Company Feeds | Identosphere Blogcatcher

Traditional meets decentralized finance in our next-generation, 3-factor authentication digital identity solution. Powered by Verifiable Credentials, authenticated biometrics, and real-time database validation, this innovation provides the assurance needed for safe international asset transactions, and truly establishes seamless and secure cross-border asset flows.

By Trevor Butterworth and Jake West

SEATTLE — Today, Indicio and Black Mountain Investment Group (“BMIG”) announced a strategic partnership to revolutionize KYC and identity verification processes for the financial and legal industries. 

This partnership combines Indicio’s market-leading decentralized identity and authenticated biometric technology with Black Mountain’s expertise in business solutions to create a much-needed bridge between traditional and decentralized finance that delivers scalable, fraud-resistant technologies for institutions operating in increasingly global and regulated markets.

Global regulatory changes are accelerating growth in the cross-border asset ecosystem and fueling the evolution of decentralized finance (DeFi). Indicio and Black Mountain have developed proprietary technology that allows for a new, decentralized approach to verify investor, institution, and asset identities. This KYC is critical to scaling transactions in secure, fraud-resistant, and compliant ways. 

Indicio developed the most powerful decentralized digital identity solution in the marketplace by incorporating authenticated biometrics in Verifiable Credentials trust-anchored to a blockchain with real encryption. This significantly increases the level of identity assurance for remote onboarding, KYC, and digital transactions- which can now be performed more rapidly and reliably than ever before by investors and institutions through the use of this technology. 

“Indicio has developed an architectural approach to digital identity that meets the rapidly evolving needs of conventional and decentralized finance around KYC, account access, and digital asset management,” said Heather Dahl, CEO of Indicio. “We’re really excited to work with Black Mountain Investment Group to advance secure, seamless, decentralized trust for global financial transactions.”

“Trusted digital identity verification is a serious catalyst for advancing the digital transformation of and unlocking liquidity in global finance,” remarks Elijah Levine, CEO of BMIG. “It’s all too often that you work with the biggest and best banks and exchanges and they still operate on outdated and cumbersome KYC verification standards that are also often restricted to US-based financial transactions. When we saw the work that Indicio has been doing with biometric authentication and tamper-proof digital credentials in travel, not only did we want to invest immediately in their main business, but we also recognized that their tech is shockingly translatable to the finance industry. 

“We see a path towards rapid scale and believe that this technology should be implemented immediately across the biggest and best institutions in global finance for their own internal protection and liability purposes, outside of the efficiencies and liquidity that will be immediately unlocked. This partnership is centered around delivering innovative solutions that integrate the very latest technology into the rapidly expanding market of secure, privacy-preserving global asset transfers.”

About Indicio

Indicio is a global leader in Verifiable Credentials, decentralized identity, and digital trust infrastructure. From powering national identity pilots to enabling seamless international travel, Indicio helps governments and businesses build data and identity systems that are secure, privacy-preserving, and interoperable across borders and industries.

About Black Mountain Investment Group

Black Mountain Investment Group (“BMIG”) is a technology-driven back-office platform and entrepreneurial ecosystem designed to power the next generation of funds and businesses. BMIG provides operational support, strategic insight, and scalable infrastructure, empowering organizations to navigate growth and innovation at the intersection of traditional and decentralized finance.

The post Indicio and Black Mountain Investment Group Partner to Modernize KYC and Digital Identity Verification for Exchanges, Banks, and Law Firms appeared first on Indicio.

The United States has taken a major step forward in its quest to become the global leader in cryptoasset innovation following the signing of landmark legislation on stablecoins and advancement of a separate bill to regulate crypto markets more broadly.

“Much like ‘the cloud’ (really just someone else’s computer) or ‘the superhighway’ (I never have figured that one out), the metaphor of a ‘wallet’ has become a convenient shorthand for a tangle of technical, policy, and usability decisions.”

But as we keep building out digital identity ecosystems, complete with verifiable credentials, identity wallets, and cross-jurisdictional trust models, I want to ask:

Is the metaphor still helping us? Or is it time to kill the wallet?

(Apologies to everyone who suddenly got stuck with a Bugs Bunny earworm.)

A Digital Identity Digest Kill the Wallet? Rethinking the Metaphors Behind Digital Identity Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:08:46 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

Why metaphors matter

Basically, a digital wallet is a secure container for digital credentials. But metaphors are powerful: They shape user expectations, influence system design, and carry emotional and cultural baggage.

Say “wallet,” and people conjure different things:

A tap-to-pay credit card or mobile payment app A driver’s license or ID holder A catch-all pouch for everything from boarding passes to coffee shop punch cards to loyalty cards

This matters because the assumptions baked into that metaphor directly affect how systems are designed and how people trust (or don’t) them.

One word, too many meanings

Consider Google Wallet. It assumes it can store just about anything, provided protocols and formats are supported. Apple Wallet is similarly broad in scope but imposes a more curated, policy-heavy experience; credentials often go through approval workflows, and Apple maintains tight control over what gets displayed.

Then you have purpose-built wallets like the SIROS Foundation’s wwWallet, which explicitly aim for neutrality and open standards. In that case, “wallet” is just the delivery mechanism: Credentials come from many issuers, and the wallet doesn’t try to second-guess the user’s intent.

So far, so good. But many users still assume they’ll only need one wallet. After all, they only carry one physical one, right?

Well… not exactly.

Surprise: you’re already carrying multiple wallets

A growing number of users already interact with multiple wallet-like experiences; they just don’t recognize them as such.

Take a gym app with a scannable membership barcode. That’s not a digital wallet; it’s just displaying an unprotected credential. But a university app that stores a student ID, enables cryptographic access to campus systems, or lets students securely share transcripts? That’s starting to behave like a wallet. These apps issue, hold, and present credentials, but often without using open standards, secure storage mechanisms, or user-centric consent flows. In practice, they’re wallet-adjacent without meeting the formal definitions found in standards like ISO/IEC 18013-5 or NIST guidance.

This distinction matters when issuers or verifiers only trust credentials handled within their own apps. If every organization builds its own closed-loop container, users end up juggling multiple apps that can’t talk to each other. That may be good for organizational control, but it’s bad for user experience, portability, and interoperability.

To make sense of this ambiguity, researchers Lukkiena, de Reuver, and Bharosa offer a taxonomy of digital wallets that identifies 10 core characteristics across three levels: wallet architecture, functional capabilities, and governance model. (Thanks, Henk Marsman, for pointing me to this article!) For example, wallets can be custodial or self-sovereign, anchored to a specific platform or OS-agnostic, and focused on narrow single-issuer use cases or broader cross-domain ecosystems. Their conclusion? There’s no universal definition of “wallet,” and that’s a problem when different actors use the same word but mean fundamentally different things. When it takes this much effort to explain what we mean by “wallet,” maybe it’s time to admit the metaphor is no longer fit for purpose.

Who controls permission and consent?

The wallet metaphor also glosses over deeper architectural questions like who’s in charge of permission and consent.

When you hand someone your physical wallet, no pop-up asks if you’re sure. You’ve already decided what to share. Digital systems, though, are expected to do better. They support selective disclosure (I hope), enforce access policies, and (ideally) prompt you when data is about to be shared.

But when the wallet is mediated by a browser or embedded in a platform you don’t control, who’s responsible for enforcing that consent? The wallet? The issuer? The verifier? The browser? Even people deeply involved don’t agree on the answers here.

The NIST blog on digital wallets offers a definition, and that definition sets the stage for various assumptions:

“A digital wallet is a native application on your mobile device—though in the future, may also be stored in the cloud—that holds and secures your VDCs… Depending on the entity issuing the VDC, users may need to download a wallet application supported by the credential issuer before a VDC can be issued to their phone.”

This is useful, but it also normalizes a model where wallets are tied to issuers, not users. If every credential needs its own issuer-approved container, we’re not talking about wallets anymore. We’re talking about app-specific credential lockers. That’s a very different interaction model and one that may undermine user control.

When regulation and design don’t talk to each other

In Europe, things get even murkier. The EU’s data protection frameworks (GDPR, eIDAS 2.0) layer in consent requirements that assume a clear user interface and intentional disclosure. A 2023 study published in the Harvard Journal of Law & Technology, however, highlighted just how far the actual UX has drifted from those principles.

In “Two Worlds Apart! Closing the Gap Between Regulating EU Consent and User Studies,” researchers Bielova, Santos, and Gray examined real consent flows and found a minefield of “dark patterns” and manipulation. Decline buttons are hidden or misleading, options are presented in confusing hierarchies, and “Accept All” is given visual prominence over granular choices.

If we’re now building digital wallets that insert themselves into this consent process, we have to ask: are we replicating these same patterns? Are we genuinely improving user control or just rebranding old manipulations?

Designing for privacy: lessons from Kantara

The Kantara Initiative’s Privacy-Enhancing Mobile Credentials (PEMC) Implementers Report offers a different and possibly more practical perspective. It doesn’t try to define “wallet” from a metaphorical standpoint. Instead, it focuses on capabilities that put the user back in charge:

“The wallet SHALL be designed to facilitate user understanding and control over what data is being shared and for what purpose. User consent SHALL be explicit, contextual, and revocable.”

That’s a higher bar than most current systems hit.

The report also stresses the importance of:

Purpose limitation: credentials should only be used for clearly defined, disclosed functions. Transparency and auditability: users should be able to review where and how credentials have been used. User-managed permissions: ideally, from a central UI that lets users adjust sharing policies without reissuing credentials.

These aren’t just checkboxes for compliance. They’re structural features that define trust. If your “wallet” can’t support these requirements, maybe it shouldn’t call itself one.

So… do we kill the wallet?

Maybe. Or maybe we reframe it.

The wallet metaphor has done a lot of work. It helped early adopters wrap their heads around verifiable credentials. It gave vendors a way to pitch new apps without diving into crypto protocols.

But now, it’s showing its limitations.

It implies singularity, when reality demands multiplicity. It collapses trust boundaries, hiding the difference between issuer-owned and user-controlled containers. It blurs accountability, especially when it comes to consent and user agency. And it distracts regulators, who often assume the metaphor aligns with actual practice.

If we’re serious about building systems that scale, interoperate, and respect users, we may need to put the metaphor on pause. Maybe even kill it.

Or at least, give it a long-overdue retirement party.

Bonus question: Got a better metaphor?

I’m genuinely curious: What should we call these things? If “wallet” is too narrow, too payment-focused, or just too confusing, what’s the alternative?

Inbox? Locker? Credential safe? Something new entirely? Or is the ambiguity still worthwhile for a reason I’m missing?

Drop me a note. I promise not to brand it.

Want to stay updated when a new post comes out? I write about digital identity and related standards—because someone has to keep track of all this! Subscribe to get a notification when new blog posts and their audioblog counterparts go live. No spam, just announcements of new posts. [Subscribe here] 

Transcript

00:00:04
Welcome to the Digital Identity Digest, the audio companion to the blog at Spherical Cow Consulting. I’m Heather Flanagan, and every week I break down interesting topics in the field of digital identity—from credentials and standards to browser weirdness and policy twists.

If you work with digital identity but don’t have time to follow every specification or hype cycle, you’re in the right place.

00:00:26
Let’s get into it.

Why Do We Call It a Wallet?

00:00:30
So, have you ever stopped to wonder: why do we call it a wallet?

In digital identity, the term wallet has become so common that we don’t even think twice about it—much like the cloud (air quotes intended), which, as we know, is really just someone else’s computer.

The wallet metaphor has served as convenient shorthand. It wraps up a lot of complex technical, policy, and usability decisions into a single image that feels familiar.

But is it still serving us well? Or is it time to—dare we say—kill the wallet?

And yes, if you’re now hearing Elmer Fudd singing “Kill da Wabbit,” you’re not alone. It’s stuck in my head too.

Why Metaphors Matter

00:01:15
Metaphors help make the abstract more tangible. In digital identity, a wallet conjures up something:

Personal Portable Secure That holds important things we don’t want to lose

In theory, a digital wallet does exactly that—a secure container for digital credentials.

00:01:34
However, there’s a catch.

Metaphors don’t just explain things—they shape them. They guide system design and influence both user and architect expectations.

And when a metaphor starts to mislead or restrict what’s possible, it’s time to reconsider it.

What Are We Really Talking About?

00:01:54
When we say wallet, what are we actually describing?

Sometimes, we mean a secure application that stores and presents digital credentials. But other times, we’re referring to:

A whole service ecosystem Trust registries Credential exchanges Key management systems

00:02:18
This ambiguity creates confusion.

If you imagine a wallet as an app that lives only on your phone, you might not expect it to:

Sync across devices Backup to the cloud Integrate with browsers

So, the metaphor starts to limit understanding rather than enhance it.

Physical Wallets vs. Digital Identity

00:02:45
Think about your real wallet. You might carry:

Credit cards A driver’s license A photo of your dog Maybe some cash (if you’re feeling nostalgic)

But your work ID might live on a badge you scan at the door.
Your passport is likely in a drawer.
Your vaccine certificate might be in an email or government portal.

00:03:06
Each credential lives in a different place and serves a different function. Yet digital credentials are expected to behave as a single type—all handled the same way.

That’s a problem.

The wallet metaphor reinforces the idea that if you control something, you must physically possess it. But that’s not how real life—or digital systems—work.

Delegation and Flexibility

00:03:32
We delegate trust and control all the time.

Browsers remember our passwords Apps access our photos Others pick up prescriptions or check in for us

00:03:44
Digital identity must support this same flexibility—not just theoretically, but by design.

If the wallet metaphor implies identity is always something you carry and only you carry, it fails to reflect:

Delegation Guardianship Enterprise-managed credentials

Sometimes, you don’t need to carry the credential—you just need to control access to it.

Trust, Adoption, and Governance

00:04:12
Another problem: the wallet metaphor implies that once you have your credentials, you’re done.

But really, that’s just the beginning.

For a credential to matter:

It must be accepted It must be verifiable It must be trusted

00:04:30
This brings us to:

Trust registries Governance frameworks Interoperability standards

None of these live inside the wallet. Yet without them, the wallet is just a lonely app with nowhere to go.

Who Are We Building For?

00:04:50
Are we building for everyday users—or for people like us?

The danger in sticking too closely to the wallet metaphor is that we end up designing for:

Tech-savvy users Privacy-conscious individuals People willing to manage keys and credentials

00:05:08
But most users aren’t in that space. They just want things to work.

They want identity to be seamless—not a side project.
And they certainly don’t want to be blamed for losing access when their private key is wiped in a phone reset—or dropped in a beer.

Rethinking Security and Usability

00:05:32
We need to stop designing for the metaphor. People aren’t all ready to manage their own cryptographic infrastructure—and that’s okay.

Security isn’t one-size-fits-all. Usability isn’t either.

There are cases where:

Cloud-based key management offers better recovery options Delegation to trusted devices boosts usability Giving users a choice increases adoption

We shouldn’t cling to the idea that the most secure option is always the only secure option.

Do We Kill the Wallet?

00:06:08
Not necessarily.

The wallet metaphor has brought us this far. It’s familiar, useful, and still works in many settings.

But we should be:

More careful in how we use it Clearer about what we mean Open to other metaphors—or better yet, clearer explanations

00:06:30
Maybe it’s time for:

Identity lockers Digital toolboxes Credential dashboards

Or maybe it’s time to explain what these systems actually do—without relying on metaphor at all.

Language Matters

00:06:48
The user brings their own context. That’s who we’re building for.

So:

In specs: our language must be crystal clear For users: our explanations must be accurate and inclusive

We may need a whole basket of metaphors, not just one.

Wrapping Up

00:07:12
As always, if you have questions or want to dive deeper, visit the written blog. I’d love to hear your thoughts.

Thanks for listening.

00:07:22
That’s it for this week’s episode of the Digital Identity Digest. If this made things a little clearer—or at least more interesting—please share it with a friend or colleague.

Let’s keep the conversation going.

Connect with me on LinkedIn @hlflanagan and don’t forget to subscribe and leave a review on Apple Podcasts or wherever you listen.

You’ll find the full written post at sphericalcowconsulting.com.

Stay curious, stay engaged—and I’ll talk to you next time.

The post Kill the Wallet? Rethinking the Metaphors Behind Digital Identity appeared first on Spherical Cow Consulting.

As FINTRAC and provincial law societies tighten client identification rules, Canadian law firms must adopt smarter KYC practices. This article explores how legal professionals can implement modern CIP workflows using privacy-first identity verification that aligns with both AML obligations and solicitor-client privilege.

Legal professionals in Canada face a growing tension: How can they meet expanding anti-money laundering (AML) and client identification obligations without compromising client confidentiality or introducing unnecessary administrative burden?

This challenge has come into sharp focus as FINTRAC increases its oversight of designated non-financial businesses and professions (DNFBPs), and as law societies across Canada revise their regulatory frameworks to align with national AML strategies. The result? Law firms are now squarely in the sights of regulators—and must update their Client Identification Procedures (CIP) accordingly.

What’s Changing for Legal KYC in Canada

Since 2022, Canadian legal regulators have progressively strengthened requirements for:

Verifying client identity using independent, reliable documents or information Recording beneficial ownership and third-party relationships Monitoring ongoing client relationships and source of funds Reporting suspicious transactions under FINTRAC guidelines

For firms engaged in real estate, corporate structuring, or trust administration, the burden is even greater. These services have been linked to elevated money laundering risk in recent typologies published by both FINTRAC and the Cullen Commission.

Why Traditional KYC Doesn’t Work for Law Firms

Many legal practices still rely on paper-based intake forms, manual document review, or ad hoc third-party services. These approaches often fall short because they:

Lack defensible audit trails for regulators Introduce delay and friction for clients Risk privacy breaches when data is shared with cloud vendors or external processors Fail to flag beneficial ownership complexity or risk indicators in real time The iComply Advantage: Legal-Grade KYC with Built-In Privacy

iComply helps Canadian law firms modernize KYC and CIP with a secure, configurable platform that respects both privacy and compliance.

1. On-Device Identity Verification Clients upload documents and biometrics directly through a white-labeled portal Verification occurs on-device using edge computing—PII is encrypted before transmission Reduces reliance on international cloud vendors or external processors 2. Real-Time Beneficial Ownership Discovery Automatically map directors, shareholders, and UBOs of legal entities Screen individuals and entities against sanctions and PEP lists Apply firm-specific thresholds for EDD or review 3. Custom CIP Workflows Configure intake flows based on practice area (e.g., real estate vs litigation) Trigger additional reviews based on client type, geography, or structure Maintain full audit logs for internal review and law society compliance 4. Privacy by Design Full data residency in Canada Compliance with PIPEDA, provincial privacy laws, and solicitor-client privilege Consent management and data retention controls Case Insight: Boutique Law Firm in Ontario

A three-partner corporate law firm adopted iComply to streamline CIP for incorporations and real estate closings. The firm:

Reduced KYC admin time by 70% Enhanced its ability to detect complex beneficial ownership structures Passed a Law Society of Ontario audit with commendation for data handling and audit readiness What to Watch in 2025 Law Society Reviews: Expect more frequent spot audits and policy compliance reviews Digital Identity Integration: Provinces like BC and Ontario are hoping to expand digital ID adoption Cross-Border Practice Implications: U.S. and EU data protection rules may affect multi-jurisdictional practices Take Action

Law firms that delay compliance modernization face increasing audit risk and reputational exposure. But those that lead with privacy-first, intelligent KYC can turn compliance into a competitive advantage.

Connect with iComply to see how we support Canadian law firms with audit-ready KYC tools that respect both client trust and evolving regulatory demands.

In today’s digital age, the desire to stream your favorite films without breaking the bank is more prevalent than ever. With countless options promising access to a vast cinematic library, finding reliable and safe movie sites for free can be a challenge. At Herond, we understand the thrill of discovering new movies and re-watching classics from the comfort of your home. This guide cuts through the noise, offering you a curated list of the top platforms where you can enjoy high-quality entertainment. Get ready to transform your viewing experience, absolutely free!

Why Choose Free Movie Streaming Sites? Reasons to Stream Free Movies

Knowing about movie sites for free offers significant advantages, primarily cost-saving by providing endless entertainment without subscription fees. Users gain access to diverse genres, from blockbusters to indie films, expanding their cinematic horizons. The sheer convenience means films are available on demand, fitting perfectly into any schedule for casual viewers without the need for rentals or theater visits, making entertainment effortlessly accessible.

Target Audience Appeal

Movie sites for free particularly appeal to specific demographics. They are perfect for students and budget-conscious users seeking entertainment without additional financial strain. These platforms also attract those exploring new films, independent cinema, or foreign language movies, offering a risk-free way to discover content before committing to paid services or purchases. They truly democratize access to a vast world of cinematic experiences.

Top Movie Sites for Free Site 1: Tubi TV Description

Tubi TV is a leading free, ad-supported streaming service offering thousands of movies and TV shows across diverse genres. It’s a comprehensive, no-cost option to stream your favorite films, known for its user-friendly interface and wide device compatibility, ensuring an accessible viewing experience.

Features Completely free and legal streaming. Provides diverse genres of content. Available on multiple devices for flexible viewing. Pros and Cons of Tubi TV Pros: No subscription needed, extensive content library. Cons: Limited new releases compared to paid services. Site 2: Crackle Description

Crackle is another excellent option among movie sites for free, offering a diverse collection of movies and a growing library of original content. It provides a unique mix of classic films, B-movies, and exclusive series that you won’t find on other platforms. For those looking to stream your favorite films without a subscription, Crackle presents a compelling and constantly updated selection.

Features No sign-up required in some regions for immediate access. Content is ad-supported. Pros/Cons Pros: Decent selection of films and exclusive original series. Cons: Ads can be intrusive during playback. Site 3: Pluto TV Description

Pluto TV stands out among movie sites for free by offering a unique blend of on-demand movies and a vast selection of live TV channels, mimicking a traditional cable experience without the cost. Acquired by Paramount Global, it provides an extensive and continuously updated library. This makes it an excellent choice for those looking to stream their favorite films alongside curated live programming, all accessible for free.

Features Completely free and legal. Features a user-friendly interface, often resembling a TV guide. Provides hundreds of live, curated channels in addition to its on-demand library. Pros/Cons Pros: Wide variety of content, including both on-demand films and diverse live channels. Cons: Limited control over live content (cannot pause, rewind, or fast-forward). Site 4: Kanopy Description

Kanopy offers free, ad-free access to critically acclaimed films, documentaries, and educational content. This service is available to library cardholders and university students, focusing on thoughtful cinema rather than mainstream entertainment.

Features Offers high-quality films with no ads. Strong emphasis on educational content, independent films, and world cinema. Pros/Cons Pros: Access to a unique, ad-free library of thought-provoking content. Cons: Requires library or university access, limiting universal availability; not for mainstream blockbusters or the latest Hollywood releases. Site 5: Popcornflix Description

Popcornflix remains a strong contender among movie sites for free, particularly for fans of indie films and classics. It offers a vast, curated library (formerly owned by Screen Media Ventures, now under new ownership as of March 2025) of cult favorites and timeless classics. It’s an excellent, no-cost destination for those seeking to stream your favorite films with a unique cinematic flavor beyond mainstream blockbusters.

Features No subscription required; entirely free and ad-supported. Available on both mobile and desktop devices for flexible viewing. Pros/Cons Pros: Very easy to use interface for quick access to content. Cons: Limited new releases; primarily features older or independent titles. Tips for Safe and Optimal Streaming Use Trusted Sites

When exploring Top 10 Movie Sites for Free, it’s crucial to stick to legal platforms to safeguard yourself from malware, viruses, and potential legal issues. Reputable free streaming sites acquire content through legitimate licensing, ensuring a safer viewing experience compared to illicit alternatives that often host malicious ads or even direct malware downloads. Always prioritize your digital security by verifying a site’s credibility before streaming.

Enable VPN

To enhance your privacy and bypass geo-restrictions on certain movie sites for free, it’s highly recommended to enable a VPN like NordVPN or ExpressVPN. A Virtual Private Network encrypts your internet connection and masks your IP address, making your online activity more private. This not only adds a layer of security against data monitoring but can also allow you to access content that might otherwise be unavailable in your region due to licensing agreements.

Check Internet Speed

For a smooth and uninterrupted experience while you stream your favorite films, ensure you have a stable internet connection. Streaming movies, especially in higher resolutions, requires sufficient bandwidth to avoid constant buffering and pixelation. Before settling in for a film, a quick check of your internet speed can prevent frustration and guarantee that your movie night is enjoyable and seamless.

Ad Blockers

While ad blockers can significantly improve your experience on movie sites for free by removing intrusive advertisements, be aware that some platforms may not work with ad blockers enabled. Many free streaming services rely on ads for revenue, and they might detect and block users who have ad blockers active, preventing content from loading. Use them cautiously and be prepared to disable them for specific sites if you encounter playback issues.

Conclusion

Remember to prioritize your safety by sticking to trusted sites, considering a VPN for enhanced privacy, and ensuring a stable internet connection for optimal streaming. While some sites rely on ads, the trade-off is often worthwhile for the vast library of content at your fingertips. Embrace the world of free streaming and elevate your entertainment experience today!

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Top Movie Sites for Free – Stream Your Favorite Films appeared first on Herond Blog.

The post Top Movie Sites for Free – Stream Your Favorite Films appeared first on Herond Blog.

A man-in-the-middle attack relays a cross-device sign-in mechanism via a fake login site.

Ubisecure Appoints Tom Edwards as Executive Chair to Accelerate Growth in RegTech, Digital Identity and Compliance Markets

London, July 22nd, 2025 – Ubisecure, the European digital identity services provider and world’s largest issuer of Legal Entity Identifiers (LEI) through its RapidLEI service, today announced the appointment of Tom Edwards as the company’s Executive Chair, effective immediately. This strategic appointment marks the next chapter in the company’s RegTech evolution as it accelerates its growth in the global compliance and digital identity markets.

With a proven track record in scaling high-growth technology businesses, Mr Edwards brings deep expertise in corporate strategy, driving operational excellence, and enterprise go-to-market execution, particularly within regulated, compliance critical industries. He will work closely with Ubisecure’s leadership team to guide the company’s strategic direction, scale operations, and deepen relationships with global customers, partners and institutions.

“I’m excited to join Ubisecure at a pivotal moment of growth,” said Edwards. “Managing the opportunities presented in the RegTech market by Digital Identity, both Individual and Organisational, is essential in today’s landscape of expanding regulation, national identity initiatives, and ever rising fraud, especially in cross border transactions. The company is uniquely positioned to address some of the most pressing market challenges by enabling digital identity, to ensure regulatory compliance and foster digital trust. I look forward to working with the team as we accelerate innovation and expand across our markets.”

Mr Edwards previously held the COO and then CEO role at CubeLogic, an enterprise risk and compliance provider, where he scaled the business to double the revenue and the customer base during his leadership. He has also held leadership and advisory roles across fintech, reg-tech, and enterprise data infrastructure, bringing a strong track record of execution and growth in mission-critical technology environments.

“Tom’s appointment reflects Ubisecure’s ambition to maximise growth from our position as the world’s largest issuer of Legal Entity Identifiers (LEI) and one of Europe’s foremost Digital Identity service providers,” said Paul Tourret, Board Director, Ubisecure. “Tom’s insight and leadership will be instrumental as we build on our position as the global number one accredited LEI Issuer and continue delivering mission-critical Digital Identity enterprise solutions to the world’s most regulated industries.”

“We are delighted to welcome Tom as the new Executive Chair of Ubisecure,” said Paul Davidson, Partner, Octopus Ventures & Non-Executive Director, Ubisecure. “His extensive operational leadership and track record in scaling technology businesses make him the perfect addition to our team as we deliver on the growth opportunities across our core RegTech and Digital Identity solutions.”

Ubisecure’s suite of RegTech solutions helps enterprises and financial institutions solve key compliance, fraud and operational challenges by adopting a technology first approach to meet global regulations, reduce risk and deliver simplified governance.

The appointment follows a twelve-month period of positive momentum for Ubisecure, particularly within the LEI space including under its RapidLEI brand, and the onboarding of new major global banks as GLEIF Validation Agents – further strengthening its role in the global identity and RegTech ecosystem.

Find more information about Ubisecure & RapidLEI solutions at www.ubisecure.com and www.rapidlei.com

For media or investor inquiries, please contact Steve Waite, CMO, Ubisecure, press@ubisecure.com.

 

About Ubisecure and RapidLEI

Ubisecure is a European digital identity service provider, providing innovative identity and access management (IAM) and Legal Entity Identifier (LEI) solutions to enable secure, compliant digital business. Its RapidLEI service is the world’s largest LEI Issuer, delivering automated, API-enabled LEI registration and management to thousands of regulated firms, financial institutions, and identity providers worldwide.

As a RegTech innovator, RapidLEI helps organisations meet global compliance like DORA and FATF Recommendations, as well as enabling cross border trade by streamlining entity verification and Know Your Business (KYB) processes. Accredited since 2018 by the Global Legal Entity Identifier Foundation (GLEIF), RapidLEI empowers compliance teams with structured, regulated organisation identity data to reduce fraud, enhance transparency, and accelerate onboarding.

The post Appointment of Tom Edwards as new Executive Chair appeared first on Ubisecure Digital Identity Management.

Biometric Update reports that identity theft in the U.S. is evolving rapidly, driven by AI-powered fraud and increasingly sophisticated impersonation scams, according to the Identity Theft Resource Center's 2025 Trends in Identity Report.

Biometric Update reports that the U.S. Government Accountability Office has issued a sharp critique of the Social Security Administration for its continued failure to address critical cybersecurity and IT management shortcomings, leaving millions of Americans' personal data at risk.

Digital identity has become a critical element in how governments deliver services and prevent fraud, yet the U.S. still lacks a unified national strategy, according to Federal News Network.

Digital ID is already transforming how we move through the world. From faster airport check-ins to personalized hotel experiences, identity is becoming portable, private, and verifiable.

To explore what’s real, what’s next, and what identity organizations should be doing today, we hosted a live conversation with two people at the forefront of this shift. Annet Steenbergen, an advisor to the EU Digital Identity Wallet Consortium, shared insights from the large-scale pilots testing the EUDI Wallet across Europe. And Nick Price, CEO of Netsys and Co-Chair of the Decentralized Identity Foundation’s Travel & Hospitality Working Group, brought a global perspective from his real-world implementations of decentralized identity technologies.

Moderated by our CEO Nick Lambert, the session dug into how digital ID is being used right now, what’s still in development, and why the travel industry needs to start preparing for what’s coming.

Here are the key takeaways from that conversation.

Maintaining consumer trust while enforcing security standards is getting tougher -- and AI is complicating the situation.

Q: What can we expect once the HPP Mainnet goes live, especially with partners like Eigenlayer and Arbitrum?
The Mainnet is launching very soon. Boost will likely be the first project to go live on it. The vision is for HPP to become the preferred chain for AI-native projects — fast, scalable, and developer-friendly. Our partnerships with Eigenlayer, Arbitrum, and others are focused on ensuring high throughput and robust infrastructure.

