doesn’t.

There’s one more post in this series coming up next week: Governance Is the Next Bottleneck. I hope you’ve subscribed to get your notification when it comes out!

Want to stay updated? I write about digital identity and related standards—because someone has to keep track of all this! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here] 

Transcript

[00:00:00]
Welcome to the Digital Identity Digest, the audio companion to the blog at Spherical Cow Consulting. I’m Heather Flanagan, and every week I break down interesting topics in the field of digital identity—from credentials and standards to browser weirdness and policy twists. If you work with digital identity but don’t have time to follow every specification or hype cycle, you’re in the right place.

[00:00:26]
Let’s get into it.

[00:00:29]
Hey everybody, welcome back. This is the third episode in our series on centralization and decentralization, and the balance between the two.

If you’re just tuning in now, here’s what you’ve missed:

In episode one, we explored why resilience isn’t about being centralized or decentralized. It’s about being able to move between the two models when circumstances change. In episode two, we looked at the real cost of building that kind of flexibility. Because optionality isn’t free. It takes planning, coordination, and a willingness to invest before you need it. Why Is Decentralization a Hard Sell?

[00:01:01]
And that brings us to today’s topic. Why is decentralization often still such a hard sell, especially inside enterprises?

[00:01:09]
One answer is because most of our success metrics reward centralization.

[00:01:15]
If we don’t challenge how we’re defining success, we’re going to keep optimizing for systems that look great—right up until the point that they don’t.

Centralization and Scale

[00:01:22]
Let’s talk about that in tech. We don’t just love things at scale; we know how to do things at scale fairly well.

[00:01:31]
When we’re working with centralized systems, we know the playbook:

Throw more hardware at it Replicate the databases Spin things up in other regions Set up failovers, caching, and routing magic to absorb traffic

And that totally works—up to a point. Even when control is centralized, we’re very good at scaling the infrastructure around it.

[00:01:50]
When it comes to decentralized models, we know how to do that too. We just don’t plan that way as often.

[00:01:56]
At least not anymore. Think about the protocols from the early days of the Internet: DNS, BGP, SMTP. They’re not flawless or simple, but they work at global scale because they were built to distribute control and survive failure.

[00:02:14]
Everyone gets a piece of the responsibilities in those protocols. Everyone can operate within a shared structure. That’s decentralized centralization, and we did it really well.

The Problem with Success Metrics

[00:02:25]
But now, today’s challenge: most of the success metrics we use today, especially in enterprise systems, still push us towards centralization.

[00:02:33]
Why? Because it looks faster, is easier to explain, and is a lot easier to report on.

[00:02:40]
But when success is only measured by how tightly we can control the system, we end up building architectures that aren’t particularly flexible. And that’s a problem.

Centralization Helped Us Grow—But Does It Still?

[00:02:49]
Now let’s step back for a moment. You might be thinking, “Well, yes, but centralization is what helped us grow as a company, helped us grow at speed.” And yes, you are absolutely right. Centralization often is what helps organizations move fast, simplify complexity, and work at scale. It gives you:

Clean handoffs Predictable systems Fewer moving parts Optimized performance without needing to get everyone to agree on everything

And when you’re trying to move quickly, those things are real advantages.

[00:03:19]
But the thing is, those advantages—whether from your infrastructure perspective or your market perspective—don’t last forever.

[00:03:30]
Markets might shift, regulations might change, vendor lock-in might become a liability, and the systems that helped you grow start to hold you back.

[00:03:40]
There’s a great idea from supply chain strategy that applies here: the faster your environment moves, the more important it becomes to reconfigure quickly.

[00:03:48]
And that’s where centralized success starts to crack—not because it failed technically, but because it couldn’t adapt fast enough.

[00:03:56]
So the question isn’t, “Didn’t centralization help us grow?” It’s, “Can we keep growing without the ability to be a little bit more flexible?”

Decentralization in Organizations

[00:04:07]
It’s kind of funny—we decentralize all the time, but just not when it comes to our infrastructure and definitely not our identity infrastructures.

Inside organizations, we break up control and distribute responsibility on purpose:

Teams have their own budgets Product groups make roadmap decisions Key performance indicators are set at the department level, not just at the company level

[00:04:31]
Why? Because trying to control everything from the top down slows you down. It’s more sustainable to align goals than to micromanage every function.

Take a typical enterprise product org as an example. One team focuses on mobile, another on partner integrations, a third on internal tooling. Each team moves independently within shared priorities. They don’t all escalate to the CIO to push code; they’re trusted to make decisions locally based on their goals and context. We don’t call that chaos—we call that autonomy and maturity.

[00:05:05]
Think of it like a city: every neighborhood has its own character, maybe its own rules, but they follow the same traffic lights, zoning laws, public services. That’s decentralization with coordination.

[00:05:17]
The control, to an extent, is distributed. If we can do this with people and even in governments—if we can handle distributed authority in complex orgs—why does decentralizing infrastructure sometimes feel so risky? It’s not because we can’t do it. It’s because we haven’t applied the same thinking to systems that we apply to teams of people.

Building Flexibility into Identity

[00:05:42]
If centralization has been our default version of success, what does success look like when you build in the flexibility to decentralize?

[00:05:50]
It doesn’t mean blowing up your current architecture, because that would probably be bad and you wouldn’t get very far.

[00:05:56]
It doesn’t mean ditching your identity provider or rebuilding everything from scratch, because that also wouldn’t make you very popular and probably wouldn’t get you very far. But it does mean designing for modularity and movement.

[00:06:07]
A successful, flexible identity system might include:

Federated logins that work across partners but don’t collapse if one party changes their trust model Credential issuance that’s anchored to your core directory but usable outside your domain Policy enforcement that supports delegation, so different teams or regions can adapt without rewriting global configurations Flexible authentication layers that can shift to support new protocols without breaking legacy systems

[00:06:42]
Another good example of flexible identity systems that don’t require a centralized focus.

[00:06:49]
Ask yourself in your organization:

Can you change identity providers without breaking logins for 50,000 users? Can you delegate trust without rerouting everything through one central system?

[00:07:03]
Are you prepared to adapt when legal or business requirements shift, or will you end up frozen and need to make a plan on the fly?

[00:07:14]
Being able to say “yes” to those things—that’s what success with flexibility looks like.

Key Takeaways

[00:07:25]
You don’t have to decentralize everything—and probably shouldn’t. But if your architecture can accommodate controlled divergence and flexibility, you’re set up for long-term success.

[00:07:43]
That’s what matters. That’s what’s really cool.

[00:07:46]
Here’s the takeaway from today.

[00:07:50]
Centralization isn’t the enemy. But if success only counts as scale, simplicity, or speed, that story can get brittle quickly.

[00:08:03]
We already know how to decentralize in our org charts and delegate decisions without chaos. We just haven’t always brought that thinking into our infrastructure and identity systems—but we could.

[00:08:15]
Success doesn’t have to mean one system to rule them all. It can mean systems that adapt without starting over. That adaptability only works when you’ve got governance built in to support it.

[00:08:30]
Our technology is almost good enough—sometimes more than good enough. But shared control takes more than configuration files. It takes structure, accountability, and intention.

Closing Thoughts

[00:08:53]
And remember, resilient systems don’t just run well—they recover well and grow on purpose.

[00:09:04]
That’s it for this week’s episode of the Digital Identity Digest. If this helped make things clearer or more interesting, share it with a friend or colleague and connect with me on LinkedIn @hlflanagan. If you enjoyed the show, subscribe and leave a rating or review on Apple Podcasts or wherever you listen. You can also find the full post at sphericalcowconsulting.com.

Stay curious, stay engaged, and let’s keep these conversations going.

The post Redefining Success: Centralization as a Feature or a Failure? appeared first on Spherical Cow Consulting.

This has been a busy month in the world of crypto, with anonymous crypto soon to be banned by the EU, AML fines being handed out left right and centre, new crypto AML laws in the works, and much more. Buckle up, it's time for Crypto.

The post The CryptoCubed Newsletter: May Edition first appeared on ComplyCube.

While the fast-growing, competitive fintech sector offers many benefits, it can also open the door to increased money laundering risks and financial crime. This guide explores the latest fintech AML regulations and its main challenges.

The post Crucial Fintech AML Efforts to Safeguard your Business first appeared on ComplyCube.

Welcome back to our ongoing reflections on the Many-to-Many project! If you joined us for our first post, you’ll know we’re trying to reimagine complex governance. For over two years, we’ve been working with diverse partners to understand how groups of organisations can collaborate more effectively to tackle challenges bigger than any single entity could manage alone. This journey has generated a wealth of detailed and complex information.

Many-to-Many is designed for groups who want to collaborate to solve complex challenges but require new ideas about value, ownership, and power.

One part of our team recently spent an intensive week together in Berlin, focusing on transforming this rich knowledge into accessible information, tools, and insights shared via a digital platform. We committed to “working out loud” and sharing our progress and learnings along the way. Several weeks have passed since our Berlin session and our initial blog post. We had ambitious timelines, and as is often the case with complex projects, the path has had its twists and turns. In this post, we — Michelle, Gurden, and Arianna — share an honest update on what we’ve bumped into, how our thinking has evolved, and the human process of building something meaningful.

Michelle: So, we talked about “working out loud.” It’s been about four or five weeks since we published the last blog post. We had these grand ambitions in Berlin, thinking we’d have much more to share publicly by now, and that hasn’t quite happened. I’m interested in discussing what we bumped into. What were our blockers? We’ve still made progress, but what prohibited us from moving as quickly as we initially thought?

Gurden: I can start… I think the process, looking back, has been very human. Let’s be honest, this period, at least in Berlin, had holidays almost every week. Arianna took some time off, and I think some of us got sick. So, if we’re slow, that’s one reason. But secondly, and this was a blessing in disguise for me as the newest team member, I got time for my mind to slowly digest everything. Arianna and I talked about this — this pace allowed our perspective to mould in a nice way, rather than forcing something out.

I’m very happy that after our workshop, we published the first blog and got a really good signal. Many people commented, liked, and shared it on LinkedIn, and some reached out directly via email. That itself shows what we’re building is on a good path. Then you, Michelle, who is working painstakingly on the Many-to-Many System mega model and documenting your thought process — stopping at key milestones and briefing us. This allowed all three of us to bounce ideas off each other, crystallising, and navigating as we go. Arianna and I started wireframing, which is our way to think out loud, understand, and prioritise.

But, there’s so much content, so we asked a question to try and help us simply and hone into the real essence — “What needs to be on the homepage?” We started with the journey from the workshop, and we’re evolving. Our first wireframe to what we have now — it’s becoming very tangible. The tangibility has increased a lot since the workshop. It’s getting more visual and taking on a website-like frame. My feedback on the earlier design was that there was too much, maybe 10 buttons, and now it’s becoming more focused. That’s definitely positive. As a coder, I can imagine how we’ll set up the system, the database. I’m looking forward to validating it with other human beings.

Thinking through prototyping, going from stories to wireframing steps in the narration

Arianna: I can go next. After the workshop, we came to realise how complex it is to navigate the vast amount of information we’re dealing with, especially when it comes to understanding what a person wants, and what they’re struggling with or needing. These two aspects are deeply intertwined, but they unfold across many layers of detail.

At one point, we found ourselves with a triple navigation system, full of sub-navigations. It became clear that this structure, instead of helping, would likely add confusion; even for someone already familiar with the content but searching for something specific.

Therefore we spent a lot of time rethinking categorization and identifying different types of information. We started asking: is this one website, one narration explanation? Or could we introduce a double narration including tools and needs? That’s when it clicked — we actually need stories. Not just technical explanations or dry structures.

The knowledge Michelle, Annette, and Angela bring is full of stories — rich, lived, and layered. And stories are powerful, especially for someone new to a platform. They provide orientation, connection, and meaning.

Michelle: I want to quickly revisit what you were saying, Gurden, about the time to digest. It’s fascinating, and I’m making a meta-point here. I’ve been trying to digest everything we’ve learned over the past multiple years into our Many-to-Many System. In almost every fifth slide, I’m thinking, “We didn’t all have enough time to digest this at the time we were doing it.” And I’ve realised that’s a key point because of so many unfulfilled potentials. It created a real centralisation because if the whole collaboration didn’t fully understand what was going on, knowledge tended to centralize back into a few people. So, at the end of the day, learning happens at the pace humans can learn, mixed in with all the other stuff they have going on in their lives. As a meta-reflection, we just have to keep reminding ourselves that no matter how good the structures or digital tools are, a collaboration is ultimately about humans. That’s always going to be a factor.

In terms of the process of building this system, I liked what both of you were saying about refinement, categorization, and creating intelligent information architectures. How do we make this so that someone can actually enter this world and find their way around? For me, that has been the hardest part — consistently zooming in and zooming out. Thinking about something at the highest conceptual, strategic level, all the way down to what we learned, how we structured it, and then how we put this information onto a website where people know what button to push. This is a very wide-spanning problem space.

The last thing is this concept Arianna alluded to: we’ve been bouncing ideas around. The three of us have been pushing ahead in our own parts but checking in regularly. Frankly, without those check-in moments, none of this could have progressed. It’s so dense that it needs more than one brain on it at a time to untangle it.

Bouncing ideas around, but with precise meaning and positionalities

Gurden: Yes, what both of you said resonates with me. We’re calling it “systems,” but humans are at the center and heart of everything. That’s who we’re making it for. In our wireframing, we concluded that the first thing is the mindset people are coming from, and then we came to stories because that’s what humans connect with.

It’s been great having you both to bounce ideas and discuss any confusion. But I’ll highlight this as a challenge as well: when we put this website out, there will be one brave person going through it by themselves, most likely. How this website gives that companionship is something we’ve been thinking about. We’ve used words like “guide” and “field guide.” Maybe the brand and design should embody this — like, “Hey, we’re here, we understand it’s a hard, human thing, and we’re here to help.”

Michelle: Maybe that’s a great place to kind of end this blog? By asking, has anyone seen that done well? Does anyone know of any really great digital spaces that are trying to be a guide to help people navigate complex information, especially in a collaborative or shared, multi-person context? I haven’t.

Gurden: A lot of sites have that chatbot thing pop up on the right. I absolutely hate it; for me, that is not the answer. Maybe the bot is getting smarter with AI, but I don’t think that’s enough for our case.

Arianna: It’s about creating an ongoing, embodied story. One that offers orientation, not just information. At the same time, it needs to provide usable tools. So there’s a dual role: guiding through narrative, and supporting through function.

Not just about simplifying the complexity, but offering clarity and companionship within it.

On that note, we’ll pause this reflection. The journey continues, and the challenge of creating a truly supportive and navigable digital space for complex collaboration is one we’re embracing. We’d love to hear your thoughts. Have you encountered digital spaces that go beyond pop up chatbots and effectively guide users through complexity? Share your examples and ideas in the comments below!

You can find our previous post and stay updated by joining the Beyond the Rules newsletter here.

And a big thanks to the other members of our team — Annette and Angela, who weren’t with us in Berlin, but are key stewards of this work.

Visual concept by Arianna Smaron & Anahat Kaur.

Navigating Complexity: Embracing the Human Pace was originally published in Dark Matter Laboratories on Medium, where people are continuing the conversation by highlighting and responding to this story.

Voting on Snapshot is gasless and secure, and it gives token holders the ability to help shape the ecosystem's future. Follow the steps below to cast your vote on proposals like AIP-22 future governance votes.

What You’ll Need:

1. A supported wallet (e.g. MetaMask, Phantom, or any WalletConnect-compatible wallet)

2. $AERGO tokens held in your self-custody wallet before the snapshot time

There needs to be $AERGO tokens in your wallet…

🕐 To be eligible, you must hold your $AERGO tokens in your wallet before 5:00 PM KST / 8:00 AM UTC on May 21st.

💡 Tip: To ensure your wallet is compatible, visit the Snapshot voting page and click “Connect Wallet” before the snapshot time. If your wallet connects successfully, you’re good to go.

Step-by-Step Guide: 1. Go to the Snapshot Page

https://snapshot.org/#/s:aergodao.eth

2. Connect Your Wallet Click “Connect Wallet” in the top right corner. Select MetaMask, Coinbase Wallet, or WalletConnect.

💡 Make sure you’re connected to the wallet holding your $AERGO.

3. Find the Active Proposal (e.g. AIP-22) Scroll to the “Proposals” section and click on the active one (e.g., “Confirm ARB Stack as L2 for HPP”). 4. Read the Proposal Review the summary, motivation, and proposed action to make an informed decision. 5. Cast Your Vote Scroll down and select your choice (e.g., Yes / No / Abstain) Click “Vote” Confirm the signature in your wallet (no gas fees required) 6. Done! Your vote will be recorded immediately and reflected in the results.