Q: Is RWA something HPP is actively targeting?
Absolutely yes. As long as projects are legally compliant, HPP is open to supporting RWA use cases. We’re not putting artificial limits on what can be built — RWA is welcome if it fits within the framework.

Q: How will HPP impact enterprise chains and existing apps?
HPP is a public Layer 2 chain, which differs from Aergo’s earlier enterprise deployments. We’re building dev tools and working on integrations to make it easy for dApps to adopt HPP. The goal is to bring real usage into the ecosystem, not just testnet demos.

Q: How does HPP see the relationship between AI and blockchain?
We’re the infrastructure layer, not the app itself. Think of us like Microsoft Word — we’re not the author, but we empower the builder. We want HPP to be the default chain AI developers turn to when they need trust, traceability, and composability.

Q: Are you collaborating with top AI players or building your own stack?
Ideally both. We’re open to working with leading AI teams and also building internal tools and research capacity. At the end of the day, we want HPP to be on the shortlist when someone serious is looking to deploy AI on-chain.

Q: Could HPP be used as a Plan B during a global black swan financial event?
No, that’s not part of the discussion. We’re not in talks with banks or central authorities for that sort of thing, and we doubt most crypto projects are. It’s not what we’re focused on building.

Q: What do you think about the rise of “growth companions” (virtual AI friends)?
Technically? Not scary — they’re just better chatbots with memory. Socially? It’s more complex. There are risks (e.g. loneliness, mental health, even tragedy), but also huge potential for positive impact, especially in mental health and human connection. History shows that society tends to fear new tech at first — like it did with organ transplants — but those fears can give way to lasting good.

Q: Is there a direct collaboration between Blocko and Upleat on the Aergo mainnet?
Blocko built Aergo, but their stablecoin work with Upleat is separate from the public HPP Mainnet. They often fork Aergo tech for custom enterprise deployments, and we don’t expect this to run on our public chain. Also, we stay out of those talks to avoid conflicts of interest.

Q: How does Aergo see itself contributing to or differentiating from the broader AI x crypto movement, especially with the rise of ASI (Artificial Superintelligence) initiatives?
While we respect and support the ambition behind ASI, Aergo(HPP) is focused on a different layer of the stack. Rather than aiming to build superintelligence, we are designing the infrastructure layer that can be put into use in real life based on verifiable, decentralized coordination between AI agents, users, and protocols. Our focus is on practical, scalable systems that unlock near-term value. In short, we’re not just theorizing about AI’s role in the future. We’re shipping the infrastructure to support verifiable and economically active AI systems.

Final Wrap-Up The HPP Mainnet is nearly here. It will launch as a public mainnet once preparations are complete. For more details, check out the announcement (https://x.com/aergo_io/status/1946087643269521531) We’re building an AI-first, developer-ready L2 and want to be the chain that real builders choose. Community feedback continues to shape our direction.

[Aergo Talks #17] HPP Mainnet, AI, and the Evolving Ecosystem was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ever found a great image online you wished you could save? Whether it’s for a project, inspiration, or just for keeps, knowing how to download picture from website can be incredibly handy. This quick and easy guide from Herond will show you simple, effective ways to grab those images safely and efficiently, so you never miss out on a visual gem again.

Why Download Picture from Website? Common Use Cases for Downloading Pictures

Knowing how to download pictures from a website opens up a world of possibilities for your personal projects. You can easily create mood boards for design or decor, gathering visual inspiration from various sources. It’s also perfect for saving tutorials with step-by-step images, ensuring you have offline access when you need it most. Furthermore, you can effortlessly archive visuals for personal reference, building a library of images for hobbies, research, or future creative endeavors.

Benefits: Convenience, Creativity, and Offline Access

The benefits of knowing how to download picture from website are clear: convenience, creativity, and offline access. No more scrambling to find an image you saw online when you’re without the internet. You can collect inspiration anytime, anywhere, boosting your creative workflow. Plus, with a secure browser like Herond, you ensure these downloads are not only easy but also safe, protecting your device and privacy as you build your visual library.

Herond’s Advantage: Safe and Fast Browse

When you use Herond Browser, you gain a significant advantage in how to download picture from website. Herond is designed to block trackers and ads, which not only makes your browsing experience cleaner and faster, but also ensures enhanced security during image downloads. By preventing malicious scripts and intrusive ads, Herond helps you save images safely, without unwanted pop-ups or privacy concerns, making your visual archiving process seamless and protected.

Step-by-Step Guide to Download Picture from Website Step 1: Use Herond Browser for Safe Browse Recommend Herond Browser: Download Herond Browser at https://herond.org/. Benefits: Enjoy 3x faster page loading and robust tracker-blocking features for a secure browsing environment. Guide Users: Open your target website in Herond Browser for protected and efficient image downloading. Step 2: Identify and Right-Click the Image Locate & Select: To download pictures from a website, simply identify the image you want. On desktop, right-click on it; on mobile, long-press it. Save Option: From the context menu, select “Save Image As…” or “Download Image”. Herond’s Advantage: Herond’s intuitive interface makes this process seamless, ensuring quick and easy image saving without fuss. Step 3: Use Browser Developer Tools for Protected Images Access Developer Tools: To download pictures from a website that are “locked,” open Herond’s Developer Tools by pressing Ctrl + Shift + I (or Cmd + Option + I on Mac), or simply right-click anywhere and select “Inspect.” Locate Image URL: Navigate to the “Network” tab and filter by “Img” to see loaded images. Alternatively, check the “Elements” tab to inspect the page’s HTML for image links. Save Image: Once you find the image’s URL, right-click it and select “Open in new tab” to view the image directly, then right-click again to “Save Image As.” This method helps you bypass common restrictions. Step 4: Use Online Download Tools Suggest Trusted Tools: For bulk or restricted image downloads, consider online tools like Img2Go or DownloadGram. These can often bypass website limitations. Access via Herond: Always access these external tools through Herond Browser. Herond’s built-in ad and tracker blocking ensures a cleaner and safer experience when using third-party download services. Step 5: Take Screenshots as a Backup Utilize Screenshot Features: As a reliable backup method for how to download pictures from a website, use Herond Browser’s built-in screenshot feature, or your device’s native tools. For Windows, Snip & Sketch (Windows key + Shift + S) is great; on Mac, use Command + Shift + 4. Refine with Cropping: After capturing, use simple cropping tools to refine your screenshots, focusing only on the desired image area and eliminating unnecessary elements. This ensures you get a clean visual copy, even if direct downloading isn’t possible. Tips for Efficient and Safe Image Downloading with Herond Verify Image Sources

When learning how to download picture from website, always verify image sources to avoid malicious files. Before clicking download, quickly check the website’s credibility. Herond Browser actively helps by displaying site safety warnings, alerting you to potentially risky sites and adding an extra layer of protection against malware or unwanted downloads. This simple step can save you from significant security headaches.

Use VPN with Herond

For enhanced privacy while you download picture from website, consider combining Herond Browser with a VPN like NordVPN. While Herond already offers strong built-in protections, using a reputable VPN encrypts your connection and masks your IP address. This dual approach ensures your browser and downloading activities remain private and secure, especially when accessing various online sources for images.

Organize Downloads

To maintain an efficient workflow, organize your downloads by saving images in dedicated folders. Instead of letting downloaded pictures scatter across your default “Downloads” folder, create specific directories for different projects or categories. This practice makes it much easier to find and manage your visual assets later, ensuring that learning how to download picture from website also leads to a tidy and productive system.

Leverage Herond’s Speed

Finally, truly leverage Herond’s speed for a superior downloading experience. Herond’s remarkable 90% tracker-blocking capability significantly reduces the amount of data loaded by websites. This not only results in faster downloads of images but also provides an overall smoother browse experience. By minimizing background activity and intrusive elements, Herond ensures your focus remains on efficiently getting the images you need without lag or distractions.

Conclusion

Knowing how to download picture from website is a fundamental digital skill, empowering you to collect inspiration, save information, and build personal archives. This guide covered safe and effective methods, from simple right-clicks to leveraging developer tools and online services. Combining these techniques with Herond Browser’s built-in speed and security (like its formidable ad and tracker blocking) ensures a seamless, protected experience. Always remember to consider legal aspects, verify sources, and keep your downloads organized. With these quick tips, you’re ready to confidently and efficiently capture any image you need from the web, enhancing your projects and passions with ease.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Quick & Easy Guide to Download Picture from Website appeared first on Herond Blog.

The post Quick & Easy Guide to Download Picture from Website appeared first on Herond Blog.

Ready to dive into a world of incredible cinema? Apple TV is rapidly becoming a must-have streaming service, not just for its critically acclaimed original series, but also for its growing collection of top movies on Apple TV. From Hollywood blockbusters that demand your attention to captivating hidden gems waiting to be discovered, Apple TV+ offers a premium viewing experience for every film enthusiast. Get ready to find your next favorite movie, all in stunning quality and without interruptions.

Why Choose Apple TV for Movie Streaming? Why Choose Apple TV?

Apple TV stands out in the streaming landscape due to its commitment to high-quality 4K HDR streaming, delivering a visually stunning experience that brings movies and shows to life. A key draw is its library of exclusive originals, featuring critically acclaimed series and films not available anywhere else. Furthermore, Apple TV offers seamless integration with Apple devices, providing an intuitive and unified experience across your iPhone, iPad, and Mac, making it incredibly convenient to pick up where you left off, no matter the device.

Benefits: Enjoy Premium Entertainment with Apple TV Ad-Free Viewing: Enjoy uninterrupted and immersive entertainment without commercials. Curated Movie Collections: Access hand-picked selections of films, often including award-winning titles. Wide Accessibility: Stream across all your devices, including iPhone, iPad, Mac, and various smart TVs, for seamless viewing anywhere. Top Movies on Apple TV (Blockbusters & Hidden Gems) Killers of the Flower Moon: Epic Crime Drama

The 1st appear on the Top movies on Apple TV is Killers of the Flower Moon. This is an epic crime drama by acclaimed director Martin Scorsese. This powerful film delves into the harrowing true story of the Osage murders in the 1920s, a series of brutal killings that targeted members of the wealthy Osage Nation in Oklahoma. It’s a compelling narrative that sheds light on a dark chapter of American history.

Why Watch Killers of the Flower Moon? Stellar Cast: Features powerful performances from an ensemble cast, including Leonardo DiCaprio, Robert De Niro, and the highly acclaimed Lily Gladstone. Historical Depth: Offers a poignant and important exploration of a significant, yet often overlooked, period in American history. Exclusive Apple Original: Available exclusively on Apple TV+, making it a must-watch for subscribers looking to stream your favorite films with critical acclaim. Napoleon: Ridley Scott’s Historical Spectacle

The second one adds in on the Top movies on Apple TV is Napoleon, which is Ridley Scott’s grand historical epic starring Joaquin Phoenix. The film portrays Napoleon Bonaparte’s rise to power through epic battles, political intrigue, and his relationship with Joséphine. It’s a compelling watch for fans of historical dramas looking to stream your favorite films.

Why Watch Napoleon? Visually Stunning: Experience breathtaking cinematography and period detail, making it a visually immersive film. Large-Scale Battles: Witness epic, meticulously choreographed battle sequences that bring historical warfare to life. Perfect for Epic Film Fans: An ideal choice for those who enjoy grand narratives, historical dramas, and sweeping cinematic experiences. Fly Me to the Moon: Romantic Comedy-Drama

The third movie on Top movies on Apple TV is Fly Me to the Moon, a charming romantic comedy-drama starring Scarlett Johansson and Channing Tatum. Set against the backdrop of the 1960s space race, the film explores the unexpected dynamic between a marketing specialist and an astronaut, offering a blend of humor, romance, and historical intrigue. It’s an engaging film for those looking to stream your favorite films with a lighthearted yet captivating narrative.

Why Watch Fly Me to the Moon? Charming Narrative: Enjoy a delightful and engaging story filled with wit and warmth. Star-Driven Performance: Features strong performances from Scarlett Johansson and Channing Tatum, adding to its appeal. Broad Appeal: A perfect choice for a wide audience, offering a mix of romance, comedy, and drama. CODA: A Heartfelt Family Story

The 4th on the Top movies on Apple TV is CODA (Child of Deaf Adults), which is a deeply heartfelt coming-of-age drama that tells the unique story of Ruby Rossi, the only hearing member in her deaf family. The film beautifully portrays her struggle to balance her family’s struggling fishing business, where she acts as their interpreter, with her burgeoning passion for singing. It’s an emotionally rich narrative that offers a unique perspective on family bonds and pursuing one’s dreams.

Why Watch CODA? Oscar-Winning: This film made history by winning Best Picture at the Academy Awards, alongside Best Supporting Actor for Troy Kotsur and Best Adapted Screenplay. Emotionally Resonant: CODA is renowned for its powerful and moving narrative, which connects deeply with audiences through themes of family, sacrifice, and self-discovery. A Must-See Indie Gem: As an Apple Original Film, it’s a prime example of independent cinema that achieved widespread critical acclaim, making it a must-see for anyone looking to stream your favorite films with substance and heart. The Tragedy of Macbeth: A Visually Striking Shakespeare Adaptation

Last but not least, the final movie of Top movies on Apple TV is The Tragedy of Macbeth. This is a bold and visually striking adaptation of William Shakespeare’s timeless play, directed by Joel Coen. Starring Academy Award-winners Denzel Washington as Macbeth and Frances McDormand as Lady Macbeth, this black-and-white cinematic masterpiece reimagines the classic tale of ambition, madness, and murder with a stark, minimalist aesthetic. It’s a gripping and intense interpretation that highlights the powerful performances and Coen’s distinctive directorial vision.

Why Watch The Tragedy of Macbeth? Unique Cinematography: Experience a stunning black-and-white visual style with stark contrasts and a theatrical, almost abstract, set design that is unlike any other Shakespeare adaptation. Powerful Performances: Witness Denzel Washington’s compelling portrayal of Macbeth, supported by an equally strong cast, bringing raw intensity to every scene. Often Overlooked Gem: Despite critical acclaim and Oscar nominations for its cinematography and production design, it remains a hidden gem for many, making it a valuable find for those looking to stream their favorite films with artistic depth and a unique perspective. Tips for Maximizing Your Apple TV Movie Experience Optimize Streaming Quality

For the best 4K HDR streaming on Apple TV+, use a high-speed internet connection of 15 Mbps+. This ensures minimal buffering and sharp, vibrant visuals for your favorite films.

Explore Curated Playlists

Discover new content on Apple TV+ by checking the “Originals” and “Featured” sections. These curated playlists offer tailored recommendations, making it easy to find great films and shows.

Use VPN for Global Content

To access region-locked titles, use a VPN like NordVPN or ExpressVPN. This lets you safely stream your favorite films from different locations, expanding your viewing options globally.

Multi-Device Streaming

Apple TV+ offers seamless multi-device streaming across iOS, macOS, Apple TV devices, and smart TVs. Enjoy your favorite films and shows anywhere, picking up right where you left off.

Conclusion

Apple TV+ is a top destination to explore movies, offering both hidden gems & blockbusters in stunning 4K HDR. Enjoy exclusive originals, ad-free viewing, and seamless streaming across all your Apple devices. From Oscar winners to action-packed thrillers, stream your favorite films with ease and elevate your entertainment today.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Explore the Top Movies on Apple TV: Hidden Gems & Blockbusters appeared first on Herond Blog.

The post Explore the Top Movies on Apple TV: Hidden Gems & Blockbusters appeared first on Herond Blog.

Want to save that inspiring tutorial, hilarious clip, or favorite music video to watch offline? Knowing how to download YouTube video for free & safely is a skill many are searching for. At Herond, we get it – you want convenience without compromising security. This guide will walk you through the best, most reliable methods to download your favorite YouTube content safely, ensuring your device stays protected while you build your offline video library.

Why Download YouTube Videos? Reasons to Download YouTube Video for free

Knowing how to download youtube video for free & safely offers compelling reasons for users. It’s incredibly useful for watching offline during travel, ensuring entertainment or learning isn’t interrupted by poor internet connectivity on flights, trains, or in remote areas. Moreover, you can save educational content like tutorials, lectures, or documentaries, creating a personal knowledge library accessible anytime. Finally, it allows you to create personal collections of favorite music videos, inspirational talks, or funny clips, curating content precisely to your preferences.

Benefits of Downloading YouTube Videos

The benefits of downloading youtube video for free are manifold. Foremost is convenience: you can access your desired content instantly without buffering or relying on an internet connection. This also translates to greater accessibility, as downloaded videos can be watched on various devices, anytime, anywhere, truly making your content portable. Crucially, these methods often provide cost-free solutions for personal use, allowing you to enjoy a vast library of content without recurring data charges or subscription fees, ensuring you can download youtube video for free & safely.

Best Ways to Download YouTube Video for Free & Safely Method 1: Use Online YouTube Downloaders Recommended Tools (Use with Caution): For a quick way to download youtube video for free & safely, popular online downloaders include SaveFrom.net. These tools generally allow direct video conversion from a URL. Simple Steps Copy the video URL directly from YouTube’s address bar. Paste the URL into the designated field on the online downloader’s website. Select your desired format (e.g., MP4) and resolution (e.g., 1080p) from the available options. Click “Download” to save the video to your device. Crucial Warning: Be extremely cautious and avoid shady sites that display excessive pop-up ads, try to redirect you, or prompt you to install suspicious software. These can often lead to malware or phishing attempts. Always use a secure browser like Herond to mitigate risks. Method 2: Use Desktop Software Suggest Reliable Tools: For a more powerful and often higher-quality approach to download youtube video for free & safely, consider desktop software. Top recommendations include 4K Video Downloader (known for its user-friendly interface and support for various resolutions) or YT-DLP (a robust, open-source command-line tool for advanced users). Installation & Usage for Quality/Safety: Installation: Download the software from its official website (e.g., 4kdownload.com for 4K Video Downloader, or check github.com/yt-dlp/yt-dlp for YT-DLP) to ensure authenticity and avoid malware. Follow the installation prompts. Usage (4K Video Downloader): Copy the YouTube video URL, paste it into the software, choose your desired format and resolution (up to 4K/8K if available), and click download. It’s designed for straightforward, high-quality saves. Usage (YT-DLP): This is a command-line tool. After installation, you’ll use your computer’s terminal (Command Prompt/PowerShell on Windows, Terminal on Mac/Linux) to run commands like yt-dlp to download, with options for specific formats or qualities. It offers immense flexibility but has a steeper learning curve. Method 3: Use Mobile Apps Recommend Apps (Android): For Android users seeking how to download YouTube videos for free & safely directly on their devices, popular choices include SnapTube or TubeMate. These apps offer features like background downloading and various quality options. Safe APK Download: Since these apps are typically not available on the Google Play Store (due to YouTube’s terms of service), it’s crucial to download their APKs only from their official websites. Avoid unofficial app stores, as they often host outdated, modified, or malicious versions that could compromise your device. Always prioritize security by sourcing directly from the developers. Method 4: Screen Recording as a Backup How to Use: As a last resort or for content difficult to download directly, screen recording is a viable backup method for how to download youtube video for free & safely. Most modern devices have built-in screen recorders (e.g., swipe down on Android/iOS and tap the record icon). For desktop, powerful software like OBS Studio offers comprehensive recording capabilities. Pros & Cons: Pros: This method requires no third-party download tools, making it inherently safer in terms of avoiding malware. Cons: Videos recorded this way often have lower quality compared to direct downloads (limited by screen resolution and recording settings). They also typically require manual editing to trim unwanted parts (like ads or UI elements), adding extra steps to the process. Tips for Safe and Efficient Downloading Choose Trusted Tools

To truly download youtube video for free & safely, the most crucial step is to choose trusted tools. Stick to well-reviewed apps and websites that have a strong reputation and clear privacy policies. Avoiding unknown or suspicious downloaders is paramount, as many can be fronts for malware, adware, or phishing schemes designed to compromise your device or steal your data. Always check user reviews and security warnings before proceeding, ensuring your downloading experience remains secure.

Check Video Quality

When you download a YouTube video, always check video quality options. Most downloaders allow you to select the resolution (e.g., 720p, 1080p, or even 4K). Choosing the appropriate resolution ensures the video is compatible with your device’s display capabilities and storage capacity. While higher quality is great, it also means larger file sizes. Balancing quality with your device’s storage and playback capabilities is key to efficiently building your offline video library.

Use VPN for Privacy

For an added layer of security and privacy, while you download youtube video for free & safely, consider using a VPN like NordVPN or ExpressVPN. A VPN encrypts your internet connection and masks your IP address, making your online activities more private and harder to track by your Internet Service Provider or other third parties. This is especially beneficial when using online downloaders, as it adds a shield between your device and the various servers involved in the downloading process, protecting your data.

Manage Storage

Finally, to keep your device running smoothly, it’s essential to manage storage by organizing your downloaded videos. Large video files can quickly consume significant disk space. Create dedicated, clearly labeled folders for different categories (e.g., “Tutorials,” “Music Videos,” “Travel Vlogs”). Regularly review your collection, deleting videos you no longer need. This proactive organization not only saves device space but also makes it far easier to find and enjoy your downloaded content whenever you want.

Conclusion

Mastering how to download youtube video for free & safely gives you unparalleled convenience and access to your favorite content. Whether using online downloaders, desktop software, mobile apps, or screen recording, always prioritize digital safety by choosing trusted tools, avoiding suspicious sites, and using a secure browser like Herond. By understanding legal aspects, managing quality, and organizing downloads, you can confidently build a robust offline library without compromising security.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Best Ways to Download YouTube Video for Free & Safely appeared first on Herond Blog.

The post Best Ways to Download YouTube Video for Free & Safely appeared first on Herond Blog.

Learn how apps can offer personalized experiences without compromising user privacy. Solutions like Private Access Tokens, OHTTP, and MASQUE Relay protect data without harming user experience.

Insurance brand differentiation through PaaS 

There’s a new way to stand out in the insurance industry, and it’s not about offering lower premiums or faster claims. It’s about privacy.  

Consumer expectations are shifting, and Privacy as a Service (PaaS) is emerging as a powerful differentiator for insurers seeking to lead in trust, security, and digital experience. This is your opportunity to move beyond compliance and build tangible brand equity through privacy. 

The Rise of Privacy for the Everyday Consumer 

In today’s hyper-digital world, privacy has gone from a background concern to a front-page priority. According to Pew Research, 67% of Americans say they understand little to nothing about what companies do with their data, up from 59% in previous years. Most also feel they have little or no control over how businesses or government agencies use their data. 

This is where Privacy as a Service (PaaS) becomes a critical advantage. 

PaaS offers insurers a strategic way to embed privacy tools into their offerings from encrypted messaging and masked contact details to user-controlled data sharing and real-time breach monitoring.  

What privacy as a service looks like 

Privacy as a Service isn’t theoretical. It’s a growing suite of tools insurers can implement today, either through white-labeled apps or integration with their existing digital platforms.  

These include: 

Private communication channels (e.g., encrypted messaging) 
Virtual cards for secure payments or online purchases 
Digital wallets that store only necessary credentials 
User-controlled identity and data-sharing preferences 
Real-time alerts and monitoring for data breaches, leaks, or misuse 

Together, these tools help protect against fraud, phishing, impersonation, and unauthorized data sharing, all while building policyholder confidence. 

What specific PaaS solutions are available? 

Several technology providers now offer turnkey or customizable privacy-as-a-service toolkits.  

For example: 

Anonyome Labs provides secure communication tools (like virtual phone numbers and masked emails), identity protection, digital wallets, and breach monitoring. 
Jumio and Okta offer identity verification and access management solutions that support consumer-controlled credentialing. 
Apple’s Private Relay and others are shifting expectations for how personal data should be handled in digital experiences, further reinforcing the importance of privacy-centric offerings. 

Insurers can choose to license these features or integrate them into native apps for a seamless user experience. 

How to effectively communicate the value of privacy tools

Implementing PaaS is only half the equation. Insurers must clearly articulate why it matters to customers. Here’s how: 

Lead with control: Emphasize how customers can manage what they share and with whom they share it.  Show real-world benefits: Frame privacy tools as ways to reduce fraud, protect families, and save money, not just as technical features. Promote peace of mind: Position your brand as one that safeguards people, not just policies. 

Messaging should appear across onboarding flows, app experiences, marketing campaigns, and customer support channels. 

Differentiation in a crowded market 

With so many insurance products becoming commoditized, Privacy as a Service provides a new lever for differentiation. It aligns with what modern consumers care about: safety, autonomy, and digital integrity. 

In a space where brand loyalty is tied to values and experience, offering built-in privacy sends a powerful message you don’t just insure people. You protect them holistically. 

Ready to offer privacy as a Service? 

Anonyome Labs helps insurers integrate turnkey privacy solutions into their digital experiences. Request a demo to discover how you can leverage privacy as your next competitive advantage. 

The post Privacy as a Service: A New Frontier for Insurance Brand Differentiation appeared first on Anonyome Labs.

TL;DR: The House Party Protocol (HPP) Private Mainnet is officially live. This environment allows HPP to validate its infrastructure, onboard foundational projects, and test cross-chain, smart contract, and agent-based operations. The Public Mainnet is scheduled for Q3 2025, along with full token activation, agent deployment, developer tools, and ecosystem integration.

We’re excited to announce the official launch of the House Party Protocol (HPP) Private Mainnet, a significant milestone that marks the culmination of focused research, protocol development, and ecosystem readiness. More importantly, it represents the final preparatory phase before opening the network to the broader public.

Why Launch a Private Mainnet?

The Private Mainnet provides a controlled environment for finalizing and validating the core infrastructure before it is fully accessible to the public. While technically identical to the upcoming public mainnet, this phase allows us to fine-tune key systems, ensure operational stability, and onboard essential modules.

Key developments during this stage include:

Deployment of cross-chain bridges, oracles, and subgraphs Initial issuance of the HPP token and setup of on-chain governance mechanisms Onboarding of foundational projects, including AQT (RWA tokenization), Booost (proof-of-humanity), and W3DB/VaasBlock (on-chain reputation) What We’re Testing

During the private mainnet phase, we are rigorously testing the protocol’s core capabilities under real-world conditions. This includes evaluating distributed node coordination and overall network performance, conducting smart contract audits, and assessing system observability at the protocol level. These tests ensure HPP can support intelligent, autonomous operations at scale.

What’s Next: Public Mainnet Launch in Q3 2025

Once the Private Mainnet is successfully stabilized, HPP will move into its next chapter with the public release of its Layer 2 mainnet in Q3 2025. This launch will activate the full HPP token economy and invite broader user and developer participation.

At the public launch, the HPP ecosystem will support:

Native staking, protocol governance, and fee mechanisms using the HPP token Deployment of autonomous agents for DeFi, AI coordination, and RWA operations Developer onboarding through SDKs, APIs, and documentation portals Cross-platform and cross-chain composability between CEXs, DEXs, and L2 protocols

The HPP Private Mainnet is not just a technical milestone. It’s a clear signal that the network is nearing readiness for public adoption. We’re building the foundation for an intelligent, agent-based blockchain future.

We’re just getting started. In the coming weeks, we’ll be sharing more in-depth content, including public roadmap details, developer documentation, and additional resources. Stay tuned.

HPP Private Mainnet Launch: Entering the Final Staging Ground was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.

AUSTRAC is increasing scrutiny on insurers and intermediaries under Australia’s AML/CTF regime. This article explores how insurers can automate AML screening and identity verification for policyholders, brokers, and third parties – while maintaining compliance with reporting, privacy, and onboarding standards.

Australia’s insurance sector is under growing regulatory pressure as AUSTRAC expands its supervision beyond banks and casinos. General insurers, life insurance providers, and MGAs are now expected to demonstrate robust anti-money laundering (AML) programs, effective customer due diligence (CDD), and clear audit trails.

The result? AML is no longer a back-office function. It’s now a front-line compliance priority.

The AUSTRAC Focus in 2025

Recent enforcement actions and guidance updates from AUSTRAC make it clear that insurers must:

Identify and verify policyholders and beneficiaries Screen for politically exposed persons (PEPs) and sanctions Assess risk based on product type and transaction behaviour Monitor intermediaries such as brokers, agents, and referrers Report suspicious matters and threshold transactions

Unlike banks, insurers face unique challenges: low-frequency transactions, indirect relationships via brokers, and legacy systems with fragmented data. This makes real-time AML controls more difficult—yet increasingly essential.

Key Compliance Challenges for Insurers

1. Broker-Mediated Risk
Many insurers onboard customers indirectly through brokers. If AML checks are delayed or inconsistent, exposure increases.

2. Complex Beneficiary Structures
Life insurance policies, trusts, or group schemes often involve multiple named or contingent beneficiaries, requiring deeper CDD.

3. Manual Onboarding and Monitoring
Legacy systems often rely on PDFs, emails, or offline checks—creating gaps in screening and reporting.

4. AU-Specific Privacy and Data Handling Laws
AML systems must comply with the Australian Privacy Act and localization rules for sensitive personal data.

How iComply Helps Australian Insurers

iComply delivers a flexible, modular platform for AML compliance that supports insurance-specific use cases, including:

1. AML Screening for Policyholders and Brokers Screen natural persons and legal entities against global PEP and sanctions lists Automate ongoing monitoring with configurable refresh intervals Risk-score customers and brokers based on transaction type and geography 2. Identity Verification at Onboarding Use edge computing to validate ID documents and biometrics locally Ensure fast onboarding without storing sensitive data offshore Maintain full audit trails for AUSTRAC inspection readiness 3. Modular Flows for Multi-Party Policies Onboard and verify multiple parties (e.g., policyholder, beneficiary, advisor) within a single case file Apply risk-based logic to determine verification depth per party 4. Broker Portal and Delegated Compliance Offer white-labeled portals for broker-assisted onboarding Maintain insurer control over compliance policies and screening standards 5. Data Residency and Privacy Controls All personal data processed and stored in compliance with Australian data protection law Configurable consent capture, encryption, and retention policies Case Insight: Life Insurer in NSW

A leading life insurance provider implemented iComply’s AML and identity verification modules for broker-led onboarding. Within 90 days:

Reduced manual reviews by 67% Flagged 2 high-risk brokers for enhanced due diligence Streamlined onboarding from 4 days to under 1 What to Expect in 2025 More Targeted AUSTRAC Reviews of non-bank financial services providers Integration with Digital Identity Frameworks as Australia expands verified ID initiatives Increased Focus on Intermediary Oversight including brokers, aggregators, and marketing affiliates Take Action

Insurers can no longer afford to treat AML as a check-the-box task. AUSTRAC expects proactive, risk-based controls – especially when brokers and beneficiaries complicate the onboarding chain.

Talk to iComply to learn how we help Australian insurers meet AML obligations, reduce friction, and future-proof compliance with a flexible, audit-ready platform.