Quick Guide: How to Vote on Snapshot for $AERGO Proposals was originally published in Aergo blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Samenwerking tussen Lloyds Bank en Ockto

Samen met Ockto digitaliseert Lloyds Bank de manier waarop financiële situaties van klanten in bijzonder beheer beoordeeld worden. Met het Income and Expenditure (I&E) assessment hebben medewerkers en klanten snel en veilig inzicht in inkomsten en uitgaven. Minder fouten, meer overzicht en een stap vooruit voor iedereen.

Curl, or cURL, is a utility that’s shipped by default on operating systems like MacOS and many Linux distributions that allows you to send an HTTP request to a URL and receive the result. In this post, we’ll walk you through how to use the tool to test an origin server’s response.

What is the problem with the higher education credentials verification?

Weeks of time-consuming, error-prone effort shouldn’t be required to verify academic records. But from 2022 to 2025:

\$600 M+ lost annually to fabricated diplomas. 5–14 days for each manual verification. Under 50 % of universities use multi-factor authentication (UK Cyber Survey 2024). Higher Education Degree and Certification Datacheck:

This article illustrates how decentralized identity (SSI) and Extrimian’s solutions eliminate these pain points with real-world numbers, self-evident steps, and a path to instant, fraud-proof verification.

1. Why traditional Verification System Fails? 1.1 Credential Fraud Runs Wild \$600 M+ lost each year to fake or altered diplomas. 30 % of job candidates forge degrees on resumes (ResumeBuilder, 2023). 1.2 Manual, Slow Workflows 5–14 days per transcript or diploma order. $20–$30 fee per manual verification. 1.3 Security & Compliance Loopholes Centralized databases are easy targets. Less than 50 % MFA implementation (UK Cyber Survey 2024). Email and fax expose personal data to interception.

Suggested image: Bar chart comparing manual vs. SSI verification time
Alt-text: “Bar chart comparing 5–14 day manual verification with 2-minute SSI verification.”

2. What is Decentralized Digital Identity?

Self-Sovereign Identity decentralizes control: credentials live in students’ digital wallets, not in some central silo.

Fraud-proof: Cryptographic signatures keep out tampering. Instant verification: Verify authenticity in seconds. Selective disclosure: Reveal only what’s needed (e.g., “Graduated 2025” without full transcript). Built-in compliance: Complies with GDPR, FERPA, and LGPD by design.

Learn more about Verifiable Credentials: https://www.w3.org/TR/vc-data-model/

Accelerate and secure credential checks with Extrimian’s real-time verification tools, reducing manual reviews and errors.

3. What are the benefits of Extrimian’s End-to-End Verification Suite? A. Digital Credential Wallet Student control: Store diplomas and transcripts on mobile or web. Offline ready: Accessible anytime, even without Internet. Selective sharing: Share temporary QR codes or secure links. B. ID Connect API & Dashboard No-code integration: Live in less than a day with prebuilt SIS and LMS connectors. Real-time analytics: Track issuance volume, verification logs, and alerts. Enterprise security: End-to-end encryption, role-based access, full audit trails. C. Extrimian Academy On-demand training: SSI essentials courses to advanced API workflows. Hands-on labs: Sandbox for issuing DIDs and VCs. Certifications: Show your team’s SSI expertise to auditors and stakeholders.

Suggested image: Screenshot of an Academy course module on SSI fundamentals
Alt-text: “Extrimian Academy dashboard showing SSI course modules.”

4. What is the Real-World Impact & ROI for Education industry? MeasureBefore ExtrimianAfter Extrimian SSIVerification time7 days (≈10 080 min) (Check Point 2024)2 minutes (≈99.98 % faster)Cost per credential check\$24.50 average (Check Point 2024)\$1 via APISupport staff hours per month120 hours (Extrimian Report 2025)8 hoursFraud losses saved$600 M/year (Extrimian Report 2025)$0 (preventively enciphered)

Example: A pilot by a Latin American university cut diploma validation from 12 days to under 3 minutes, with over \\$30 000 saved yearly in staff expenses and the prevention of cases of fake degrees.

5. What are some key Industries & use cases for Decentralized Digital Identity? University Admissions
International transcript verifications in seconds—not email forwarding or faxing. Corporate Hiring
Recruiters verify candidates’ degrees in seconds, eliminating background-check delays. Healthcare Licensing
Medical boards verify diplomas instantly, speeding licensure and hiring. Professional Bodies
Engineering and law councils ensure only accredited graduates are admitted, for public safety. EdTech & Microcredentials
Short-course platforms issue portable badges that add up to full academic records.

Learn more about “Open Badges 3.0” for microcredential standards → https://indicio.tech/open-badges-3-0

6. 4-Step Startup to adopt a secure verification system Schedule a Demo at extrimian.io/contact-us Pilot with Your Next Graduating Class through our ID Connect sandbox Train Your Team in Extrimian Academy SSI courses Scale Campus-Wide, integrate with LMS, HR, and employer portals

With decentralized identity, your institution transforms from weeks-long manual screenings to real-time, fraud-resistant verification, with increased security, lowered costs, and giving students legitimate control over their academic records. Partner with Extrimian to ride the next wave of secure, scalable credentialing in higher education.

7. Resources & References Check Point Research, “The 8 Things You Should Know About Cyber Attacks on the Education Sector” (2024)
https://blog.checkpoint.com/company-and-culture/the-8-things-you-should-know-about-cyber-attacks-on-the-education-sector-and-how-to-prevent-them/ UK Government, “Cyber Security Breaches Survey 2024 – Education Institutions”
https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2024/cyber-security-breaches-survey-2024-education-institutions-annex ResumeBuilder, “1 in 4 Americans Have Lied on Their Resume”
https://www.resumebuilder.com/resume-examples/1-4-americans-have-lied-on-their-resume/ W3C, “Verifiable Credentials Data Model 1.1”
https://www.w3.org/TR/vc-data-model/ Extrimian, “Tech Ed and Universities Digital Data Security Report 2025” (internal) Indicio.tech, “Open Badges 3.0”
https://indicio.tech/open-badges-3-0 UNESCO, “Building the Digital Credentials Ecosystem”
https://en.unesco.org/themes/building-digital-future Educause, “Cybersecurity Trends in Higher Education”
https://www.educause.edu/research-and-publications

The post Diploma & Credential Verification in Education first appeared on Extrimian.

On May 1, 2025, the US Department of the Treasury's Financial Crimes Enforcement Network (FinCEN) issued its finding that Cambodia-based Huione Group is a "financial institution of primary money laundering concern" under Section 311 of the USA PATRIOT Act.  

Why Phishing-Resistant MFA Isn’t Optional Anymore

The escalating sophistication of phishing and social engineering attacks has pushed organizations towards stronger authentication methods. Phishing-resistant multi-factor authentication (MFA), particularly solutions leveraging FIDO2/WebAuthn standards, is a big leap forward in security posture.

Many organizations utilize hardware-based FIDO2 authenticators like YubiKeys by Yubico, widely recognized as a gold standard for physical tokens, preventing credential theft and account takeover at the point of authentication. Deploying any security key represents a serious commitment to security, effectively neutralizing threats that rely on stolen passwords or easily intercepted one-time codes.

The Broader Picture of Phishing-Resistant Authentication Achieving true end-to-end security requires a strategy that extends beyond the initial implementation of phishing-resistant authentication methods. While these methods are a critical defense, organizations often discover that phishing-resistant authentication  alone  is not enough to address all security and operational aspects.
Specifically, when deploying physical hardware authenticators, which are a common way to achieve strong phishing resistance, organizations can encounter significant operational complexities.

These "Day 2 problems" involve managing these physical tokens across their entire lifecycle, a challenge that can be particularly acute within large or widely distributed teams. It’s important to understand that these are not shortcomings of any particular brand of hardware authenticator, but rather inherent complexities in managing any physical security hardware at scale
Challenge 1: Secure Onboarding and YubiKey Provisioning

Getting the right key into the hands of the right user securely is the critical first step.

The Identity Verification Imperative: Before a YubiKey is issued (in person or shipped), organizations must be certain of the recipient's identity. Standard procedures may not suffice, especially for remote workers. How do you reliably verify someone you've never met? Risk of Mis-Provisioning: Relying on known weak checks like email or simple attestations (KBA) creates risk. An incorrectly provisioned key compromises the entire security model from the start, potentially handing access directly to an attacker impersonating a new employee. Challenge 2: Navigating Ongoing Identity Lifecycle Management

The physical nature of YubiKeys introduces critical ongoing management needs.

Loss, Theft, Damage, and Lockouts: YubiKeys can be lost, stolen, damaged, or even locked due to too many failed PIN attempts or forgotten credentials. Each of these scenarios requires a secure recovery process, particularly for remote users. Administrative Overhead: Tracking inventory, managing assignments, handling secure revocation for lost/stolen tokens or for departing employees, and ensuring firmware updates add complexity and usually require manual processes to avoid security gaps. Challenge 3: Phishable Recovery Methods Undermine Security

Perhaps the most significant challenge arises when a user loses their YubiKey, especially if it's their primary or even sole FIDO2 authenticator.

The Recovery Conundrum: YubiKeys are designed to be resistant to remote attacks. This strength means recovery processes must not create a weak link that attackers can circumvent. The Pitfall of Phishable Fallbacks: In the case of a lost YubiKey, reverting back to easily phished methods like SMS/voice OTPs, email links, or security questions for recovery completely undermines the security gains provided by the YubiKey. Attackers know to target these weak recovery paths. The Need for Verified Recovery: A truly secure system requires a recovery process that incorporates strong, multi-factor identity verification. Only after strong identity assurance should you allow legitimate users to regain access or register a new key. This will keep the door closed to social engineering or deepfake attacks. YubiKeys Need Integrated Credential Management and Identity Verification

This guide explores how integrating a dedicated identity assurance platform like HYPR can effectively bridge these management and identity verification gaps. By complementing your Yubico deployment, HYPR helps manage these credentials in your environment and integrates  multi-factor identity verification into the key lifecycle moments, ensuring your investment in phishing-resistant hardware delivers its full security potential.

Let's see how the HYPR Identity Assurance platform addresses the gaps.

Secure Onboarding and Hiring with Candidate Verification

How do you confidently issue a powerful security key like a YubiKey to a new employee, especially one working remotely, without creating an undue security risk or friction? Legacy methods relying on KBA, email verification, manager approvals, or even just shipping a key to a home address lack the level of identity verification needed, to be sure you don’t fall victim to a social engineering attack.

HYPR’s customizable Identity Verification (IDV) integrates directly into your onboarding flow, before any credentials, including a YubiKey, are provisioned. This isn't just a simple check; this verification involves multiple checks of various factors, in a layered approach, that is tailored exactly to your organization's risk tolerance:

Device Check

HYPR first detects the device the user is on to do the verification, and can check if it is the expected device.

Location Detection

A geolocation location detection is performed and compared against expected location. Radius distance from expected location can be customized.

Document Verification

Users are prompted to scan a government-issued ID (driver's license, passport) using their smartphone. HYPR analyzes the document for authenticity, checking security features and tampering evidence, and checks the validity of the document against national databases.

Biometric Facial Recognition

To ensure the person presenting the ID is its rightful owner, HYPR employs facial biometric matching, comparing a live selfie capture to the photo on the ID document or in your own data stores. Additionally, liveness detection prevents spoofing attempts while using photos or videos.

Manager Attestation

Combine live video verification and a secure chat, seamless experience human verification transaction. Supervisors or IT can attest to the identity of their team members, adding an extra layer of assurance.

Example: Secure Onboarding with HYPR

Imagine a new remote hire receives an onboarding link on their first day. They are guided through the HYPR identity verification. Only upon successful verification is their identity confirmed, allowing subsequent steps like registering their primary authentication methods, like their assigned YubiKey.

This process securely binds the verified physical identity to the digital identity and the associated credentials. It drastically reduces the risk of provisioning keys to fraudulent accounts and establishes a trusted foundation for the user's entire lifecycle.

Build Phishing-Resistant Account Recovery Workflows

As mentioned previously, the security gains of YubiKeys are instantly nullified if a user who loses their key can recover their account using phishable methods like SMS OTPs, email links, or knowledge-based answers (KBAs). We know attackers actively target these weak recovery paths at the help desk or user levels.

HYPR eliminates this vulnerability by ensuring recovery processes maintain the same high level of security as primary authentication. When a user needs to recover access (e.g., after losing their YubiKey), they leverage other already registered and verified strong authentication factors managed by HYPR as well as a re-verification of identity:

Multi-Factor Recovery

Recovery typically involves using the HYPR mobile application on a registered smartphone, protected by device biometrics (Face ID, fingerprint) or a secure PIN, potentially combined with other factors or contextual checks depending on policy. Should more identity assurance be needed, HYPR can also push the user through an identity re-verification process.

Self-Service Enablement

To reduce the burden on IT teams, users can securely initiate recovery themselves through a guided, secure workflow, often without needing costly or time-consuming help desk intervention.

In cases where a YubiKey is lost, damaged, or needs to be replaced, users can quickly register a new device once their identity is re-verified through a secure recovery flow.

For scenarios where a device is locked, for instance after too many failed PIN attempts or a forgotten PIN, recovery can still be handled efficiently through a help-desk–driven approach. With HYPR Affirm, this process is safeguarded by strong identity verification, ensuring only the rightful user regains access.
Account recovery becomes as resistant to phishing and social engineering as the initial login, preserving the integrity of the entire security system. This directly addresses the most significant operational and security pain points associated with hardware token deployments.

Beyond Login: Contextual Awareness and Continuous Authentication Dynamic Trust

Security isn't static. HYPR can optionally integrate risk signals from devices, users, and browsers, to provide continuous authentication and adaptive access control, even after a successful YubiKey login.

Risk Signals

Factors like device health (e.g., integrating with endpoint detection and response tools like CrowdStrike), geographic location ("impossible travel" scenarios), network reputation, and even behavioral signals can inform a real-time risk score.

Adaptive Risk Policies

Based on this score, HYPR can dynamically adjust security requirements. A low-risk login might proceed seamlessly after the initial YubiKey tap, while a higher-risk scenario could trigger a request for an additional factor or limit access privileges. This allows organizations to balance security posture with user experience. 

Streamline YubiKey Management: From Friction to Flow User-Driven YubiKey Enrollment & Renewal

HYPR turns YubiKey onboarding into a self-service experience. End users pair their YubiKeys, automatically enroll X.509 certificates, and enjoy seamless certificate renewals, with no routine IT involvement required and continuous access guaranteed.

Bird’s-Eye Admin Visibility

While day-to-day enrollment and renewals run themselves, HYPR’s Console Integration gives administrators a consolidated dashboard of every YubiKey enrollment, certificate status, and recent identity verification events. This eliminates the need for spreadsheets point tools.

Graceful Deprovisioning

Rather than manually “removing” keys from the admin console (which doesn’t revoke the certificate on the device), HYPR enable endpoint-driven deprovisioning. Users retire lost or retired keys directly from their workstation, ensuring true on-device certificate removal when possible.

Resilient Multi-Factor Backup

Users can register multiple authenticators as primary and backup. YubiKeys plus HYPR is an ideal combination, so if one factor goes missing, users still authenticate securely through another, dramatically cutting lockouts and support tickets.

Achieve End-to-End Phishing Resistance with HYPR

The journey towards zero trust cybersecurity demands more than just deploying strong authentication factors; it requires a holistic approach that secures the entire identity lifecycle. YubiKeys represent a vital component in this strategy, offering unparalleled phishing resistance at the point of login. However, as we've explored, their true potential is only fully unlocked when paired with solutions that address the critical challenges of high-assurance identity verification and streamlined lifecycle management.

Key Steps to Optimize Yubikey Deployments

Moving from understanding these challenges to implementing effective solutions requires a deliberate approach made custom for your environment. As you consider how to optimize your YubiKey deployment or plan a new one, here are some suggested actionable steps to take:

Assess Your Current Reality: Honestly evaluate your existing processes. Where does friction exist in your YubiKey issuance and management? How are you currently handling remote employee onboarding and identity proofing? Map out your current account recovery workflow. Does it rely on phishable factors like SMS or security questions?
Identifying these specific pain points is the first step. Define Your Identity Assurance Needs: Determine the level of certainty required when verifying identities. 
Is a basic check sufficient, or do compliance regulations and risk levels demand high-assurance methods like biometric verification against government IDs, especially for privileged users? Chart the Full User Lifecycle: Document every stage where a user interacts with credentials, particularly YubiKeys. Pinpoint potential vulnerabilities or inefficiencies in provisioning, replacement, temporary access needs, and deprovisioning. Scrutinize Your Recovery Strategy: This is paramount. If your recovery process undermines your FIDO2 investment, it needs immediate attention. Define requirements for a truly phishing-resistant recovery mechanism. Identify Integration Requirements: List the key systems (your Identity Provider (IdP), HR Information System (HRIS), endpoint security tools) that any management and identity verification solution must seamlessly integrate with. Key Questions to Ask Potential Solution Providers

Armed with your internal assessment, engage vendors with targeted questions to understand how their solutions address these challenges, that are specific to your environment, when integrating with YubiKeys:

Onboarding & Identity Proofing: 
How specifically does your solution verify the identity of remote users before a YubiKey is provisioned to them? What methods (e.g., document scanning, liveness checks, data validation) do you employ to achieve high assurance, and how is this verified identity securely linked to the user's account and key? Secure Account Recovery: 
Describe your workflow for a user who has lost their YubiKey. Importantly, how do you enable secure, self-service recovery without falling back on phishable factors like SMS, email links, or KBAs? How is phishing resistance maintained throughout? Lifecycle Automation: 
Explain how your platform automates YubiKey provisioning and deprovisioning by integrating with systems like our IdP based on user lifecycle events (joiners, movers, leavers). Lost/Stolen Key Management: 
What is the secure process within your system for handling lost or stolen YubiKeys, including issuing replacements and potentially providing secure temporary access? Integration & Visibility: 
How does your solution integrate with [mention your specific IdP, e.g., Okta, Entra ID]?  Can it provide a unified administrative view of YubiKeys alongside other authentication methods? User Experience: 
How do you ensure these necessary security steps (IDV, secure recovery) are implemented with minimal friction for the end-user? Scalability & Compliance: 
How does your platform scale to manage potentially thousands of YubiKeys? What specific reporting and audit logs are generated to help meet compliance requirements? Ready to Build? Talk to Our Experts.

Every organization's environment, user base, and risk profile is unique. While this guide outlines common challenges and solutions, the optimal strategy for managing your YubiKey deployment requires a tailored approach.

The HYPR team is ready to help. We invite you to schedule a personalized consultation with our identity assurance experts. We can discuss your specific environment challenges, explore how HYPR’s capabilities in high-assurance identity verification and lifecycle orchestration can seamlessly integrate with your Yubico investment, and demonstrate how you can achieve truly end-to-end, phishing-resistant security that is both manageable and user-friendly.

Let's build your secure, passwordless future, together. Contact us today.

 

A Real-World Story of Scale, Trust & Blockchain in Action

Earlier this month, over 3.1 million students across Maharashtra received their SSC and HSC exam results online. Dhiway had the opportunity to build and manage the backend infrastructure for this release in partnership with Navneet Education Limited

It was a significant milestone — not just in terms of volume, but because of what it represented:

The need for reliable and fast access The demand for tamper-resistant, verifiable documents And the expectation of a seamless digital experience for every student
The Task

Navneet approached us with a clear challenge: Can you help us publish board results for millions of students — quickly, securely, and without system failure?

They also wanted each result document to be verifiable using CORD blockchain, to ensure long-term trust and authenticity. This meant handling high user concurrency, delivering fast response times, and ensuring every student could access and download their results without delay.

Our Approach

We focused on three core principles: Performance, resilience, and trust.

Here’s how we addressed them:

Cloud-native setup using AWS, with auto-scaling and rate-limiting to manage traffic surges Multi-layer caching to support sub-second response times Client-side rendering, where appropriate, to reduce backend load QR code integration on result PDFs, backed by blockchain hashes Mobile-first design to support access from any device, even in low-bandwidth areas

We also ran extensive load tests with JMeter, simulating double the expected traffic to ensure we were prepared.

Results at scale, delivered with speed and trust — 3.1 M+ students, zero downtime.

Over two separate days of results publication, the system was resilient and provided a positive experience to students anxiously awaiting their results and seeking to download the documents.

Why Blockchain?

Every result PDF included a QR code linked to a verifiable digital record anchored on the CORD Blockchain, built for trust infrastructure.

This ensured that:

Each result document was tamper-resistant Verification could happen instantly, from anywhere, without needing to log into a portal

We didn’t use blockchain as a buzzword. We used it to add real value, adding a layer of trust and permanence to a document that often marks a turning point in a student’s academic journey.

Key Takeaways UX and accessibility are critical – A smooth front-end experience is essential; users only benefit from fast systems if they can easily access and use them. Verification matters – Especially in education, where credentials must be trusted and stand the test of time. Scale is manageable – With the right preparation and infrastructure, even millions of concurrent users can be served reliably.
Looking Ahead

This project brought together everything we care about at Dhiway-infrastructure: digital trust and solving meaningful, real-world problems. Together with Navneet and the Maharashtra State Board, the Dhiway team has demonstrated a new way of managing examination results and created a positive experience for the students and their guardians.

If you’re exploring how to deliver results, certificates, or credentials secure and scalable way, we are happy to share what we’ve learned.

Learn more:www.dhiway.com

The post What It Took to Deliver Exam Results to 3.1 Million Students appeared first on Dhiway.

To participate in the vote, you must hold your $AERGO tokens in a supported wallet (e.g. MetaMask, Phantom or any wallet that supports WalletConnect) before 17:00 KST / 08:00 UTC on May 21st. View Snapshot Voting Guide

Dear AERGO Community,

As we continue developing the House Party Protocol (HPP) testnet, our focus remains the same: building a scalable, AI-native Layer 2 network that can power next-generation on-chain infrastructure.

Earlier this year, following the approval of AIP-21, we announced plans to build HPP’s Ethereum Layer 2 on OP Stack. Since then, we’ve progressed into deeper development and analysis. Through this process, we’ve revisited our technical assumptions, stress-tested the economics, and re-evaluated how HPP can best scale and integrate into the broader ecosystem.

After careful consideration, we believe a strategic course correction is needed.

Today, we’re introducing AIP-22, a proposal to migrate HPP’s infrastructure roadmap from OP Stack to ARB Stack (Arbitrum) and realign HPP’s future with the Arbitrum ecosystem.

This is not just a launch decision but a long-term directional shift.

Why We’re Proposing the Shift from OP Stack to ARB Stack Performance Flexibility for AI-Driven Use Cases: ARB Stack offers greater control over block time and execution parameters, essential for data-heavy and AI-coordinated workloads. This flexibility allows us to tailor performance as needed, which is especially important as HPP grows beyond traditional smart contracts into intelligent agents and real-time data environments. Smarter Resource Management: ARB Stack allows for more efficient resource allocation across compute and storage, enabling us to scale HPP without incurring unnecessary overhead. It supports the kind of modular, elastic architecture needed for future-facing protocol design. Ecosystem Maturity & DeFi Synergy: Arbitrum’s L2 ecosystem is the most active in the space, particularly in DeFi, and aligns closely with HPP’s vision to become a backbone for data, liquidity, and AI infrastructure. Migrating to ARB Stack positions HPP within an already thriving ecosystem and deeply integrated into the broader Ethereum economy. Network Effects & Onboarding Opportunities: Migrating now allows HPP to tap into a much broader pool of users, developers, partners, and liquidity providers. We see Arbitrum as a key network for onboarding both Web3-native builders and data-first AI projects, which are central to HPP’s mission. Strategic Collaboration Potential: Our collaboration with the Arbitrum Foundation and Offchain Labs is already underway. This opens up technical alignment and potential access to grant programs, integration support, and co-marketing opportunities within the Arbitrum ecosystem. AIP-22 Summary

To finalize this shift, we are bringing the decision back to the community through AIP-22. This proposal asks the community to vote on whether HPP should migrate its future development from OP Stack to ARB Stack as its official Layer 2 infrastructure.

Proposal: Confirm ARB Stack (Arbitrum) as the official L2 infrastructure for HPP Reasoning: Greater technical flexibility, onboarding opportunities, and strong ecosystem alignment Voting Period: May 21st via Snapshot (https://snapshot.box/#/s:aergodao.eth) Eligibility: To participate in the vote, you must hold your $AERGO tokens before 17:00 PM KST / 8:00 AM UTC on May 21st.

We recommend participating in the vote using MetaMask, Phantom, or any WalletConnect-compatible wallet. For Snapshot voting instructions, please refer to the official guide(http://medium.com/aergo/snapshot-voting-a-step-by-step-guide-c7859fd1e042).

We invite the community to participate in shaping the future of HPP.

Thank you,

The Aergo Team

[AIP-22] Shifting Gears: Proposing ARB Stack as the New Foundation for HPP was originally published in Aergo blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Eliminate frustrating CAPTCHAs and improve user experience with Fastly Bot Management. Learn how Fastly's Dynamic Challenges manage bots without disrupting real users.

 

“This comprehensive blog post will tell you what ID Document Recognition is, its working scenario, and some benefits.”

Identity verification has become the cornerstone for secure access and online digital transactions. In this era, where cyber threats and data breaches are increasing, agencies and institutions are moving toward the most reliable solutions.

Among them, one of the most critical technologies that fight against such attacks is ID Document Recognition.

Wondering about what this is? If yes! Buckle up! This blog post is for you. In this guide, we will explore everything about this technology, including its overview, working process, and role in online security.

So, let’s proceed further…

 

ID Document Recognition: A Brief Overview

ID Document recognition SDK is an innovative technology that refers to the process of automatically verifying and identifying personal documents, such as passports, ID cards, and driver’s licenses. 

When this process is implemented, agencies and institutions come to know whether such documents presented by a user are real or fake. This innovative technology ensures security enhancement in every field of life.

 

ID Document Recognition Process

Now you would probably be thinking, what is the technology behind the ID Document Liveness Detection SDK? To answer your question, we have explored our guide through this section. Read it carefully.

 

1. Document Capture

In this first step, institutions capture high-quality images of documents using scanners or high-resolution cameras. Both the front and the back are captured by this scanner.. It takes a few minutes as documents, as the most important and personal information is engraved on such documents. This first step is also implemented by ensuring the clarity of the documents.

 

2. Extract the Text

In this second step, the important information engraved on these documents is extracted. As far as our doubt goes, you will surely ask, how such data is extracted from these scanned papers? Right? Luckily, nowadays, we have another innovative technology that is used to extract text from scanned papers. This technology is named OCR(Optical Character Recognition).

 

3. Analyze the Data

Once the extraction is done, the next step is to analyze and verify the data. The system compares this data against known templates, databases, and pre-configured rules. It verifies whether barcodes and QR codes, Font and layout alignment, and other features are real or fake.

 

4. Liveness Detection And Face Matching

This is the most important stage of verification in which the presence of the users is ensured. Systems now incorporate liveness detection along with facial recognition ID verification. This facial ID verification identifies whether the users during verification are physically present and using the real ID images or not. This facial ID recognition has two different types. Active liveness detection and passive liveness detection.

 

5. Decision And Result Generation

After passing through all technical verification steps, the final step is about making the decision and generating the results. If everything is aligned with the valid rules, the agencies or companies mark the documents as authentic and verified. This decision is generated within a few seconds, ensuring the seamless authentication process.

Why ID Document Recognition Matters?

In this section, we will throw light on why the ID document liveness detection SDK matters. There are countless benefits of this technology. We will discuss a few of them below.

 

Fraud Prevention

As hinted in the previous sections, this cutting-edge technology is implemented to prevent fraud, especially in finance and educational institutions. 

Build Customer Trust

Once the fraud is prevented, it automatically builds customer trust. They heavily believe in the systems and make their investments without fear of anything.

Cost Saving

Agencies use a fake ID detector that is budget-friendly. Such detectors eliminate the need for hiring extra security staff. In short, you can add the extra layers of security without breaking your bank.

KYC Compliance

ID recognition supports compliance with KYC and ensures the customer’s identity. This helps businesses meet regulatory standards, preventing illegal activities.

Streamlined Onboarding

Automated ID Document verification makes the onboarding process faster and easier for users. This feature reduces friction and improves customers’ overall experience.

Pros And Cons of ID Document Recognition

This section of the blog is all about some pros and cons of ID document liveness detection. We will discuss them briefly.

 

Pros 

This technology prevents fraud concerning spoofing images and videos.

It is used as the international authentication method, not only as a national ID authentication.

The system can confirm the possibilities of information from external registers.

Passwords can be reset using the recheck of selfies and videos.

This technology incorporates AI and ML for better and faster results.

 

Cons 

Some solutions require the user’s ID document information to be stored.

The initial registration can sometimes be very difficult.

Agencies need a phone with NFC functionality for chip scanning.

 

How Can I Find ID Document Recognition Services?

After reviewing the benefits of this technology, many users raise a question: how to get this type of ID Document service? Do you also have the same question? Don’t worry, to answer you, we have brought a possible solution for you in the form of Recognition.

Recognito is a fake ID scanner that is mainly known as a top face and ID document recognition algorithms developer. This ID scanner is a leading provider of identity verification. Additionally, our service integrates with the NST FRVT system, ensuring an optimized security solution related to face liveness detection and ID document recognition.

 

Conclusion 

In this world, where every day comes with multiple types of new frauds, ensuring your online information and assets are safe is extremely crucial. In this scenario, ID Document Recognition stands out and provides users with possible solutions to prevent fraud.

In this guide post, we have successfully covered some topics, including the working process of this technology. Furthermore, we have discussed the benefits and some cons of this ID recognition. In the end, we have provided our service named recognito, as a top algorithm developer for facial and ID document recognition. You can also visit the Recognito GitHub page.

Whenever you are stuck in this trouble of fraud, you can get our online service in the form of a fake ID detector. 

Have you liked this blog guide? Whether it’s yes or no, never forget to provide your honest feedback to us…..

The post The Advantages of Adopting Passwordless Authentication Services in the Digital Age appeared first on uqudo.

Weekly AMAs & Community-Driven Direction

As part of our commitment to weekly AMAs, we’re continuing to update the community on progress, direction, and your top questions. This session focused on the upcoming vote, our Layer 2 (L2) direction, ongoing developments around HPP, and a few fun curveball topics from the community.

1. AIP-22 Vote: Building on Arbitrum

This week's big announcement was the launch of a Snapshot-based community vote, this time to decide whether Arbitrum will be the foundation for our Layer 2.

Why Arbitrum?
Ben explained the rationale behind this proposed direction:

High transaction volume and network activity A mature ecosystem with strong infrastructure support Backing from the Arbitrum Foundation — including marketing and dev coordination A thriving developer and user community

“We put Arbitrum through rigorous due diligence and compared it with other options. The traction and support were simply unmatched.”

🗓️ Voting Details:

Make sure your Aergo tokens are in a Snapshot-compatible wallet before May 21 The outcome will determine whether Arbitrum becomes the base for Aergo’s new Layer 2

The team supports this direction, but it’s ultimately the community’s decision.

2. HPP: What’s Happening Now?

We also touched on House Party Protocol (HPP), which marks the public blockchain’s shift into a modern, AI-first architecture.

The previous vote confirmed:

A token contract upgrade A new, forward-looking token model Expand into L2

Ben emphasized that:

The new token(House Party Protocol) will come with a new ticker A 1:1 token swap will take place in late 2025 The Living Roadmap (a public Google Sheet) is available for real-time progress tracking

“HPP isn’t just a rebrand. It’s a major leap forward — aligning us with the future of decentralized AI and intelligent data infrastructure.”

3. What About Aergo’s Enterprise Clients?

There was a common question: “Does this mean the enterprise side of Aergo is shutting down?”

The answer is a clear no.

The Aergo Enterprise Team continues operating Government and enterprise clients remain unaffected The changes (vote, token, HPP) are all focused on the public chain only

“Enterprise systems keep running exactly as expected. We’re evolving the public chain — not touching enterprise infrastructure.”

4. Are We Still Focused on Korea?

While Aergo has strong roots and visibility in Korea, being listed on all licensed Korean exchanges, the project has always had a global focus.

Ben clarified:

Aergo is listed on major global platforms like Coinbase and Crypto.com There’s no “Korea-only” strategy — just strong local trading activity Future marketing will work to further globalize the brand

“We’re working hard to break the ‘Korean project’ label. Our reach and ambition are global.”

5. AI + Blockchain in Agriculture? Let’s Talk

A surprise community question asked about the role of AI and blockchain in farming and agriculture. Here’s what Ben had to say:

AI can monitor crops and livestock 24/7, reducing labor costs and improving food quality Blockchain enables traceable supply chains, storing data like pesticide usage, logistics, and more Together, they can optimize farming and distribution with precision It’s an underexplored but high-potential use case for AI + Web3. 6. Listings: Any News?

Inevitably, someone asked about Binance spot listings. Here’s the update:

Token listings are controlled by exchanges, not projects Paying for listings often leads to bad outcomes for builders, teams, and other stakeholders Aergo is already re-listed on Binance Futures, as well as many spot markets globally No new listing news at this time

“We want to be on every trusted platform — but we don’t control listing decisions. No promises, no paid shortcuts.”

✅ Final Words

We’re excited about what’s ahead, and your participation makes it all possible. This vote on Arbitrum is a major decision point. It represents a potential new layer of scalability, community alignment, and long-term growth.