 

The cloud is here, and it’s thriving, but so is enterprise software. While the industry buzzes with the promise of SaaS-first strategies and fully cloud-native ecosystems, a powerful truth remains: not all businesses can or should go all-in on the cloud. And that’s perfectly okay.

 

The rise of the cloud hasn’t diminished the value of software, it’s reinvigorated it. Let’s explore why.

Dear Community,

As we wrap up the first half of 2025, we want to reflect on our progress and share our journey with you. Thanks to your continued interest and support, Metadium has achieved meaningful growth and transformation throughout the year’s first half. This report outlines the key milestones and advancements we’ve accomplished over the past six months.

Summary

On July 12, 2025, at 07:16:54 KST, the total number of blocks generated on the Metadium mainnet surpassed 100 million. From January to June 2025, a total of 1,791,930 transactions were processed, and 71,685 new DIDs were created. On February 1, 2025, Francisco Dantas Filho was officially appointed as the new CEO of Metadium. A successful mainnet upgrade (go-metadium version m0.10.1) was completed to activate the Transaction Restriction Service (TRS). With AI-powered MCP (Model Context Protocol) integration into the WEB2X platform, developers can now easily build services on Metadium using natural language commands. Metadium’s mainnet development company officially joined the Digital Identity Technology Standard Forum, enabling broader application of Metadium’s distinctive DID technology in Korea’s digital identity ecosystem. The AI-based conversational blockchain explorer ‘MChat’ officially launched, offering users a more intuitive and interactive way to query Metadium mainnet data using natural language.

Technology

H1 Monthly Transactions

From January to June 2025, a total of 1,791,930 transactions were processed, and 71,685 DID wallets were created.

100 Million Block Milestone

As of July 12, 2025, at 07:16:54 KST, the Metadium mainnet reached the significant milestone of 100 million blocks generated. This achievement highlights the stability and operational continuity of the Metadium blockchain, reinforcing the strength and reliability of its ecosystem.

Appointment of New CEO

On February 1, 2025, Francisco D. Filho was officially appointed as Metadium’s new CEO. With his exceptional leadership and vision, we anticipate continued sustainable growth for Metadium.

For more details, please click here.

Mainnet Update

We are pleased to announce the successful completion of the mainnet update (go-metadium version m0.10.1), which activates the Transaction Restriction Service (TRS). This update significantly bolsters the security and stability of our services, strengthening our commitment to providing an exceptional experience for our users.

For more details, please click here.

WEB2X-MCP Integration

The WEB2X platform has been upgraded with AI-powered MCP (Model Context Protocol) functionality, allowing developers to build on the Metadium blockchain using natural language commands. This update significantly lowers the entry barrier and expands the possibilities for developers to create intuitive blockchain services on Metadium.

For more details, please click here.

Membership in the Digital Identity Technology Standard Forum

Metadium’s mainnet development company officially joined the Digital Identity Technology Standard Forum, Korea’s key standardization body in the digital identity sector. With this membership, Metadium’s decentralized identity technology is expected to be more actively utilized and contribute to ecosystem-wide standardization efforts.

For more details, please click here.

Official Launch of AI Explorer MChat

The AI-powered conversational blockchain explorer ‘MChat’ has officially launched. Users can interactively explore blockchain data by entering wallet addresses, transaction hashes, or block numbers and asking questions in natural language. This launch makes it easier for non-technical users to understand and access Metadium mainnet data in a more user-friendly format.

For more details, please click here.

Metadium will continue to pursue innovation and build a blockchain ecosystem that delivers real value to users and the community.

Thank you, as always, for your unwavering support.

The Metadium Team

안녕하세요, 메타디움 팀입니다.

2025년 상반기를 마무리하며, 메타디움이 걸어온 발자취를 되돌아보고 그 여정을 여러분과 함께 나누고자 합니다.

여러분의 꾸준한 관심과 참여 덕분에, 메타디움은 상반기에도 의미 있는 성장과 변화를 이어갈 수 있었습니다.

이번 리포트를 통해 상반기 동안의 주요 성과와 진전을 보다 자세히 공유드립니다.

요약

2025년 7월 12일 오전 7시 16분 54초(KST), 메타디움 메인넷의 누적 블록 생성 수가 1억 개를 달성했습니다. 2025년 1월부터 6월까지 총 1,791,930건의 트랜잭션이 처리되었으며, DID는 71,685건이 생성되었습니다. 2025년 2월 1일, Francisco Dantas Filho님이 메타디움의 새로운 CEO로 공식 선임되었습니다. TRS(Transaction Restriction Service) 활성화를 위한 메인넷(go-metadium 버전 m0.10.1) 업데이트를 성공적으로 완료했습니다. WEB2X 플랫폼에 AI 기반 MCP 기능이 추가되면서, 메타디움 블록체인을 자연어 명령만으로 더욱 쉽게 구축할 수 있는 개발 환경이 마련되었습니다. 메타디움 블록체인 메인넷 개발사가 디지털신원기술표준포럼에 정식 회원사로 참여하며, 메타디움의 차별화된 DID 기술이 디지털 신원 생태계에서 더욱 활발히 활용될 것으로 기대됩니다. AI 기반 대화형 블록체인 익스플로러 ‘MChat’이 정식 오픈되어, 지갑 주소, 트랜잭션 해시, 블록 번호 등을 자연어로 질의하며 메타디움 메인넷 데이터를 직관적으로 탐색할 수 있는 환경이 마련되었습니다.

기술 업데이트

H1 월간 트랜잭션

2025년 1월부터 6월까지 총 1,791,930건의 트랜잭션이 처리되었으며, DID는 71,685건이 생성되었습니다.

블록 생성 1억 달성

2025년 7월 12일 오전 7시 16분 54초(KST) 기준, 메타디움 메인넷의 누적 블록 생성 수가 1억 개를 넘어섰습니다. 이는 메타디움 블록체인의 안정성과 지속 운영 능력을 입증하는 중요한 이정표로, 생태계의 견고한 성장 기반을 다시 한 번 확인시켜 주는 성과입니다.

새로운 CEO 선임

2025년 2월 1일부로 Francisco D. Filho님이 메타디움의 새로운 CEO로 공식 선임되었습니다. Dantas Filho님은 뛰어난 리더십과 비전을 바탕으로 메타디움의 지속 가능한 성장을 이끌어 나갈 것으로 기대됩니다.

자세한 내용은 여기를 확인해보세요.

메인넷 업데이트

TRS(Transaction Restriction Service) 활성화를 위한 go-metadium 버전 m0.10.1 메인넷 업데이트를 성공적으로 완료했습니다. 이 업데이트를 통해 보안과 서비스 안정성이 더욱 강화되었습니다.

자세한 내용은 여기를 확인해보세요.

WEB2X-MCP 통합

WEB2X 플랫폼에 AI 기반 MCP(Model Context Protocol) 기능이 새롭게 추가되면서, 메타디움 블록체인을 자연어 명령만으로도 쉽게 구축할 수 있는 개발 환경이 마련되었습니다. 이를 통해 개발자는 복잡한 코딩 없이도 직관적인 방식으로 블록체인 서비스를 구현할 수 있게 되었으며, 메타디움 블록체인의 접근성과 활용 가능성이 더욱 확대되었습니다.

자세한 내용은 여기를 확인해보세요.

메인넷 개발사 디지털신원기술표준포럼 정회원 참여

메타디움 블록체인 메인넷 개발사가 디지털신원기술표준포럼(Digital Identity Technology Standard Forum)에 정식 회원사로 참여하게 되었습니다. 이번 합류로 메타디움의 탈중앙화 신원 기술(DID)이 국내 디지털 신원 생태계에서 더욱 활발히 활용될 것으로 기대됩니다.

자세한 내용은 여기를 확인해보세요.

AI 기반 익스플로러 MChat 정식 오픈

AI 기반 대화형 블록체인 익스플로러 ‘MChat’이 정식 오픈되었습니다. 사용자는 지갑 주소, 트랜잭션 해시, 블록 번호 등의 정보를 입력한 후, 자연어로 질문함으로써 블록체인 데이터를 더욱 직관적이고 대화형 방식으로 탐색할 수 있습니다. 이번 출시를 통해 블록체인 기술에 익숙하지 않은 사용자들도 메타디움 메인넷 데이터를 쉽게 이해하고 접근할 수 있는 환경이 조성되었습니다.

자세한 내용은 여기를 확인해보세요.

메타디움은 앞으로도 끊임없는 혁신을 바탕으로, 사용자와 커뮤니티 모두에게 실질적인 가치를 제공하는 블록체인 생태계 구축에 최선을 다하겠습니다.

늘 아낌없는 관심과 성원에 감사드립니다.

메타디움 팀

Website | https://metadium.com Discord | https://discord.gg/ZnaCfYbXw2 Telegram(EN) | http://t.me/metadiumofficial Twitter | https://twitter.com/MetadiumK Medium | https://medium.com/metadium

Metadium 2025 H1 Activity Report was originally published in Metadium on Medium, where people are continuing the conversation by highlighting and responding to this story.

Security pros express concern over a trusted system like Cisco ISE showing continued vulnerabilities.

In today’s data-driven world, electronic record compliance is essential to operational success and regulatory survival. From GDPR to HIPAA and PIPEDA, organizations must follow strict standards to store, protect, and dispose of data responsibly. Tools like audit trails, encryption, and role-based access help reduce risk. For research institutions, platforms like myLaminin simplify this process—supporting secure, compliant, and collaborative data management at every stage.

Here’s what security teams may not know about cloud security – but should.

In deze aflevering van de Data Sharing Podcast een iets andere insteek dan je gewend bent: het is een live opname vanaf het VIP Congres, waar Gert-Jan van Dijke (Director Accounts bij Ockto) sprak over de toekomst van data delen. Geen studio, maar een podium vol publiek – met scherpe inzichten over wat er nodig is om toekomstbestendige klantreizen mogelijk te maken.

Windows Server 2025's delegated Managed Service Accounts have been impacted by a critical design vulnerability within its password-generation computation structure that could be leveraged for indefinite cross-domain lateral movement and persistence across managed service accounts and Active Directory resources through the new Golden dMSA attack technique, according to The Hacker News.

A bulk link audit refers to the process of evaluating backlink profiles across multiple websites simultaneously. Instead of analyzing domains one by one, agencies can assess dozens—or even hundreds—of websites in a single workflow. This type of audit is essential for agencies managing large portfolios, especially when SEO performance must be ...

The post Top Bulk Link Building Audit Services for Large Portfolios appeared first on Evernym.

Predictoor DF150 rewards available. DF151 runs July 17th — July 24th, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 150 (DF150) has completed.

DF151 is live today, July 17th. It concludes on July 24th. For this DF round, Predictoor DF has 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF151 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF151

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF150 Completes and DF151 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

TAU Systems and Thales announce pioneering collaboration in laser-driven particle acceleration prezly Thu, 07/17/2025 - 15:00 TAU’s compact accelerator offers applications throughout science, including imaging semiconductor structures, radiation testing space-bound electronics, developing cancer therapies, and conducting advanced medical imaging techniques The Thales laser has been installed in the world’s first-of-its-kind commercial laser-plasma accelerator facility, TAU Labs, dedicated to customer applications

Austin, TX – July 17, 2025 – TAU Systems, the developer of next-generation ultrafast laser-plasma accelerators, today announced the collaboration with solid-state laser producer Thales. The collaboration leverages Thales’ expertise in high peak power laser systems and TAU Systems’ innovation in laser-driven particle acceleration.

The collaboration will see the two pioneering companies offer for the first-time complete commercial laser-driven particle and radiation sources, generating from electrons or neutrons to X-rays and Gamma rays. These crucial systems, with the first one installed in TAU Labs Carlsbad, California, are complemented by an innovative beam-time-as-a-service proposal at the first of several application centers, and will accelerate research and development into many exciting and relevant areas such as radiation testing of space-bound electronics, advanced X-Ray imaging of 3D structures, and even novel cancer therapies.

TAU Systems CEO, Bjorn Manuel Hegelich said: “It is great to be working with Thales, they have been leaders of high energy Titanium:Sapphire scientific lasers for many years and their experience ​ brought ​ a positive impact on bringing access to laser-plasma wakefield accelerator technologies to a broader scientific audience.”

Tugdual Le Bouar, Laser Systems & Solutions Director at Thales commented: “Building on the strengths of both companies, Thales and TAU Systems are at the forefront of developing exciting new products that will combine their respective technologies and usher in new applications for the most advanced and accessible particle and light sources.”

Thales has been at the leading edge of laser system development for more than 40 years, manufacturing high-energy, flashlamp-pumped and diode-pumped nanosecond lasers for industrial applications as well as powerful ultrashort pulse Titanium:Sapphire femtosecond laser systems delivering power of up to 10 petawatts for scientific applications.

How TAU System’s Compact Accelerator Works 

Particle accelerators hold great potential for semiconductor applications, medical imaging and therapy, and research in materials, energy and medicine. But conventional high-energy particle accelerators require plenty of space – some upwards of kilometers – making them expensive and limiting their presence to a handful of national labs and universities. 

TAU Systems have built and rigorously tested a compact laser wakefield accelerator (LWFA), which has a wide variety of applications, and the full system could be contained in a volume the size of a shipping container.

This kind of compact particle accelerator could also be used to drive another device called an X-ray free electron laser, which could be used as a light source for beyond EUV lithography for even more advanced chip production as well as being capable of recording the dynamics of processes on the atomic or molecular scale. Examples of such dynamic processes include drug interactions with cells, changes inside batteries that might cause them to go into thermal runaway, chemical reactions inside solar panels, and viral proteins changing shape when infecting cells.  

The concept for LWFA was first described in 1979. An extremely powerful laser strikes a gas target (e.g. Helium), heats it into a plasma and creates plasma waves that accelerate electrons from the gas, thereby generating a high-energy electron beam. Conceptually, the laser is like a boat skimming across a lake, leaving behind a wake – a plasma wake/wave – and electrons ride this plasma wave like surfers.  

During the past couple of decades, various research groups have developed more powerful versions and Hegelich’s group holds the current record with a demonstrated acceleration gradient of over 100 billion volts per meter or 1,000x more than even the strongest conventional accelerators can achieve. 

“It’s hard to get into the biggest wave without getting overpowered, so surfers get dragged in by Jet Skis,” Hegelich said. “In our accelerator, the equivalent of Jet Skis are metal nanoparticles that release electrons at just the right point and just the right time, so they are all sitting there in the wave. We get a lot more electrons into the wave when and where we want them to be, rather than statistically distributed over the whole interaction, and that’s our secret sauce.” 

About TAU Systems 

TAU Systems is an Austin, Texas-based deep-tech company commercializing the first compact particle accelerators and specialized X-ray free-electron lasers that combine the capabilities of large accelerators with a small footprint to provide easy and affordable beam-time access for any company. Led by premier experts in laser-driven particle accelerators, TAU is democratizing access for the progress of semiconductors, batteries, medical imaging, nuclear energy, and more.

In 2023 TAU, together with the University of Texas reached a world record with the successful demonstration of an electron beam with an energy of 10 billion electron volts (10 GeV) generated in 10 centimeters.
​
​Learn more at www.tausystems.com

About Thales

Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.

The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.

Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.

/sites/default/files/prezly/images/Research%20%26%20Innovation.jfif.jpg Documents [Prezly] PR_TAU Systems and Thales announce pioneering collaboration in laser-driven particle acceleration.pdf Contacts Cédric Leurquin 17 Jul 2025 Type Press release Austin, TX – July 17, 2025 – TAU Systems, the developer of next-generation ultrafast laser-plasma accelerators, today announced the collaboration with solid-state laser producer Thales. The collaboration leverages Thales’ expertise in high peak power laser systems and TAU Systems’ innovation in laser-driven particle acceleration. prezly_779247_thumbnail.jpg Hide from search engines Off Prezly ID 779247 Prezly UUID ed4cade9-6cda-4e07-a2ab-23735eeef2d1 Prezly url https://thales-group.prezly.com/tau-systems-and-thales-announce-pioneering-collaboration-in-laser-driven-particle-acceleration Thu, 07/17/2025 - 17:00 Don’t overwrite with Prezly data Off

The same people who sold you zero trust are now unleashing agentic AI with root access and no audit trail. What could go wrong?

More than 77% of security leaders say their companies have suffered breaches due to over privileged access. Experts say the real problem isn’t the attackers. It’s everything we forgot to turn off.

A deep dive into OAuth 2.0 access tokens and the principle of least privilege to enhance your application's security by correctly scoping tokens and implementing robust validation strategies.

The industry and growth stage are the two vital factors organizations must consider when selecting KYC software. These factors shape the required country coverage, scalability, and integration capability needed to meet compliance.

The post Choosing the Right KYC Solution for Your Industry and Growth Stage first appeared on ComplyCube.

 

In this two-part series, we explore the foundational pillars shaping the future of the House Party Protocol (HPP): AI for Blockchain and Blockchain for AI.

As artificial intelligence and decentralized infrastructure continue to converge, HPP is emerging as a protocol purpose-built for this new paradigm. From transforming crypto wallets into intelligent, autonomous agents to powering the infrastructure for Small Language Models (SLMs), HPP is redefining how users interact with both AI and blockchain systems.

This series will examine two key dimensions:

How HPP unlocks intelligent, agent-driven finance through AI-powered DeFi (DeFAI) How it provides the coordination, verification, and transaction layer for the emerging SLM-powered AI economy

TL;DR: Crypto wallets are evolving from static storage tools into intelligent, AI-powered agents. Fueled by NFTs and SBTs, these wallets now carry identity, access, and behavioral history. With HPP’s AI-native infrastructure, specifically ArenAI and Noösphere, wallets can think, learn, and act autonomously. They’ll interact with CEXs and DEXs, execute DeFi strategies, and manage assets like personal financial agents.

There was a time when NFTs were all about digital art, and crypto wallets were simply tools for storing tokens, signing transactions, and tracking balances. But today, those humble utilities are transforming into something much more profound.

In the age of AI, your wallet is no longer just a container — it’s becoming a character. A digital entity with identity, ownership, and access privileges that AI can understand and interact with.

The Silent Comeback of NFTs

Recently, major financial institutions in Korea, including Woori Bank and Naver Financial, have launched NFT wallet services. This is happening after the initial NFT hype has largely faded. So why now?

The answer lies in what NFTs and their lesser-known counterpart, SBTs (Soulbound Tokens), are becoming:
Foundations of digital identity in the AI-driven Web3 economy.

NFTs are no longer just digital collectibles. They’re evolving into carriers of personal history, access rights, and even AI-compatible metadata. SBTs offer non-transferable identity markers — certifications, experience logs, and trust credentials that form your on-chain reputation.

With these, your wallet becomes you, not just your holdings, but your behavior, access permissions, and digital presence.

ArenAI and Noösphere: Giving Intelligence to the Wallet

Now that your wallet has an identity, the next frontier is intelligence. This is where HPP’s AI-native infrastructure comes in, led by two key components: ArenAI and Noösphere.

ArenAI turns your wallet into an autonomous agent. It can interpret context, make decisions, and execute transactions on your behalf — think automated staking, DeFi strategies, or even negotiation with other agents. Noösphere enables off-chain computation, such as AI inference or data processing, to be performed in trusted environments, then verified and reflected on-chain.

Together, they enable a new paradigm: wallets that think, learn, and act. Not just signing transactions, but proactively managing your digital financial life.

AI Wallets: The Gateway/Portal to Real DeFAI

The true impact lies in what these intelligent wallets unlock:
A seamless, AI-powered interface into the world of decentralized finance.

Your wallet will:

Interact with both CEXs and DEXs via AI agents that move liquidity, execute trades, or hedge risk across platforms. Access crypto products — such as staking, yield farming, and lending — as if browsing a bank app, with ArenAI suggesting strategies based on real-time market conditions.

This is the true beginning of DeFAI, Decentralized Finance powered by AI.

A Wallet That Becomes You

NFTs and SBTs give your wallet a personality. ArenAI and Noösphere give it a mind. Together, they form the foundation for the next internet: an agent-driven economy where AI not only supports but participates in markets, governance, and ownership.

In this new paradigm, your wallet will:

Learn your behavior Manage your assets Interact with other agents Execute trades and participate in economies

It won’t just hold tokens. It will become your digital twin.

A new infrastructure layer is emerging. In a world where AI models are no longer passive tools but active market participants, we need more than just smart contracts. We need coordination, autonomy, and verifiability at scale.

This is where HPP is heading.

[1] HPP’s Role in the AI-Driven Crypto Future: From Wallets to Agents was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.

Discover why migrating from Akamai to Fastly boosts web performance. Our data shows 57% faster TTFB & 17% faster LCP, based on real-world CrUX data.

Take control of AI scraping. Learn how publishers can push back against unwanted data harvesting with Fastly's AI Bot Management & new monetization opportunities.

Spending on identity tools topped $22.9 billion last year, yet breaches tied to mismanaged access continue to rise. Security leaders say technology isn’t the issue, rather governance is.

Multifactor authentication is no longer a standalone solution. Attackers have adapted and the weakest point is increasingly human, not technical.

In letter to customers, Episource said that the sensitive healthcare data potentially stolen.

The post Link Index for AML KYC Compliance appeared first on Liminal.co.

Thales selected for Finland’s Technical Research Centre’s (VTT) U-Space Pilot prezly Wed, 07/16/2025 - 10:00 Thales will provide VTT (Technical Research Centre of Finland) with its next generation Unmanned Traffic Management (UTM) system, enabling airspace management for unmanned aircraft in compliance with European regulatory standards. Thales's Topsky - AstraUTM will provide a scalable, automated platform for Finland’s Drolo 2 research and innovation initiative for U-Space airspace management.
​ © Thales

Thales has been awarded a landmark contract by Finland's VTT to provide its advanced UTM solution, TopSky – AstraUTM, as a first step of an ambitious programme to enable safe and efficient air mobility operations across Finland. The contract will include services such as UAS flight authorization, geo-awareness and network identification, and traffic information services, ensuring seamless and secure drone operations in compliance with EU Regulation 2021/664.

The U-Space Finland1 Precommercial Pilot Implementation project, part of VTT’s Drolo 2 Project, aims to develop and deploy automated, secure, scalable drone systems, products and services. This will support a wide range of drone applications, including logistics, agriculture, forestry, airport and construction operations. Additionally, the project seeks to establish a robust Finnish Drolo innovation and business ecosystem which will accelerate development and secure a competitive edge in the drone industry. The aim is that U-Space services, within european regulations, can be launched, tested and piloted in Finland making it the first or one of the first countries to do so.

The Living Lab test environment based in the Oulu region of Finland, as part of the Drolo project, is ideal in many ways, as it combines piloting with various service needs and flight environments, such as a medium-sized international airport, seaport, inhabited island, medium-sized city center and a 5G development centre.

This initiative marks a key milestone in the integration of unmanned aircraft systems (UAS) into Finnish airspace, ensuring operations are conducted safely, efficiently, and in full compliance with EU regulations.VTT needed a scalable, cloud-based U-Space system for research and operations, and TopSky-AstraUTM delivers real-time traffic management, compliance monitoring, and safe integration of unmanned and manned flights, with added weather services for enhanced safety and decision-making.

"This collaboration with Thales marks an important step in Finland’s journey to establish a robust and efficient U-Space framework. By leveraging Thales’s expertise and technology, we aim to test a safe, scalable, and innovative environment for unmanned aviation operations, positioning Finland at the forefront of U-Space adoption and airspace innovation."
​Timo Lind, Principal Scientist and Chief Drone Pilot at VTT.

"We are honored to collaborate with VTT in advancing U-Space integration in Finland. This award underscores Thales’s leadership in delivering advanced UTM solutions that are compliant with the most rigorous safety and regulatory standards. Our solution will empower Finland’s drone operators to unlock the full potential of UAS technology, while maintaining the highest safety and security standards."
​Jeremy Hooper, Vice-President Air Traffic Control and Digital, Thales.

1U-Space Finland refers to a set of regulatory frameworks and technological solutions designed to support the safe and efficient integration of unmanned aerial vehicles (UAVs), or drones, into the airspace. This concept is part of a broader initiative in Europe aiming to facilitate drone operations, particularly in urban areas and for various applications such as delivery services, emergency response, and surveillance.

/sites/default/files/prezly/images/sans%20A-1920x480px_105.jpg Documents [Prezly] PR - Thales selected for Finland’s Technical Research Centre's U-space pilot.pdf Contacts Cédric Leurquin 16 Jul 2025 Type Press release Structure Aerospace Belgium Denmark Finland Hungary Norway Sweden Thales has been awarded a landmark contract by Finland's VTT to provide its advanced UTM solution, TopSky – AstraUTM, as a first step of an ambitious programme to enable safe and efficient air mobility operations across Finland. The contract will include services such as UAS flight authorization, geo-awareness and network identification, and traffic information services, ensuring seamless and secure drone operations in compliance with EU Regulation 2021/664. prezly_777787_thumbnail.jpg Hide from search engines Off Prezly ID 777787 Prezly UUID 97e65d13-edf6-425b-a528-87e9e24e9e51 Prezly url https://thales-group.prezly.com/thales-selected-for-finlandstechnical-research-centres-vtt-u-space-pilot Wed, 07/16/2025 - 12:00 Don’t overwrite with Prezly data Off

Thales has entered into advanced discussions with a view to acquire RTX’s stake in the French joint-venture company Thales Raytheon Systems prezly Wed, 07/16/2025 - 08:45

Thales, a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors, announces that it has signed a Memorandum of Understanding (MoU) with a view to acquire RTX’s stake in the French joint venture company Thales Raytheon Systems Air and Missile Defense Command and Control SAS ​ (« TRS AMDC2 » ), currently held equally by affiliates of Thales and RTX.

TRS AMDC2 has been specialized for over twenty years in the development of NATO's airspace command and control system (ACCS) for NATO nations and command structure.

Employee representative organisations will be consulted on the proposed acquisition. The proposed acquisition is expected to be finalised before the end of 2025, following approval from the antitrust authorities and the granting of the usual regulatory authorisations.

About Thales

Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.

The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.

Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.

 

/sites/default/files/prezly/images/avec%20A-1920x480px.jpg Documents [Prezly] 20250716_PR Thales has entered into advanced discussions with a view to acquire RTX’s stake in the French joint-venture company Thales Raytheon Systems.pdf Contacts Cédric Leurquin 16 Jul 2025 Type Press release Structure Defence and Security Defence Group Thales, a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors, announces that it has signed a Memorandum of Understanding (MoU) with a view to acquire RTX’s stake in the French joint venture company Thales Raytheon Systems Air and Missile Defense Command and Control SAS (« TRS AMDC2 » ), currently held equally by affiliates of Thales and RTX. prezly_779032_thumbnail.jpg Hide from search engines Off Prezly ID 779032 Prezly UUID da85c2a9-7874-4ee5-8370-b2a3a0e3ff24 Prezly url https://thales-group.prezly.com/thales-has-entered-into-advanced-discussions-with-a-view-to-acquire-rtxs-stake-in-the-french-joint-venture-company-thales-raytheon-systems Wed, 07/16/2025 - 10:45 Don’t overwrite with Prezly data Off

Discover why Fastly's DDoS Protection is the most frequently reviewed solution on Gartner Peer Insights™. See how customer feedback drives our innovation and performance.

Learn how Fastly's resilient edge network architecture ensures availability during major internet outages, minimizing impact on customer traffic.

Traditional identity providers allow you to configure access across your organization in a variety of ways, including passwords, multi- factor authentication, or logging in with a google account. Proven Auth adds a fourth option in the form of tamper-proof Verifiable Credentials for a faster, more secure login experience.

By Tim Spring

Proven Auth is a version of Indicio Proven designed to enable single sign-on (SSO) using Verifiable Credentials. Proven Auth is more than just a way to enable passwordless authentication, it is a system for orchestrating access to applications and resources and managing the lifecycle of a user so that they have access to what they need — and only what they need — when they need it. 

For example, Proven Auth can be used to issue employees with Verifiable Credentials for access to applications and documents or even to the areas they need access to based on their role within a company. A sales team member would have access to sales resources that an engineer would not. Or when an employee changes teams, their access can be immediately updated in the system’s governance file. If they leave the company, their credentials can easily be revoked, so no more collecting key cards or changing passwords.

Why login with Verifiable Credentials?

Verifiable Credentials offer benefits that traditional login systems simply cannot compete with. 

They remove the need for logins and passwords and multi-factor authentication. We’ve said it before and we’ll say it again, any system that relies on usernames and shared secrets (passwords, security questions, etc) is vulnerable to data breaches and impersonation attempts. They can be verified without phoning home or checking in with a third party. Credentials are verified through cryptography. You can be certain who issued the credential and that the information in the credential hasn’t been tampered with. This means that personal data doesn’t need to be stored in a centralized database to confirm who you are, and you can prove your identity instantly to the system without needing to check in with the issuing party or a third party identity provider. They stop account takeovers and impersonation attacks. Each Verifiable Credential is bound to its owner and stored locally in a digital wallet app on their mobile device. Access to the wallet and device are through biometrics and code. The credential can’t be shared for someone else to use, it can’t be faked, and it can’t be stolen.  Easily implement least-privilege access. Verifiable Credentials simplify applying zero-trust approaches to security. With Proven Auth, you configure governance files to orchestrate who has access to what. It’s authentication plus access management. How do I integrate Proven Auth into my existing identity provider’s systems?

Once you have Proven, our team at Indicio has created a collection of APIs that will allow you to access the option for Verifiable Credentials the same way that you can access any other option when logging into your systems, such as an existing user account. 

Once you have integrated Proven Auth into your systems you will see the option to issue credentials to users, who will be able to hold them in a digital identity wallet, and share them back to your system for verification.

A full demonstration of integrating Proven Auth and what the new user experience will look like can be found on the Indicio YouTube Channel.

How do I get started?

Getting started is as easy as reaching out to the team at Indicio to discuss your current systems.

Our team has years of experience creating solutions all around the globe, and will make sure that your team can not only integrate Verifiable Credentials quickly, but is set up to get the most use out of this powerful technology. If you’re not quite ready to speak with them yet, we encourage you to explore the Proven Auth solution brief.

The post How to use Proven Auth with your existing identity provider appeared first on Indicio.

The Monetary Authority of Singapore (MAS) has issued nine financial institutions nearly USD 21.4 million for their weak AML controls. Some of the firms fined were leading banks such as UOB, Credit Suisse, Trident Trust, and more.

The post MAS Fines 9 Firms $27.45 Million in Money Laundering Case first appeared on ComplyCube.

As mobile driver’s licenses (mDLs) gain momentum in the U.S. and around the world, many are asking: what role will digital ID play in the future of payments?

To answer that question, we hosted a live panel with Leonard Botezatu, Director of Product & Service Design for Identity at Mastercard, and David Kelts, Co-Chair of the mDL Jumpstart Committee at the Secure Technology Alliance.