Remember: Get your tokens ready for Snapshot by May 21.
Check the Living Roadmap anytime to follow our development progress.

AMA #7 Recap: AIP-22 Vote, Arbitrum L2, and the Future of HPP was originally published in Aergo blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Open Badges 3.0 is the latest evolution of the 1EdTech Open Badges standard for education credentials, marking another advancement in how learning achievements are recognized, verified, and shared.

Unlike traditional credentials, open badges are dynamic and stackable, providing a comprehensive record of lifelong learning. They’re already widely used across a global ecosystem of educators, training providers, and edtech companies.

Each badge contains built-in details that makes it easy to verify and share:

Who issued the badge What criteria were met When it was awarded Links to supporting evidence Associated standards or skills frameworks

These badges are typically image files (PNG or SVG) with structured data (JSON or JSON-LD) embedded inside, enabling seamless verification across platforms.

What’s New in Open Badges 3.0?

Developed by 1EdTech, Open Badges 3.0 introduces significant upgrades by aligning with the W3C Verifiable Credentials Data Model. This update delivers enhanced security, privacy, and interoperability, and marks a leap toward a globally recognized framework for digital credentials.

Key improvements include:

Stronger Security: Cryptographic proofs ensure badges are tamper-proof and trustworthy. Enhanced Privacy: Sensitive data no longer needs to be publicly hosted. Greater Compatibility: Full integration with digital wallets and VC-based systems increases portability and usability.

Additionally, the structure has been redesigned. Each badge in 3.0 now directly references the earner, issuer, and a clearly defined achievement, making the system more robust and future-proof.

Real-World Use Cases

Open Badges 3.0 unlocks new, practical applications:

Learners store badges in digital wallets alongside government IDs and other credentials. Licensed professionals use badges to prove qualifications in regulated industries. Job seekers present skill-based badges on recruitment platforms. Employers endorse skills by co-signing badges. Training providers issue credentials on behalf of industry standards bodies. Institutions manage the lifecycle of credentials, including revocation and expiry.

The post Open Badges 3.0 Explained: The Future of Verifiable Digital Credentials appeared first on Anonyome Labs.

Stablecoins continue to gain momentum, with recent developments underscoring their expanding role in real-world finance. Recent regulatory developments in the US, including President Trump’s Executive Order 14178 and new guidance from the OCC and FDIC, are accelerating issuers’ interest in partnering with US banks to gain credibility, compliance, and access to financial rails.

De wereld van data delen is volop in beweging. Wet- en regelgeving, technologische innovaties en maatschappelijke verwachtingen veranderen in hoog tempo. De komende jaren staan organisaties met processen gericht op het ophalen van klantgegevens voor belangrijke strategische keuzes. Welke verplichtingen en mogelijkheden biedt eIDAS 2.0 en de komst van de ID-wallet? Wat houdt FIDA in? Hoe realistisch zijn overheids-API’s? En welke rol speelt AI in het ontsluiten en interpreteren van gegevens?

Predictoor DF141 rewards available. DF142 runs May 15th — May 22nd, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 141 (DF141) has completed.

DF142 is live today, May 15th. It concludes on May 22nd. For this DF round, Predictoor DF has 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF142 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF142

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF141 Completes and DF142 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

On May 13, 2025 two vast illicit marketplaces, Huione Guarantee and Xinbi Guarantee, were forced offline. Together, these platforms facilitated transactions totaling over $35 billion in stablecoins, for goods and services ranging from money laundering and stolen data, to human trafficking and torture devices. These marketplaces were shut down by Telegram, based on insights provided by Elliptic.

Digital banking has never moved faster. For platforms powering fintechs, neobanks, and embedded financial services, onboarding new customers quickly and securely is essential, not only for user experience but also for compliance.

That’s where KYC, or Know Your Customer, comes in—the set of identity verification steps financial institutions are legally required to perform before offering services like bank accounts, credit, or investment tools. It's a critical part of protecting against fraud or money laundering.

However, while some digital services have advanced rapidly, the identity verification tools that power KYC have lagged behind. Most platforms still rely on artificial intelligence to analyze images of physical documents, a patchwork process that creates friction for users and uncertainty for compliance teams. As fraud tactics become more sophisticated, these systems are showing their limits.

It’s time to modernize how identity is verified online, and that starts with mobile driver’s licenses (mDLs), a secure and verifiable form of digital identity issued by state governments.

The Bottleneck in Digital Onboarding

If your current onboarding flow involves photo uploads and long processing times, you’re likely to see drop-off and risk.

Even the best AI-powered verification tools struggle with edge cases, false rejections, and new forms of fraud. Meanwhile, generative AI is making it easier than ever to spoof IDs and deepfake “live” videos that pass existing checks.

The impact is real: one study found over half of users abandon onboarding when it becomes too slow or confusing. For digital platforms competing for users, these delays can directly impact revenue and retention.

mDLs: Trust That’s Built In

Mobile driver’s licenses are verifiable digital credentials issued by state governments and stored on a user’s smartphone. Unlike photos of paper IDs, they’re cryptographically signed, instantly verifiable, and privacy-preserving. This allows relying parties such as banks, fintechs, and marketplaces to instantly confirm authenticity without storing or interpreting sensitive user data.

For digital platforms, this means:

Instant verification: no photos or manual review needed Reduced fraud: credentials are cryptographically bound to specific devices Streamlined UX: users can verify in seconds without leaving your flow Privacy-first: only necessary data (ex. age, name) is shared Compliance-ready: aligns with evolving KYC/AML requirements

With more than 5.6 million Americans now holding mDLs and TSA actively accepting them at airports, real-world adoption is accelerating. States across the U.S. are continuing to expand issuance, creating a growing population of users with ready-to-use digital IDs.

A Strategic Shift

Platforms that embed verifiable digital credentials into their onboarding flows unlock many benefits, like fewer drop-offs, lower fraud risk, and stronger audit trails. They also gain operational efficiency, reducing the need for manual reviews and exception handling.

And this is just the beginning. As mDLs and other verifiable digital credentials become more widely adopted by governments, retailers, and beyond, those who invest early in integration will be positioned to lead in trust, speed, and compliance.

Learn More

SpruceID provides the secure infrastructure needed to issue and verify verifiable digital credentials, such as mobile driver’s licenses, helping organizations streamline identity workflows and reduce onboarding risk. If you're exploring ways to modernize identity verification, we’d love to partner with you.

See a Demo

About SpruceID: SpruceID is building a future where users control their identity and data across all digital interactions.

The FBI is raising the alarm over an escalation in North Korean nation-state threat actors leveraging generative AI, laptop farms, and deepfakes to successfully infiltrate large companies through remote job applications, despite widely available solutions that can thwart such attacks.

We’ve discussed this threat before. But according to a recent Cyberscoop.com report, it’s getting worse. Thousands of North Korean operatives have secured jobs at more than a hundred Fortune 500 companies.

Using stolen or synthetic identity information and generative AI, these impostors produce polished LinkedIn profiles and identity credentials. Deepfake technology is used for video calls, sometimes unconvincingly, though not often enough. Laptop farms in the US enable the infiltrators to spoof local IPs. Moreover, the imposters usually excel at the actual job, supported by an entire pod of 10 to 20 operatives performing the work for the fraudulent identity behind the scenes.

Speaking on a panel at the RSA Conference 2025, FBI Special Agent Elizabeth Pelker reported that when employers find out these imposters may be agents, they often hesitate to terminate them. “I think more often than not, I get the comment, “Oh, but Johnny is our best performer. Do we actually need to fire them?’” There are plenty of reasons to say an easy yes.

Fake Workers, Real Money

According to WIRED, each impostor and pod can send as much as $3 million a year back to Pyongyang just in wages. In Cyberscoop’s estimation, that could be as much as $100 million funneled annually to the North Korean regime.

However, these operatives also use their corporate footholds to exfiltrate data and intellectual property, plant malware, and occasionally threaten executives with blackmail. They can also act on a larger scale, disrupting critical services or infrastructure. It’s no wonder the FBI is offering up to $5 million for information that leads to the disruption of these operations.

It’s alarmingly easy to generate the identities used in these scams. Once the purview of skilled operatives, a steady flow of corporate data breaches coupled with the rise of “crime-as-a-service” outfits means even non-experts can leverage realistic personas complete with fabricated LinkedIn profiles, convincing virtual backgrounds, and digitally manipulated identity documents. And at sites like personnotexist[.]org, even people with no image manipulation experience can easily generate deepfake personas for use in video.

For businesses increasingly reliant on remote teams, the sophistication of these outfits represents a significant threat. By some industry estimates, 40% of all cybercrime incidents in 2024 involved deepfake infiltration. At an average cost of $4.99 million per incident caused by malicious “insiders” like fraudulent remote workers, it can add up. For US-based companies, the average cost of a data breach tops $9 million. As it stands, 34% of companies in North America report suffering a data breach that cost them between $1 million and $20 million in the past three years. As many as one in three breaches now involve insiders.

Once breached, organizations face the loss or theft of data, compromised networks, ransomware, and blackmail. That’s before lawsuits or regulatory fines, reputational damage, and the fallout from lost customer trust, shattered shareholder confidence, and derailed strategic initiatives.

‘How Ugly Is Kim Jong Un?’ Why Most Security Measures Fail

Identifying fake job candidates requires innovation and skepticism. Red flags include discrepancies between identity information and the candidates themselves. According to Cyberscoop, examples can consist of a person with a complicated Polish name who, in a Zoom call, turns out to be a military-age male Asian who can’t pronounce it.

When deepfakes are in use, telltale signs can be sudden jerkiness or a disconnect between audio and video. It’s also not uncommon for candidates to be fed answers to questions, creating latency as they read onscreen prompts. As a counter measure, some hiring managers ask candidates to hold up identity credentials to match face with identity. But the same AI tools behind the deepfakes can also be used to create counterfeit credentials, of course.

According to researchers, asking a candidate to wave their hand in front of their face can reveal deepfake inconsistencies. Another tactic: asking unexpected questions like, “How ugly is Kim Jong Un?” Perhaps unsurprisingly, it can be enough of a curve ball to instantly trigger operatives to disconnect from the call abruptly. The technique is effective because North Korean agents are prohibited from saying anything negative about their leader. When asked to criticize him, they typically end the interview immediately rather than risk punishment for appearing disloyal.​​​​​​​​​​​​​​​​ Of course, that might not always work, nor is it ever enough.

Today’s typical security protocols—basic ID verification, standard biometric checks, and interview procedures—are no match for increasingly sophisticated deepfake schemes. Attacks now employ presentation attacks for printed and emailed identity credentials, voice cloning, face swapping, and manipulation of captured video of a legitimate user or candidate.

They can also include injection attacks to manipulate data streams between the camera or scanner and authentication systems. Fraudsters with access to an open device, for example, can inject a passing fingerprint or face ID into the authentication process—or text-to-speech tools to manipulate cloned voice samples—bypassing security measures and gaining unauthorized access to corporate networks and services.

What It Really Takes to Defeat Deepfake Identities

As I mentioned, the strongest countermeasure against deepfakes and workforce identity fraud in all its forms is already widely available: advanced biometric authentication, securely linked to verified identities. 1Kosmos is a case in point. Our identity proofing solution leads potential employees through a mobile-first enrollment process in which they scan driver’s licenses, social security numbers, national identity documents, passports, or other government-issued credentials.

Automated workflows then verify the data, including any associated pictures and RFID-chip data, across more than 2,500 different identity documents from over 150 countries with over 99% accuracy. These verified individuals are linked to a facial biometric that is dynamically compared to the photo on valid credentials, and the bound identity is then encrypted with the user’s private key and stored in our private and permissioned blockchain.

Passive liveness detection spots subtle digital markers indicative of manipulated images. Detection methods prompt users to perform specific, randomized actions—confirming genuine human presence at enrollment and, if desired, as a login measure for video interviews or meetings. Fraudulent identities are flagged during the time of capture. Our solutions are also built on the only platform certified to NIST 800-63-3, UK DIATF, FIDO2, and iBeta ISO/IEC 30107 standards with an SDK and standard APIs to avoid security exploits and prevent vendor lock.

Facing the Future: Stopping Deepfakes Before They Start

Unchecked, the epidemic of fraudulent job candidates threatens hiring integrity, cybersecurity infrastructure, and corporate reputations worldwide—and it will only get worse. According to Gartner, 1 in every 4 job applicants will be fake by 2028. When you consider other “enhancements” made by otherwise legitimate job candidates, the need for objective, bullet-proof identity proofing grows more critical.

Along with fostering a culture of cybersecurity vigilance throughout the organization (looking at you, HR), implementing widely available biometric technologies that adhere to exacting identity verification standards offers the best—well, only—surefire way to defeat ever-evolving threats from workforce fraud, North Korean and otherwise. Which means the next time you ask a job candidate, “How fat is Kim Jong Un?” it’ll just be for the fun of it.

To learn more about how 1Kosmos can protect your organization against worker fraud with the online NIST, DIATF, FIDO2, and iBeta certified workforce verification and authentication solutions on the market, click here.

The post Why the Fortune 500 Keeps Getting Duped by Deepfake Job Applicants–And How to Stop It appeared first on 1Kosmos.

How Weak Identity Security Posture Affects Organizations 

The report paints a clear picture: fraudsters are refining their strategies, targeting high-value credentials and exploiting vulnerabilities across all channels. Several statistics stand out, demanding immediate attention from security and risk leaders.  

How Compromised Credentials Lead to The Rise of Identity Fraud A particularly alarming trend highlighted is the increasing exposure of government-issued IDs in data breaches. In 2024, 31% of US data breaches included driver's licenses or other state IDs, a sharp rise from 19% in 2023. 

For years, presenting a physical ID or a scan of one has been a common identity verification step. However, when the digital versions of these documents are readily available to criminals due to breaches, relying solely on document verification becomes dangerously inadequate.

Fraudsters can now more easily acquire the very credentials used in traditional proofing processes, making it essential to layer additional, dynamic verification methods. How Fraudsters Use ID Spoofing and KBA To their Benefit

Fraudsters are becoming more adept at impersonating legitimate customers, and legacy verification methods are failing to stop them. The TransUnion survey found:

55% of knowledgeable business leaders reported that call spoofing to impersonate a customer became more common in the past year. 

58% reported that the use of stolen personal information to pass knowledge-based authentication (KBA) became more common.   The Implication: These two statistics are intrinsically linked. Widespread data breaches have made personally identifiable information (PII) – the foundation of KBA questions like "What street did you grow up on?" or "What was your first pet's name?" – easily accessible to criminals. Simultaneously, spoofing technologies allow fraudsters to appear as legitimate callers. Relying on information recall (KBA) or caller ID is no longer a viable defense mechanism. Knowledge is not identity.   Call Centers and Help Desks Are Now Prime Targets of Identity Fraud

The human element in customer service remains a key target. The report reveals a significant increase in attacks targeting call centers:

The percentage of high-risk calls into US call centers surged by 33%, rising from 4.5% in 2023 to 6.0% in 2024.   This coincides with 43% of knowledgeable business leaders indicating fraudsters increased their attacks on call centers over the past year.   Understanding the Risk: Call centers and internal help desks often handle sensitive requests, including password resets, account changes, and information verification; actions that provide direct pathways for account takeover if compromised. The pressure on agents to provide quick support can conflict with rigorous security protocols, creating vulnerabilities that fraudsters exploit through social engineering and impersonation. The report also notes the specific risk posed by non-fixed VoIP calls, which are harder to trace and showed a high percentage of fraud risk.   How to Ensure Identity Assurance For Your Organization

The insights from the TransUnion report demand a fundamental shift in how organizations approach identity security. Reactive measures and outdated techniques are insufficient. The goal must be Identity Assurance: establishing ongoing, high confidence in a user's identity across their entire journey through orchestrated, risk-appropriate verification.

1. Adopt Identity Verification Solutions with Journey Orchestration

Given that even physical IDs can be compromised and personal knowledge is widely available, modern IDV must be dynamic and context-aware.  

Move Beyond Static Checks: Merely scanning a driver's license is no longer enough. Effective solutions must layer multiple verification techniques. This includes document authentication (checking security features as well as against a reliable database), biometric verification (matching a live selfie to the ID photo), crucial liveness detection (to prevent spoofs using photos/videos), and potentially cross-referencing with trusted data sources or device intelligence. Orchestrate Based on Risk: Not all interactions carry the same risk. Identity verification shouldn't be one-size-fits-all. Implement solutions that allow for fine-grained policies based on the specific action (e.g., onboarding vs. login vs. password reset), the user's privilege level, and real-time risk signals (like device health or location). 2. Knowledge-Based Authentication (KBA) is Broken

The data is clear: KBA is fundamentally broken. The sheer volume of breached PII, combined with the power of AI to gather and correlate information, makes relying on secret questions a critical vulnerability.  

Embrace Stronger Factors: Organizations must transition to phishing-resistant authentication methods. This includes passwordless, FIDO-certified authenticators like device-based biometrics or security keys, which prove possession of a trusted factor rather than relying on easily compromised knowledge. Secure Recovery: Critically, this applies to recovery processes too. Using KBA for account recovery negates investments in strong primary authentication. Secure recovery must leverage other verified, phishing-resistant factors. 3. Harden Call Center and Help Desk Defenses Interactions

The sharp rise in high-risk calls targeting support channels necessitates specific countermeasures.  

Empower Agents with Better Tools: Equip support staff with integrated tools that provide stronger identity verification methods than simply asking KBA questions or trusting caller ID. Implement Risk-Based Authentication: For high-risk requests (like credential resets or changes to sensitive account information), trigger strong step-up authentication challenges that cannot be easily socially engineered. This could involve pushing a notification to a user's registered and trusted device for biometric approval. Orchestrate High Risk Workflows: Implement workflows that escalate high-risk verification scenarios. This might involve requiring approval from an employee's pre-verified manager through a secure channel or routing the interaction to a specialized risk team equipped with advanced verification tools. Upgrade Your Security Posture with Identity Assurance

The TransUnion H1 2025 State of Omnichannel Fraud Report serves as a stark reminder: identity is the new security perimeter, and it's under constant attack. The rise in compromised identity documents, the blatant failure of KBA, and the relentless targeting of support channels demand immediate action.  

Organizations can no longer afford incremental improvements to outdated security models. A paradigm shift towards proactive Identity Assurance is essential for survival and growth. This means embedding strong, phishing-resistant identity verification across the entire user lifecycle, orchestrating verification based on risk, and eliminating reliance on easily compromised factors like passwords and shared secrets.

Discover HYPR’s Identity Assurance Platform

HYPR, The Identity Assurance Company, is built to address these modern challenges head-on. Our platform delivers FIDO-certified, passwordless MFA, integrates high-assurance identity verification methods, and enables sophisticated journey orchestration to ensure the right users gain access, securely recover accounts, and interact safely across all channels, including vulnerable support touchpoints.

Don't let legacy vulnerabilities dictate your security posture. Embrace Identity Assurance and build a resilient defense against the evolving threats highlighted by TransUnion.

Key Takeaways: 1. Static Identity Verification is Obsolete

Reliance on physical IDs or static document scans is increasingly less secure due to the amount of stolen PII credentials online. Identity verification must use a multi-layered approach that includes biometrics, liveness detection, and real-time risk assessment.

2. Knowledge-Based Authentication is Broken

Breached data and data aggregated by AI have rendered knowledge-based authentication nearly useless. Organizations must adopt phishing-resistant factors like biometrics and FIDO2 passkeys.

3. Call Centers and Helpdesks Are the New Frontline

The increase in spoofed calls and VoIP abuse increases the fraud risk for both call centers and help desks. Organizations must implement risk-based step-up authentication and use tools that provide more secure identity verification methods.

4. Identity Assurance is the New Standard

The security focus must shift from one-time, static checks to continuous identity assurance across the user journey. Modern IDV solutions must be adaptive and risk-aware to meet the challenges of the current threat landscape.

 

A special mashup episode with fellow analyst Francis Odum. Francis is founder and analyst at Software Analyst Cyber Research and global thought leader on a broad array of cyber topics.

Episode Takeaways

RSA Conference 2025 review AI is a major theme, but many vendors are using it as marketing fluff. Identity security is essential for mitigating risks in cybersecurity. Data security is increasingly reliant on effective identity management. Agentic AI presents both opportunities and challenges for security. The need for new identity types for AI agents is emerging. AI can automate many security processes, potentially reducing human error. The cybersecurity landscape is evolving rapidly, with new threats and solutions. Secure by design principles are crucial for future-proofing security measures. The industry must adapt to the growing complexity of identity and access management.

Chapters

00:00 Introduction and Conference Reflections

03:04 The Analyst Mashup: Introducing Francis Odum

05:51 Francis Odum's Journey into Cyber Research

08:52 Insights from RSA Conference 2023

11:59 Key Takeaways: AI, Identity, and Data Security

14:56 The Role of Identity in Cybersecurity

18:03 Emerging Themes in Cloud Security and AI

21:00 Challenges in AI Strategy and Budgeting

24:06 Ethics and Accountability in AI Security

26:47 The Future of Agentic AI and Cybersecurity

28:13 The Role of AI in Business and Security

31:35 Emerging Identity Types and Their Implications

35:07 The Need for Pain to Drive Change

39:31 Future Trends in AI and Security

44:15 Platforms vs. Portfolios in Cybersecurity

51:51 Secure by Design: A New Paradigm

53:27 Final Thoughts and Future Conversations

At this year’s European Identity and Cloud Conference (EIC), Richard Esplin, Head of Product at Dock Labs, delivered a session on one of the most pressing challenges in digital identity: How can we ensure that the person presenting a digital credential is really the one it was issued to?

His answer lies in the combination of verifiable credentials and biometrics. Used together, these technologies can give organizations strong assurances about identity ownership, while preserving user privacy and avoiding the pitfalls of centralized data storage.

Here are the key takeaways from the presentation.

The crypto world moves fast—but so do regulations. One of the most impactful regulations for crypto businesses today is the FATF Travel Rule. It’s not just another checkbox to tick—it’s a global mandate designed to increase transparency and reduce financial crime in digital assets. If you’re a crypto asset service provider (CASP), understanding and complying with the Travel Rule isn’t optional—it’s essential to staying competitive and credible.

Let’s walk through what the Travel Rule requires and how you can stay compliant without slowing down your operations or alienating your customers.

What Is the FATF Travel Rule?

The Financial Action Task Force (FATF) Travel Rule requires that CASPs—such as crypto exchanges, wallet providers, and custodians—collect and share certain information about the originators (senders) and beneficiaries (recipients) of crypto transactions over a specified threshold.

Think of it as the crypto equivalent of wire transfer rules in traditional banking. When funds move between two institutions, basic identifying information must travel with them.

Here’s what you need to know:

Threshold Amount: The Travel Rule applies to crypto transactions over USD/EUR 1,000 (or local equivalent). Required Information: For the Sender (Originator): Full name, wallet address (or unique account ID), physical address or national ID number, and transaction purpose if required by local regulations. For the Recipient (Beneficiary): Full name, wallet address, and additional details if needed. Cross-Border Compliance: The rule applies across jurisdictions, meaning you need to ensure both sides of the transaction are compliant, even if the recipient CASP is in a different country.

Why Compliance Matters

Failing to comply with the Travel Rule can lead to regulatory penalties, reputational damage, or even being cut off from global markets. But it’s not just about avoiding punishment—it’s about building trust. The Travel Rule is designed to make the crypto ecosystem safer by preventing money laundering, terrorism financing, and other illicit activities. For CASPs that want to thrive, being seen as compliant builds credibility with regulators, partners, and customers.

The Challenges of Travel Rule Compliance

Travel Rule compliance isn’t without hurdles:

Data Sharing Complexities: Sharing sensitive customer information across borders requires secure systems that comply with privacy laws like GDPR. Transaction Delays: Manual verification can slow down transactions, frustrating customers and introducing operational inefficiencies. Interoperability Issues: Ensuring compliance across different CASPs and jurisdictions can be tricky, especially if the other party uses different systems.

But these challenges don’t have to hold you back.

How iComply Simplifies Travel Rule Compliance

iComply’s end-to-end solution for KYC, KYB, and AML goes beyond basic compliance—it makes Travel Rule compliance smarter and faster with edge computing technology. Here’s how it works:

Seamless Data Collection and Verification
Instead of relying on third-party subprocessors that introduce data privacy concerns, iComply verifies and authenticates sender and recipient data locally on the client’s device using edge computing. This ensures that sensitive information is encrypted and verified before it leaves the device—minimizing data exposure risks and ensuring compliance with privacy laws like GDPR and CCPA​. Real-Time Screening and Alerts
iComply automatically screens transaction participants against global watchlists, PEP databases, and adverse media sources in real-time. Suspicious activity? Immediate alerts are sent to compliance officers to take action without interrupting transaction flow​​. Interoperability and API Integration
iComply integrates easily with other CASPs’ compliance systems using its robust API. Whether your counterpart is using a different solution or in another jurisdiction, you can ensure data flows securely and meets FATF standards​​. Automated Reporting and Audit Trails
Generate audit-ready reports with one click. Every verification step is logged and time-stamped, making it easy to prove compliance during regulatory inspections​​. Configurable Rules Based on Jurisdiction
Compliance isn’t one-size-fits-all. iComply allows you to configure data requirements based on the jurisdiction of the sender and recipient, ensuring you meet local and international requirements.

Travel Rule Compliance in Action: A Case Study

Let’s look at how compliance plays out in real life.

Scenario: Alex, a customer of a U.S.-based crypto exchange, sends $5,000 in BTC to a friend’s wallet held at a European exchange.

Without iComply:

The compliance team manually collects Alex’s data, verifies it, and emails it to the European CASP. This takes time and risks data breaches during transmission. If the receiving exchange uses a different system, compatibility issues may arise, delaying the transaction further.

With iComply:

Alex’s data is encrypted and authenticated directly on the exchange’s app using edge computing. No unnecessary data transfers. iComply verifies the transaction participants in real-time and sends a secure compliance packet directly to the European exchange—fast, secure, and compliant.

The result? Faster transactions, stronger security, and a frictionless customer experience.

Why Choose iComply?

iComply’s platform doesn’t just help you comply—it optimizes your entire compliance workflow. By using edge computing, automated risk screening, and seamless integration, iComply simplifies Travel Rule compliance without sacrificing security or efficiency.

In the fast-moving world of crypto, compliance isn’t just a necessity—it’s a competitive advantage. Ready to stay ahead of the curve and build trust with your users and regulators? Let’s make compliance work for you.

The post Why EDD Identity Verification Services Are Key to Reducing Financial Crime appeared first on uqudo.

 

GN HEARTLAND

It’s feeling a lot like 2021 again. The markets are looking mighty green, and the best analysis we can offer is on Sam Altman’s pivot to Bond villain.

— playhaus

MONEY MONEY MONEY

TOKEN

PRICE CHANGE

PRICE

Solana ($SOL)

+4.84%

$182.96

Helium ($HNT)

+4.16%

$3.86

Pyth ($PYTH)

+41.74%

$0.19

Raydium ($RAY)

+41.47%

$3.34

(Price changes reflect past 7 days as of 5.13.25) The Case for Crypto Psychoanalysis

Over the past two weeks, we’ve been riding the high and personally writing about what many are calling a “crypto renaissance” — a surge in innovation, cultural momentum, and renewed belief in the decentralized future.

From institutional adoption to meme coin mania, the energy is palpable. But behind the price action, protocol upgrades, and market narratives lies a more elusive force, one that drives both irrational exuberance and gut-wrenching fear: our minds.

Enter what we call crypto psychoanalysis — a framework for understanding the emotional, behavioral, and psychological dynamics shaping the crypto market.

We pulled the term out of thin air, but make no mistake, this isn’t armchair theory. It’s backed by data and increasingly seen as essential to navigating the world of digital assets. According to a 2023 study by Glassnode, nearly 3 in 4 short-term Bitcoin holders panic-sell within three weeks of entering a position during volatile markets. Meanwhile, only 12% of long-term holders react similarly, revealing stark behavioral patterns between experienced participants and newcomers.

These reactions aren’t just financial. They can be triggered by stress, uncertainty, and crowd psychology. Research from eToro found that nearly 40% of retail crypto investors admit to making impulsive trades based on social media trends. (Shitcoins, anyone?) In the last bull run, Google searches for “crypto anxiety” spiked over 400% between January and May 2021, further illustrating the mental toll of market swings.

Decentralized finance (DeFi) thrives on momentum and identity. Each token’s value goes beyond its conversion rate, cultivating its own ecosystem and culture. From Solana vs. Ethereum to Dogecoin vs. everyone, investors often form emotional attachments to their bags, leading to confirmation bias and herd behavior.

A University of Cambridge study in 2022 highlighted that emotional attachment to a project — rather than utility or fundamentals — was the #1 driver of long-term holding behavior among retail investors. We hold what we believe in, not always what performs.

Diving deeper, crypto is powered by storytelling. The success of Ethereum’s merge, the rise of Ordinals on Bitcoin, or even the explosive memecoin season we’re living through — these shifts didn’t happen in a vacuum. They were fueled by emotionally charged narratives, online echo chambers, and the innate human desire to believe.

A 2024 Binance Insights report showed that projects with strong community narratives outperform purely technical projects by 32% in average token retention over a 6-month period.

The psychological element of DeFi can take a very real toll too. In a world of 24/7 markets, dopamine hits from green candles, and devastating crashes at 3am, burnout is real. Over 60% of crypto traders reported symptoms of stress or sleep disruption in a 2023 OKX survey, with nearly one-third saying crypto had “negatively impacted their mental health.”

At playhaus, we’re equally interested in the external evolution of web3 and the internal transformation happening within its participants. Crypto is changing how we think, feel, connect, and trust. And in that shift lies a profound psychological story waiting to be told.

So as we celebrate the breakthroughs, let’s not ignore the breakdowns. We urge you to take the time to offset the psycho with the analysis. Because the next frontier of crypto might not just be on-chain — it might be in the mirror.

— Muhammed

SPONSORED BY 1440 MEDIA

Looking for unbiased, fact-based news? Join 1440 today.

Join over 4 million Americans who start their day with 1440 – your daily digest for unbiased, fact-centric news. From politics to sports, we cover it all by analyzing over 100 sources. Our concise, 5-minute read lands in your inbox each morning at no cost. Experience news without the noise; let 1440 help you make up your own mind. Sign up now and invite your friends and family to be part of the informed.

Subscribe to 1440 today.

The Show-Me State Just Showed Up

Missouri just poked the proverbial bear with a cattle prod.

As of 2025, if you’re a Missouri resident, you won’t pay a single dime in capital gains taxes at the state level on profits from stocks, real estate, or crypto.

Yep. You read that right. No tax man coming for your investment wins. Just a clean break. How did we get here?

Before this new law, Missouri taxed capital gains like regular ol’ income — up to 4.7%, depending on your tax bracket. So whether you were flipping homes, selling off that Apple stock you bought during the iPod era, or finally unloading your crypto bag after HODLing since 2017, the state wanted a piece.

No more.

A handful of states — think Florida, Texas, Nevada — already don’t tax any personal income, so naturally capital gains are in the clear there. But Missouri? It’s in a different category. This isn’t a no-income-tax state. It’s one that looked at capital gains specifically and said, “Nah, we’re good.”

That makes this a first-of-its-kind move. It’s targeted, it’s bold, and it’s potentially game-changing.

Why? Because this could be the beginning of something bigger. By zeroing out capital gains for individuals, Missouri is basically hanging a big, flashing sign that says: “Invest here. Live here. Grow here.”

Think of it like this:

That real estate developer weighing between Kansas City and Denver? He’s looking real hard at Missouri now. That startup founder debating when to liquidate shares? She just found a way to save serious cash. That crypto trader finally ready to cash out? Missouri just rolled out a digital red carpet.

 

But who really benefits? Let’s keep it real: 80% of the financial benefit from this bill is expected to go to the top 5% of earners. So yes, it will favor the wealthy. Indeed, critics are already worried about the loss in state revenue — somewhere between $260M and $600M annually. That’s money that funds schools, roads, and public services.

But here’s the counterpunch: If the move spurs economic growth, pulls in new businesses, and juices up investment in-state, it could pay for itself in the long haul. That’s the bet Missouri’s making.

There’s also some crucial fine print. Specifically, this exemption is only for individuals, not corporations. At least for now. Businesses might get in on the fun once Missouri’s top individual income tax rate drops to 4.5%. But that won’t happen until at least 2028, if revenue keeps rising.

So what could/should you actually do with this info? Here are a few options:

Re-think residency: If you’re in a high-tax state and sitting on major gains, moving to Missouri might suddenly look a lot more appealing. Time your exits: Planning to cash out on an investment? You now have a major incentive to do so while under Missouri’s tax umbrella. Get your CPA on speed dial: Tax strategies just changed in a big way. Whether a crypto investor or real estate pro, your accountant needs to be looped in.

 

Big picture. Should you care?

If you invest, yes.

If you’re eyeing a real estate flip or a startup exit, double yes.

If you’re a casual observer wondering how states compete in a post-remote world — definitely.

Missouri’s trying to build it, attract it, and ride it.

The question is: Will people show up to the Show-Me State?

— Branden

SPONSORED BY SUPERHUMAN AI

Start learning AI in 2025

Keeping up with AI is hard – we get it!

That’s why over 1M professionals read Superhuman AI to stay ahead.