The conversation explored how digital wallets, identity standards, and mobile driver’s licenses are already transforming the way we verify identity and authorize transactions—both online and in person. 

Topics included the growing adoption of mDLs, their role in fraud prevention and KYC, and how they unlock privacy-preserving user experiences. The panel also looked ahead to emerging trends like agentic AI and the convergence of digital ID and payments in a single tap.

Here are the key takeaways from the session.

“What do you think of when someone says ‘digital identity’? Biometrics? Login credentials? A string of JSON data? Your social media account? The answer probably depends on where you are, how old you are, and/or how tech-savvy you are.”

It’s all about cultural context.

A Digital Identity Digest Local Flavors, Global Reach: Why Digital Identity Needs Cultural Context Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:11:33 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

We often talk about digital identity as if it’s a universal construct, something that can be standardized, serialized, and slotted into global frameworks. But identity is as cultural as it is technical. And when we ignore that, we risk building trust frameworks that work beautifully on paper and fail spectacularly in practice.

Identity isn’t one thing

Digital identity systems often bundle together multiple assumptions: that identity is persistent, singular, owned by the individual, and useful primarily for authorization or reputation. But those assumptions aren’t global truths—they’re artefacts of particular social and cultural histories.

(I had fun researching this post; I wanted to make sure that my anecdotal experience was backed up by people who did proper research. I could do this kind of thing ALL DAY. But I digress…)

In a comparative study of users in Central/Eastern Europe and Southeast Asia, Katalin Feher found striking differences in how people conceive of and manage their digital selves. For many Southeast Asian users, their “digital identity” is framed in terms of accounts, i.e., external tools for managing reputation. It’s something outside themselves, instrumental and pragmatic. For Central and Eastern European users, the self–account divide is blurrier; the digital footprint is seen as a real extension of personal identity, warranting careful curation and self-expression. (This paper is not freely available; I purchased a copy.)

Neither is wrong. Each leads to different expectations about how identity systems should behave and who should control them.

System design reflects cultural norms

This isn’t just about user attitudes. Cultural values shape system design too. Western identity architectures often assume:

Ownership and individualism – the user holds and controls their identity; Transparency and audit – data trails should be visible and attributable; Consent as the primary safeguard – once informed, the user is responsible.

These align well with societies that prioritize personal autonomy. But in more collectivist or hierarchical cultures, trust may flow through institutions or communities rather than individuals. Reputation may be managed through social harmony, not audit logs. And consent may be implicit, situated, or shaped by expectations of familial or societal duty.

Trying to implement a one-size-fits-all identity system on top of that diversity? That’s how you end up with systems people don’t trust, don’t use, or work around.

One of the biggest hurdles to designing identity standards that reflect cultural diversity is that the standards development community itself isn’t particularly diverse. Let’s look at the IETF as an example, since they publish easily accessible demographic information. According to the 2023 IETF community survey, nearly 80% of participants came from North America or Europe, and 85% identified as men. Most respondents spoke fluent English—the only language used for meetings, mailing lists, and documents. That streamlines coordination but inevitably filters out who can easily participate. When standards bodies fail to include regional, linguistic, and gender diversity, they naturally produce results that reflect the norms and assumptions of those already at the table.

When assumptions don’t translate: cultural mismatch in identity systems

We’ve seen identity systems built around one cultural model fall short when deployed in another. Sometimes, the mismatch causes friction; other times, it leads to outright rejection.

Take digital wallets built around the idea of individual ownership. In many Western contexts, this makes perfect sense: Users expect to control their credentials on personal devices. But in parts of Southeast Asia and sub-Saharan Africa, phones are often shared among family members or even communities. Identity systems that assume one person per device can break down quickly in these environments, creating exclusion where access was the goal.

Or consider face recognition. In the U.S. and Europe, it has sparked privacy concerns, but it still sees widespread deployment. In parts of the world where historical surveillance or ethnic targeting is fresh in public memory, even a technically secure facial recognition tool can feel untrustworthy. The issue isn’t the technology, it’s the cultural resonance of how people use the technology.

Then there’s the matter of naming. Systems that require a first and last name in Latin script are common, but not universally applicable. Cultures with patronymics, single names, or character-based scripts often find their identities shoehorned into forms they didn’t design and can’t fully control.

These aren’t just edge cases. They’re warning signs. When we treat digital identity as a neutral infrastructure, we miss the social and cultural weight it carries. And that weight can’t be standardized away.

We need regionally adaptable trust frameworks

If we want digital identity to serve people globally, we need frameworks that can flex to local norms while maintaining interoperability. That doesn’t mean abandoning global standards; it means decoupling the mechanism from the assumption set.

A few ideas worth exploring:

Modular trust anchors – Let different regions define who or what counts as a trustworthy issuer. Flexible disclosure models – Don’t assume every system must default to maximum transparency. Interoperable semantics, adaptable governance – Let credential formats be standardized, but leave room for local rules around their issuance and use.

The Levin & Mamlok paper, “Culture and Society in the Digital Age,” warns of a creeping homogenization of experience as digital systems encode particular ways of being into their logic. If we’re not careful, we’ll reproduce the same flattening in digital identity where diversity becomes a bug, not a feature.

Identity is local. Interop is global.

We’re building the infrastructure of digital personhood. That’s no small task. But if we want that infrastructure to support real people, not just tidy models, we have to let it speak in more than one voice.

That means more than just designing flexible architectures. It means actively bringing more voices into the rooms where those architectures are shaped. If cultural norms differ (and they do), then we need people who live those differences to help define what trustworthy, usable, and empowering identity systems look like. Otherwise, we risk exporting assumptions, not standards.

Trust doesn’t scale unless it can adapt. And adaptation doesn’t happen without inclusion.

Want to stay updated? I write about AI, digital identity, and standards because someone has to keep track of all this! Subscribe to get a notification when new blog posts go live. No spam, just the good stuff. [Subscribe here] 

Transcript

[00:00:00]
Welcome to The Digital Identity Digest, the audio companion to the blog at Spherical Cow Consulting. I’m Heather Flanagan, and every week I break down interesting topics in the field of digital identity—from credentials and standards to browser weirdness and policy twists.

If you work with digital identity but don’t have time to follow every specification or hype cycle, you’re in the right place.

[00:00:26]
Let’s get into it.

What Is Digital Identity, Really?

[00:00:29]
Hi there, and welcome back to The Digital Identity Digest. In today’s episode, I want to ask you a simple but profound question:

[00:00:35]
What comes to mind when you hear the term digital identity?
Do you think of:

Biometrics? Login credentials? A string of JSON? Your social media handle?

[00:00:46]
The answer likely depends on several factors:

Where you’re from How old you are How tech-savvy you feel

[00:00:52]
Cultural context plays a big role here.

[00:00:57]
We often talk about digital identity like it’s universal—something we can standardize, serialize, and fit into tidy global frameworks.

[00:01:08]
But identity is as cultural as it is technical. Ignoring that can lead to trust frameworks that look great on paper but fail in practice—especially when so-called edge cases were never edge at all.

Unpacking Assumptions About Identity

[00:01:23]
Let’s start with a key reminder: identity isn’t one thing.

[00:01:26]
Most digital identity systems are based on a set of unspoken assumptions:

Identity is persistent It’s singular It’s controlled by the individual It exists mainly for authorization or reputation

[00:01:42]
But none of these are universal truths—they are cultural artifacts. They reflect the norms of specific regions, especially the US and Europe, where many of these systems originated.

[00:01:54]
I’ve seen these cultural assumptions in standards work and tech deployments. But I wanted to back that up with research—not just anecdotes.

Meet the Research: Catalyn Fair

[00:02:07]
Enter Catalyn Fair (and fingers crossed I’m pronouncing that correctly).

[00:02:12]
Fair conducted a comparative study of digital identity and online self-management, focusing on Central and Eastern Europe vs. Southeast Asia.

[00:02:23]
The study included:

60 in-depth interviews Equal focus on students and business leaders Solid, qualitative insights

[00:02:33]
What she found wasn’t subtle.

[00:02:33]
In Southeast Asia, digital identity is often seen as external—a tool for:

Managing reputation Accessing services

It’s instrumental, not personal.

[00:02:49]
But in Central and Eastern Europe, identity is seen as deeply connected to the self.
Your digital presence isn’t just metadata—it’s:

An extension of who you are Something you curate and express Part of your personal narrative

[00:03:05]
Neither model is better. But each one shapes user expectations—and design choices.

Design Reflects Culture, Too

[00:03:17]
Cultural values don’t just affect users—they show up in system architecture.

[00:03:23]
Western identity models often assume:

The individual owns and controls their identity Transparency is inherently good Informed consent makes systems trustworthy

[00:03:43]
These assumptions work well in societies that value personal autonomy and individual accountability.

[00:03:54]
But in collectivist or hierarchical cultures, trust flows differently:

Through institutions or family Reputation relies on social harmony Consent may be implicit or relational

[00:04:16]
So when a single identity model is deployed globally, friction is inevitable.

Who’s in the Room?

[00:04:31]
Let’s talk about the people building these systems.

[00:04:35]
One challenge is that standards development communities lack diversity.

[00:04:46]
Take the IETF—the Internet Engineering Task Force:

In 2023, ~80% of participants were from North America or Europe 85% identified as male Most were fluent in English (the sole language used in IETF spaces)

[00:05:17]
This streamlines communication—but filters out valuable perspectives.

[00:05:29]
So even well-meaning people design standards based on their own assumptions.

[00:05:34]
We’ve seen how badly that can go.

Real-World Design Conflicts

[00:05:45]
Let’s take a closer look at where systems break.

[00:05:50]
Digital wallets in the West:

Built around individual control One person, one device

[00:06:00]
But in parts of Southeast Asia and Sub-Saharan Africa:

Phones are shared across families and communities Exclusive smartphone access isn’t guaranteed

[00:06:09]
If your system assumes one phone per person—it fails immediately.

[00:06:23]
Facial recognition sparks privacy debates in the US and Europe.
But in regions with a history of surveillance or ethnic targeting, it’s actively distrusted, regardless of technical safeguards.

[00:06:55]
Then there’s the perennial issue of naming.

[00:06:59]
Many systems require:

First and last names In Latin characters

[00:07:08]
But that’s not globally applicable. Consider:

Cultures with single names Languages using non-Latin scripts Regions where names reflect lineage or patronymics

[00:07:17]
Forcing conformity erases identity and damages trust.

Designing for Cultural Flexibility

[00:07:50]
So—what do we do about all this?

[00:07:51]
We need regionally adaptable trust frameworks—systems that flex to local norms while preserving interoperability.

[00:07:59]
That doesn’t mean abandoning global standards.
It means designing with flexibility.

[00:08:11]
What might that look like?

Modular trust anchors
Let regions define trusted issuers—whether they’re governments, nonprofits, or private entities. Flexible disclosure
Enable minimal, selective proof. Don’t force full data dumps for basic verification. Standardized semantics + localized governance
Agree on technical formats, but allow cultural variation in credential rules, issuers, and legal weight.

[00:08:58]
These aren’t just ideas—they’re already being explored in:

Decentralized identity Verifiable credentials Wallet interoperability

But they need cultural awareness to succeed.

Digital Identity as Cultural Infrastructure

[00:09:12]
A great paper by Levin and Mamlock—Culture and Society in the Digital Age—makes an important point:

[00:09:27]
Digital systems don’t just provide tools.
They encode worldviews.

[00:09:34]
Without care, we end up with flattened experiences—forcing everyone into one digital model.

[00:09:43]
If diversity becomes a bug to work around, instead of a feature, we’re building the wrong world.

[00:09:53]
We are designing the infrastructure of digital personhood.

[00:09:58]
If that’s going to support real people—not just tidy models—we need systems that speak in more than one voice.

[00:10:06]
And that means more than just flexible tech.

We need:

Broader participation Cultural representation Inclusion at the table

[00:10:24]
Otherwise, we’re not building local systems—we’re exporting our assumptions.

[00:10:30]
And without cultural adaptation, trust doesn’t scale.

[00:10:39]
Something to think about.

Wrap-Up and Where to Learn More

[00:10:57]
That’s it for this week’s episode of The Digital Identity Digest.

If this helped clarify—or even just sparked curiosity—please:

Share it with a colleague Connect with me on LinkedIn @hlflanagan Subscribe and leave a review wherever you listen

You can find the full written post at sphericalcowconsulting.com.

Stay curious, stay engaged—and let’s keep these conversations going.

The post Local Flavors, Global Reach: Why Digital Identity Needs Cultural Context appeared first on Spherical Cow Consulting.

We recently sat down with Rob White, Head of Identity Services at Samsung Wallet, to talk about the rollout of mobile driver’s licenses (mDLs) in the U.S.

While the idea of putting your driver’s license on your phone sounds like a simple upgrade, what Samsung is building goes far beyond that. 

They're rethinking how identity is shared, verified, and protected in the digital age, and what needs to happen to make that a mainstream reality.

Here are a few of the big ideas that stood out from our conversation:

Fast-growing fintechs in the U.S. must balance speed and compliance. This article explores how edge-based KYC and automated risk workflows can help fintechs meet regulatory requirements, avoid fines, and scale onboarding without adding friction.

U.S.-based fintechs have transformed consumer and business finance with on-demand services, embedded payments, and automated lending. But behind the innovation lies a growing compliance challenge: Know Your Customer (KYC) obligations that are intensifying under federal scrutiny.

Regulators like FinCEN, the CFPB, and state-level authorities are tightening expectations on identity verification, fraud prevention, and ongoing due diligence. Meanwhile, fintechs face pressure to onboard users in seconds – not hours or days.

So how can fintechs scale while staying compliant? The answer lies in smarter KYC infrastructure.

The Growing KYC Burden

Whether you’re offering neobanking, investing, crypto, or credit services, KYC is no longer a one-time check. Fintechs are expected to:

Validate identity using reliable, independent sources Screen for sanctions, PEPs, and adverse media Re-verify identity during account updates or flagged behaviour Retain data for audits while respecting user privacy

But many fast-moving teams are still using:

Patchwork vendor stacks Manual data review Legacy cloud-based KYC providers that store sensitive PII offshore

This results in high drop-off rates, operational inefficiencies, and regulatory exposure.

Why Legacy KYC Systems Fail Fast-Moving Fintechs

Latency: Traditional cloud verification introduces delays that can kill user signups

Security Risk: Cloud-based systems increase attack surface and risk data residency violations

Scalability Limits: As user volume grows, manual processes don’t scale without adding staff

Lack of Customization: Pre-set workflows don’t align with dynamic product onboarding paths

iComply: KYC Built for Fintech Scale

iComply offers a modular, edge-first KYC solution designed to meet U.S. regulatory requirements while enabling seamless growth. Here’s how:

1. Edge Computing for Identity Verification

Identity documents and biometrics are processed locally on the user’s device before encryption—reducing latency, improving conversion rates, and supporting GDPR and U.S. privacy laws.

2. Real-Time Risk Screening

Automate checks for:

Sanctions lists (OFAC, UN, etc.) PEP and adverse media Liveness and document forgery detection 3. Configurable Workflows

Adapt KYC flows based on:

Risk profile (e.g., domestic vs international) Use case (e.g., deposit, credit, crypto) Triggered events (e.g., account update, large transaction) 4. Automated Decisioning + Escalation

Define clear rules for auto-approval, rejection, or escalation. Eliminate manual reviews for low-risk users while flagging suspicious ones instantly.

5. Privacy-First Data Governance

Support U.S. data residency with options for:

U.S.-based cloud or on-premise deployment Encrypted audit logs Consent management and user data controls Case Study: Embedded Lending App

A Series B fintech offering embedded lending used iComply to streamline borrower onboarding. Results included:

30% faster KYC completion time 41% increase in sign-up conversion Seamless integration with their existing fraud detection tools Regulatory Considerations for U.S. Fintechs in 2025 FinCEN Guidance Updates: Closer scrutiny of beneficial ownership checks and non-face-to-face onboarding CFPB Data Rights Proposals: Increased emphasis on consent, data sharing transparency, and consumer control State-by-State Regulation: Some states, like New York and California, impose stricter KYC and fraud compliance frameworks What to Do Next

Fintechs that want to grow fast can’t afford to treat compliance as a bottleneck. By rethinking your KYC architecture, you can:

Reduce friction during onboarding Enhance fraud prevention Stay ahead of audits and enforcement

Book a strategy call with iComply to learn how our edge-based KYC platform helps U.S. fintechs scale securely, stay compliant, and win user trust.

Ontonaut’s Log — May 2025

Hey explorers,

Your Ontonaut here with the latest from deep inside the Ontology ecosystem. May was packed — from wallet upgrades and identity pushes to community campaigns that spanned gaming, security, and even pizza. Let’s break it down.

Big Moves in Decentralized Identity and Web3 Reputation 🔐

The momentum behind Decentralized Identity isn’t slowing down. Microsoft made headlines with its new decentralized identity initiative, teaming up with DIF and the W3C Credentials Community Group. That’s a major step toward a more open and user-controlled Web3.

And here in our own orbit, we doubled down. With zkTLS and identity tools in the spotlight, it’s clearer than ever: reputation and privacy are becoming core features, not afterthoughts.

What Ontology Got Done in May 🛠️

We kept the energy high all month long.

🪐 Launched the Wide Worlds Campaign inside the Web3 Wonderverse — putting Ontology in front of a new wave of explorers.

🎁 Rolled out the Ontonaut Starter Package to onboard users with NFTs, ONT, and ONG rewards.

🎮 Brought the heat with a Web3 Gaming panel as part of the “Code, Clout & Crypto” series.

🛡️ Jumped into the post-Coinbase hack conversation by highlighting zkTLS and Decentralized ID, in collaboration with Orange Protocol.

👥 Launched the “Meet ONT ID” campaign on @xstar_id, rewarding users for sharing their DID journeys.

📞 Hosted a community call to break down our work with Xstar.

🎙️ Dropped Episode 2 of Code, Clout & Crypto, diving into social systems in on-chain games.

ONTO Wallet Highlights 👛

The wallet team kept shipping and celebrating.

🚀 Dropped ONTO V4.9.4, featuring:

— Enhanced Swap/Bridge tools

— Integration with @ston_fi

— A slick 0.1% fee rebate on TON swaps

— Support for Omniston and @ton_blockchain

📊 Shared April’s top 10 blockchains and most-used dApps — including @PancakeSwap, @Uniswap, @Fiat24Official, and @0xPolygon.

🍕 Celebrated Bitcoin Pizza Day with @joinFIO, giving users a shot at 10,000 FIO tokens just for registering a handle in ONTO.

📈 Oh, and we toasted to Bitcoin hitting $110K. Just saying.

Orange Protocol Campaigns 🍊

The team at Orange Protocol kept the fire alive:

🎯 Pushed a new round of the Orange Humanity Score campaign, with 1200 $ONG up for grabs every month.

🌍 Partnered with @umycomofficial to launch a Web3 travel campaign with $100 coupons for explorers looking to move through the world on-chain.

📣 Promoted their zkTLS initiative alongside Ontology — security meets identity.

Ecosystem Stats 📈

We’re sitting at 19,929,977 total transactions, and staking is looking healthy.

Every click, claim, and connection brings us closer to a Web3 reality powered by self-sovereign identity.

That’s it for May. Ontology continues to evolve, and you’re part of that journey. We’ll be back in June with more updates, more campaigns, and more reasons to believe in what we’re building.

Until next time, 🛰️ Your Ontonaut

📣 In case you missed it — April log

📚 Recommended Reading

For all the latest reports & updates for Ontology, make sure you’re following Monthly Reports & Community Updates

Ontonaut’s Log — May 2025 was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ontonaut’s Log April 2025

Hey explorers,

Your Ontonaut reporting in. April was packed with missions across the Ontology ecosystem. From staking updates and new campaigns to serious movement in the Decentralized Identity world, here is what went down.

Big Moves in Decentralized Identity and Web3 Reputation 🚀

World kicked off a $300K Dev Rewards pilot 💰 designed to inspire more human-first apps. It is a major boost for builders who are focused on keeping users at the center of Web3.

Meanwhile, new research shows the Self-Sovereign Identity (SSI) market is projected to reach $1,153.07 billion by 2034. Decentralized Identity 🆔 is not just a future trend anymore. It is becoming the future itself. 🌟.

What Ontology Accomplished in April 🌟

Ontology was active on the ground and online throughout April.

Geoff Richards represented the project at Paris Blockchain Week 🇫🇷 building connections across the global Web3 space.

The team also showed up strong at the TEAMZ Summit in Tokyo, pushing forward Ontology’s presence in Asia.

We hosted an AMA and Giveaway with LetsExchange, 🎁 giving the community a chance to connect directly.

The new ONT ID 🆔 X account launched, offering a direct line for updates and conversations around digital identity.

We kept the energy high with the Fur PFP Sharing campaign, a Monthly Discord Quiz 🧠, regular Community Calls, Privacy Hour discussions 🔒, and active Telegram sessions. 💬

ONTO Wallet Updates 👛

ONTO Wallet rolled out a wave of improvements. 🌊

We announced the Ontonaut AI feedback winners 🏆 and shared a staking tutorial for Ontology nodes.

The March Top 10 Chains 📈 were revealed, highlighting which ecosystems are seeing the most action.

The new blog section 📝 went live on the ONTO site, bringing more resources to the community.

Integration updates made using ONTO faster and smarter.

Human.tech featured an article on ONTO’s work in the decentralized identity 🆔 space.

And Umy.com officially joined the DApp listings. 🛠️

Orange Protocol Campaigns 🍊

Orange Protocol launched several community campaigns this month.

The CoinAvatar campaign kicked off, 🎮 with a 2,500 $CAV prize pool up for grabs. 🏆

The BitDoctorAI campaign 🏥 focused on expanding healthcare access through blockchain tools. 🔗

The new OHS campaign started, offering a 1,200 $ONG prize monthly. 🎁

Orange also teamed up with Ontology for a joint Community Update. 📢

Ecosystem Stats 📊

The Ontology ecosystem hit 19,884,119 total transactions 🔥 as of the end of April.

Every transaction strengthens the network 🛡️ and brings decentralized identity 🆔 closer to mainstream adoption.

That is all for now, explorers 🧑‍🚀. Stay curious 🔍. Stay decentralized 🛡️ The Ontonaut will report back soon.

📚 Recommended Reading

For all the latest reports & updates for Ontology, make sure you’re following Monthly Reports & Community Updates

Ontonaut’s Log April 2025 was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.

Browser extensions can be fantastic tools, enhancing your web experience from blocking ads to managing passwords. But sometimes, they can cause issues like slowing down your browser, clashing with websites, or even raising security concerns. If you’re looking to regain control of your browser or simply want to declutter, this Herond article will show you how to disable a Browser Extension: Quick Tips for Beginners. Let’s dive into some useful advice to get you started!

What Does Disabling a Browser Extension Mean? Simple definition

Disabling a browser extension means you’re simply turning it off without uninstalling it. It stops running and affects your browser, but stays installed so you can easily reactivate it later. This gives you flexibility to manage your browser’s performance and security on the fly.

Benefits

Knowing how to disable a browser extension offers several benefits. It often improves browser speed by reducing background processes, enhances security by deactivating potentially risky extensions, and simplifies browse by decluttering your toolbar and preventing website conflicts. It’s a quick way to troubleshoot and keep your browser efficient.

Step-by-Step Guide to disable a Browser Extension Step 1: Access the Extensions Menu How to find

The first step to managing your browser’s add-ons is knowing how to disable a browser extension by finding its dedicated menu. On Chrome, you typically navigate through the Menu (three dots) in the top right, then hover over “More Tools,” and finally click “Extensions.” For Firefox users, you’ll find it by clicking the Menu (three lines), then selecting “Add-ons and themes.” Herond Browser and other Chromium-based browsers usually follow a similar path to Chrome.

Tip

For a quicker way to access your extensions menu, consider using keyboard shortcuts. For instance, on Chrome and many other Chromium-based browsers, you can often jump directly to the extensions page by pressing Ctrl + Shift + E (or Cmd + Shift + E on Mac). This little trick can save you time and make the process of learning how to do it even more efficient, letting you manage your add-ons with just a few keystrokes.

Step 2: Toggle Off the Extension

Once you’re in the extensions menu, how to disable a browser extension is simple. Just find the extension you wish to turn off and click its toggle switch. This immediately deactivates it, stopping it from running in the background while keeping it installed for future use.

Safety note

A crucial safety tip when managing extensions is to be aware of their permissions. Before disabling an extension, review the access it has been granted (e.g., Browse history, site data). Understanding these permissions is vital for your online security and privacy.

Step 3: Verify the Change

After you’ve toggled off an extension, it’s smart to verify the change to ensure it’s no longer active. To do this, simply browse to a website where you previously noticed the extension’s effect, or open a new tab and observe your browser’s performance. This quick check confirms that you’ve successfully learned how to disable a browser extension and that it’s no longer interfering with your browse experience or consuming resources.

Tip

Occasionally, an extension might not fully deactivate immediately after toggling it off. If you’ve verified the change and the extension still seems active, a simple restart of your browser can often resolve the issue. Close all browser windows, then reopen your browser. This action forces all processes to shut down and restart, ensuring the extension’s disabled state is fully applied, making your effort to learn how to disable a browser extension complete and effective.

Quick Tips for Beginners to disable Extensions Safely Tip 1

When you’re trying to figure out which extension might be causing problems, like slowing down your browser or crashing a website, it’s best to disable one extension at a time. This method lets you pinpoint the exact culprit. After disabling one, test your browser to see if the issue is resolved. If not, re-enable it and move on to the next. This systematic approach makes learning how to disable a browser extension for troubleshooting much more efficient.

Tip 2

Before you toggle off an extension, take a moment to review its permissions. Extensions often ask for broad access to your browser data, history, or even the ability to change website content. Understanding these permissions helps you know what the extension was capable of doing. This knowledge is key for maintaining your online privacy and security, and it’s a smart step when learning how to disable a browser extension.

Tip 3

It’s a good habit to keep a list of disabled extensions for future reference. You might disable an extension thinking you won’t need it, only to realize later that a specific website or workflow depends on it. A simple note or a mental list of what you’ve turned off can save you time and frustration if you need to reactivate something or understand why a certain feature isn’t working. This tip makes managing how to disable a browser extension a more organized process.

Common Pitfalls and How to Avoid Them Pitfall 1: Accidentally removing it instead of disabling

A common mistake when learning how to disable a browser extension is accidentally removing or uninstalling it instead of just disabling. This happens when users click the “Remove” or “Uninstall” button instead of the toggle switch. The solution is simple: always double-check the button or toggle you’re about to click. Disabling keeps the extension installed for future use, whereas removing it means you’d have to re-download and re-install it if you ever change your mind.

Pitfall 2: Performance drop after disabling

Sometimes, even after you’ve learned how to disable a browser extension, you might still notice a performance issue or a lingering effect. This “performance drop” isn’t necessarily because of the disabled extension, but could be due to leftover data. The solution here is to clear your browser’s cache and cookies after disabling extensions, especially if you’re troubleshooting speed problems. This helps refresh your browser’s data, ensuring that any residual effects of the inactive extension are completely gone and your browser runs smoothly.

Conclusion

Learning how to disable a browser extension empowers you to control your online experience. This simple skill is vital for troubleshooting performance, enhancing security, or just decluttering your browser.

By following quick tips – accessing the menu, toggling off, verifying changes, and applying best practices – you, you ensure a smooth, safe, and tailored browse journey. Managing extensions regularly is a small effort that yields big rewards: a faster, more secure, and more enjoyable online life.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post How to Disable a Browser Extension: Quick Tips for Beginners appeared first on Herond Blog.

The post How to Disable a Browser Extension: Quick Tips for Beginners appeared first on Herond Blog.

Accidentally closing a vital browser tab is a common frustration, often leading to lost work or information. But don’t panic! Herond knows these mishaps happen. This quick guide will show you how to restore closed tabs safely without losing data. This also helps ensuring your valuable content is always just a few clicks away. Say goodbye to lost tabs and browse with peace of mind!

Understanding Closed Tabs and Data Safety What happens when a tab closes unexpectedly

When a browser tab closes unexpectedly, whether due to a crash, a system freeze, or an accidental click, your immediate thought is often about lost data. In such scenarios, the browser typically doesn’t immediately delete the session information. Instead, it temporarily holds data related to your open tabs, hoping to facilitate recovery. This temporary storage is key to understanding how to restore closed tab content. It also gives you a crucial window to recover your work or browse session before it’s permanently gone.

Why safety matters

The safety of your data is paramount when dealing with closed tabs. When you’re trying to figure out how to restore closed tab information, it’s vital to ensure you’re not inadvertently causing data leaks, especially if the tab contains sensitive personal or financial details. Furthermore, improper recovery attempts could lead to overwriting valuable saved sessions or browser data. Prioritizing safe restoration methods protects your privacy and ensures that the recovery process doesn’t create new problems, keeping your information secure and intact.

Step-by-Step Guide on how to Restore Closed Tab Safely Step 1: Use Browser’s Built-In Restore Feature How to access

The quickest way to learn how to restore closed tab is by using your browser’s built-in feature. For most browsers, a simple keyboard shortcut does the trick: pressing Ctrl + Shift + T (or Cmd + Shift + T on Mac) will instantly reopen the last closed tab. If you need to go further back, browsers like Firefox offer a “Recently Closed Tabs” option within their History menu, allowing you to pick specific tabs from a list. This native functionality is designed for rapid recovery and is usually your first, best option.

Safety tip

When attempting to restore closed tabs, a crucial safety tip is to check for recent backups – not just of your tabs, but potentially your browser profile if you use synchronization features. While the built-in restore function handles most recent closures, understanding how to restore closed tab data from older sessions might involve looking into your browser’s history or sync settings. Ensuring a browser profile backup or regularly syncing your browser data can act as a safety net, protecting against permanent data loss even in more severe scenarios like a browser crash.

Step 2: Check Session History Guide to finding history

If the quick restore shortcut doesn’t bring back your tab, the next step is to dive into browser’s session history. For Herond, you can access your full Browse history by pressing Ctrl + H (or Cmd + Y on Mac) or via the Menu -> History. Chrome users can find similar functionality in their History tab or the Timeline feature, which chronologically lists past activities. This detailed history allows you to scroll back and locate the specific tab you accidentally closed, even if it was from a previous Browse session.

Tip

When regularly checking your session history to learn how to restore closed tab content, it’s a good practice to clear old data to avoid clutter. Over time, your browser history can become very extensive, making it harder to find what you need quickly. Periodically clearing Browse data, especially older entries you no longer need, can significantly streamline your history logs. This helps ensure that when you do need to restore a tab, your recent, relevant sessions are easier to pinpoint and recover efficiently.