Get daily AI news, tools, and tutorials

Learn new AI skills you can use at work in 3 mins a day

Become 10X more productive

Sign up and start mastering AI

Sam Altman’s Doomsday Device

Few journalists appear technologically competent enough, or motivated enough to hold the emerging companies to account for the weapons they are constructing.

Yes, we love to bet on the price action and partake in the money making bonanza. But when the music stops, and all that’s left is the technological infrastructure, I am seeing a curtain being constructed and a wizard set behind it.

The latest edition of Garbage Day, a fellow top-tier internet newsletter, covers one of our longtime favorite piñatas: The Orb, Sam Altman’s go-to-market hardware for his crypto company, World, fka Worldcoin. The piece reaffirms our longheld beliefs that we can use our local communities to affirm our digital identities, retain pseudoanonymity rights online, and operate in a system free from elitist technocrats. But not if SAMA has anything to say about it.

The success of using a nominal amount of crypto to onboard a mass number of users from the Global South is as notorious as it sounds. But the value of a $20 goes a long way outside of it’s home country, which is exactly why Sam Altman’s company announced they were expanding their orb system here to the United States, with greater clarity on the value it provides — freedom from the AI generated garbage, aka the other thing Sam’s best known for selling you. L-O-L.

As for the crypto market at large, yes prices are rising, and we may see peaks again. But doubtfully the ones of the cycle that you’ve been dreaming of. For now, my guess is that the market makers are being incentivized to keep prices low for as long as they can, while institutions block buy. The bubble wants to burst, and as the memes are indicating the left curve is coming, so stupid mindless consumer driven price action on platforms like Robinhood are likely to be drivers.

The miracle of America’s New Pope and the halo of peace seemingly casting over free trade and global cooperation is hopeful. But it might just mean the markets are desperate for cope.

— El Prof

The post 51 – Show-Me (the Money) State appeared first on playhaus TV.

Verifiable Credentials make it possible for AI to act securely and autonomously on your behalf across systems, platforms, and services—and they’re the key to enabling trusted automation at scale.

This is part of our series on Agentic AI and verifiable credentials. Take a look at parts one, two, and three, where we provide an overview about the intersection between these two groundbreaking technologies. 

By Helen Garneau

AI tools are getting better at handling tasks—but in most cases, they’re still stuck in “assist” mode. They wait for prompts. They offer suggestions. Maybe they fill in a form or summarize an email. That’s helpful, but it’s not transformational.

The vision for AI is agentic — that it can  act autonomously, move across systems, and handle tasks end-to-end.  

If agentic AI is going to deliver on that vision, agents need to be identifiable — they need digital identities. And so do you — if those agents are going to access your data and solve your problems.

It’s not enough for an AI to be smart. It has to be trusted.

An AI agent needs to be able to prove who it belongs to: your bank, a government agency, a train company. This authentication needs to be seamless and it also needs to be verifiable in a way that you can be absolutely sure of its identity.  This is where Verifiable Credentials (VCs) come in. Verifiable credentials allow AI agents to prove they’re acting on behalf of a specific, authenticated user—and prove they are who they say they are. That radically simplifies orchestration, trust, and decision-making.

Verifiable credentials let us go from basic automation to complex orchestration. From “Alexa, play music” to “Agent, make a reservation at X for Y time and pay with my credit card.”   

When each agent holds a credentialed identity they can become a coordinated system:

Consent is simple and direct. No need for re-authentication workflows. Transactions are secure and verifiable. The source of the data and action is cryptographically proven. Inter-agent communication is trusted. A digital finance agent can interact with a travel agent because they’re both verified and operating under clear delegation from you.

The result? Your agents become a team. Not just a stack of tools, but a coordinated group of trusted digital representatives—working on your behalf across domains, platforms, and organizations.

They don’t just say “I’m here to help Helen.”

They say “Here’s cryptographic proof I represent Helen, and I’ve got permission to do this.”

The system on the other side instantly verifies this and responds.

This is the leap—from bots that follow commands to agents that represent you.

No back-and-forth. No friction. Just action on your behalf.

So the next time my flight gets canceled, my AI travel agent gets to work by rebooking instantly. Meanwhile, my loyalty program agent negotiates a new hotel reservation. My finance agent checks spending limits and negotiates the price to get me a new rental car. All of it happens securely, seamlessly while I’m sitting at a gate with 1% battery—without needing to open three apps, dig through my inbox, or verify my identity again.

How? Each agent has proof it can act for me. The airline trusts it. The hotel trusts it. My calendar trusts it. I don’t have to touch a thing.

Why This Matters for Business

In enterprise environments, this architecture scales. Verified agents can:

Act across departments with audit trails Coordinate approvals and processes faster Trigger smart workflows across platforms Maintain compliance and data minimization with consent baked into every transaction

Think: HR agents issuing employee credentials, finance agents processing invoices, customer service agents accessing secure user profiles—all without the integration headaches or security concerns of today’s fragmented systems.

The future of AI is personal, trusted, and credentialed

AI doesn’t have to be a buzzword or a half-functional assistant. It can be a fully credentialed representative, trusted to act on your behalf—across systems, across domains, across the world.

At Indicio, we’re building the identity infrastructure that makes this future possible—today.

Because when AI agents can prove who they are and who they work for, the digital world starts to feel less like a maze… and more like a concierge desk. Come build with us today.

###

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post AI Agents with credentials: your digital dream team appeared first on Indicio.

How you comply with anti-money laundering measures, and conduct identity verification is about to change forever. Are you ready for the Anti-Money Laundering Regulation?

The regulatory landscape for financial services will undergo the biggest change to date, when the Anti-Money Laundering Regulation (AMLR) replaces the current directive-based approach in 2027.  

Unlike previous approaches, where Anti-Money Laundering Directives (the most recent being AMLD 6) required national implementation, the AMLR will apply directly across all EU member states, resulting in a more harmonized approach to combating financial crime. 

For financial institutions, AMLR represents both a significant compliance challenge and a strategic opportunity to modernize, and perhaps more importantly, harmonize identity verification processes. With implementation less than two years away, understanding the key changes and beginning preparations now is essential for a smooth transition.

5 main changes under AMLR: What’s new?

The AMLR brings several fundamental shifts in how financial institutions must approach customer identification and verification:

1. From directive to regulation.

Current approach: The AMLDs require implementation through national legislation, which leads to variations in interpretation and therefore different requirements across EU member states. 

AMLR approach: AMLR will apply to all member states without national implementation, which, in theory, will create a single, consistent rulebook for AML compliance across the EU.

2. Enhanced due diligence requirements.

Current approach: European financial services adhere to a risk-based approach to enhanced due diligence (EDD), with some flexibility in implementation. In practice, this means that EDD is required for high-risk customers, such as politically exposed persons (PEPs) or those from high-risk jurisdictions. 

AMLR approach: There will be more prescriptive requirements for customer due diligence, with specific mandates for identification methods and verification processes.

3. Stricter beneficial ownership rules.

Current approach: Varied thresholds and requirements for identifying beneficial owners. 

AMLR approach: Standardized approach with clearer definitions and lower thresholds for beneficial ownership identification.

4. Expanded scope to include crypto.

Current approach: Anti-money laundering directives were focused primarily on traditional financial institutions. 

AMLR approach: Broader coverage including crypto-asset service providers and other previously exempted entities.

5. Stronger enforcement mechanisms.

Current approach: Varied enforcement penalties, fines and punishments across member states. 

AMLR approach: More consistent penalties and enforcement mechanisms, with greater coordination through the new Anti-Money Laundering Authority. Due to start operations from summer 2025, the AMLA will have a staff of 400 and will centralize AML efforts, coordinate national authorities and conduct cross-border investigations.

eIDAS 2.0 – A simple update or fundamental change? The second iteration of the Electronic Identification, Authentication, and Trust Services (eIDAS) lays the groundwork and sets the technical standards of how a pan-European digital wallet ecosystem will work. Download to discover what changes businesses can expect from eIDAS 2.0. Read now The 3 pillars of AMLR-compliant identification.

At the heart of AMLR is a fundamental shift in how financial institutions verify customer identities. It’s worth noting that AMLR will not be regulating KYC methods per se but merely adhering to the eIDAS 2.0 identity framework. AMLR prescribes three compliant identification methods:

1. EUDI Wallet.

The European Digital Identity Wallet (EUDIW) represents a significant advancement in digital identity management. This user-controlled mobile application will allow EU citizens to store, and share verified identity credentials securely. The EUDI Wallet must meet either substantial or high assurance levels. 

What it means for financial institutions: 

Customers will be able to prove their identity using government-issued digital credentials  Verification can happen remotely in an instant  Higher levels of assurance for digital onboarding  Reduced manual verification processes
2. Notified eID systems.

Notified Electronic Identification (eID) systems provide secure digital identity verification through nationally recognized schemes. There are more than 27 eID systems across Europe, each with varying levels of assurance. Under the eIDAS 2.0 regulation and the upcoming AMLR, these systems are being brought under a single, interoperable EU framework to support cross-border KYC and customer onboarding. 

To be accepted for KYC purposes, eID systems must meet at least a “substantial” or “high” level of assurance, as defined by EU technical standards. This ensures that financial institutions and other obliged entities can rely on trusted digital identity methods for remote onboarding and customer due diligence. 

What it means for financial institutions: 

Recognition of national eID schemes across borders  Standardized levels of assurance  Simplified customer onboarding for customers with existing eIDs  Reduced document verification requirements
3. Trust Services.

Trust Services, as defined under eIDAS, provide the foundation for secure and authentic digital transactions through Qualified Electronic Signatures (QES), electronic seals, timestamps, and other regulated services. These play a key role in enabling secure identification under AMLR, particularly via QES and Qualified Electronic Attestations of Attributes (QEAA), which allow trusted identity and attribute information to be shared digitally across the EU. 

To enable these services, a Qualified Trust Service Provider (QTSP) is responsible for verifying the individual’s identity — whether through notified eID, an EUDI Wallet, or traditional documents such as a passport. This identity proofing must comply with high-assurance standards, which may involve video identification, automated verification, or in-person validation, as set out in eIDAS 2.0 implementing acts and ETSI technical standards. 

In this way, QTSPs offer a legally recognized and privacy-preserving path to AML-compliant digital onboarding — even for users without a national eID or EUDI Wallet. 

What it means for financial institutions: 

Enhanced security for digital transactions  Legal recognition equivalent to handwritten signatures  Improved document integrity and non-repudiation  Streamlined digital processes with legal certainty 

The significance of these three pillars cannot be overstated. Financial institutions that implement as many options as possible will provide customers with maximum flexibility while ensuring full compliance with AMLR requirements. As the majority joint venture partner of IDnow Trust Services AB – a Qualified Trust Service Provider (QTSP), IDnow is uniquely positioned to support all three identification methods as a single vendor, offering a comprehensive solution for full AMLR compliance.

By beginning preparations now, organizations can ensure a smooth transition to the new regulatory framework while minimizing disruption to operations and customer experiences. With the right partners and a proactive approach, AMLR compliance can become a catalyst for digital transformation rather than just another regulatory burden.

Uwe Pfizenmaier, Product Director at IDnow and Registration Officer at IDnow Trust Services AB.

Discover more about IDnow Trust Services AB here.

How businesses can prepare today for a more compliant tomorrow.

Although there are still two years until the 2027 deadline, the complexity of AMLR implementation means preparation should begin now. Here are key steps financial institutions should take:

1. Conduct a gap analysis. 

Assess your current AML processes against AMLR requirements to identify areas needing improvement. This includes: 

Reviewing existing customer identification methods  Evaluating beneficial ownership identification processes  Assessing risk assessment methodologies  Examining transaction monitoring capabilities  Reviewing staff training programs
2. Budget planning. 

For many financial institutions, AMLR compliance will require investment in new technologies and processes. As such, they need to ensure they: 

Allocate resources for technology upgrades  Budget for staff training and potential new hires  Consider consulting services for specialized expertise  Plan for ongoing compliance costs
3. Team training and awareness.

Begin building internal knowledge and expertise: 

Educate compliance teams on AMLR requirements  Raise awareness among executive leadership  Develop training programs for customer-facing staff  Establish clear ownership of AMLR implementation
4. Technology assessment. 

Evaluate your current technology stack against future requirements. Do you have one of three AMLR-compliant ways of verifying identities implemented in your technology stack? Sooner rather than later, businesses should: 

Assess identity verification systems for AMLR compatibility  Review customer due diligence technologies  Evaluate transaction monitoring capabilities  Consider integration requirements for new identification methods IDnow’s unique position: Why being a QTSP matters.

A QTSP, such as IDnow Trust Services AB, is an organization that has been officially recognized by a national supervisory body to provide trust services that meet the strict requirements of the eIDAS regulation. This qualification involves rigorous assessment of security practices, technical capabilities and organizational reliability. 

As a QTSP since 2024, IDnow Trust Services AB holds a privileged position in the AMLR compliance landscape.  For financial institutions preparing for AMLR, working with IDnow and its QTSP offers several competitive advantages:

Comprehensive compliance coverage: IDnow can provide all three prescribed identification methods (EUDI Wallet, eID, and Trust Services)  Legal certainty: Qualified trust services are considered critical infrastructure and have the highest level of legal recognition across the EU  Reduced compliance risk: Working with a qualified provider reduces the risk of non-compliance  Future-proof solutions: As regulations evolve, QTSPs tend to actively drive change and are the first to adapt and ensure continued compliance  Simplified vendor management: One single provider for multiple compliance requirements 

With a long history in enabling financial services customers to comply with AML regulations,  IDnow is actively preparing to support clients through the AMLR transition, with ongoing development of compliant solutions and close engagement with regulatory authorities.

Next steps: Your AMLR readiness checklist.

To begin your AMLR preparation journey, consider this initial checklist: 

Assign responsibility: Designate an AMLR implementation team or leader 
  Stay informed: Subscribe to regulatory updates and industry guidance 
  Assess current state: Document existing identification processes and technologies 
  Identify gaps: Compare current capabilities with AMLR requirements 
  Develop a roadmap: Create a phased implementation plan through 2027 
  Engage with partners: Begin discussions with technology providers about AMLR solutions 
  Budget for change: Ensure financial planning includes AMLR implementation costs 
  Monitor developments: Stay alert for regulatory guidance and industry best practices

In the not-too-distant future, only three methods of identity verification will be allowed. Orchestrating each method in order to offer fallbacks and different ways of issuing Trust Services will therefore become key for the future of AML onboarding in EU.

Johannes Leser, Chief Executive Officer of IDnow Trust Services AB.

Prepare today to succeed tomorrow.

While for many, AMLR will pose a significant compliance challenge, it also offers an opportunity to modernize and future-proof identity verification processes, enhance security and improve customer experiences. Financial institutions that approach AMLR strategically, rather than as a compliance box to check, can gain competitive advantages while strengthening their defences against financial crime and fraud that is becoming more sophisticated by the day. 

To learn more about how IDnow can support your AMLR compliance journey, contact our team of experts today.

By

Jody Houton
Senior Content Manager at IDnow
Connect with Jody on LinkedIn

Update : Telegram has responded to Elliptic's research by closing thousands of channels belonging to both Xinbi Guarantee and Huione Guarantee, severely disrupting the two largest Telegram-based illicit marketplaces, which have collectively engaged in over $35 billion in USDT transactions. Elliptic continues to track over 30 similar marketplaces.

Xinbi Guarantee is a Chinese-language, Telegram-based marketplace serving fraudsters in South East Asia, including those responsible for so-called “pig butchering” scams. Merchants on the marketplace sell technology, personal data and money laundering services. The USDT stablecoin is the primary payment method, with the market having received $8.4 billion in transactions to date. Some transactions can be linked to funds stolen by North Korea. Xinbi Guarantee claims to operate through Xinbi Co. Ltd, incorporated in Colorado.

 

“It’s easy to say you want more control over your systems. But the cost of decentralization in money, complexity, and overhead can hit hard when the invoice arrives.”

A Digital Identity Digest The Cost of Decentralization: What Companies Need to Weigh Before They Commit Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 10 seconds 00:00 / 00:12:33 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

Last week, I wrote about how the real innovation is in centralized vs decentralized, it’s in building systems that can move between them. Flexibility and resilience go hand in hand. Engineering Meets Economics if you missed it.

This week, we’re taking that one step further: If flexibility or even malleability is the goal, how much are you willing to pay for it?

Decentralization sounds empowering, and it is, but when you start pricing out the staff, contracts, and duplicated infrastructure required to make it real, it’s enough to light your hair on fire. But if the last few years have taught us anything, it’s this: centralization is comfortable, right up until it isn’t. The question isn’t whether decentralization is an all-or-nothing decision. Instead, you should ask how much of it you actually need, and whether you are building toward that, or are you hoping you’ll never be put to the test?

The Control We Live Without (Until We Can’t)

Most enterprise stacks are built on convenient centralization because it works. Until it doesn’t.