Step 3: Restore from Saved Sessions How to use session managers or extensions

Beyond browser history, knowing how to restore closed tab sessions becomes even more robust with dedicated session managers or extensions. Tools like Session Buddy (for Chrome) allow you to save entire Browse sessions, including multiple windows and tabs, as a single file. This means if your browser crashes or you accidentally close everything, you can simply load a previously saved session. These extensions offer a powerful backup solution, giving you peace of mind that your complex Browse setups are always recoverable.

Safety

While session managers are incredibly useful for learning how to restore closed tab data, it’s crucial to prioritize safety: avoid untrusted extensions. Always download session management tools only from official browser web stores (like the Chrome Web Store or Firefox Add-ons) and check reviews, ratings, and developer credibility. Installing unverified extensions can expose your browser data to security risks, including malware or data leaks. Prioritize your digital safety by choosing well-vetted and reputable tools to manage your precious browsing sessions.

Step 4: Prevent Data Loss with Auto-Save

To proactively prevent data loss and ensure you rarely need to figure out how to restore closed tab content, enable your browser’s auto-save features. Many browsers and web applications offer automatic saving of form data, tabs, or even entire sessions. Make sure these settings are activated in your browser’s preferences. This small step creates continuous backups of your active work, significantly reducing the impact of accidental closures or crashes by automatically preserving your progress.

Tip

Beyond auto-save, a robust tip for preventing data loss is to regularly export session data. Some browser extensions or built-in features allow you to save your entire current Browse session (all open tabs and windows) as a file. Periodically exporting this data to a secure location provides an independent backup. This means even if your browser’s internal recovery fails, you still have a separate file to restore closed tab groups, offering an extra layer of security for your valuable browse sessions.

Top Tips to Ensure Safe Tab Restoration Tip 1: Update your browser to avoid bugs

To ensure safe tab restoration, always update your browser to avoid bugs. Outdated browser versions can have vulnerabilities or glitches that might hinder proper tab recovery, or even compromise your data. Keeping your browser software current ensures you have the latest security patches and functionality, making the process of learning how to restore closed tab content more reliable and secure. Regular updates are a simple, yet effective, preventative measure.

Tip 2: Use incognito mode for sensitive tabs before restoring

For sensitive information, a smart safety practice is to use incognito mode for sensitive tabs before restoring. If you know a tab contains private data, opening it in incognito/private mode ensures its session isn’t saved to your regular Browse history or cache. This can be particularly useful if you’re ever in a situation where you need to learn how to restore closed tab content in a shared or public environment, as it prevents sensitive data from being inadvertently exposed or saved persistently.

Tip 3: Back up bookmarks regularly

While not directly about real-time tab restoration, a vital tip for long-term data safety is to back up bookmarks regularly. Even if you master how to restore closed tab sessions, important pages you visit frequently should be bookmarked. Regularly exporting or syncing your bookmarks ensures that if a severe browser issue prevents session recovery, your most valuable links are still saved. This acts as a robust safety net for your essential web resources.

Conclusion

Accidentally closing a crucial browser tab is frustrating, but knowing how to restore closed tabs safely without losing data means you don’t have to panic. By using your browser’s built-in features, checking history, and leveraging smart extensions, you can quickly recover valuable work. Proactively prevent data loss with auto-save and regular backups, and prioritize safety by updating your browser and being mindful of extension permissions. These tips ensure a seamless, secure, and enjoyable Browse experience, keeping your data always within reach.

About Herond About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post How to Restore Closed Tab Safely Without Losing Data appeared first on Herond Blog.

The post How to Restore Closed Tab Safely Without Losing Data appeared first on Herond Blog.

Published by Simon Pickles (Engineering Manager), Tara Hofton (Head of Data Engineering) & Ferran Cabezas I Castellvi (Data Engineering Lead)

Security Brief United Kingdom reports that Specops Software has partnered with GuidePoint Security in a strategic reseller agreement to deliver advanced password management and user authentication tools to North American customers.

As the UK advances toward a digital identity future, experts warn that fragmented policies and limited security frameworks could undermine national efforts and public trust, reports Biometric Update.

Security vulnerabilities in hybrid identity environments are proving difficult to manage, with organizations experiencing declining security performance, according to the 2025 Purple Knight Report from Semperis, reports Security Brief Australia.

A newly disclosed vulnerability in eSIM technology has exposed serious risks to mobile subscriber identity security, with researchers from AG Security Research demonstrating the ability to clone eSIM profiles and hijack phone identities, according to Cyber Security News.

As cyberwarfare intensifies in Israel and the Mediterranean, identity security has emerged as a critical weakness across organizations in the region, according to a new CXO Priorities survey conducted with Okta, Intelligent CISO reports.

How Auth0 and AWS are redefining the patient experience.

AI poses a real threat to UK business if companies don’t keep up with the pace of development according to the National Cyber Security Council (NCSC).
The UK’s authority on cyber threats to the county recently issued an NCSC Assessment (NCSC-A) highlighting the impacts on cyber threat from AI developments between now and 2027.

The post AI poses a real threat to UK business appeared first on Veracity Trust Network.

Implement effective B2B SaaS user onboarding strategies with Auth0. Learn about self-service, admin provisioning, and JIT flows, plus a Blazor invitation example.

Since the full-scale invasion of Ukraine in 2022, crypto has become a mainstream method of donating to various humanitarian and conflict situations. Be it earthquakes in Turkey, Myanmar or the Ukrainian Government’s own fundraising campaigns, the use of crypto as a fundraising tool underscores a core advantage of blockchain technology. 

Minor Releases – Holochain 0.5.4 & 0.4.4:  We found a bug where the code that ensures zome-call atomicity failed, i.e. if the zome call returned an error a commit might still be added to your chain.  This bug has been fixed and is being released in Holochain 0.5.4 and back-ported to Holochain 0.4.4 release.   The 0.5.4 release also includes additional debug-logging output that should help us better understand some of the circumstances where WebRTC connections are spontaneously dropped.

HTTP Gateway Update (0.2.0):  HTTP Gateway that provides a way to bridge from the web2 world into Holochain has been updated for compatibility with Holochain 0.5. We have updated and released it (https://github.com/holochain/hc-http-gw) 

Developer Focus: Our focus is now directly visible on the Roadmap (holochain.org/roadmap), for details see the blog post (https://blog.holochain.org/introducing-the-new-holochain-roadmap/). You will see there that focus has shifted to Holochain 0.6, highlights of which include:

Conductor State refactors address problems in inconsistent cell state Ability for coordinator zome updates Extending memproof gating to the network level.

New Dev Hires: Our two new team members are onboarding quickly and will both focus on fleshing out our Wind Tunnel performance testing framework, adding new scenarios, and reporting.

Dev Office Hours: July 9th recap

We were excited to have an inquiry in our Office Hours about use of our Kitsune2 p2p data-synchronization layer in a stand-alone project.  This library is ready to be used in other projects, and so despite the fact that we haven’t yet created really good dev documentation for it we were able to provide pointers to the showcase app (https://github.com/holochain/kitsune2/tree/main/crates/kitsune2_showcase) that demonstrates its stand-alone use.  We are looking forward to seeing how that goes, and if anyone else is interested in this, please keep us in the loop.

Discover how federated identity management solves the multi-org challenge, unifies user experiences, and boosts efficiency for complex enterprises.

Liminal members enjoy the exclusive benefit of receiving daily morning briefs directly in their inboxes, ensuring they stay ahead of the curve with the latest industry developments for a significant competitive advantage.

Looking for product or company-specific news? Log in or sign-up to Link for more detailed news and developments.

Here are the main industry highlights of this week impacting identity and fraud, cybersecurity, trust and safety, financial crimes compliance, and privacy and consent management.

🪄Innovation and New Technology Developments

Italy Modernizes Civil Services and Digital Wallet with National Integration and Offline Access

Italy is advancing its digital identity infrastructure with significant updates to its national digital services. Over 700 municipalities have joined the centralized National Archive of Civil Status (ANSC), replacing paper-based record-keeping with a unified digital platform for civil documents. Synchronization with the National Registry of the Resident Population ensures data accuracy and streamlines administrative workflows. Concurrently, Italy’s “IO” app now supports offline access to its digital wallet, allowing users to retrieve essential documents like driving licenses and health cards without an internet connection. With nearly 90 million digital identities issued and robust growth in digital document adoption, Italy is ahead of its National Recovery and Resilience Plan targets. (Source)

African Nations Advance Digital Identity and Governance to Promote Security and Inclusion

Nigeria, Somalia, South Africa, and Eswatini are advancing digital identity and governance initiatives as part of broader digital transformation efforts across Africa. Nigeria is using biometrics and digital wallets to distribute aid more efficiently and securely, aiming to curb corruption and preserve recipients’ dignity. Somalia has implemented a U.S.-developed biometric border control system to enhance national security. Meanwhile, South Africa and Eswatini signed a digital cooperation agreement to harmonize ICT policies, expand digital literacy, and collaborate on emerging technologies. These efforts highlight the continent’s growing emphasis on secure, inclusive digital infrastructure. (Source)

Anonybit and SmartUp Launch Decentralized Biometric Identity Solution for Enterprise AI Agents

Anonybit has partnered with AI-native no-code platform @SmartUp to launch a privacy-preserving digital identity solution for AI agents, aimed at enhancing trust and accountability in agent-driven enterprise workflows. The solution leverages Anonybit’s decentralized biometric cloud and token management system to securely authenticate users and authorize actions through identity-bound agents. Supporting multiple biometric modalities, the system ensures compliance, data residency, and quantum-resistant security without centralized data storage. This partnership enables practical deployment of agentic automation in areas like payments and supply chain management, addressing rising concerns around identity and fraud in AI-driven processes. (Source)

South Africa Launches Upgraded Identity Verification System With Faster, More Reliable Access to NPR

South Africa’s Department of Home Affairs has launched an upgraded identity verification platform that allows both government and private sector entities to verify identities against the National Population Register (NPR). Previously plagued by high failure rates due to underinvestment, the new system now handles over 180,000 daily transactions with minimal error and sub-second response times. The justice sector and several private users have already transitioned, benefiting from improved reliability and efficiency. While some users were unprepared for the switch despite prior consultations, the Department is offering a grace period until October to optimize usage and reduce costs, crediting back overpayments based on off-peak verification adjustments. (Source)

💰 Investments and Partnerships

Leonardo Acquires Axiomatics to Strengthen Global Zero Trust Cybersecurity Strategy

Leonardo, the Italian aerospace and defence company, has acquired Swedish cybersecurity firm Axiomatics AB to bolster its global Zero Trust security capabilities. Axiomatics, established in 2006 and headquartered in Stockholm with operations in North America, specialises in dynamic access control solutions based on the Attribute-Based Access Control (ABAC) model—a fundamental component of Zero Trust cybersecurity architecture. This acquisition is part of Leonardo’s broader strategy to expand its proprietary cybersecurity portfolio and enhance its role in securing digital infrastructure across critical sectors worldwide. The deal, announced on July 9, 2025, is subject to regulatory approvals, including a review by Swedish authorities overseeing foreign investment in the defence sector. (Source)

Didomi Expands Global Privacy Services Through Sourcepoint Acquisition Backed by Marlin Equity

Didomi, a Paris-based data privacy startup, has acquired Sourcepoint to consolidate their consent and compliance services, creating a larger global presence with over 1,700 enterprise clients. Both companies offer tools that help businesses manage user consent for data collection in compliance with privacy laws like GDPR and CPRA. The acquisition, backed by Marlin Equity Partners, follows Didomi’s earlier purchase of Addingwell by Didomi, a server-side tracking firm aimed at enhancing marketing data accuracy and compliance. The combined entity aims to provide a unified privacy infrastructure amid evolving regulations and AI-driven digital advertising. (Source)

Castellum.AI Secures $8.5M Series A to Advance AI-Driven AML Compliance Across Financial Ecosystem

Castellum.AI, a fintech company focused on AI-driven anti-money laundering (AML) compliance, has raised $8.5 million in a Series A funding round led by Curql and supported by several venture firms. The platform uses AI agents to streamline AML and KYC screening processes, aiming to reduce false positives and enhance review efficiency for financial institutions. With the new funds, Castellum.AI will expand its integration with banks, credit unions, and digital asset exchanges, offering compatibility with existing systems to lower switching costs. The firm is also pursuing certification standards for its AI agents, positioning them to support various levels of compliance adjudication. (Source)

Pimloc Raises $5 Million to Scale AI-Powered Video Privacy Platform for Global Expansion

London-based video privacy company PIMLOC has raised $5 million in a funding round led by Amadeus Capital Partners and Edge Ventures to support its global expansion. Pimloc’s Secure Redact platform, which uses AI to automatically anonymize sensitive visual and audio data, has seen over 120% annual growth and is already in use across sectors such as healthcare, law enforcement, and education. The platform has processed nearly half a billion instances of personally identifiable information and integrates with major systems like Microsoft and Milestone. The funding will help Pimloc scale into new regions and sectors amid increasing global demands for video data privacy and compliance. (Source)

⚖️ Policy and Regulatory

Indian Gig Platforms Push for Aadhaar-Based ID Verification to Curb Fraud and Simplify Onboarding

Indian gig-economy startups in sectors like food delivery, ecommerce, and ride-hailing are seeking government approval to use Aadhaar-based identity verification to address fraud and streamline worker onboarding. The Ministry of Electronics and IT (MeitY) has restricted unauthorized use of Aadhaar services, pushing firms to obtain formal permission for legitimate access. Companies such as Protean eGov Technologies and IDfy are positioned to offer compliant biometric and KYC solutions if approvals are granted. These services would allow secure and scalable verification through Aadhaar, potentially replacing illegal methods currently used by some platforms. (Source)

Germany Urges Apple and Google to Remove DeepSeek Over GDPR Violations and Data Transfers to China

Germany’s data protection authority has requested Apple and Google to block the Chinese chatbot app DeepSeek from their app stores, citing unlawful data transfers to China and violations of GDPR. The Berlin Data Protection Commissioner argued that DeepSeek fails to provide adequate safeguards for user data, especially given Chinese authorities’ extensive access rights. The app had already been banned in Italy earlier this year for similar concerns, and investigations are ongoing in several other EU countries. Despite a recent privacy policy update, DeepSeek remains under scrutiny for opaque data retention practices and lack of user protections equivalent to those in the EU. (Source)

Stanford Paper Critiques Age Assurance Laws as Suppressive and Fragmented Regulatory Measures

In a new paper from Stanford Law School, legal scholar Eric Goldman critiques online age assurance laws, arguing they amount to “segregate-and-suppress” legislation that undermines privacy, innovation, and free expression. Goldman challenges the fragmented regulatory landscape and the terminology underpinning age assurance technologies, claiming such laws expose users to surveillance and economic harms. However, critics note that his argument downplays the risks of unrestricted access to harmful content and seems aligned with the stance of industry groups like NetChoice. The paper ultimately favors parental oversight and digital literacy over legal mandates, though it has been criticized for overlooking the practical and ethical concerns driving age assurance efforts. (Source)

Healthline Faces Record CCPA Settlement Over Misuse of Sensitive Health Data and Consent Failures

Healthline Media has agreed to a $1.55 million settlement with the California Attorney General for alleged violations of the California Consumer Privacy Act (CCPA) and Unfair Competition Law—the largest CCPA-related settlement to date. The investigation found that Healthline continued to share user data with advertisers for targeted ads even after users opted out, particularly revealing sensitive health-related information based on visited pages. Additional violations included inadequate contract terms with ad partners and non-functional cookie consent tools. As part of the settlement, Healthline must implement corrective measures, including fixing opt-out mechanisms, halting the sharing of health-related article titles, and maintaining a robust CCPA compliance program. The settlement awaits court approval. (Source)

Spain Arrests Five in $542 Million Crypto Fraud Tied to Global Investment Scam

Five individuals have been arrested in Spain for allegedly orchestrating a cryptocurrency investment scam that defrauded over 5,000 victims—100 of them from Switzerland—out of approximately $542 million. Coordinated by the Spanish Guardia Civil with support from Europol and law enforcement in the US, France, and Estonia, the operation involved arrests in the Canary Islands and Madrid. The suspects are believed to have used a global network to collect and move funds through various financial channels, including crypto transfers. Authorities also linked the group to a complex banking and corporate structure based in Hong Kong. The case is one of Spain’s largest crypto fraud investigations and follows recent international crackdowns on similar scams. (Source)

Chile Cracks Down on Tren de Aragua’s $13.5 Million Crypto-Fueled Laundering Network

Chilean authorities have dismantled a major money laundering operation linked to the Venezuelan criminal group Tren de Aragua, which allegedly funneled over $13.5 million through bank accounts and cryptocurrency to multiple countries, including the U.S., Venezuela, Colombia, and Spain. The crackdown, which resulted in 52 arrests, uncovered that the laundered funds stemmed from crimes such as human trafficking, extortion, drug trafficking, and homicides. Experts note that Tren de Aragua has adopted crypto-based laundering tactics from Mexican cartels to obscure financial trails. The organization has previously been designated a Transnational Criminal Organization by the U.S. Treasury’s OFAC for its expansive illicit operations across the Americas. (Source)

Meta Challenges EU Fine Over “Pay or Consent” Model in Ongoing Data Privacy Dispute

Meta plans to appeal a €200 million fine issued by the European Union for allegedly violating the Digital Markets Act through its “pay or consent” model, which offers users a choice between paying for ad-free access or consenting to data tracking. The European Commission found this approach failed to provide an equivalent alternative without personalized data use, deeming it non-compliant with EU rules. Meta contests the ruling, citing prior legal precedent supporting subscription-based models. The case marks another chapter in Meta’s ongoing conflict with European regulators over data privacy, following earlier fines and legal disputes concerning ad targeting and transatlantic data transfers. (Source)

🔗 More from Liminal

Access Our Intelligence Platform

Stay ahead of market shifts, outperform competitors, and drive growth with real-time intelligence.

Market & Buyer’s Guide for Data Security 2025

Security leaders are replacing point solutions with unified platforms that combine access control, AI data governance and ransomware prevention. This guide reveals what buyers prioritize and where innovation is reshaping data protection.

Save your spot: Tackling First-Party Fraud Demo Day

Discover how 9 leading vendors are stopping chargebacks, promo abuse, and refund fraud in real time.

The post This Week in Identity appeared first on Liminal.co.

4 Arrested in £440M M&S Cyber Attacks; Are They Members of Scattered Spider?

On July 10, 2025, the U.K. National Crime Agency (NCA) announced a major breakthrough in its investigation into a series of devastating cyber attacks, arresting four individuals from their homes in the West Midlands and London. The suspects face a litany of serious charges, including Computer Misuse Act offenses, blackmail, money laundering, and, notably, "participating in the activities of an organized crime group."

While the NCA confirmed the suspects' involvement in an organized syndicate, they did not officially name the group. This has led to widespread speculation, and the cybersecurity community is asking one major question: are they members of Scattered Spider? While an official confirmation is pending, it's widely believed that the group is responsible. The tactics used in the £440 million retail heist, specifically the reliance on advanced social engineering ploys, are a known signature of the Scattered Spider hacker group.

HYPR’s Take: Whether or not these four individuals are confirmed members, the profile of this attack and the suspects themselves paint a vivid picture of the threat that groups like Scattered Spider represent. The suspects are incredibly young, ranging from just 17 to 20 years old, which aligns perfectly with the known demographics of this new generation of digital native cybercriminals.

How Young, Native-Speaking Groups Outmaneuver Traditional Defenses

For years, enterprise security has been architected to defend against a specific type of threat: sophisticated, often foreign, nation-state actors. The defense playbook was designed to spot technical vulnerabilities and hunt for clues of foreign intrusion, like language errors in phishing emails or unusual geopolitical motives. But today, the most dangerous threat isn't a foreign government; it's a teenager in a Western country who sounds exactly like one of your employees on the phone.

The attackers in groups like Scattered Spider are shockingly young, often between 16 and 22 years old. They are true digital natives who have grown up in a world of social media, online gaming, and instant communication. This gives them more than just technical skill; it provides them with an intuitive grasp of online psychology and a mastery of social manipulation that older, more traditional hacking groups often lack. They don't operate in rigid hierarchies but as fluid, decentralized collectives, working together like a gig-economy startup for cybercrime.

Their single most effective weapon is the English language. Unlike many foreign adversaries, these young attackers are native speakers. When they call an IT help desk to impersonate an employee, there are no accents, stilted phrases, or cultural missteps to raise alarm bells. They can build rapport, express urgency, and navigate corporate jargon flawlessly, weaponizing trust to turn your most helpful employees into unwitting accomplices. Their process is a masterclass in psychological manipulation:

Reconnaissance: They scour social media like LinkedIn to find a target employee, gathering personal details like their role, colleagues, and even recent projects. Impersonation: Armed with this information, they call the IT help desk, often during a busy shift change. They create a sense of urgency – "I'm locked out and have a huge presentation in five minutes!" – to pressure the agent. Exploitation: They skillfully answer security questions using the data they’ve collected and trick the well-meaning agent into resetting credentials or even enrolling a new MFA device.

This operational model is fundamentally different from that of a nation-state. These groups are not driven by ideology; they are financially motivated, seeking maximum profit with calculated efficiency. This agile and opportunistic structure makes them incredibly difficult to track. They will focus on one industry, refine their social engineering tactics for that sector's specific culture, extract as much money as possible, and then move on to the next target. The security playbooks written for yesterday's threats are simply not equipped to handle this new breed of adversary.

How to Stop Scattered Spider: Defeating the Gen-Z Hacker with Identity Assurance

Fighting a new breed of predator requires a new class of defense. Probabilistic security has failed. The only way to stop a Scattered Spider attack is to move to a deterministic model of security; one that provides absolute certainty about a user's identity.

HYPR dismantles the Scattered Spider playbook piece by piece:

Eliminate the Attack Vector with Phishing-Resistant MFA: The primary weapon of Scattered Spider is credential phishing. HYPR Authenticate replaces passwords with FIDO-certified, passkey-based authentication. Authentication is bound to the true domain of the service, making it impossible for AiTM tools like Evilginx to function. If a user is lured to a fake site, the authentication will simply fail. There is no credential to steal and no session cookie to hijack. The attack is stopped before it begins.

Secure the Help Desk with Deterministic Identity Verification: The help desk is Scattered Spider's favorite entry point. HYPR Affirm slams that door shut. To perform a sensitive action like a credential reset, the user must prove who they are, not just what they know. Affirm uses a multi-layered, configurable workflow that can include verifying a government-issued ID, a biometric selfie match, and other deterministic factors. A scammer on the phone cannot fake their way through a live facial recognition scan. We help you verify the person, not the account.

Scattered Spider thrives on uncertainty, manipulation, and the fundamental flaws of legacy identity security. HYPR provides certainty.

Don't wait to become Scattered Spider's next headline. It's time to move beyond security that hopes it's right to a system that knows.

Subscribe to our updates to learn how to build a defense-in-depth identity strategy.

The Civil Aviation Authority of Mongolia, the National Civil Aviation Center, BPI, Thales and ENAC sign MoU to enhance Mongolia’s aviation capabilities Language English florence.lucas Fri, 07/11/2025 - 12:24 This Memorandum of Understanding (MoU) marks a significant milestone as Mongolia celebrates 100 years of civil aviation operations, in addition to the 60th anniversary of its diplomatic relations with France. This strategic cooperation between the Civil Aviation Authority of Mongolia (MCAA), the National Civil Aviation Center (NCAC), BPI, Thales and l’Ecole Nationale de l’Aviation Civile (ENAC) aims to modernize Mongolia's aviation sector through international cooperation, financial support, infrastructure development, exchange of knowledge as well as training of personnel. Empowering Mongolia’s transformation through Innovation and Excellence

Positioned at the crossroads of major Asia-Pacific aviation markets, Mongolia's civil aviation sector is burgeoning, driven by increasing domestic and international travel demands. As the country celebrates its centenary of civil aviation development, it is poised for significant advancements.

MCAA and NCAC, which serve as the regulatory bodies overseeing Mongolia's aviation services, have expressed the need for a cutting-edge Air Traffic Control system, coupled with comprehensive workforce training. This initiative aims to enhance safety and efficiency, while positioning Mongolia as one of the region's leaders in civil aviation.

A Collaborative Effort

In line with the political course set by President Emmanuel Macron and President Ukhnaagiin Khürelsükh in 2023, and building on the cooperation agreements signed between the Civil Aviation Authority of Mongolia and the Direction Générale de l’Aviation Civile (DGAC), this MoU lays the foundation for a powerful consortium of French and Mongolian entities. Each party is bringing its own specialized skills and resources, to the benefit of Mongolia’s development.

Thales, a global leader in advanced technologies, is committed to supporting Mongolia’s ambitions through secure and innovative technologies, relying on its proven expertise in airspace mobility solutions.

Meanwhile, ENAC, a top aeronautics and aviation university in Europe, will provide a broad range of training tailored for civil aviation personnel. BPI (France Banque Publique d’Investissement) aims to promote the French industry and associated export projects with financial support and export credits, further assisting in the development of Mongolia’s civil aviation sector.

A Bright Future for Mongolian Aviation

As Mongolia continues to grow and integrate further into the global economy, developing a modern and efficient civil aviation system will be essential for its success. This MoU marks a significant milestone in achieving that goal, paving the way for a new era of safe, efficient, and sustainable air travel in Mongolia.

 

“As a continuation of the bilateral dialogue between our two countries, we are grateful for the trust that the Civil Aviation Authority of Mongolia and the National Civil Aviation Center have placed in the French experience and expertise in this field. This MoU marks a pivotal moment in our collaboration. Thales is deeply committed to supporting Mongolia’s aviation sector and we firmly believe that the comprehensive solution designed with ENAC and BPI can bring substantial and long-term benefits for the country’s transportation network.”  

Youzec Kurp, Vice-President, Airspace Mobility Solutions, Thales.

/sites/default/files/database/assets/images/2025-07/Mongolia_MoU_Signature_OK.jpg 11 Jul 2025 Aerospace Defence and Security The Civil Aviation Authority of Mongolia, the National Civil Aviation Center, BPI, Thales and ENAC sign MoU to enhance Mongolia’s aviation capabilities. • This strategic cooperation aims to modernize Mongolia's aviation sector through international cooperation, financial support, infrastructure development, exchange of knowledge as well as training of personnel. Type News Hide from search engines Off

M°U MoU to enhance Mongolia’s aviation capabilities Language English florence.lucas Fri, 07/11/2025 - 12:20 This Memorandum of Understanding (MoU) marks a significant milestone as Mongolia celebrates 100 years of civil aviation operations, in addition to the 60th anniversary of its diplomatic relations with France. This strategic cooperation between the Civil Aviation Authority of Mongolia (MCAA), the National Civil Aviation Center (NCAC), BPI, Thales and l’Ecole Nationale de l’Aviation Civile (ENAC) aims to modernize Mongolia's aviation sector through international cooperation, financial support, infrastructure development, exchange of knowledge as well as training of personnel.

Empowering Mongolia’s transformation through Innovation and Excellence

Positioned at the crossroads of major Asia-Pacific aviation markets, Mongolia's civil aviation sector is burgeoning, driven by increasing domestic and international travel demands. As the country celebrates its centenary of civil aviation development, it is poised for significant advancements.

MCAA and NCAC, which serve as the regulatory bodies overseeing Mongolia's aviation services, have expressed the need for a cutting-edge Air Traffic Control system, coupled with comprehensive workforce training. This initiative aims to enhance safety and efficiency, while positioning Mongolia as one of the region's leaders in civil aviation.

A Collaborative Effort

In line with the political course set by President Emmanuel Macron and President Ukhnaagiin Khürelsükh in 2023, and building on the cooperation agreements signed between the Civil Aviation Authority of Mongolia and the Direction Générale de l’Aviation Civile (DGAC), this MoU lays the foundation for a powerful consortium of French and Mongolian entities. Each party is bringing its own specialized skills and resources, to the benefit of Mongolia’s development.

Thales, a global leader in advanced technologies, is committed to supporting Mongolia’s ambitions through secure and innovative technologies, relying on its proven expertise in airspace mobility solutions.

Meanwhile, ENAC, a top aeronautics and aviation university in Europe, will provide a broad range of training tailored for civil aviation personnel. BPI (France Banque Publique d’Investissement) aims to promote the French industry and associated export projects with financial support and export credits, further assisting in the development of Mongolia’s civil aviation sector.

A Bright Future for Mongolian Aviation

As Mongolia continues to grow and integrate further into the global economy, developing a modern and efficient civil aviation system will be essential for its success. This MoU marks a significant milestone in achieving that goal, paving the way for a new era of safe, efficient, and sustainable air travel in Mongolia.

 

“As a continuation of the bilateral dialogue between our two countries, we are grateful for the trust that the Civil Aviation Authority of Mongolia and the National Civil Aviation Center have placed in the French experience and expertise in this field. This MoU marks a pivotal moment in our collaboration. Thales is deeply committed to supporting Mongolia’s aviation sector and we firmly believe that the comprehensive solution designed with ENAC and BPI can bring substantial and long-term benefits for the country’s transportation network.”  

Youzec Kurp, Vice-President, Airspace Mobility Solutions, Thales.

Contacts Thales Press room 11 Jul 2025 Aerospace The Civil Aviation Authority of Mongolia, the National Civil Aviation Center, BPI, Thales and ENAC sign MoU to enhance Mongolia’s aviation capabilities. • This strategic cooperation aims to modernize Mongolia's aviation sector through international cooperation, financial support, infrastructure development, exchange of knowledge as well as training of personnel. Type News Hide from search engines Off

MoU signed for strategic cooperation to enhance Mongolia’s aviation capabilities Language English florence.lucas Fri, 07/11/2025 - 11:56 This Memorandum of Understanding (MoU) marks a significant milestone as Mongolia celebrates 100 years of civil aviation operations, in addition to the 60th anniversary of its diplomatic relations with France. This strategic cooperation between the Civil Aviation Authority of Mongolia (MCAA), the National Civil Aviation Center (NCAC), BPI, Thales and l’Ecole Nationale de l’Aviation Civile (ENAC) aims to modernize Mongolia's aviation sector through international cooperation, financial support, infrastructure development, exchange of knowledge as well as training of personnel.

Empowering Mongolia’s transformation through Innovation and Excellence

Positioned at the crossroads of major Asia-Pacific aviation markets, Mongolia's civil aviation sector is burgeoning, driven by increasing domestic and international travel demands. As the country celebrates its centenary of civil aviation development, it is poised for significant advancements.

MCAA and NCAC, which serve as the regulatory bodies overseeing Mongolia's aviation services, have expressed the need for a cutting-edge Air Traffic Control system, coupled with comprehensive workforce training. This initiative aims to enhance safety and efficiency, while positioning Mongolia as one of the region's leaders in civil aviation.

A Collaborative Effort

In line with the political course set by President Emmanuel Macron and President Ukhnaagiin Khürelsükh in 2023, and building on the cooperation agreements signed between the Civil Aviation Authority of Mongolia and the Direction Générale de l’Aviation Civile (DGAC), this MoU lays the foundation for a powerful consortium of French and Mongolian entities. Each party is bringing its own specialized skills and resources, to the benefit of Mongolia’s development.

Thales, a global leader in advanced technologies, is committed to supporting Mongolia’s ambitions through secure and innovative technologies, relying on its proven expertise in airspace mobility solutions.

Meanwhile, ENAC, a top aeronautics and aviation university in Europe, will provide a broad range of training tailored for civil aviation personnel. BPI (France Banque Publique d’Investissement) aims to promote the French industry and associated export projects with financial support and export credits, further assisting in the development of Mongolia’s civil aviation sector.

A Bright Future for Mongolian Aviation

As Mongolia continues to grow and integrate further into the global economy, developing a modern and efficient civil aviation system will be essential for its success. This MoU marks a significant milestone in achieving that goal, paving the way for a new era of safe, efficient, and sustainable air travel in Mongolia.

 

“As a continuation of the bilateral dialogue between our two countries, we are grateful for the trust that the Civil Aviation Authority of Mongolia and the National Civil Aviation Center have placed in the French experience and expertise in this field. This MoU marks a pivotal moment in our collaboration. Thales is deeply committed to supporting Mongolia’s aviation sector and we firmly believe that the comprehensive solution designed with ENAC and BPI can bring substantial and long-term benefits for the country’s transportation network.”  

Youzec Kurp, Vice-President, Airspace Mobility Solutions, Thales.

Contacts Thales Press room 11 Jul 2025 Aerospace The Civil Aviation Authority of Mongolia, the National Civil Aviation Center, BPI, Thales and ENAC sign MoU to enhance Mongolia’s aviation capabilities. • This strategic cooperation aims to modernize Mongolia's aviation sector through international cooperation, financial support, infrastructure development, exchange of knowledge as well as training of personnel. Type News Hide from search engines Off

Thales recognized for Aviation Innovation with the successful deployment of an Approach Spacing Tool (AST) in Hong Kong, China prezly Fri, 07/11/2025 - 09:00 The Civil Aviation Department of Hong Kong China and Thales have successfully implemented the innovative Approach Spacing Tool. This groundbreaking Approach Spacing Tool optimizes aircraft arrival spacing and supports more efficient and sustainable air travel. It is estimated that the implementation could reduce over 16,500 tons of fuel consumption and cut 52,000 tons of CO2 emissions annually.

Thales is making significant strides in the aviation and Air Traffic Management industry with its innovative Approach Spacing Tool, a technological breakthrough that optimizes aircraft arrival spacing, promoting more efficient and sustainable air travel. Fully integrated with Thales’ TopSky-ATC solution, this advanced tool has been deployed in Hong Kong China and globally to support Air Navigation Service Providers (ANSPs).

The Approach Spacing Tool revolutionizes the management of arriving flights by accurately calculating optimal spacing during the descent phase, considering real-time factors such as weather, aircraft performance, and runway capacity. It provides air traffic controllers with a clear, graphical visualization of each aircraft’s position relative to its ideal trajectory, ensuring precise and efficient sequencing.

Achieving Sustainability and Efficiency

The Hong Kong Civil Aviation Department (HKCAD) is committed to all services and operations being conducted in an environmentally responsible manner; and dedicated to ensuring a safe, efficient, and sustainable air transport system in Hong Kong.

The HKCAD has recognized the significant benefits of the Approach Spacing Tool. Apart from providing a tool to assist air traffic controllers in delivering consistent and optimal approach spacings between arriving aircraft, thus enhancing the efficiency of the Hong Kong International Airport, it is estimated that the implementation could reduce over 16,500 tons of fuel consumption and cut 52,000 tons of CO2 emissions annually. These reductions will lead to a more decarbonised and more sustainable airspace, contributing to global environmental targets. The implementation has won a runner-up honour at the Air Traffic Management Awards 2023 in the “Greener Skies” category by the Civil Air Navigation Services Organisation (CANSO).

Key Benefits Across the Aviation Ecosystem

The Approach Spacing Tool provides a range of advantages for all stakeholders in the aviation ecosystem, from pilots to air traffic controllers to airport operators:

Increased airport capacity: by increasing the runway throughput Enhanced Safety: Accurate arrival sequences promote safer operations. Reduced Environmental Impact: By optimizing arrival paths, the tool significantly reduces fuel consumption and reducing the Environmental Impact of aviation operations: Lower fuel usage directly leads to reduced carbon emissions. Improved Passenger Experience: Predictable arrivals mean fewer delays and smoother operations.

Innovation Rooted in Expertise

Thales continues to push the boundaries of aviation technology, staying true to its mission of advancing safer, more efficient and sustainable air travel. With the Approach Spacing Tool, Thales is redefining the future of aviation while contributing to a sustainable and trusted future for the industry.

“This innovation is a testament to Thales’ ingenuity in providing solutions that enhance global aviation operations. The Approach Spacing Tool not only improves safety and operational efficiency but also reflects our strong commitment to sustainability and innovation in aviation.”Philippe Bernard-Flattot, Vice President of Airspace Mobility Solutions for Asia and Pacific at Thales.

/sites/default/files/prezly/images/sans%20A-1920x480px_104.jpg Documents [Prezly] PR - Thales recognized for Aviation Innovation with the successful deployment of an Approach Spacing Tool (AST).pdf Contacts Cédric Leurquin 11 Jul 2025 Type Press release Structure China Thales is making significant strides in the aviation and Air Traffic Management industry with its innovative Approach Spacing Tool, a technological breakthrough that optimizes aircraft arrival spacing, promoting more efficient and sustainable air travel. Fully integrated with Thales’ TopSky-ATC solution, this advanced tool has been deployed in Hong Kong China and globally to support Air Navigation Service Providers (ANSPs). prezly_777756_thumbnail.jpg Hide from search engines Off Prezly ID 777756 Prezly UUID 6b098852-a311-4cbd-941e-dc9014113dd6 Prezly url https://thales-group.prezly.com/thales-recognized-for-aviation-innovation-with-the-successful-deployment-of-an-approach-spacing-tool-ast-in-hong-kong-china Fri, 07/11/2025 - 11:00 Don’t overwrite with Prezly data Off

Metadium’s AI-powered Conversational Blockchain Explorer

Hello Metadium Community,

We’re excited to announce that MChat, our AI-powered conversational blockchain explorer, is now officially live!

You can now explore Metadium blockchain data like transactions, blocks, and wallet activity by simply asking questions using natural language — just input your wallet address, transaction hash, or block number, and MChat will respond in real time.

🤖 What is MChat?

MChat is an interactive AI interface that lets you query Metadium’s blockchain through conversational dialogue.
Just type in prompts like:

“Show me the latest transactions from this address” “Did this transaction succeed?” “What’s the latest block number?”

MChat will interpret your query and provide accurate responses.

※ Please note: you still need to provide identifying information such as a wallet address or transaction hash to retrieve specific data.

⚠️ Still improving: responses may not always be accurate

As MChat is in its initial release, some responses may be inaccurate or incomplete depending on the complexity of the query.

This is part of the iterative learning process, and we’ll continue to improve the system through user feedback and ongoing data training.

👉 Try MChat now
(Optimized for desktop browsers)

Thank you,

The Metadium Team

🟢 MChat 정식 오픈 안내

메타디움 AI 기반 대화형 블록체인 익스플로러, 이제 직접 사용해보세요!

안녕하세요, 메타디움 커뮤니티 여러분!

지난 사전 안내에 이어, 많은 분들이 기다려주신
AI 기반 대화형 블록체인 익스플로러 ‘MChat’이 드디어 정식 오픈했습니다!

이제 MChat을 통해 지갑 주소, 트랜잭션 해시, 블록 번호 등을 입력하고
자연어로 질문하여 보다 직관적이고 대화형 방식으로 블록체인 데이터를 탐색할 수 있습니다.

🤖 MChat이란?

MChat은 메타디움 메인넷 상의 트랜잭션, 블록, 지갑 활동 등을
기존의 복잡한 인터페이스 대신, AI와 대화하듯 질의응답하며 확인할 수 있는 AI 기반 블록체인 탐색 도구(익스플로러)입니다.

예를 들어,

“이 주소의 최근 트랜잭션 보여줘” “이 트랜잭션 해시가 성공했는지 알려줘” “최근 블록 높이는 몇이야?”
같은 질문들을 일상 언어로 입력하면,
MChat이 이해하고 답변을 제공합니다.

단, 특정 정보를 확인하려면 지갑 주소나 트랜잭션 해시 등 기본 정보 입력은 필요합니다.

⚠️ 현재는 정확도가 다소 제한적일 수 있습니다

MChat은 현재 초기 버전으로, 일부 질의에 대한 답변이 정확하지 않거나 원하는 방식과 다르게 응답될 수 있습니다.

이는 AI가 사용자와의 상호작용을 통해 지속적으로 개선되어가는 과정이며, 지속적인 데이터 학습 및 기능 업데이트를 통해 더 똑똑하고 정밀한 서비스로 발전해 나갈 예정입니다.

🧭 지금 바로 MChat을 만나보세요

👉 MChat 바로가기
(데스크탑 웹 브라우저에서 최적화되어 있습니다)

감사합니다.

메타디움 팀 드림

Website | https://metadium.com Discord | https://discord.gg/ZnaCfYbXw2 Telegram(EN) | http://t.me/metadiumofficial Twitter | https://twitter.com/MetadiumK Medium | https://medium.com/metadium

🔵 MChat is Officially Live was originally published in Metadium on Medium, where people are continuing the conversation by highlighting and responding to this story.

With MiCA implementation and FATF enforcement gaining momentum, VASPs in the EU must now implement transaction-level monitoring (KYT) and comply with the Travel Rule. This article explores how combining edge-secure KYC with smart KYT can enable full compliance while preserving user privacy and minimizing operational drag.

For Virtual Asset Service Providers (VASPs) operating in the European Union, 2025 is a regulatory inflection point. The EU’s Markets in Crypto-Assets Regulation (MiCA) has taken effect, and enforcement of the FATF Travel Rule is no longer theoretical – it’s here.

VASPs must now verify the identity of senders and receivers, screen transactions for risk, and transmit originator and beneficiary data across platforms and jurisdictions. At the same time, they must do so without compromising user experience or exposing themselves to privacy risks.

It’s a tall order – but it’s achievable with the right technology architecture and compliance strategy.

The Travel Rule in the EU: What’s Required

The FATF Travel Rule (Recommendation 16) and the EU’s corresponding measures require VASPs to:

Identify both the sender and receiver in crypto transactions above a certain threshold (typically €1,000) Transmit originator and beneficiary information to the receiving VASP Screen transactions for sanctions, PEPs, and suspicious activity Retain records and provide them to regulators on request

In many EU jurisdictions, this is now mandated under national transpositions of MiCA and AMLD.

Key Compliance Challenges for VASPs

1. Identity Verification in Real Time VASPs must verify natural persons and legal entities at onboarding—often within seconds—to avoid losing users. Traditional KYC platforms relying on cloud processing introduce latency and risk.

2. Transaction Monitoring (KYT) Legacy AML platforms weren’t built to analyze blockchain transactions. VASPs need tools that:

Detect patterns of smurfing, mixing, or structuring Flag anomalous wallet behaviour Correlate on-chain events with user profiles

3. Privacy and GDPR Conflicts Transmitting user PII to third-party platforms or across borders can violate GDPR unless encrypted and consented properly. Many VASPs lack infrastructure to ensure compliance.

4. Cross-Platform Interoperability Ensuring data integrity across exchanges, custodians, and wallet providers requires consistent formatting, encryption standards, and interoperability with protocols like TRISA or OpenVASP.

The iComply Solution: Edge KYC + KYT

iComply offers a hybrid approach to compliance that protects privacy and enables full regulatory alignment:

1. Edge-Based KYC Verification Identity documents, biometrics, and user data are processed on-device before being encrypted and transmitted. Prevents unnecessary data exposure and supports GDPR, MiCA, and national data residency laws. 2. KYT with On-Chain Intelligence Monitor wallet behaviour in real time Risk-score transactions using blockchain analytics and off-chain KYC data Detect structuring, layering, and high-risk flow patterns 3. Protocol-Agnostic Travel Rule Compliance Integrate with TRISA, OpenVASP, and other compliance messaging protocols Validate counterparty information and log communication trails 4. Unified Case Management Combine KYT alerts, KYC data, and screening history into a single dashboard Document decisions, escalate suspicious cases, and export reports Case Insight: EU-Based Crypto Exchange

An exchange in Germany deployed iComply to integrate KYT screening with their existing KYC workflow. Within 60 days:

Drop-off rates in onboarding fell by 22% due to faster edge-based identity checks High-risk wallet activity was flagged 3x more accurately The firm passed a BaFin audit with recognition for its Travel Rule implementation Regulatory Outlook for 2025 MiCA Phase-In: Stablecoin issuers and exchanges are now subject to enhanced due diligence requirements TRP Adoption: The Travel Rule Protocol (TRP) is becoming the common standard across Europe Supervisory Convergence: National regulators are aligning enforcement expectations across the EU Take Action

For VASPs in the EU, 2025 is not just about avoiding penalties—it’s about proving maturity, privacy protection, and regulatory leadership.

Contact iComply to see how our KYT and edge-secure KYC platform helps VASPs comply with the Travel Rule, automate risk controls, and scale with confidence across Europe.

We’ve just released a new roadmap for Holochain that we redesigned to improve visibility into both the development status and the workflow of the Holochain team. It shows a summary of release history, status of in-progress work, and planning of upcoming work including releases actively being planned and those that are just incubating. These summaries are linked to our actual Github project management tooling to calculate our work velocity and expected completion of work in progress as well as planning estimation.

Context

Showing the evolution and progress of an open-source project in an easily digestible way is both a critical and a non-trivial task.While we have been operating transparently for quite some time using Github Projects to manage and prioritize our work, the available summarizing and visibility tooling GitHub provides for roadmaps and burn-down don’t provide the necessary accessibility to developers and non-developers alike to stay informed on what’s currently being worked on, and what is yet to come. And we too have struggled with how best to create visibility into projected completion times, as this is notoriously difficult to do.

Our new, dynamic roadmap addresses these challenges by making our completion estimates visible the same way we see them internally - based on real data of our historical velocity, and compared with the team’s complexity estimation on future and in-progress work.

Take a look at how the new timeline in this video walk-through, or read on for more info on how it works.

What we show Released

The Released column provides a list of actually released software. For the most part this shows Holochain releases, but it also includes notable releases of other stand-alone projects (like the HTTP Gateway). More current releases link to actual issues completed in our Github Projects tool.

In Progress

The “In Progress” column provides visibility into the releases we are currently actively working on. For each release you can see the percentage completion of story points, the current velocity and estimated time to completion. The story point completion is also broken down by epic for more detailed project data.  

Up Next

The “Up Next” column provides visibility into our team planning and estimation process. As well as coding and delivering on current releases, we are also looking ahead to what comes next, and getting a handle on how much complexity is involved and what to put into future releases. So in this column what you see is the progress on the issues and time to complete for a release.

Our Process

To really make sense of this roadmap, it helps to understand our team process. Like many software teams, we use a simple modified Kanban-based agile workflow for low-level task management, and releases and epics for higher-level prioritization.

Work items enter our flow as bugs and feature requests, either from Holochain team members or stakeholders adding them as GitHub issues, on one of our repositories. As the team breaks down larger items of work, they may add more issues across various repositories. All of these end up in the project backlog where we prioritize them and slot them into a release and an epic, which collects larger chunks of work. From there the items are set to "Ready for refinement" which is the crucial step of the team assessing the complexity of an issue, and possibly breaking it into smaller issues that are all estimated. There is much written about story point estimating in agile process, which you can google for if you want to understand this more deeply. Suffice it to say that it's best not to estimate "time/effort" but rather to estimate complexity. Looking back on completed issues reveals the time it takes for the team to complete items of that level of complexity. When items have been estimated, they are marked "Ready" and team members can start the work according to priority. Our releases are currently numbered in the pre-release semver numbering style of 0.X.Y. X is considered a major release where we allow ourselves to break APIs, which for developers means they may have to recompile their hApps, and/or actually make updates because the HDK is changed, and also will have to update the conductor version their runtime is using, because networking formats may have changed. The Y value is a minor and for those, no DNA updates are required; simply updating the Holochain version in a runtime will either add new non-breaking features, or have fixed bugs.

Thus, our new roadmap helps make our internal process more accessible and visible. We show what releases we have completed, which we are working on, and are planning and incubating going forward.

Please note that this map is fluid. We move epics from one release to another as we evaluate them, and sometimes simply because we realize it makes more sense to get a release out sooner. Usually, what's In-Progress is fairly well planned out, and the scope should remain fairly stable. What's marked as Planning not so much, and what's marked Incubating even less so.

We've made it so that Releases and Epics are links on the site so you can navigate directly to our Github project for those who want to delve in deeper.

The GitHub Project

To look under the hood at what's on in GitHub here are some things to note:

If you go to the release view you will see all of the releases also on the website, plus a few more that we are holding even more loosely on that gradient of certainty, so we don't show them on the website. Releases on GitHub are prefixed with a "*" for those in planning, and an "_" for those being incubated. You may notice that data is not pulled live from GitHub, but it is updated reasonably often. This is currently a manual process that will eventually be automated.

This roadmap provides transparency into both our timelines and development processes, giving real-time insight into how we work, what we're building, and when. This helps community members make better-informed decisions when building on Holochain. We'll continue refining this roadmap based on your feedback - so we look forward to hearing what you think.!

As AI agents become more autonomous, developers need to understand how they communicate. We compare two key agent communication protocols: Model Context Protocol (MCP) and Agent-to-Agent (A2A), explaining how they work and when to use them.

Understanding your crypto wallet address is fundamental for sending and receiving digital assets. It’s your unique identifier in the blockchain world. This quick guide will show you exactly how to find your crypto wallet address on any device, ensuring smooth and secure transactions every time.

What is a Crypto Wallet Address? Definition

A crypto wallet address is essentially a unique string of alphanumeric characters that serves as your public identifier on a blockchain network. Think of it as an email address, but for digital money: it’s what you share with others when you want to receive cryptocurrency. Knowing how to find your crypto wallet address means you have the key to receiving funds securely into your digital wallet.

Importance

Locating your crypto wallet address is fundamental to secure and successful cryptocurrency transactions. Without it, you can’t receive any digital assets. It acts as the destination for incoming funds, ensuring that Bitcoin, Ethereum, or any other crypto reaches your specific wallet. Misplacing or incorrectly inputting this address can lead to irreversible loss of funds, highlighting why knowing how to find your crypto wallet address is a critical skill for every crypto user.

Common Misconceptions

A common misconception for beginners is assuming one wallet address fits all cryptocurrencies. It’s vital to clarify that wallet addresses differ by cryptocurrency. For example, a Bitcoin (BTC) address will look distinct from an Ethereum (ETH) address, and sending BTC to an ETH address (or vice-versa) will almost certainly result in permanent loss of funds. When learning how to find your crypto wallet address, always ensure you’re getting the correct address type for the specific cryptocurrency.

Steps to Find Your Crypto Wallet Address Finding Your Wallet Address in a Software Wallet Popular Wallets

To understand how to find my crypto wallet address within a software wallet, it’s helpful to consider popular options like MetaMask, Trust Wallet, and Coinbase Wallet. These widely used applications provide a secure and convenient way to manage your digital assets directly from your browser or mobile device. Each wallet type generally follows a similar logic for locating your address.

Steps

The general steps for how to find my crypto wallet address in most software wallets are straightforward. First, you’ll need to log into your wallet application using your password or biometric authentication. Once inside, navigate to your wallet dashboard or portfolio view. Here, you’ll typically see a list of your cryptocurrencies. Select the specific cryptocurrency you wish to receive (e.g., Ethereum or Bitcoin). You should then see an option like “Receive,” “Deposit,” or a QR code icon. Clicking this will display your unique public wallet address, which you can then easily copy to your clipboard for sharing.

Tips

A crucial tip when learning how to find my crypto wallet address is to always ensure you’re copying the correct address for the intended cryptocurrency. For instance, if you’re expecting to receive Ethereum, make sure the address you copy is specifically an Ethereum address, not a Bitcoin address. Sending crypto to the wrong chain or address type is one of the most common mistakes and can lead to irreversible loss of funds. Double-checking the cryptocurrency type linked to the address you’re sharing is paramount for secure transactions.

Finding Your Wallet Address on a Crypto Exchange Popular Exchanges

For those using centralized platforms, knowing how to find my crypto wallet address on a crypto exchange is a common task. Popular exchanges like Binance, Coinbase, and Kraken serve as gateways for buying, selling, and holding cryptocurrencies. While they offer integrated wallet functionalities, the process of locating your deposit address is slightly different from a standalone software wallet.

Steps

The steps to how to find my crypto wallet address on most exchanges are quite similar. After logging into your exchange account, navigate to the “Wallet,” “Funds,” or “Deposit” section. From there, you’ll need to select the specific cryptocurrency you wish to receive (e.g., Bitcoin, Ethereum, or a stablecoin like USDT). Once selected, the exchange will display your unique deposit address for that particular asset. You’ll typically find a “Copy” button next to it, allowing you to easily copy the provided address to your clipboard for sharing.

Note

A crucial note when finding your address on an exchange is to always verify the address to avoid costly errors. Before initiating any transfer, double-check that the address you’ve copied matches the one displayed on the exchange, paying close attention to the first and last few characters. Additionally, ensure you’ve selected the correct network (e.g., ERC-20 for Ethereum, TRC-20 for Tron) if the exchange offers multiple deposit networks for a single cryptocurrency. This diligence is key to ensuring your funds reach their intended destination safely and securely.

Finding Your Wallet Address on a Hardware Wallet Examples

For ultimate security, many users opt for hardware wallets like Ledger and Trezor. These physical devices store your private keys offline, making them highly resistant to online hacks. Understanding how to find my crypto wallet address on a hardware wallet is a vital step in ensuring the safety of your cryptocurrency, as these devices are designed to protect your assets even when interacting with online software.

Steps

The steps for how to find my crypto wallet address on a hardware wallet involve connecting the physical device to your computer or smartphone, usually via USB or Bluetooth. Once connected, you’ll need to open the associated wallet application (e.g., Ledger Live for Ledger, or Trezor Suite for Trezor). Within the application, select the specific cryptocurrency you wish to receive. The app will then display your unique public deposit address, often along with a QR code, which you can then copy and share.

Safety Tips

Crucial safety tips for hardware wallet users cannot be overstated. When learning how to find my crypto wallet address and using these devices, never share your private key or seed phrase (recovery phrase) with anyone, under any circumstances. These are the master keys to your crypto. Your public wallet address is safe to share, but your private key and seed phrase must remain confidential and stored securely offline to prevent irreversible loss of your funds.

Best Practices for Using Your Crypto Wallet Address Double-Check Addresses

When learning how to find my crypto wallet address and using it for any transaction, the absolute golden rule is to double-check addresses meticulously before sharing or confirming a send. Unlike traditional bank transfers, crypto transactions are irreversible. A single incorrect character can lead to permanent loss of your funds. Always verify the first few and last few characters of the address against the source, especially after copying and pasting, as “address poisoning” scams can subtly alter copied addresses.

Use QR Codes

To simplify the process of how to find my crypto wallet address and share it securely, utilize QR codes whenever possible. Most crypto wallets and exchanges provide a QR code alongside your alphanumeric address. Instead of manually typing or copying and pasting the long string of characters, the sender can simply scan your QR code with their wallet app. This significantly reduces the chance of manual errors and enhances security, making transactions quicker and more reliable.

Backup and Security

Beyond knowing how to find my crypto wallet address, understanding how to secure it is paramount. It’s critical to backup your wallet’s recovery phrase (seed phrase), which is the master key to your funds. Store this phrase securely offline in multiple, physically separate locations. Additionally, always enable two-factor authentication (2FA) on all your crypto accounts (wallets, exchanges) to add an extra layer of security, protecting your assets even if your password is compromised.

Avoid Common Mistakes

To ensure smooth and secure transactions, be aware of common mistakes when figuring out how to find my crypto wallet address and use it. Avoid reusing addresses frequently for privacy reasons, as some chains can link transactions to a single address. Most importantly, never send cryptocurrency to the wrong blockchain (e.g., sending Ethereum to a Bitcoin address).

Conclusion

Mastering how to find your crypto wallet address is fundamental for secure digital transactions. Whether on software, exchange, or hardware wallets, knowing where your unique address lives is key. Always double-check, use QR codes, and prioritize security with backups. With these simple steps, you can confidently manage your crypto and ensure smooth, secure transactions every time.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org Banner cho Blog – eng

The post Quick and Easy Guide on How to Find Your Crypto Wallet Address appeared first on Herond Blog.

The post Quick and Easy Guide on How to Find Your Crypto Wallet Address appeared first on Herond Blog.

The metaverse isn’t just sci-fi anymore; it’s a booming digital world ripe with opportunities on how to make money in the metaverse. If you’re a beginner looking to tap into this new economy, you’re in the right place. This guide will reveal the top strategies for earning money on this immersive virtual frontier, helping you start building your digital wealth today.

What is the Metaverse and Why It’s a Money-Making Opportunity? Definition

The metaverse is a developing, interconnected digital universe where users interact in immersive 3D environments, represented by avatars. Platforms like Decentraland and The Sandbox exemplify this, offering virtual land and economies fueled by cryptocurrencies and NFTs. This fusion of digital ownership, immersive interaction, and a burgeoning virtual economy creates immense potential for anyone looking at this term

Why It’s Lucrative

The metaverse is a burgeoning frontier for income due to the rapid rise of virtual economies, powered by blockchain technology. This new landscape allows for true digital ownership through NFTs, transforming unique digital items like art, land, and in-game assets into valuable commodities. Users can now buy, sell, trade, and even rent these digital assets, creating entirely new income streams that mirror real-world economic activities. This verifiable scarcity and transferability of digital goods unlocks immense potential for creators, investors, and entrepreneurs seeking the chances.

Beginner-Friendly Angle

For beginners eager to learn how to make money in the metaverse, a key advantage is the surprisingly low entry barrier for many opportunities. You don’t always need significant upfront investment or advanced tech skills to get started. Many platforms offer free tools for content creation, or you can begin by engaging in play-to-earn games. Or by participating in virtual events, even offering simple services, requiring minimal initial outlay. This accessibility makes the metaverse a promising frontier for new users looking to generate income without high financial risk.

Top Strategies for Beginners to Make Money in the Metaverse Buying and Selling Virtual Real Estate Explanation

A leading strategy for how to make money in the metaverse involves acquiring virtual real estate. This means purchasing digital land parcels on platforms like Decentraland or The Sandbox, which are blockchain-based virtual worlds. Once acquired, this digital property can be held as an investment, sold for profit when its value appreciates. Or even rented out for virtual events, advertising spaces, establishing virtual businesses, creating a direct income stream within these immersive environments.

Beginner Steps

For those new to how to make money in the metaverse through virtual real estate, the initial steps are crucial. Begin by thoroughly researching available and affordable plots on various metaverse platforms. Transactions for this digital land typically occur on NFT marketplaces such as OpenSea, so familiarize yourself with these platforms. Critically, monitor market trends, understand demand for specific virtual locations, and analyze past sales data to make informed purchasing decisions.

Tip

When venturing into virtual real estate to learn how to make money in the metaverse, a smart tip is to start with a minimal investment. The virtual land market, like any emerging asset class, can be volatile. By beginning with smaller, more affordable plots, you minimize your financial risk while gaining invaluable hands-on experience in market dynamics. Besides, you can buy processes, having potential rental opportunities before committing larger capital.

Trading NFTs (Non-Fungible Tokens) Explanation

A dynamic way is by trading Non-Fungible Tokens, or NFTs. These unique digital assets can range from digital art and collectibles to virtual fashion and in-game items. By buying NFTs at a lower price and selling them for a profit on metaverse marketplaces, or even by creating your own unique digital content like NFTs, you can tap into a booming digital economy driven by scarcity and verifiable ownership within the virtual world.

Beginner Steps

To begin trading NFTs and discover how to make money in the metaverse through this avenue, you’ll first need to set up a cryptocurrency wallet like MetaMask, which secures your digital assets. Next, explore popular NFT marketplaces such as OpenSea, Rarible, or LooksRare. For a beginner, it’s often wise to focus on trending collections or established projects to understand market dynamics before venturing into more speculative assets.

Tip

For those learning how to make money in the metaverse with NFTs, a crucial tip is to thoroughly research NFT projects that boast strong, active communities. A vibrant and engaged community often signals a project’s long-term potential, sustained interest, and ongoing development. Following project discords, Twitter accounts, and online forums can provide invaluable insights into a collection’s roadmap, utility, and overall health, significantly reducing risk and increasing your chances of making profitable trades.

Participating in Play-to-Earn Games Explanation

A dynamic and accessible way to how to make money in the metaverse is by participating in play-to-earn (P2E) games. These aren’t just for fun; they’re blockchain-based games, such as Axie Infinity or Star Atlas, that reward players with cryptocurrencies or NFTs for completing tasks, winning battles, or contributing to the game’s ecosystem. This innovative model turns gaming time into a tangible income stream, blurring the lines between entertainment and earning.

Beginner Steps

To start earning through P2E games and discover how to make money in the metaverse, beginners should choose games known for being beginner-friendly or having active communities that offer support. Often, you’ll need to make a small initial investment in starter in-game assets, like characters or virtual tools. Once set up, focus on playing to earn in-game tokens/NFTs, which can be sold on marketplaces for real-world value.

Tip

For those new to play-to-earn games and seeking how to make money in the metaverse, a crucial tip is to actively join the game’s community. Platforms like Discord or Telegram are usually hubs for players sharing game-specific tips, strategies for maximizing earnings, and insights into market trends for in-game assets. Learning from experienced players can significantly improve your efficiency and profitability, helping you navigate the game’s economy more effectively.

Creating and Selling Virtual Goods or Services Explanation

A highly versatile approach to how to make money in the metaverse involves creating and selling virtual goods or offering specialized services. This avenue allows individuals to leverage their creative or professional skills in a new digital dimension. You could design unique digital fashion for avatars, craft intricate 3D models for virtual environments. More than that, the platforms provide services like organizing and hosting virtual events, consultations, or educational workshops within the metaverse, turning your talents into tangible income streams.

Beginner Steps

For beginners keen on creating and selling in the metaverse, the initial steps are accessible. Start by learning 3D design software like Blender, which is free and offers robust capabilities for creating virtual items. Once your digital creations are ready, you can list them in various metaverse marketplaces. Alternatively, if offering services, advertise your expertise and availability within metaverse communities on platforms like Discord or X (formerly Twitter), directly connecting with potential clients.