And to be fair, many centralized platforms aren’t fragile at all. Cloud providers like AWS or Azure, DNS services like Cloudflare, and global CDNs like Akamai offer incredible built-in resilience, failover, and distributed design, and for many organizations, that’s more than enough.

So when I talk about decentralization, I’m not saying “don’t use centralized platforms.” I’m asking:

Where does your dependency go beyond what the platform guarantees? Where are you relying on a single identity flow, a proprietary API, or a vendor relationship that isn’t as durable or visible as you’d like?

Here are just a few common areas where centralization is accepted, sometimes wisely, sometimes dangerously.

Current Dependencies: What’s Normal (and Risky) Stack ComponentTypical Centralized ProviderWhy We Accept ItWhat It Takes to DecentralizeCloud InfrastructureAWS, Azure, GCPCost efficiency, built-in toolingMulti-cloud design, duplicated environmentsDNSCloudflare, Route53Stability, DDoS protectionRedundant providers, failover planningIdentity ProviderOkta, Entra, PingPolicy enforcement, ease of useFederation, verifiable credentials, trust governanceRouting & CDNAkamai, CloudflareSpeed, coverageCustom PoPs, peering strategiesMessaging / CommsTwilio, Zoom, MicrosoftUnified experienceProtocol bridging, diverse vendor integration

The point isn’t to avoid centralization. It’s to understand where you’re exposed, and whether you can live with that. I can’t answer that for you, but you can and should start answering it for your org.

The Real Cost of Optionality

There’s no shame in being centralized; there is shame in not being able to recover from locked-in choices. The value of decentralization shows up when:

A vendor outage takes down your login page A change in platform policy breaks your consent flows A new law forces you to isolate systems by country A key provider is acquired, and your roadmap disappears overnight

Decentralization can offer you a way out or at least a way forward. But you only get that if you build for it. And yes, that comes with a cost. TANSTAFL.

Some of those costs include:

Financial: Redundancy means paying for parallel paths, including multiple vendors, more complex SLAs, and sometimes a few features you don’t use every day. Operational: Diverse systems mean more moving parts. Teams need more discipline. More observability. Less “set and forget.” Strategic: Procurement has to prioritize flexibility over feature count. Architecture has to balance performance with fallback.

And let’s not forget the cost of interoperability. The cost of decentralization isn’t just financial. You also need systems that can communicate across platforms, formats, and protocols.

Decentralization means maintaining systems that can work across different environments, many of which weren’t built with each other in mind. Your observability stack needs to normalize across cloud regions. Your CI/CD pipelines need to deploy to more than one provider. And of course, your auth system needs to handle more than one flavor of token.

You’re not just buying a second system, you’re buying the glue. That glue, however, can be expensive. But it’s what turns “Plan B” into an actual option.

This Is Achievable, But Only If You Know What You’re Buying

The good news? You don’t need to decentralize everything. In fact, you probably shouldn’t. But you should know what you’re trading off.

Think of decentralization as buying protection against:

Lock-in: pricing hikes, roadmap divergence, license changes Regulatory shifts: data residency rules, cross-border controls Platform instability: outage, acquisition, end-of-life surprises Geopolitical risk: sanction-driven service denial, regional throttling Value misalignment: privacy erosion, surveillance, ethical conflicts

That’s not FUD. It’s a checklist that helps you determine where decentralization is a strategic safeguard and where centralization is still worth the risk.

Choose Your Investment Level

There’s a spectrum here. Not every organization needs multi-cloud failover, decentralized identity, and DNS across five providers. But every organization needs to ask:

Where are we so centralized that a single point of failure becomes an existential risk? And what would it take to make that risk optional rather than inevitable?

You shouldn’t be looking for decentralization for its own sake. You’re looking for just enough optionality to survive a change in vendor policy, regulation, or business direction without rebuilding your stack from scratch. Ultimately, every team needs to decide how much of the cost of decentralization is justified by the control they gain.

Every small investment buys you breathing room. And breathing room is what makes resilience possible.

Closing Thought: Buy Control Before You Need It

You don’t have to decentralize everything. You probably can’t.

But if your entire digital operation depends on a single cloud region, vendor, or IdP that no one knows how to replace, then you’re not buying control; you’re borrowing it and hoping nothing goes wrong.

So, how much of the cost of decentralization are you willing to pay before you’re forced to?

Because waiting until you have to pay is rarely the cheapest option.

Bonne chance, mon ami!

Want to stay updated? I write about digital identity and related standards—because someone has to keep track of all this! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here] 

Transcript

[00:00:00]
Welcome to the Digital Identity Digest, the audio companion to the blog at Spherical Cow Consulting. I’m Heather Flanagan, and every week I break down interesting topics in the field of digital identity—from credentials and standards to browser weirdness and policy twists. If you work with digital identity but don’t have time to follow every specification or hype cycle, you’re in the right place.

[00:00:26]
Let’s get into it. Welcome back! If you caught the last episode, you’ll remember that we talked about how the real innovation isn’t choosing between centralized or decentralized identity systems—it’s about the ability to shift between the two.

[00:00:44]
If you didn’t hear that episode, no worries. Here’s the short version:

When I talk about centralization, I’m not just talking about infrastructure, but also controls.

[00:00:56]
A centralized identity system relies on one authority—one identity provider, one source of truth, one way to enforce access. Everything flows through a single control point.

[00:01:06]
In decentralized models, control is distributed.

You might issue credentials that can be independently verified and used. You might support federation or allow for local policy decisions. All of that isn’t chaos—it’s coordination across more than one authority.

[00:01:24]
Most enterprise systems fall somewhere in the middle. It’s not a question of which is better, but how much flexibility you’ve built into your dependencies and whether you’re ready to shift between centralized and decentralized models when needed.

[00:01:39]
And just to clarify, if your mind jumps straight to blockchain when I say “decentralized identity,” you can let that go. That’s not what we’re talking about here.

The Cost of Flexibility

[00:01:51]
Today, we’re building on that story, because flexibility to shift between these two models isn’t free.

[00:01:58]
In enterprise identity systems especially, the cost of decentralization can sneak up on you—until one day, it’s the only thing you can do.

[00:02:09]
Centralization absolutely works—right up until it doesn’t. Most enterprise systems are mostly centralized by design because:

It scales It’s familiar It’s easier to manage and deploy

[00:02:27]
You pick a cloud provider, configure your identity flows, and build tools that make daily life easier for your teams. All reasonable decisions.

[00:02:37]
But centralization comes with trade-offs that don’t always show up on your architecture diagram.

They show up when your vendor changes policies When a regulator demands regional data isolation When the company that owns your login page gets acquired and suddenly nothing is where it used to be

[00:02:56]
That’s when the invoice for centralization shows up. If you’ve prepared for it, great. If not, keep listening.

Trade-Offs and Hidden Costs

[00:03:09]
Let’s talk about those trade-offs and where they show up.

[00:03:15]
Most organizations don’t decide to centralize everything all at once. It usually happens gradually—through tool choices, vendor decisions, and policies that favor simplicity.

[00:03:36]
You pick AWS or Microsoft Azure because they offer global infrastructure and built-in security.
You standardize on a single identity provider for simplified access control and audit logging.
You rely on a CDN, DNS service, or messaging platform—not because you want lock-in, but because it works and provides redundancy.

[00:04:09]
Those normal decisions can quietly create dependencies that are hard to unwind.

[00:04:18]
Centralization feels efficient, but it means you’re betting on your vendors never changing, your regulators staying predictable, and your systems remaining static.

[00:04:44]
The real question isn’t “Did we centralize too much?” It’s “Do we know which parts of our systems are built around a trust that hasn’t been stress-tested yet?”
That’s where decentralization—or even just having a plan for it—starts to pay off.

What Does Decentralization Actually Cost?

[00:04:52]
Decentralization isn’t just a design pattern or a configuration flag.
It shows up in:

How you hire teams How you build systems How you buy SaaS applications How you plan for the future

[00:05:06]
Let’s talk about three kinds of cost:

Financial Cost

[00:05:09]
Redundancy means paying for more than one way to do something—running services in two cloud regions, contracting with two vendors for the same function.
This can look inefficient on a spreadsheet, but it’s really trading short-term inefficiency for long-term adaptability.

2. Operational Cost

[00:05:38]
Decentralized systems require discipline.

You have more services to coordinate You need more observability You need standardized policy enforcement
It’s not just a technical tax—it’s a cultural shift.

[00:06:06]
Assume failures will happen and design recovery plans before they do.

3. Strategic Cost

[00:06:11]
This is the hardest to measure.
Decentralization forces you to ask:

Do we want flexibility or feature velocity? Are we optimizing for today’s comfort or tomorrow’s resilience? Are we willing to make architectural choices that look less efficient but give us options when it counts?

[00:06:44]
If this sounds like tomorrow’s problem, you’re not alone—but chances are, you’ve already run into some version of this.

Real-World Scenarios

[00:06:59]
If you’ve ever had to “duct tape” your way out of a dependency, you’ve already felt the cost of not being flexible between centralization and decentralization.

[00:07:33]
This isn’t about building redundant systems for fun—it’s about investing in flexibility before you need it.

[00:07:39]
If the cost feels high now, ask: What will it cost to do it later, under pressure?

The Value of Optionality

[00:07:47]
Optionality is where decentralization pays off.

It’s not about building a parallel universe It’s about designing systems with room to move

[00:07:53]
Examples include:

Backup login methods that don’t rely on a single provider The ability to issue credentials even when your main service is down Flexibility to shift data storage between jurisdictions without breaking compliance

[00:08:14]
If you’ve built in flexibility, you can adapt when something breaks. But it doesn’t come for free—it costs more planning, more conversations with legal and compliance, and more thoughtful procurement.

[00:08:32]
Sometimes, it means building things twice or building the glue that holds them together. But it gives you control before you need it.

[00:08:51]
It’s not overengineering—it’s building systems that don’t panic when the default plan fails. Because the default plan will fail.

A Personal Example

[00:09:03]
Let’s make this personal.
If you’ve worked in a high-security enterprise, you know the drill:

Company-managed device Lockdown browser VPN required for everything

[00:09:28]
It works—until you need to join a Google Meet with an external standards body and Google is blocked, or you need to access a shared document on a non-whitelisted domain.

[00:09:40]
Suddenly, your secure device becomes a wall—not because the technology failed, but because the policies are too rigid.

[00:10:06]
Imagine if you could submit for an exception—pre-modeled, well-governed, and aligned with business risk—without endless meetings and exceptions.
That’s what optionality would look like: not chaos, but structured flexibility.

[00:10:29]
Decentralization isn’t about removing control. It’s about creating trusted, intentional ways to shift it around when necessary.

Final Takeaway

[00:10:37]
Buy the control you need before you need it.

You don’t need to decentralize everything You probably can’t and shouldn’t But you do need to know where your dependencies live

[00:10:54]
When something goes sideways—a vendor acquisition, regulatory shift, or trust breakdown—you’ll want options.
And options must be built ahead of time.

[00:11:06]
Ask yourself:

Where are we so centralized that a single point of failure is an existential risk? What would it take to make that risk optional instead of inevitable?

[00:11:15]
Even a small investment in flexibility buys you more breathing room—and breathing room is what makes resilience possible, not just technically but also operationally and strategically.

[00:11:57]
That’s it for this week’s episode of the Digital Identity Digest. If this helped make things clearer or more interesting, share it with a friend or colleague and connect with me on LinkedIn @hlflanagan. If you enjoyed the show, please subscribe and leave a rating or review on Apple Podcasts or wherever you listen. You can also find the full written post at sphericalcowconsulting.com. Stay curious, stay engaged, and let’s keep these conversations going.

The post The Cost of Decentralization: What Companies Need to Weigh Before They Commit appeared first on Spherical Cow Consulting.

April 2025 Is the UAE Taking the Lead in the Tokenization Race?

As you know, the U.S. is now pushing to become the crypto nation. It has capital, advanced bitcoin mining infrastructure, and some of the largest crypto-companies, but regulatory and political uncertainties continues to slow institutional adoption.

The EU has legal frameworks in place, but not simplicity. The complicated regulation works well for large financial players, however, it is proving a challenge for the next generation of blockchain innovators.

The UAE is taking a different approach, and it might just win the race. Rather than over-regulating or under-defining, it’s applying simple rules but selective authorizations, welcoming builders, and creating an environment where innovation can scale, fast.

A competitive edge built on openness and infrastructure.

We’ve just returned from Token2049 and RWAfi Live in Dubai, and one message is clear: The UAE is building the future of blockchain, faster, bolder, and more business-friendly than anywhere else in the world.

With 72 free zones, including DIFC, ADGM, and VARA, the UAE has created a system where local chambers of commerce and rulers compete to attract innovators. This friendly competition is pushing real-world asset tokenization forward. Project owners select the best place depending on their needs, and get access to a new blockchain-powered “American dream”.

Here are some recent innovation examples:

The Dubai Land Department and VARA are integrating real estate registries with blockchain. That means compliant, onchain property title transfers are now possible. The DFSA has launched a dedicated regulatory environment to test tokenized securities like real estate shares, sukuk, and fund units, all under full overview. AE Coin, a UAE Dirham backed stablecoin launched by FAB, ADQ, and IHC, is now live. This lays the foundation for compliant onchain payments at scale.

These aren’t isolated pilot projects. They are live infrastructure built to attract capital, global talent, and institutional adoption, and it’s working. From crypto startups to major financial institutions, builders are relocating to the UAE to benefit from its simple, selective, and scalable regulatory environment.

RWA: From trend to reality

At Tokeny, we are proud to help power this transition. Our infrastructure built on the ERC-3643 standard, enables institutions to:

Launch compliant RWA tokens with embedded control logic. Execute atomic swaps between tokenized assets and regulated stablecoins. Scale distribution across jurisdictions while enforcing compliance at every step.

At RWAfi Live during Token2049 Dubai, leaders from the DFSA, FSRA and MESA regulators shared a panel to discuss the future of onchain finance. The main takeaway? Regulation is not a blocker if you use the right tech. It’s the foundation for compliant onchain adoption.

This shift is happening faster than many expected, and the UAE is leading it.

For those of you who have missed this incredible panel, and the demos of the ERC3643 Association, watch the livestream here.

Tokeny Spotlight

Ripple Roadshow

The Impact of real-world asset tokenization on traditional markets.

Read More

Fasanara Use Case

Why and how did Fasanara launch a tokenized money market fund.

Read More

RWAfi Live

Our CCO, Daniel Coheur, joins industry leaders from Fasanara and Polygon at RWAfi Live.

Read More

Press Release

The ERC3643 Association Announces Cross-Chain DvP Solutions for RWAs with LayerZero, Tokeny, Fasanara, and ABN AMRO

Read More

Meeting Our Partners

We met with our partners Apex Group, discussing our exciting partnership and the future of tokenization.

Read More

Press Release

Tokeny and HBAR Foundation Partner to Deliver Compliant, Scalable, and Green Institutional Tokenization on the Hedera Network.

Read More Tokeny Events

Dubai Fintech Summit
May 12th-13th, 2025 | 🇦🇪 UAE

Register Now

Avalanche Summit London
May 20th-22nd, 2025 | 🇬🇧United Kingdom

Register Now

Digital Assets Week NY
May 20th-21st, 2025 | 🇺🇸 USA

Register Now ERC3643 Association Recap

The ERC3643 Association hosts RWAfi Live at Token2049 Dubai

Tired of the RWA hype? Come see what’s actually live. Co-hosted with: Tokeny, Archax, Defactor, Daos Hub, RWA.io, T-Rize, Inco, Applied Blockchain, LayerZero, The HBAR Foundation (Hedera), and Polygon

Watch the livestream here or learn more here

The ERC3643 Association Announces Cross-Chain DvP Solutions for RWAs with LayerZero, Tokeny, Fasanara, and ABN AMRO

Settlement breaks when security and cash tokens live on different blockchains. To fix this, ERC3643 Association members co-developed a cross-chain Delivery-vs-Payment (DvP) solution

Read more

Subscribe Newsletter

A monthly newsletter designed to give you an overview of the key developments across the asset tokenization industry.

Previous Newsletter  May13 Is the UAE Taking the Lead in the Tokenization Race? April 2025 Is the UAE Taking the Lead in the Tokenization Race? As you know, the U.S. is now pushing to become the crypto nation.… Apr1 No Yield for Stablecoins, Tokenized MMFs To Take the Lead March 2025 No Yield for Stablecoins, Tokenized MMFs To Take the Lead With MiCA in Europe, and the STABLE draft law in the USA, regulators… Mar3 Memecoins Are Crashing, Hackers Are Cashing In, Where Are Smart Investors Moving Next? February 2025 Memecoins Are Crashing, Hackers Are Cashing In, Where Are Smart Investors Moving Next? Over the past month, we’ve attended key events across the… Feb3 Trump Administration’s Impact on Tokenization: Is the Golden Age Upon Us? January 2025 Trump Administration’s Impact on Tokenization: Is the Golden Age Upon Us? For years, US financial institutions have faced significant hurdles in adopting tokenization,…

The post Is the UAE Taking the Lead in the Tokenization Race? appeared first on Tokeny.