Tip

A smart tip for aspiring metaverse creators is to begin with simple designs or basic service offerings to gauge market demand. When learning how to make money in the metaverse through creation, starting small allows you to test concepts, gather feedback, and refine your approach without committing extensive time or resources to complex projects. This iterative strategy helps you understand what resonates with the metaverse community before scaling up your creative endeavors.

Engaging in Metaverse Events and Communities Explanation

A highly social and interactive way to how to make money in the metaverse is by actively engaging in various metaverse events and communities. Many platforms and projects regularly host virtual events, launch giveaways, or organize community quests (like Herond’s Engage Quests). By participating, you can earn valuable rewards, which might include cryptocurrencies, NFTs, or exclusive in-game assets, making active involvement a direct path to generating income within these digital spaces.

Beginner Steps

For beginners, diving into metaverse events is straightforward. Your first step to learn how to make money in the metaverse this way is to join the official X (formerly Twitter) or Discord communities of your preferred metaverse platforms or NFT projects. These are the primary hubs where events and quests are announced. Actively participate by following instructions, completing tasks, and then promptly claiming your earned rewards, ensuring you don’t miss out on potential earnings.

Tip

To truly maximize your earning opportunities from metaverse events and communities, the crucial tip is to stay active and consistent. Regular engagement not only increases your chances of winning giveaways but also positions you as a valued community member, often leading to early access to new quests, exclusive airdrops, or special roles. Persistent participation is vital for unlocking the full potential of this interactive method for how to make money in the metaverse.

Tips for Success in the Metaverse Start Small

When venturing into how to make money in the metaverse, a crucial piece of advice is to start small and invest only what you can comfortably afford to lose. The metaverse economy, while promising, is still nascent and can be volatile. Beginning with a minimal investment allows you to learn the ropes, understand market dynamics, and gain experience without exposing yourself to significant financial risk. This cautious approach is key to sustainable growth in this new digital frontier.

Stay Informed

To effectively make money in the metaverse, staying informed is paramount. The digital landscape evolves rapidly, with new projects, opportunities, and trends emerging constantly. Actively follow metaverse news on platforms like X (formerly Twitter) and join relevant Discord communities where developers and enthusiasts share real-time updates and insights. Being well-informed enables you to spot lucrative opportunities early and adapt your strategies as the metaverse develops.

Secure Your Assets

As you learn how to make money in the metaverse, safeguarding your digital assets is non-negotiable. Always use trusted crypto wallets like MetaMask for your NFTs and cryptocurrencies, and ensure you enable two-factor authentication (2FA) wherever possible. These security measures act as vital shields against hacks and unauthorized access, protecting your hard-earned virtual wealth from potential threats in the decentralized digital world.

Avoid Scams

The metaverse, like any burgeoning market, attracts fraudulent schemes. To truly make money in the metaverse safely, it’s vital to avoid scams by researching projects thoroughly before investing any time or money. Be wary of promises that seem too good to be true, check the legitimacy of teams, review project roadmaps, and scrutinize community sentiment. Diligent research is your best defense against falling victim to deceptive schemes and ensures your metaverse ventures are legitimate.

Conclusion

The metaverse offers exciting new income opportunities beyond traditional online methods. Learning how to make money in the metaverse is becoming essential as this digital world grows.

You can earn through virtual real estate, NFT trading, play-to-earn games, creating digital goods/services, or community engagement. To succeed, start with small, manageable investments, stay informed, secure your digital assets, and research thoroughly to avoid scams. Embrace these strategies to confidently build your financial future in this evolving digital economy.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post How to Make Money in the Metaverse: Top Strategies for Beginners appeared first on Herond Blog.

The post How to Make Money in the Metaverse: Top Strategies for Beginners appeared first on Herond Blog.

Balancing privacy rights with fraud mitigation is becoming increasingly complex. A robust Identity Verification framework can help firms uphold data protection and privacy standards while meeting stringent compliance regulations.

The post Getting the Best Value for Identity Verification Platforms first appeared on ComplyCube.

Tokeny's Talent 10 July 2025 Talent Interview | Héctor Talent Interview | Héctor Tokeny's Talent 10 July 2025 Héctor Castro Mateos is QA Lead at Tokeny, he joined the company in 2022. Reflecting on the 3-year Journey You’ve been with the company for three years, as a QA engineer. How has the company supported your growth during this time?

Since I joined the company three years ago, I’ve always felt empowered to take ownership of the QA process and shape it in a way that truly fits our team and product. That level of trust and autonomy has been key to my growth. On top of that, everyone here is genuinely supportive and collaborative, which makes it much easier to take on challenges and keep improving.

Tokeny’s Culture Involvement Tokeny has grown significantly since you joined. How has the company culture evolved in your opinion?

A lot has definitely changed over these three years. As the company has grown, the tech team has constantly refined its processes, always aiming to improve step by step so we can deliver the best possible product.

“We’ve managed to keep that “family feeling” despite team changes, and I think that’s something really valuable to preserve.” “We’ve managed to keep that “family feeling” despite team changes, and I think that’s something really valuable to preserve.” How would you describe your own personal growth within the company?

The QA team has grown since I joined, and with that, so have my responsibilities. I started as the only QA, and now we’re a team of four. That shift has pushed me to grow into a leadership role, learning how to manage a team, balance priorities, and make sure everyone feels both productive and motivated. It’s been a continuous learning experience, and I’m still growing every day.

“It’s been a continuous learning experience, and I’m still growing every day.” “It’s been a continuous learning experience, and I’m still growing every day.” Company Values in Practice You mentioned in your previous interview how much you enjoyed working with a very committed team, that creates a sense of belonging to a community. Can you share an example of a project where you or your team used this commitment, and how it was received?

There was a release where many things got delayed and we had blockers just a few days before the deadline. Instead of panicking, the team stayed fully engaged and focused. We split the work, adapted priorities, and everyone went the extra mile to make sure things were properly tested. It really showed how committed the team is, not just to doing their own tasks, but to making sure the company delivers quality on time.

Reflections and Future Outlook If you could give advice to your younger self, just starting out at Tokeny, what would it be?

I’d tell myself to be more confident from the beginning and to trust the team. You don’t need to have all the answers on your own, the best outcomes come when you collaborate and rely on others. We’re all here to help each other grow.

As someone who has been with the company through significant milestones, where do you see Tokeny going in the next five years, and how do you envision your role evolving in that journey?

The industry is evolving really fast, so it’s hard to predict exactly what things will look like in five years. Personally, I see myself continuing to grow professionally, leading a bigger QA team, and contributing to even more advanced testing strategies to keep ensuring the quality and reliability of our product.

“I’m confident Tokeny will be at the forefront of that change” “I’m confident Tokeny will be at the forefront of that change” Finally, as we’ve gotten to know you over the years, you’ve often shared your love for nutrition and a wide range of sports. Do any learnings or skills from these passions translate into your work at Tokeny?

Absolutely. I think anyone who approaches sports with passion and commitment develops a mindset built on patience, resilience, and the drive to keep going until the goal is achieved. That mentality naturally carries over into work, where consistency and perseverance are key.

More Stories  Talent Interview | Héctor 10 July 2025 Talent Interview | Thaddee 2 May 2025 Talent Interview | Nida 21 February 2025 Tokeny’s Talent | Philippe’s Story 30 January 2025 Tokeny’s Talent | Christian’s Story 17 January 2025 Tokeny’s Talent | Satjapong’s Story 19 November 2024 Tokeny’s Talent | Jordi’s Story 1 November 2024 Tokeny’s Talent | Shurong 18 September 2024 Tokeny’s Talent | Cristian 13 June 2024 Tokeny’s Talent | Adrian 15 May 2024 Join Tokeny’s Family We are looking for talents to join us, you can find the opening positions by clicking the button. Available Positions

The post Talent Interview | Héctor appeared first on Tokeny.

Discover how AI in software development brings speed but also new security risks. Learn how to implement a 'verification' mindset with culture, processes, and tools to secure your AI-generated code.

The Solicitors Regulation Authority (SRA) has announced that it will conduct its latest data collection exercise from July 7 to August 15, 2025. The exercise aims to monitor the implementation of AML by law firms in the UK.

The post SRA Launches Critical AML and Sanctions Data Collection Exercise first appeared on ComplyCube.

Predictoor DF149 rewards available. DF150 runs July 10th — July 17th, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 149 (DF149) has completed.

DF150 is live today, July 10th. It concludes on July 17th. For this DF round, Predictoor DF has 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF150 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF150

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF149 Completes and DF150 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

Part of Bluesky’s mission to create a more open and decentralized social web is helping users feel safe and in control of their experience. We always try to balance safety with privacy, and free expression with civility.

To achieve our mission, we also work with governments around the world. In the UK, the Online Safety Act requires that online platforms take specific steps to reduce the risk of children seeing harmful content. Since certain parts of that act come into effect later this month, we’re making some changes for people in the UK.

We’ll use Epic Games’ Kids Web Services (KWS) to give our UK community choices about how to verify their age. If you’re in the UK, you can choose between methods like payment card verification, ID scans, and face scans. (See here to learn more about how KWS safeguards user information.) For people who are under 18 or don’t want to go through this process, we’ll make adult-appropriate content inaccessible, and we’ll disable features like direct messaging.

If you’re in the UK, you’ll see a notification on our platform when this update takes effect, and a way to report unwanted content:

Users in the UK will see notices of age requirements, and instructions for completing age verification. Users can report content through flows like the one pictured.

In addition to these updates, we’ll continue to look at how we’re doing to shield children from unwanted content, and how we can improve.

Security shouldn’t be complex. Discover why Fastly’s one-click DDoS tools like Precise Defense make staying protected easier, faster, and more effective, even under pressure.

Last week the Indicio team attended the Global Digital Collaboration Conference on digital identity and wallets in Geneva, Switzerland. There hasn’t been a clearer signal that decentralized identity, digital wallets, and Verifiable Credentials are about to transform digital interaction.

By Trevor Butterworth

Eighteen hundred. That was the number of attendees at the inaugural two-day Global Digital Collaboration Conference in Geneva at the beginning of July. The level of interest exceeded the organizer’s expectations, there was enough material for a week’s worth of discussions, the auditorium for the final session — usually the worst slot for speakers as everyone departs for the airport — was filled. 

We’ve seen growing interest in decentralized identity over the past few years, from fringe to serious technology. This conference was at another level. It wasn’t a matter of if or when but how — how to implement and, above all, how to be interoperable.

Behind this sea change, maturing technology, successful deployments, and Europe — specifically, the EU mandate that all member states must offer at least one EU Digital Identity Wallet to all its citizens and residents by 2026.

Google, Huawei, Mastercard, and Visa were sponsors. Apple joined a panel.  

Many — companies and attendees — were in a “getting to know the technology” mode. Others, already married to the tech — such as Indicio — talked about how to achieve interoperability between European digital identity and wallet specifications and global specifications, and where the frontier is, namely verifiable identities for AI agents.

Interoperability

If the conference had a dominant theme, it was interoperability. How do we connect the world across different digital identity standards and wallets? In her presentation to the Open Wallet Foundation’s Wallet Interop Special Interest Group (WISIG), Indicio Software Engineer Char Howland began by explaining why interoperability was such a critical issue.

Simply put: 

People expect joined up digital experiences and seamless workflows A multi-credential and multi-protocol world can only scale through interoperability Interoperability is often a legal requirement

Howland explained what the WISIG is doing to advance this and then discussed Indicio’s role in the SITA-Delta Air Lines-Aruba trial, where different credential formats and protocols were successfully combined in a single workflow from a single wallet to enable pre authorized travel, seamless check-in, boarding, and border crossing.

Indicio’s success in marrying a credential following the International Civil Aviation Organization’s Digital Travel Credential standards (DTC-1) with EU digital identity standards (IATA One ID) showed how easy it is to make a multi-credential world interoperate. 

And, as a result of this success, Indicio will work with SITA on the upcoming European APTITUDE trial to develop a DTC-2 credential — a digital passport credential issued directly to travelers by the Dutch and French governments.

The WISIG panel showed open source collaboration at its best — and is a must-follow to keep up to date on wallet interoperability. 

How to slay with Verifiable Credentials

Indicio CEO Heather Dahl addressed an equally critical point in her talk, aptly titled “How to slay with Verifiable Credentials.”

Slaying means focusing on what the technology does in terms of business value and not what it does in terms of being cool tech.

“This technology sells when people and companies can see it has value,” said Dahl. And the value Indicio’s customers see is that it creates:

Seamless, efficient processes Seamless user experiences Seamless authentication Enables privacy and consent around personal data and data sharing, and especially around biometrics Reduces operational complexity and cost around integration, data authentication, compliance and security

The next step for companies adopting and using the technology is how does this technology create ecosystems around trusted data? The answer, said Dahl, is when you combine interoperability and governance.

With decentralized governance, you can establish who is a trusted issuer of credentials, who is a trusted verifier of credentials, and what information needs to be shared for which purpose. And because these governance files are sent to each participant, all this happens instantly, thereby providing a way to generate trusted interaction and data sharing from anyone to anywhere.

This is where companies are now, said Dahl. They want to see how they can connect and integrate their partners, their verticals, their sectors and go from sector to sector seamlessly. As an example, she discussed the SITA Digital Travel Ecosystem, a way for the entire travel and tourist economy to interoperate seamlessly around shared credential specifications, interop profiles, and decentralized governance.

Finally, Dahl addressed the next big thing in decentralized identity: AI. If agentic AI is to be a reality, all those agents are going to need verifiable identities too, and people are going to need to be able to consent to sharing their data. Indicio recently launched ProvenAI, an identity solution for AI that addresses these problems.

How to start your decentralized identity journey

We always end these pieces with a call to action. Based on what we saw in Geneva, this one is underlined. The time to start is now. Start playing with the technology, start strategizing about how it can be used to simplify your operations, improve your security, and benefit your customers. This is critical if you do or are planning to do business in the EU.

We can talk you through all the different flavors of credentials and protocols, show you demos of different use cases, and explain, in-depth, how this technology is being deployed, how to make it interoperable, and how to use it to deliver value.

Getting started is as easy as reaching out to our team for a consultation or to discuss a specific use case. Or you can read more about our pre-built solutions here.

###

The post Decentralized identity goes mainstream: the Global Digital Collaboration 2025 Conference appeared first on Indicio.

Universities can’t afford to treat cybersecurity as an afterthought. Here’s how to close the gaps before the next breach. 

On June 24, 2025, Columbia University joined the growing list of higher education institutions compromised by sophisticated cybercriminals. The attack, which exposed 1.6 gigabytes of sensitive data from 2.5 million student applications, wasn’t the work of a random opportunist, it was a politically motivated hacktivist who exploited systemic weaknesses in the university’s identity infrastructure.

This breach represents more than an isolated incident. It’s a stark warning about the reality facing higher education: attacks targeting universities have surged nearly 70% since 2023, with institutions now facing an average of over 2,500 cyberattack attempts each week. For university CISOs and IT leaders reading about yet another campus breach, this one demands immediate attention, because the vulnerabilities that enabled Columbia’s compromise exist across virtually every campus in America.

Why Higher Education Has Become a Prime Target

Universities present an irresistible combination of valuable data and defensive weaknesses that make them ideal targets for both cybercriminals and nation-state actors. Unlike heavily regulated industries like finance or healthcare, higher education operates with unique vulnerabilities that attackers systematically exploit:

Open by Design, Vulnerable by Default

The collaborative nature of academic environments creates massive attack surfaces. Universities must balance open access for research and learning with security requirements—a tension that often resolves in favor of accessibility rather than protection. Multiple campuses, diverse user populations, and thousands of personal devices create countless entry points that traditional perimeter defenses can’t adequately secure.

Legacy Identity Systems Built for Trust, Not Security

Most universities still rely on authentication systems designed decades ago for smaller, more trusted communities. Password-based access controls and basic multi-factor authentication leave institutions vulnerable to the same social engineering and credential theft tactics that have compromised organizations across every sector.

Resource Constraints in a High-Risk Environment

Shrinking budgets force difficult choices between academic priorities and cybersecurity investments. IT teams often operate with skeleton staff while managing complex, distributed infrastructure that spans multiple generations of technology. This combination of limited resources and broad attack surfaces creates the perfect storm for successful cyberattacks.

The Columbia Attack: A Preview of What’s Coming

The details emerging from Columbia’s investigation reveal attack patterns that should concern every higher education leader. While the full forensic analysis remains ongoing, early reports suggest the attackers exploited weak identity verification processes to gain initial access, then moved laterally through systems containing sensitive student data.

This follows a predictable pattern: compromise user credentials through phishing or social engineering, bypass traditional MFA through known techniques, then abuse legitimate access to extract maximum value before detection.

The financial impact extends far beyond immediate incident response costs. Universities face regulatory fines, legal liability, remediation expenses, and the long-term reputational damage that affects enrollment and donor relationships.

Third-Party Risks Universities Often Overlook

Higher education institutions rely heavily on external vendors for everything from student information systems to dining services. Each vendor relationship introduces potential vulnerabilities, particularly when those providers have privileged access to campus systems or sensitive data.

The challenge isn’t just direct vendor access—it’s the inherited trust relationships that come with those partnerships. When a student information system provider gets compromised, attackers often inherit that vendor’s access to multiple university clients. This supply chain risk multiplies across the dozens of technology providers most universities depend on for daily operations.

Identity-First Defense for Higher Education

Traditional cybersecurity approaches fail in university environments because they focus on protecting systems rather than verifying identities. When attackers can convince legitimate users or help desk staff to grant access, network security becomes irrelevant.

The most effective defense requires securing the identity layer itself. Here’s how identity-first security addresses the specific vulnerabilities that made Columbia’s breach possible:

Verified Identity Authentication

The Challenge: University help desks process hundreds of password reset requests daily from students, faculty, and staff across multiple time zones. Traditional verification relies on security questions or basic information that attackers can easily research or socially engineer.

The Defense: Identity platforms that require users to prove their actual identity through biometric verification tied to government-issued identification. When someone requests account access, the system can definitively verify whether the person is who they claim to be—regardless of what information they provide over the phone.

Phishing-Resistant, Passwordless Authentication

The Challenge: University users are prime targets for phishing attacks, with students and faculty often sharing credentials across multiple personal and academic platforms. Traditional MFA can be bypassed through push notification fatigue or social engineering.

The Defense: Eliminating passwords entirely and using FIDO2-compliant biometric authentication that cannot be phished, intercepted, or socially engineered. There are no codes to read over the phone and no push notifications to accidentally accept.

Risk-Based Access Controls

The Challenge: University environments require flexible access from multiple locations and devices, making traditional location-based or device-based controls impractical.

The Defense: Identity-bound access controls that verify the person requesting access, regardless of their device or location. Even if attackers compromise approved devices or spoof trusted networks, they cannot authenticate without the legitimate user’s verified biometric identity.

Implementation Considerations for Universities

Regulatory Compliance Universities handle FERPA-protected student records, research data subject to various federal requirements, and often health information covered by HIPAA. Identity platforms that meet federal standards like FedRAMP High Authorization and NIST 800-63-3 demonstrate they can handle the complex compliance requirements universities face.

Operational Continuity Identity-based attacks can disrupt everything from class registration to research operations. The cost of operational disruption often exceeds the direct costs of incident response and can affect the institution’s academic mission for months or years.

Integration Requirements Modern identity platforms must integrate with existing campus systems—from learning management platforms to research computing resources—without disrupting daily academic operations.

The Time to Act is Now

Columbia’s breach isn’t an isolated incident—it’s a preview of what’s coming for every university that hasn’t modernized their identity infrastructure.

Rather than detecting breaches after they’ve compromised sensitive data, identity-first security prevents them from succeeding by securing the identity layer that attackers target first. The question isn’t whether your institution will face an identity-based attack—it’s whether you’ll be ready when it comes.

Learn how institutions like yours are modernizing identity security without disrupting academic operations.

The post Columbia University Hack Exposes the Identity Crisis in Higher Education appeared first on 1Kosmos.

On this episode we spoke with Teresa Wu, Vice President of Smart Credentials and Access at IDEMIA. IDEMIA has been involved with many U.S. states for their mobile IDs, including New York, Arizona, Iowa, Delaware and more. Very few people on earth have more experience than Teresa working with governments to issue digital credentials.

We asked her what would encourage more states to launch mobile IDs and drive end-user adoption. Her response was: more relying party use cases. So, we spent most of our conversation exploring questions like:

Should relying parties wait to adopt until standards mature and more people have digital IDs? How can relying parties get started now? How much should the industry channel its energy towards innovation vs. standardization? How will the wallet landscape evolve? Will operating system wallets dominate, or will there be lots of wallets?

We closed out by covering the lessons Teresa has learned through all this experience for public servants. I think this conversation will be relevant to anybody interested in digital IDs, either on the issuance or acceptance side.

You can find Teresa on Linkedin and learn more about IDEMIA on their website.

Subscribe to our newsletter for more announcements related to the future of identity at trinsic.id/podcast

Reach out to Riley (@rileyphughes) and Trinsic (@trinsic_id) on Twitter. We’d love to hear from you.

The post Tackling First-Party Fraud Demo Day appeared first on Liminal.co.

New CFO, CPTO, CCO, and Board Advisor join to scale IDnow’s trust-driven ecosystem across global markets.

London, July 9, 2025 – IDnow, a leading identity verification platform provider in Europe, today announced the appointment of three senior executives and a new board advisor, marking a significant step forward in its global expansion. The new additions to its leadership team reaffirm IDnow’s mission to bring AI-powered identity verification technologies to market— establishing trust as the most valuable asset in the digital world. 

The appointments include Andreas Maueröder as Chief Financial Officer, Daniel Keller as Chief Product and Technology Officer, Phil Allen as Chief Commercial Officer, and Cassio Sampaio as Board Advisor. Together, they have a proven track record of driving growth, bringing decades of combined leadership across finance, cybersecurity, identity technology, and business transformation. These appointments reflect IDnow’s sharpened focus on building a scalable, intelligent trust ecosystem for businesses navigating an increasingly complex digital world.

Executive leaders to match bold ambitions Andreas Maueröder, CFO, brings over 20 years of international finance and leadership experience. After roles at EY, PwC, and Schörghuber Group, he joined zooplus in 2010, where he advanced to CFO and drove pan-European growth. Andreas brings a wealth of experience in operational excellence, sustainable value creation, and building high-performing teams in both private equity and public market environments.  Daniel Keller, CPTO, brings over two decades of experience at the intersection of product, technology, and business transformation. He has held senior leadership positions at Microsoft, Axel Springer, Scout24, Visable, and most recently, Onfido. A pioneer in applying AI and Machine Learning to build intelligent, scalable platforms, Daniel brings a bold vision for accelerating innovation and building future-ready organizations.  Phil Allen, CCO, brings more than 25 years’ experience in digital identity, cybersecurity, and fraud prevention, holding senior roles at Transmit Security, CA Technologies, and BMC Software, and having led EMEA growth as VP at Ping Identity. He brings a strong track record in scaling customer-centric, cloud-native solutions, and joins IDnow to transform trust into a core enabler of secure, scalable growth.

Our mission to build a future-proof digital identity ecosystem demands bold and accomplished leadership. As we evolve beyond identity verification into powering intelligent trust at every step of the customer journey, I’m excited to welcome Andreas, Daniel, Phil, and Cassio. Each of them brings unique strengths that will help IDnow shape the next chapter of digital identity — one grounded in trust, security, and continuous innovation.

Andreas Bodczek, CEO of IDnow

Former Auth0 (Okta) CPO joins as Board Advisor

In addition to strengthening its executive team, IDnow has appointed Cassio Sampaio as a Board Advisor. Cassio is the former Chief Product Officer at Auth0 (now part of Okta) and has held leadership roles at Apple and DigitalOcean, bringing deep expertise in identity, product innovation, and scaling SaaS platforms globally.  

“The world of identity and trust is developing very rapidly and IDnow is well positioned to take center stage in helping enterprises navigate these changes,” said Cassio Sampaio. “I look forward to working with the team and supporting the incredible opportunities that lie ahead.”

A new vision for identity in a digital-first world

Earlier this year, IDnow unveiled its revitalized vision to power a future where trust is seamlessly embedded into every digital interaction. Moving beyond one-time identity checks, the company now helps the world’s leading enterprises establish, maintain, and enrich trust across the entire customer lifecycle. 
 
With fraud growing more sophisticated and compliance pressures intensifying, organizations need solutions that go beyond static KYC checks. IDnow delivers proactive, real-time risk detection across multiple touchpoints, making identity a strategic asset—not a regulatory checkbox. 
 
Founded in 2014, IDnow has become a cornerstone of the digital identity landscape across Europe. Its technology simplifies risk management, cuts through regulatory complexity, and delivers seamless, user-focused experiences. Now, as the company brings its renewed vision to life, IDnow is shaping the next generation of identity verification — helping businesses navigate complex, evolving risks in today’s global digital economy.

June delivered robust Auth0 updates focusing on enhanced security, greater control over authentication flows, and improved integration capabilities for developers.

In this blog post, we will add the capability to edit existing Self-Service SSO configurations in your SaaS application.

The post Link Index for AML Transaction Monitoring appeared first on Liminal.co.

Over the past two weeks, regulators and policymakers in Hong Kong have taken additional steps to bolster Hong Kong’s status as the leading hub for digital asset and blockchain in the Asia-Pacific region. 

“There’s been renewed attention lately on mobile driver’s licenses (mDLs) and the ISO/IEC specification that defines them. One of the more surprising aspects of the specification, even to long-time standards contributors, is that it allows the entity verifying a credential to contact the issuer directly in real time, a capability known as ‘phone home.'”

That real-time lookup can serve legitimate needs, like revocation checks. But it also opens the door to targeted location tracking and behavioral profiling, especially if it’s implemented without transparency or user controls.

A Digital Identity Digest When Verification Calls Home: Three Views on Privacy, Risk, and Digital Credentials Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:10:14 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

I’m less concerned here with how we got to this point—though it’s worth reflecting on the impact of paywalled standards and quiet design compromises—and more concerned with how we talk about it now. Too often, we respond to surveillance risks or fraud threats with hardline positions that don’t allow room for healthy disagreement or practical tradeoffs.

Imaginary Perspectives

To unpack the complexity, I’ve imagined three personas who reflect common but well-reasoned positions in the debate over real-time credential verification. Each has a valid point. As a friend wisely said, “A world without any surveillance and uncontrolled fraud is bad, no matter what some think. A world without any fraud because there is complete overhead control is also bad. We need to focus on finding an acceptable compromise.” These personas were not modeled on any particular individuals, so if you do see yourself here, think of yourself as an archetype, not a target. 

Dr. Rhea Jamison, Privacy Researcher

“Surveillance should never be the default. If it must happen, make it visible, optional, and rare.”

Rhea has spent two decades advising civil liberties groups and participating in privacy-focused standards work. She sees invisible surveillance capabilities not as a theoretical risk, but as a historical pattern. When surveillance infrastructure is built into technical architecture, it tends to get used, often without meaningful consent or transparency.

Her concern with “phone home” verification models is twofold:

They enable real-time, fine-grained tracking of when and where a credential is used, turning the verifier-issuer relationship into a persistent surveillance channel. The user may never know this is happening. As demonstrated in recent analysis of ISO/IEC 18013-5, an issuer can silently switch a credential from device-only to server-retrieval mode during a routine update.

She draws a sharp distinction between linkability, where transactions can be correlated later, and active surveillance, where every verification pings the issuer and generates a time-stamped log.

Rhea does not consider herself an absolutist. She acknowledges that in rare cases, real-time checks may be warranted. But only if:

The user is clearly informed that network contact will occur; There is a viable offline alternative; All server retrieval events are auditable by the user.

“Surveillance infrastructure rarely stays dormant. If we build systems that can track people invisibly, we have to assume someone, somewhere, eventually will.”

Marcus Lee, VP of Fraud Risk

“You can’t prevent fraud with stale data. Some level of real-time validation is necessary.”

Marcus runs enterprise fraud strategy at a multinational financial services firm. His team handles fraud mitigation across banking, healthcare, and payment systems. For Marcus, the risk isn’t theoretical: fraudsters already exploit credentialing gaps to create synthetic identities, steal controlled substances, and bypass onboarding checks.

He makes three key arguments for phone-home capability:

Regulatory compliance: Banks must meet Know Your Customer (KYC) and Anti-Money Laundering (AML) standards that often require verifying the current status of a credential at the time of use. High-risk scenarios: From dispensing opioids at a pharmacy to controlling access to critical infrastructure, static credential models can’t flag suspended, stolen, or recently revoked identities in time to prevent harm. Operational integrity: Real-time revocation and risk signals are critical for dynamic threat environments, such as when a compromised credential is detected and must be disabled immediately.

Marcus doesn’t ignore the privacy conversation. He believes enterprises must:

Minimize data retention Disclose verification policies Use contractually bounded systems

But banning real-time issuer contact outright? That, to him, is a risk too far.

“Fraud isn’t solved with good intentions. If we strip out risk signals in the name of privacy, we’ll end up rebuilding surveillance tools elsewhere with less transparency and with fewer guardrails.”

Priya Banerjee, Identity Standards Architect

“Both concerns are valid. Let’s design systems that make phone-home capabilities visible, limited, and accountable.”

Priya has helped draft standards at several of the more open standards organizations. She sees herself as a translator between idealism and operational need. She agrees with Rhea that invisible surveillance is unacceptable, but also agrees with Marcus that some environments can’t function responsibly without up-to-date credential data. (Priya is kind of my hero.)

Her view is that technical architecture should support both offline-first and risk-aware models, with strict boundaries. She proposes:

Device-based verification as the default Explicit and visible consent if server retrieval is needed Mandatory signaling by the verifier so users know which mode is active Logged retrieval history that users can inspect (or challenge)

She also raises a quiet but critical point: when standards prohibit real-world use cases outright, implementers will often fork the spec or build their own tooling, often without the privacy protections the standard might have enforced.

“Designing for flexibility doesn’t mean compromising values. It means making systems that work in the real world, while ensuring the user stays informed, in control, and protected.”

Comparison Table ConcernRhea (Privacy Advocate)Marcus (Fraud Prevention)Priya (Balanced Architect)Default verification modeDevice-onlyContext-dependentDevice-first, fallback allowedReal-time server retrievalStrongly opposed; privacy riskRequired in high-risk sectorsPermitted with consent and loggingConsent modelMust be explicit and revocableNot always practicalRequired and user-visibleRevocation handlingLocal proofs, time-limited credsReal-time checks essentialHybrid: periodic updates + fallbackTransparency mechanismsMandatory user logsControlled via policyTechnically enforced signalingAcceptable tradeoffsVery few; privacy is paramountSome surveillance justifiedBoundaries + adaptability Conclusion

There’s no one-size-fits-all answer here. And that’s the point. These aren’t just technical choices; they’re governance decisions that shape what our systems can and can’t do. They are risk management decisions; no one size will fit all. The phone-home debate should be about recognizing that the needs of privacy, security, and accountability are not mutually exclusive, but they are in tension.