As part of Okta’s Secure Identity Commitment (OSIC) to lead the industry in the fight against identity attacks, we are making changes to improve our architecture related to developer organizations.

On May 22, 2025, our new Integrator Free Plan will become the default organization type when you sign up on developer.okta.com. If you are actively using an Okta Developer Edition org, please create an Integrator organization and migrate to it. The Okta Developer Edition terms of service will also be updated to clarify: neither your old Developer Edition organization nor your new Integrator organization is meant for production use cases.

New Okta developer organization types tailored for you

We’ve redesigned our developer orgs to better fit how you build. Whether you’re testing app integrations, validating identity flows, or preparing for OIN submission, the new Integrator Free Plan is purpose-built for iterative development—not production deployment.

This new structure reflects real-world developer needs:

A clean, focused environment optimized for building and validating integrations Terms that match typical pre-production use cases Streamlined signup and org management aligned with how developers work today

By moving to an Integrator organization, you’ll get an environment that’s aligned with modern dev workflows—simpler, more relevant, and built to support how you build.

Integrator organization benefits

This new organization structure will come with a number of benefits, such as improving integrator access to Okta support resources and expanding developer access to Okta product offerings for testing purposes.

The features available in the Integrator Free Plan are listed in our reference docs.

Deprecating Okta Developer Edition organizations

In July 2025, existing Okta Developer Edition organization will be deactivated. At this time, you will lose access to your old Okta Developer Edition organization and all resources in it.

How to tell whether your organization is affected

To check whether an organization is in Okta Developer Edition, navigate to Applications > Applications in the Okta Admin Console. If you’re on Developer Edition, large text will inform you that “Developer Edition provides a limited number of apps”. This message appears below the Applications heading and above the Create App Integration button.

Organizations in which this banner is absent from the Applications list are not part of Developer Edition, and are unaffected by the Developer Edition deprecation.

How to migrate your resources from Okta Developer Edition to Integrator Free Plan

Creating an Integrator Free Plan organization will give you a clean slate to test and develop in. However, you might want to replicate setup steps that you’ve performed in your Okta Developer Edition organization to continue work in progress. Several options are available for migrating your configuration from your Okta Developer Edition organization to your Integrator Free Plan organization.

Migrating data is optional

If you want to discard the configuration and data from your Okta Developer Edition organization and start fresh in a new Integrator Free Plan organization, create a new Integrator Free Plan organization and begin using it. Your Developer Edition resources and configuration will be deleted when old organization are deactivated in July..

Re-create resources by re-running automation

If you automated the creation of resources in your Okta Developer Edition organization that you’d like to continue using in your Integrator Free Plan organization, your environment setup will be simple. Create an Integrator Free Plan organization, provide credentials to your setup tooling, and re-run that tooling.

Add automation for long-term management

If you created resources in your Okta Developer Edition organization by hand and you want to automate management of those resources going forward, this is a great time to build the tooling you want using Terraform or PowerShell. Terraformer can help you generate Terraform configurations based on existing resources in your old organization.

Use our migration tool for one-off organization backup

If you’d like to capture a snapshot of your current Okta Developer Edition configuration, try our EnvSync migration tool. It wraps the Okta CLI Client to create files representing all supported objects in your Developer Edition organization, and can use these backup files to automatically re-create many of the objects in your new Integrator Free Plan organization.

Migrate your public OIN Integration

If you have an integration in the Okta Integration Network associated with your Okta Developer Edition organization, sign up for a new Integrator Free Plan organization and contact Developer Support to request that your integration be migrated to your new organization. Developer Support will link your new organization to your integration so that you can easily update it as needed.

If you have been working on an integration for the Okta Integration Network but it has not yet been accepted, you are responsible for migrating your work in progress from your Developer Edition organization to an Integrator Free plan organization.

Cutoff dates for OIN submissions

As of May 22, 2025, no new OIN integration submissions will be accepted from developer orgs. After May 22, you must use an Integrator Free Plan organization to submit OIN integrations.

If you have submitted an OIN integration from an Okta Developer Edition organization, it must be approved by June 9. Any submissions coming from Okta Developer Edition organizations that are still in Draft or In Review status on June 9 will be automatically rejected, and you will need to re-submit the same integration from an Integrator Free Plan organization.

Key dates Date What happens May 22, 2025 Okta Developer Edition organizations can no longer be created. Following the sign-up flow now creates an Integrator Free Plan organizations instead. New OIN submissions from Developer Edition organizations are no longer accepted. June 9, 2025 Draft and In Review OIN submissions from Okta Developer Edition organizations are automatically declined. Affected integrations must be re-submitted from an Integrator Free Plan organization. July 18, 2025 Okta Developer Edition organizations deactivation begins, and all Okta Developer Edition organizations are deactivated in batches over the following days Plan your migration now!

If you’ve used Okta Developer Edition organizations in the past, check now to see if any contain configurations that you’d like to keep. You can check whether you have an organization by checking your password manager for credentials saved on the login page, or searching your email for a welcome message from <noreply@test-account.dev>.

If you have any questions, don’t hesitate to contact us in the comments below.

Should you build or buy a CDN? Learn the pros and cons of building vs. using CDN services for your global network infrastructure. Make the right choice for your business.

The post Modernizing Healthcare IAM: From Legacy Pain Points to Unified Identity appeared first on Radiant Logic.

Holochain Core & Networking: Since the last Dev Pulse, we’ve published the first three releases of Holochain 0.5 with our new networking engine Kitsune2. While the focus of this release was network reliability, the improvements we’ve made will mostly be felt as dramatically better DHT performance. In our tests, and tests in the field, it shows shorter and more consistent syncing times for DHT data. CPU usage appears to have decreased significantly as well. One of the team is calling it “a good step forward for Holochain”.

There is a new behavior with Kitsune2 and performance enhancement. When a new node joins a network, there’ll be a time of initial DHT synchronization, during which they won’t immediately get any new data published by their peers since they joined. This is because they haven’t advertised themselves as full-arc nodes yet and so won’t be targeted for publishing to. But once they’ve synchronized with the other peers, it “goes like blazes and data just appears like it was authored locally”, in the words of a team member. So new users should still expect data to sync slowly for the first few minutes; this is normal.

It’ll still be a bit before we recommend that app developers update their projects to Holochain 0.5 — we’re seeing some connectivity issues which we believe we’ve identified as a simple misconfiguration which we’ll correct, test, and hopefully release soon. We also still need to update the scaffolding tool. If you’re brave and want to get a head start on an existing app, you can read the 0.5 upgrade guide.

In the Holochain 0.6 development line, the team is investigating bottlenecks in the conductor runtime. They’ve already addressed one long-standing issue of degrading performance as source chains grow — we’re now seeing a 30-40% improvement in ad-hoc dev testing, with possibly more improvements to come.

Testing: All of the test scenarios in Holochain 0.4 have been converted from our older TryCP-based scale testing framework to Wind Tunnel , and we’re now in the process of updating them for Holochain 0.5, as well as streamlining the process for deploying Wind Tunnel client nodes with Nomad. Dev team members are setting up test machines all around the world, and we’re looking at options for increasing the number of test machines.

Dev Docs: Lastly, we’ve published some new documentation in the Build Guide:

Working With Data: Validation Receipts Host API Host API: Cell Introspection Host API: Cryptography Functions Host API: Miscellaneous Host Functions Validation: must_get_* Host Functions Validation: DHT Operations (an advanced guide)

In the first release of 2025 we have improved log correlation, adding both a Session and Correlation identifier. These additions enable more effective log correlation, making it easier to trace the full flow of authentication and related events across both audit and diagnostic logs. Links to specific documentation for this logging improvement can be found in the release notes. As always, we aim to improve a wide array of items and make corrections to simplify the use of the Identity Platform. These are shown in detail from the release notes.  

For our long-standing customers, we are working to release updates to a number of SSO service modules.  These are external elements which ease configuration or use of SSO within Identity Platform. Our IDaaS service naturally receives these updates as they are available, however, if you have a premises-based installation, we would ask you to open a Service Desk ticket to request the updated code for these external to SSO modules. We would also like to point out that the modules have only been tested on SSO 9.6.0 found within this IDS 2025.1 release of Identity Platform, so would encourage you to update your Identity Platform prior to updating the modules. If you have any questions, Operations is happy to help.   

As with all software, Ubisecure would like to encourage you to upgrade your Identity Platform in a timely manner. Please contact your Integration Partner or Ubisecure Account Representative with any questions. Ubisecure encourages all customers to review and schedule service upgrade to this latest release. Bringing system flexibility, security, and new features to ensure the best user experience possible for your businesses is our goal.  

For full details over the IDS 2025.1 release, please review the Release Notes and System Recommendations pages found on our Developer Portal.  

The post IDS 2025.1, Audit and Diagnostic Log Enhancements appeared first on Ubisecure Digital Identity Management.

Across private conversations with CISOs, CIOs, and heads of HR and identity, one issue continues to emerge as both urgent and unresolved: fake IT workers infiltrating enterprise environments under false or stolen identities.

In many of these discussions, leaders admitted they’ve seen this problem up close, or know someone who has. Fake hires can linger undetected for months, perform well enough to avoid scrutiny, and quietly gain access to sensitive systems. Whether the goal is financial fraud, IP theft, or funding a foreign regime, the result is always dangerous: critical systems are compromised, trust is shattered, and the organization is left exposed.

One of the most pressing challenges isn’t just how these bad actors get in, but who is responsible for stopping them. HR teams oversee hiring, but often lack the tools for candidate verification beyond background checks. Security and IT teams are concerned about post-hire access and risk, but don’t own the onboarding funnel. The result? Confusion, finger-pointing, and growing vulnerability.

Below I unpack four key insights from ongoing conversations with enterprise leaders who are trying to get ahead of this threat. If you’re in HR, IT, or security, these perspectives may sound familiar, and they offer a path toward better collaboration and stronger safeguards.

1. Employee Impersonation Has Become a Board-Level Concern

Executive leadership teams and boards of directors are no longer in the dark, directors are now demanding identity verification. High-profile media coverage in The Wall Street Journal, Fortune, and other outlets has accelerated awareness and pressure. Directors are asking CIOs, CISOs, and HR leaders direct questions:

Could this happen to us? Have we already been compromised? What safeguards are in place?

For companies in highly regulated industries such as finance, healthcare, and defense, the scrutiny is even more intense. While some board members have suggested drastic measures, like requiring all new hires to verify their identity in person, most executives acknowledge that this alone won’t solve the problem. A more sustainable, digital-first strategy is needed.

2. Who Owns Employee Identity Verification? Solving Accountability Gaps Across HR, IT, and Security

One of the most persistent issues? Nobody agrees on who owns the employee impersonation problem.

Is it HR, responsible for hiring and onboarding? Is it IT, responsible for managing account access? Is it Security, who typically handles insider threats? Or is it Legal or Compliance, given the regulatory exposure?

The result is organizational paralysis, with each department assuming someone else is responsible, no one takes ownership, and the risk continues to grow unchecked. Some companies assign ownership to HR ops, only to discover their background check tools aren’t built for identity verification at scale. Others lean on security or insider threat teams, who are already overwhelmed and reluctant to take on additional responsibility without a clear mandate.

The most successful organizations tackling this issue have one thing in common: collaborative, cross-functional alignment across HR, IT, and security, often driven by a central identity security program.

3. Manual Identity Checks Can’t Stop Fake IT Workers: Why Traditional Onboarding Is Failing

When detection fails, prevention becomes a guessing game. Unfortunately, many companies are relying on labor-intensive, manual processes that don’t scale and are easy to bypass:

Video-based interviews and onboarding: Helpful, but increasingly vulnerable to deepfakes. In-person onboarding: Logistically difficult and only effective if the individual remains in the role. Laptop shipping verification: Foiled when attackers use “mules” or remote access post-delivery. Always-on video during virtual meetings: Easy to fake, hard to enforce. Behavior-based 2FA triggers: Ineffective if the attacker already has valid credentials.

Worse still, many adversaries are using stolen identities purchased on the dark web or leveraging GenAI to create fraudulent documents that pass background checks. The impersonation problem is outpacing traditional onboarding controls.

4. How Global Worker Impersonation Goes Undetected

While North Korean infiltration garners headlines due to FBI intervention, similar incidents are happening globally. Attackers from Eastern Europe, Southeast Asia, and other regions are using identical playbooks.

There’s also a related phenomenon gaining steam: job stacking, where one person holds multiple jobs under a single identity, often outsourcing tasks to others for profit. These schemes can fly under the radar for months and result in confidential data being shared with unauthorized third parties.

Many security teams remain reactive, addressing these issues only after something suspicious surfaces. Given that some experts estimate over 500,000 impersonators may be employed by U.S. organizations today, this approach is no longer tenable.

6 Actions CIOs and CISOs Can Take to Prevent Employee Impersonation Reverify All Identities Using Multi-Factor Signals 
Conduct a phased identity verification process using device checks, location data, government ID scans, and manager attestation. Move beyond one-time checks. Make Identity Security an Ongoing Priority
Identity assurance isn’t a one-and-done task. Apply Zero Trust principles to continuously verify the human behind the login. Scrutinize Third Parties and Contractors
Treat contractors and gig workers with the same rigor as full-time staff. Consider biweekly or monthly identity reverification cadences. Bridge the Gap Between HR, IT, and Security
Establish shared KPIs and workflows across departments to ensure no gaps in accountability exist. Leverage Existing Security Tools for Continuous Verification
Correlate identity assurance signals from IDPs, EDR tools, and network monitoring systems to flag suspicious behavior. Report Incidents and Collaborate with Industry Peers
Engage with communities like FS-ISAC and share learnings. Open dialogue is critical to closing industry-wide gaps. Why Continuous Employee Verification Is Now Essential

Impersonation-based attacks are no longer rare, and they’re not going away. These threats are stealthy, scalable, and extremely difficult to detect using traditional HR or IT processes alone.

The only path forward is one built on continuous identity verification, from day zero through every access point of the employee lifecycle. At HYPR, we believe trust must be earned continuously, not just at the time of hire.

To learn more about how HYPR’s Identity Assurance platform can help your organization verify who’s really on the other side of the screen, explore our solution here.

 

Hey folks 👋

Time for the latest from Kin, as usual.

We’ve been working hard on big fixes and new features for Kin, and have more to share with you today.

And, like always, read to the end to find this week’s super prompt.

What’s new with Kin 🚀

Our dev team has been busy with the immense Voice Chat feedback from both iOS and Android users, and squashing bugs wherever they find them.

Still, they’ve found the time for something new…

Bring old Journal entries into the future 🕖🔥

As requested, you can now control the date Kin records as the creation of a Journal entry.

This means that if you want to import journal entries from notebooks or other apps, you’ll be able to give Kin a full understanding of your personal timeline much easier.

Your Journal, your way 🤔📓

We’re still very much interested in hearing about what you’re all doing with our Journal feature, and what you’d like to see from it.

Got something to tell us? Suggest an improvement using the ‘suggest improvement’ button from the support section of the main menu.

If you’d like more of a conversation about the feature, you can drop a suggestion in the '#ideas’ channel of our Discord instead.

You can even reach out to one of our team members, Clara, on Discord, and have a one-on-one conversation with her on what you like and what you’d like to see!

Our current reads 📚

Article: Sam Altman discusses AI competitiveness in court
READ - Tech Policy Press

Paper: Scaling On-Device GPU Inference for Large Generative Models
READ - arXiv

Article: Perplexity AI experimenting with ads on its platform
READ: Tech Crunch

Article: OpenAI to retain its non-profit control and direction
READ: Reuters

Our online vibe ✨

Go here to check out one of our latest videos that’s starting conversations about how to have the difficult conversations you need to get the things you want.

This week’s super prompt 🤖

“Who do I want to be?”

‍Quiz me to about what I want from life, based on the concept of Ikigai. Use my answers to explore how my life matches my answers, and how I can improve that - all in simple, relatable language.

If you have Kin installed and updated to the latest version (0.3.15), click the link below to get some help learning about your approach to empathy.

As a reminder, you can do this on both Android and iOS.

Open Prompt in Kin

Keep sharing your thoughts 💡

Your feedback has been shaping Kin immeasurably.

We’d like to keep things that way.

So, if you’ve got anything to say to us - good or bad - we want to hear it.

Just reply to this email, ping us in Discord…

Or take a screenshot and report it in-app 💬

Thanks for believing in Kin, and helping us build ethical, personal AI.

With you, we’re able to contribute to the future AI is meant to have.

Until next time,

The KIN team

‍