We build better infrastructure when we acknowledge those tensions rather than ignore them. That means creating room for high-risk use cases to function responsibly without turning every ID scan into a tracking event. It means embedding consent and transparency into the architecture, not just assuming policy will save us later.

These debates are worth having and revisiting as technology, regulation, and use cases evolve. Let’s keep listening, keep adjusting, and keep building systems that are worthy of the trust we expect users to place in them.

Want to stay updated? I write about digital identity and related standards—because someone has to keep track of all this! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here] 

Transcript Introduction

00:00:00 Welcome to the Digital Identity Digest, the audio companion to the blog at Spherical Cow Consulting. I’m Heather Flanagan, and every week I break down interesting topics in the field of digital identity—from credentials and standards to browser weirdness and policy twists. If you work with digital identity but don’t have time to follow every specification or hype cycle, you’re in the right place.

00:00:26 Let’s get into it.

Episode Overview

00:00:29 Hi there and welcome back to A Digital Identity Digest. In today’s episode, we’re diving into a topic that’s been grabbing attention, especially among those of us who spend our time thinking about infrastructure standards and users’ rights.

00:00:44 Initially, this episode almost began as a rage blog—a cathartic response sparked by a lively signal chat. Although I wasn’t the one raging, that conversation inspired the post you’re about to experience.

Understanding Phone Home and MDLs

00:01:00 The discussion centers on the Phone Home feature built into the specification for mobile driver’s licenses (MDLs). On the surface, MDLs are more than just a digital version of your government-issued ID—they’re designed to be stored on your phone, offering convenience, enhanced security, and reduced risks of forgery.

00:01:09 Yet, as with every innovation, the devil is in the details. The ISO specification includes a Phone Home functionality that allows systems verifying your ID—whether by a bartender, a TSA agent, or a pharmacist—to contact the issuer in real time to check its status.

Key Points: Real-Time Verification: Ensures immediate feedback on license status. Privacy Concerns: Opens the door to tracking when, where, and how often your ID is presented. Implementation Flexibility: Depending on the issuer, this capability can be toggled silently. Privacy vs. Practicality: The Debate

00:02:05 At first glance, real-time verification may seem entirely reasonable. After all, if an ID is revoked, expired, or flagged, shouldn’t the system know instantly?

00:02:16 However, there are notable catches:

Surveillance Risks: The same capability enables individual tracking. Silent Activation: This feature can be turned on without the user’s knowledge.

These trade-offs highlight that implementation matters—a theme that will continue throughout our discussion.

Persona Spotlight: Dr. Rhea Jamieson

00:03:19 Let’s introduce our first fictitious persona, inspired by real-world conversations. Meet Dr. Rhea Jamieson, a dedicated privacy researcher with decades of experience collaborating with civil liberties groups and contributing to privacy-focused standards.

00:03:33 Dr. Jamieson’s core concerns include:

Default Avoidance of Surveillance: She argues that surveillance should never be the standard. Visibility and Consent: Any real-time verification must be visible, optional, and auditable. Risk of Inadvertent Activation: Once surveillance is technologically enabled, the pressure to use it grows.

00:04:12 In her view, cryptographic proofs and time-limited credentials should be leveraged to build systems that inherently avoid default surveillance—even if there are rare situations (such as border crossings) that might justify such features.

Persona Spotlight: Marcus Lee

00:05:11 Shifting to a different perspective, meet Marcus Lee, the imaginary Vice President of Fraud Strategy for a global financial institution. His world revolves around combating synthetic identity fraud, money laundering, and managing relentless regulatory audits.

00:05:37 Marcus believes:

Stale Data Is Risky: Static credentials, which can’t be updated or revoked in real time, are a liability. Necessity of Real-Time Risk Signals: Fraud prevention demands immediate validation. Controlled Usage: While he doesn’t advocate for Phone Home as the default, he insists on its availability where risks and liabilities are pronounced.

00:06:02 To him, privacy policies, audits, and enterprise-wide safeguards can accommodate real-time verification without sacrificing necessary safeguards.

Persona Spotlight: Priya – Bridging Both Worlds

00:06:43 Finally, let’s meet Priya, an imaginary standards architect who encapsulates the balancing act between privacy and practicality. With extensive experience across multiple standards development processes, Priya strives to bridge philosophy with real-world deployment.

00:06:50 Her approach is all about designing systems that are:

Visible: Phone Home capabilities should be transparent and clearly communicated. Limited: Device-based verification should be the default, with strict limits on server retrieval. Accountable: Every network retrieval must be logged for user review.

00:07:23 Priya’s vision emphasizes that designing for informed use with visible, enforceable boundaries allows for a dual benefit—supporting both privacy-first applications and high-risk scenarios.

Key Takeaways

00:08:06 The episode delivers a crucial message: designing flexible digital identity systems does not have to mean compromising core values. Consider these essential points:

Surveillance vs. Fraud Prevention: One perspective argues to design out surveillance, while another insists on embedding risk signals to prevent fraud. Balanced Implementation: A middle ground is not only possible but necessary—standards can support both privacy and security with transparency and accountability. Informed Consent: Ultimately, users should be kept informed, in control, and protected at every step. Final Thoughts & Call to Action

00:09:03 In conclusion, these perspectives are not mutually exclusive. As we build, standardize, and deploy digital credentials, let’s:

Stay Engaged: Keep the conversation open rather than viewing it as a zero-sum game. Listen to Diverse Viewpoints: Every perspective—privacy, fraud prevention, and balanced standards—adds value.

00:09:22 Let’s build systems that truly reflect the trust we’re asking people to bestow upon us.

00:09:26 Thank you for listening to this episode of A Digital Identity Digest. If it helped clarify or spark your interest, please share it with a friend or colleague. Connect with me on LinkedIn at alflanagan and subscribe to the podcast on Apple Podcasts or your preferred platform.

00:09:38 Stay curious, stay engaged, and let’s keep these essential conversations going.

The post When Verification Calls Home: Three Views on Privacy, Risk, and Digital Credentials appeared first on Spherical Cow Consulting.

Thales reinforces its leadership in eSIM and IoT connectivity with a ‘ready to use’ certified solution prezly Tue, 07/08/2025 - 09:00 At a time when billions of connected objects are reshaping industries, Thales has achieved an essential security certification for its eSIM solution, reinforcing its leadership in trusted connectivity management for the Internet of Things (IoT). The certification, granted by the GSMA under the eSIM Security Assurance (eSA) scheme, marks a significant milestone in enabling large-scale, secure, and efficient IoT deployments across industries including smart metering, healthcare, and automotive. This positions Thales as a trusted partner capable of providing full protection against advanced cyber threats — delivering end-to-end security solutions, from chip to cloud, and ensuring compliance with emerging security standards (e.g., the EU Cyber Resilience Act)

With over 5.8 billion IoT cellular connections expected globally by 2030 (GSMA Intelligence), businesses and industries face growing pressure to deploy connected devices at scale — securely and efficiently. The SGP.32 IoT specification has been designed specifically to meet the unique needs of IoT devices by simplifying remote connectivity activation while maintaining high levels of trust. And more specifically, the GSMA eSA certification ensures that the eSIM product (hardware, firmware, OS, and cryptographic libraries) complies with strict security and functional requirements, recognised across the global mobile ecosystem.

In other terms, obtaining this certification marks a key security milestone for Thales, as it serves as a globally recognized 'seal of trust' that helps IoT service providers, device makers and car manufacturers, select solutions that are secure, future-proof, and ready for rapid deployment. Indeed, this certification brings concrete benefits for ecosystem players:

Operational efficiency: enables mass remote activation of eSIM-enabled IoT devices, reducing logistics, physical SIM handling, and field interventions. Security by design: ensures robust protection of credentials and connectivity data throughout the device lifecycle. User trust & privacy: builds confidence among end users by securing device identities and communication — essential for sensitive use cases like smart meters, medical devices, track-and-trace systems, security cameras or connected vehicles.

“In an IoT world that’s growing fast and moving even faster, trust and simplicity are key. With this certification, Thales continues to pave the way for secure, large-scale deployments of connected devices that are easy to manage and future-ready. It’s about removing friction, increasing security, and enabling innovation — at the speed the market demands” commented Eva Rudin, VP Mobile Connectivity Solutions at Thales. “With dozens of projects already underway with industrial and automotive players, we are confident that this move will further accelerate the adoption of eSIM technology among more than 100 of our customers — including mobile network operators, IoT service providers, automotive companies, and device manufacturers."

 

/sites/default/files/prezly/images/125662546_L_0.jpg Contacts Cédric Leurquin 08 Jul 2025 Type Press release Structure Digital Identity and Security With over 5.8 billion IoT cellular connections expected globally by 2030 (GSMA Intelligence), businesses and industries face growing pressure to deploy connected devices at scale — securely and efficiently. The SGP.32 IoT specification has been designed specifically to meet the unique needs of IoT devices by simplifying remote connectivity activation while maintaining high levels of trust. And more specifically, the GSMA eSA certification ensures that the eSIM product (hardware, firmware, OS, and cryptographic libraries) complies with strict security and functional requirements, recognised across the global mobile ecosystem. prezly_777014_thumbnail.jpg Hide from search engines Off Prezly ID 777014 Prezly UUID 50bf707e-aedf-4f6b-8f43-f6d066114e3b Prezly url https://thales-group.prezly.com/thales-reinforces-its-leadership-in-esim-and-iot-connectivity-with-a-ready-to-use-certified-solution Tue, 07/08/2025 - 11:00 Don’t overwrite with Prezly data Off

Not that I’m a lawyer! But I’m giving a short speech on AI regulation at the 2025 Asian Law Schools Association (ALSA) Law and Technology Conference in Sydney, on July 11.

Abstract

The phenomenon of deep fakes, where Generative AI creates realistic still and moving images mimicking real individuals, is deeply troubling for actors, authors and public figures. Some people have tried to assert intellectual property rights over their likenesses, but these approaches have proved problematic. Legal reform in this area would be complicated and time consuming.

Here I propose a simpler way to legally protect appearances, by applying established technology-neutral data privacy law to facial images and voice recordings.

Note carefully that this is not to say that faces and voices are necessarily “private”; instead, the point is to appeal to data protection principles which simply operate to restrain the flow of certain types of information, namely personal information (PI).

My argument in brief goes as follows:

Facial images and voice recordings constitute personal information under the Australian legal definition, namely any “information … about an identified individual, or an individual who is reasonably identifiable”.Indeed, the Office of the Australian Information Commissioner (OAIC) has advised that photos and videos are treated as personal information if the identity of individuals “is clear or could reasonably be worked out”. Under technology neutral privacy law, privacy principles apply to personal information whether it is collected directly or indirectly. The OAIC has developed specific guidelines for “collection by creation”, with a broad interpretation of collection to cover “gathering, acquiring or obtaining personal information from any source and by any means”, including “when information … generated from other information”. So, if a Generative AI model creates a visual and/or acoustic likeness of a real-life individual Alice, then we can regard the model as having collected personal information about Alice. The use and disclosure of the generated likeness would be subject to legislated privacy principles. Consideration would usually have to be given to Alice’s consent for likenesses of her to be produced and disseminated.

I conclude that technology-neutral data privacy laws — such as Australia’s Privacy Act (1988), the European Union General Data Protection Regulation (2016) and the American Privacy Rights Act (Updated House Draft, 23rd May 2024) — contain powerful and proven legal mechanisms that could help limit certain adverse effects of generative AI that are otherwise proving difficult to contain.

The post Gen AI and Gen PI appeared first on Lockstep.

Fine-tune your DDoS protection with Fastly's Precise Defense update. Gain flexibility to allow legitimate traffic while automatically mitigating attacks.

The post When IAM Technical Debt Becomes a Security Crisis — And How to Reverse It appeared first on Radiant Logic.

Managing personal health information in Ontario means complying with PHIPA—one of Canada’s strongest health privacy laws. From consent management to secure access and audit trails, PHIPA sets clear rules for custodians and their partners. This beginner’s guide breaks down who’s covered, what’s required, and how platforms like myLaminin can help meet over 80% of PHIPA’s requirements—making privacy compliance easier for healthcare and research teams alike.

From wax seals to biometrics, we explore the past, present and future of identity verification.

Verifying your identity used to be simple: you just had to sign your name and if you couldn’t write, mark an ‘X’. A simple and far from rigorous process – certainly one that wouldn’t pass today’s Know Your Customer rules or fly in today’s strictly controlled and regulated environments.  

It’s safe to say that we’ve come a long way since signatures and wax seals, but the purpose of identity verification has remained consistent throughout history: to distinguish between individuals, establish trust, and allocate rights or responsibilities. 

At IDnow, we’re obsessed with everything identity, and as one of the Heads of Product at IDnow, I’m particularly fascinated with the different ways in which we consciously and subconsciously identify ourselves. 

For example, did you know that modern security cameras are now able to identify someone based on how they move? Siri, Alexa and Google Assistant don’t just listen to words — they analyze the frequency and rhythm of a voice to decide if it’s really the user and whether to provide the user profile’s private data. 

Plus, fun fact: due to its unique shape, texture, and vein pattern, the human tongue could, theoretically, be used for personal identification. In fact, as a biometric identifier, a tongue can be as accurate as a fingerprint or iris. The main barriers to adoption include hygiene concerns, user discomfort, and technical challenges in consistent imaging. However, it’s perhaps only a matter of time until Apple devises a way to scan my tongue as I speak into my iPhone… 

There has also been research into the viability of using brain reactions to stimuli (e.g. flashing lights or sounds) as biometric identifiers as brain signal patterns are nearly impossible to fake. 

At IDnow, we’re also fascinated with the future of digital identity verification. But before we look ahead, let us first investigate the history of identity verification.

The Trust Playbook. Discover how top teams from your industry are turning digital identity and trust into growth strategies.​ Download now 8 milestones in the history of identity verification. Pre 3000 BC: It can be assumed that as people in small tribes and communities tended to all know each other, no formal documentation was ever needed. Recognition was based on appearance, voice, posture, or habits. Tattoos, scars, or tribal markings were, however, used to signify group identity or status.  3000BC to 300AD: Alongside the birth of larger civilizations like Mesopotamia, Egypt, and Rome came written records. Population registries (some found on stone tablets), often tied to occupation, parentage, or land ownership, date back to 3000BC. 

Ancient Rome used written census rolls to verify citizens for taxation and military service purposes. Local scribes with local knowledge would often be used as the first level of identity verification. It was also during this period when individuals started to use engraved rings or stamps to validate their identity or to press into wax seals to authenticate documents.   300 to 1500: References to letters permitting travel through Persian territories, (which many consider to be the first passport) were found from the 5th century. By the 15th century, official documents called “safe conducts” were used by the British Empire to allow subjects to travel abroad safely. Passports soon followed providing official identification for travel purposes.  1500 to 1800: In the early modern period, signatures started to become used as the legal mark of a personal identity, especially in the agreement of contracts.  1800 to 1900: By the industrial age, identity records were centralized and state-backed with various governments forming civil registries. Photos began appearing on official documents and fingerprints were being used to identify individuals. The first documented use of fingerprint analysis occurred in 1892 in Argentina to prove a murder case.  1900 to 1990: Birth certificates and Social Security Numbers started to become standard across most nations whilst driving licenses and passports became the most common identity documents. Other countries introduced national identity cards. Even, as I recently discovered whilst sorting through items at my mother’s house, my grandmother. Of course, the UK has always had a very different approach to identity verification.

By the late 20th century, we started to see a shift from recognition to authentication. Biometrics, including fingerprints, facial features, and retina scans were introduced to gain access to high-security environments. The first retina scan was used in 1984 to enter secure US government facilities. Jonathan’s grandmother’s National Registration Identity Card was first issued in May 1943 and last ‘authenticated’ in 1948. 1990 to 2013: The digital age was the period when identity became portable. Usernames and passwords became the norm to access online services, and email and social media accounts became informal identity layers. This was also when digital signatures and encryption were first used in official documents.

In 2013 we saw the introduction of the iPhone Touch ID, which brought biometrics into mainstream consumer technology. (Face ID would follow in 2017.) Unfortunately, fraudsters were not far behind and shortly after the introduction of these innovative methods of identity verification came an increase in fraudsters using creative ways to hack digital services. 

In 2014, IDnow was founded in Munich, Germany and launched its flagship product, VideoIdent. Our expert-led video identity verification service was considered revolutionary at the time as it enabled organizations to offer the same legal equivalency as an in-person identity verification and had just been allowed by the German Federal Financial Supervisory Authority (BaFin).  2014 to 2024: During this decade, a variety of identity verification and digital signature solutions were added to the IDnow portfolio, including the AI-supported, fully automated AutoIdent identity verification solution. 

In 2021, IDnow acquired the French market leader for identity verification technology, ARIADNEXT, and the German provider identity Trust Management AG, establishing us as one of the largest European players in the identity industry. It was during this decade that industries at large adopted automated identity verification. From scanning passports at airports to unlocking phones and accessing apps, the public now uses sophisticated AI and biometrics to validate their identities daily. They use smart watches to track biometric signals, and have become used to increased security measures, such as multi-factor authentication. What’s coming next? 2025 – 2035. 

Here are just a few trends that we’re likely to see soon in the identity space. Many organizations will start to focus on integrating self-sovereign identity into their platforms, where the individual owns their own data and identity is delivered through decentralized systems, such as blockchain. Here, data is shared only on a need-to-know basis. A great user experience if you want to prove your age without sharing your date of birth, for example. 

Regulation will continue to evolve around access to data stored on NFC (Near-Field Communication) chips, which are often embedded in ID cards and documents. In the past, access to this data tended to be restricted to government agencies. 

There is also an industry-wide drive toward improving customer experience, especially with regards to reducing authentication time. This will likely become easier and more widespread as individual governments and industries start to issue digital identity credentials that can be stored in a digital wallet. 

We are also seeing the growth of cross-border & global interoperability through emerging global standards like W3C Verifiable Credentials and ISO 18013-5 for mobile IDs. Projects including eIDAS 2.0 in the EU aim to make digital identities and digital wallets usable across multiple countries, while the upcoming Anti-Money Laundering Regulation will set out what methods of identity verification will become compliant in the near future.

The future of identity verification. 

As the market evolves at lightning speed, the businesses of tomorrow will need more than basic verification, they’ll need trust solutions that are continuous, intelligent, and built to scale. To succeed in the future, businesses will need to stay ahead of regulatory changes, outsmart new fraud threats, and deliver standout customer experiences. 

At IDnow, our mission is simple: we’re not just another service provider. We’re a trusted partner in identity orchestration. Powered by AI and delivered through our robust SaaS platform, we help businesses navigate the digital landscape with confidence. From seamless identity verification and real-time fraud prevention to adaptive compliance, we ensure trust is woven into every transaction and every interaction. 

Looking ahead, one thing is clear: trusted identity verification will drive every successful strategy, every smooth transaction, and every enduring customer relationship.  

At IDnow, we’re here to make sure you’re ready for that future.

By

Jonathan Underwood
Head of Product at IDnow
Connect with Jonathan on LinkedIn

De nieuwe pensioenwet (Wet toekomst pensioenen – Wtp) vraagt pensioenuitvoerders niet alleen om hun regelingen aan te passen, maar ook om deelnemers actiever te begeleiden bij het maken van keuzes. Het gaat niet langer alleen om informeren. Deelnemers moeten echt geholpen worden om verstandige beslissingen te nemen.

The crypto regulatory landscape has fundamentally transformed. From MiCA in Europe to enhanced US enforcement, from Japan’s $3K threshold to Singapore’s June 2025 deadline, regulatory authorities worldwide demand sophisticated compliance infrastructure.

VASPs must navigate UAE’s VARA framework, Hong Kong’s licensing requirements, Canada’s enhanced FINTRAC obligations, and Australia’s strengthened AML/CTF measures simultaneously.

FATF Travel Rule compliance is not anymore optional for VASPs but an existential condition. Veriscope is the only frictionless Travel Rule solution.

As part of our efforts to support VASPs in this new climate, we offer FREE Travel Rule consultation + first month Veriscope FREE.

Why Veriscope Changes Everything

Most Travel Rule solutions create bottlenecks through manual VASP lookups, outdated databases, and user-provided information that introduces friction. These approaches can’t scale to meet real-time demands.

Shyft Veriscope solves this through auto-detection technology that identifies counterparty VASPs in real-time using just the crypto wallet address.

Key Features Automated VASP Discovery with instant wallet analysis Privacy-First Architecture with peer-to-peer data sharing User Signing for non-custodial wallet compliance Global Interoperability via partnerships with Sygna, Notabene, Crystal Blockchain, Coinfirm Complete Solution handling all asset types and transaction amounts

The question isn’t whether you need Travel Rule compliance — it’s whether you’re using infrastructure that delivers automated discovery, maintains privacy, enables self-custody, and scales globally.

Book your consultation: https://calendly.com/tomas-shyft or email: bd@shyft.network

Everything Veriscope: https://www.shyft.network/veriscope

Global Crypto Regulatory Tightening Demands Immediate Action was originally published in Shyft Network on Medium, where people are continuing the conversation by highlighting and responding to this story.

Ontology Network 7th MainNet Anniversary

It’s been seven years since the Ontology blockchain first launched. That’s two full crypto market cycles, a few thousand product pivots across the industry, and more rebrands than anyone cares to count. But here we are, and we’re still building, still shipping, and still running on the same principles that started this whole thing: decentralized identity, user-first privacy, and no-nonsense staking rewards.

To mark the milestone, we’re launching a multi-pronged campaign packed with rewards, quests, and real-world utility. Whether you’re a trader, staker, or just someone who likes airdrops, there’s something for you.

🛠 Campaign Breakdown: Utility, Incentives, and a Little Chaos

Let’s break it down. We’re not just throwing confetti here. Every piece of this campaign is meant to showcase how ONT and ONG actually work. These tokens aren’t just as assets, they are part of the core infrastructure in a better Web3.

🌍 Wide World x Ontology: Create. Share. Win.

We didn’t forget the creatives — join in the fun here.

From June 18th

$600 prize pool Fire up WW AI, create something themed for ONT Drop your creation under our Wide World campaign tweet

Twelve winners get $50 each. Think of it as your moment to flex, and possibly stack some ONG while you’re at it.

🟢 Trade Smarter with ONT & ONG

This is the main show: a 4-week campaign rolling out inside the ONTO Wallet

From June 30th $3,000 in ONG up for grabs Top 50 traders by volume get a cut of $2,500 Random 100 eligible wallets win $5 each All you need: trade at least $10 worth on Ontology

>>>> Trade via ONTO <<<<

Want to boost your odds? Trade ONT pairs, use ONG for gas, hold it for 3+ days, or take the quiz on how staking ONT earns you ONG. Yes, a quiz. We’re not above pop quizzes if it gets people to learn something.

🔵 Stake to Win

If trading’s not your thing, maybe staking is.

$2,000 in ONG rewards Stake into Round 258 (dropping ~ June 28th) 20 random stakers will each get $100 (in ONG, of course).

Because let’s be honest, staking ONT is still one of the most under-hyped moves in Web3. You earn ONG passively, contribute to governance, and now you might get a surprise bonus.

Learn more about Ontology Staking with this helpful guide.

🧓 OG Traders: Your Early Moves Could Pay Off

If you were one of the first to trade on the Ontology blockchain, now’s your chance to prove it and earn a reward. We’re recognizing the earliest adopters of ONT with a special prize:

🥇 $500 USD reward for the first-ever Ontology trader 🧠 Humanity Score via Orange Protocol for all verified participants

Think you’re an OG? 👉 Verify your eligibility here

Your early support helped shape the network — this is our way of saying thank you!

🧠 Why It Matters

Ontology has spent seven years shipping tech, most projects are still theorizing about. Decentralized Identity (DID). Self-Sovereign Identity (SSI). Zero Knowledge Proofs. Real-world partnerships. Our gas fees? Still a joke, in a good way. And we’re laser-focused on the user owning their data, their keys, and their value.

📚 Related Reading

Ontology full EVM Guide 2025 — with low fees and easy bridging.

Maximise Your Crypto Earnings with Ontology Staking — helpful step by step guide.

Celebrate 7 Years of Ontology with Trading, Staking, and Creator Campaigns was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.

Thales contributes to strengthening Malaysian air sovereignty with two additional Ground Master 400 alpha long-range air surveillance radars prezly Mon, 07/07/2025 - 10:20 During the Malaysian Prime Minister Datuk Seri Anwar bin Ibrahim’s state visit to France, Thales has received the official Letter of Award (LOA) to provide two additional Ground Master 400 alpha (GM400α) radars to reinforce the country’s situational awareness. These additional radars will bring the total number of GM400 to 4 in the country, showing Malaysia’s renewal of trust in Thales’ radar technology. Recognised worldwide for its technological superiority and high mobility, the GM400α has been deployed by more than 20 nations. These two radars will enhance air surveillance capabilities for the Royal Malaysian Air Force (RMAF), being able to detect all types of threats with a 515 Km range. Thales has been present in Malaysia for over 40 years, in both the civilian and military sectors. Malaysia was the first customer to order the GM400 radar.
©Julien Lutt / CAPA Pictures - ©Thales

Aligned with its strategy to strengthen local industrial capabilities, Thales will partner with Malaysian enterprise Weststar Group to install and deploy the radars in line with the terrain and operational requirements of the RMAF (Royal Malaysian Air Force), in Peninsular and Eastern Malaysia. Through Industrial Cooperation Programmes (ICPs), Thales will provide maintenance and support of GM400α radars throughout their lifecycle, in close proximity to the RMAF. Thales will also embark on knowledge transfer and on-ground training to build Malaysia’s future generations of radar experts.

Given the multitude of threats in constant evolution, building a reliable, accurate, up-to-date Recognized Air Picture (RAP) is critical. The GM400α is an asset to armed forces for early threat detection, giving them a tactical advantage to aid decision making. Highly mobile, highly available and tactical, the radar is easy to upgrade and integrates seamlessly to existing systems.

Leveraging on years of successful field experience, GaN technology and surveillance capabilities, the GM400α detects simultaneously targets from fast jets and missiles, to hovering helicopters and UAVs, flying close to the ground, hiding in the clutter near the radar. In addition, the radar maintains the highest level of mobility and availability performance on the market and today has sold more than 270 combat-proven air surveillance radars in the Ground Master (GM) family worldwide.

This Letter of Award reaffirms Thales’s commitment to strengthen Malaysia’s air surveillance capabilities in addition to supporting its national agendas in Artificial Intelligence, Space and cybersecurity.

“This award is a recognition of Thales’ unparalleled radar expertise, honed through the years and on the battlefield. We are delighted to receive this award from Prime Minister Anwar on his state visit to France to commemorate the strong bilateral relations between our two countries. As a global technology leader and with our long-standing relationship with Weststar, Thales is committed to helping Malaysia build up its national defence sector.”, Hervé Dammann, Executive Vice-President, Land and Air Systems, Thales.

About Thales

Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.

The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.

Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.

/sites/default/files/prezly/images/sans%20A-1920x480px_102.jpg Contacts Cédric Leurquin 07 Jul 2025 Type Press release Structure Defence and Security Defence Malaysia Aligned with its strategy to strengthen local industrial capabilities, Thales will partner with Malaysian enterprise Weststar Group to install and deploy the radars in line with the terrain and operational requirements of the RMAF (Royal Malaysian Air Force), in Peninsular and Eastern Malaysia. Through Industrial Cooperation Programmes (ICPs), Thales will provide maintenance and support of GM400α radars throughout their lifecycle, in close proximity to the RMAF. Thales will also embark on knowledge transfer and on-ground training to build Malaysia’s future generations of radar experts. prezly_776566_thumbnail.jpg Hide from search engines Off Prezly ID 776566 Prezly UUID 9772e627-22c7-480b-bfab-d127eb249299 Prezly url https://thales-group.prezly.com/thales-contributes-to-strengthening-malaysian-air-sovereignty-with-two-additional-ground-master-400-alpha-long-range-air-surveillance-radars Mon, 07/07/2025 - 12:20 Don’t overwrite with Prezly data Off

The United Kingdom is less than a month away from a major shift in how it handles director and beneficial owner identity verification. Under the Economic Crime and Corporate Transparency Act, new requirements will soon make it mandatory for company directors, Persons with Significant Control (PSCs), and anyone filing with Companies House to verify their identity. These changes aim to bring greater transparency to corporate structures and reduce the risk of fraud. They also introduce new pressures for compliance teams, legal advisers, and company secretaries—especially those still relying on outdated onboarding methods.

Who Must Verify

Starting in autumn 2025, the following individuals must complete identity verification:

All new and existing company directors Persons with Significant Control (PSCs) Individuals submitting filings on behalf of a UK-registered company

This applies to all companies, LLPs, and relevant legal entities registered with Companies House. Existing directors and PSCs will have a 12-month transition window. For new incorporations, identity verification must be completed before the appointment is confirmed.

How Identity Can Be Verified

There are three official routes for identity verification:

GOV.UK One Login
This is the UK government’s centralised digital identity platform. Users scan an RFID-enabled document (such as a passport or biometric residence permit) and complete a face match using biometric liveness detection. However, this system has lost its DIATF certification and has raised concerns regarding centralised data storage, tracking, and security. In-Person Verification at Post Office Branches
An option for those who cannot complete digital verification. Requires manual face-to-face inspection of documents. Via an Authorised Corporate Service Provider (ACSP)
Trusted firms such as law firms, accounting providers, and compliance vendors can verify identity on behalf of Companies House using approved methods. iComply’s Verified and Audit-Ready Method
iComply offers a decentralized, privacy-first alternative to One Login. Using a combination of advanced document authentication, active and passive liveness detection, and secure 3-dimensional biometric face matching – all processed on-device via edge computing. This method exceeds the technical standards required by Companies House and supports global onboarding with full audit trails, real-time risk screening, and integrated KYB workflows. What Happens if You Don’t Comply

Failure to comply with the new identity verification obligations will prevent new appointments from being registered. Existing directors or PSCs who do not verify within the designated transition period may face legal and financial penalties. In some cases, this may also result in being barred from holding a directorship or filing on behalf of a UK company.

Beyond the legal risks, there are reputational implications for firms that cannot prove the integrity of their leadership or onboarding processes. As identity verification becomes the new foundation of trust in UK company law, firms that fall behind will find it harder to attract capital, open accounts, and retain credibility.

How to Prepare Your Business

If you’re onboarding new directors or updating company filings this summer, the time to act is now. Here’s how to get ahead:

Encourage early verification: Don’t wait for the deadline. Begin verifying existing directors and PSCs now through iComply or your preferred ACSP. Modernize your process: If you’re still manually collecting ID documents by email or storing PDFs in shared drives, now is the time to upgrade to a platform with real-time audit logs and secure data handling. Avoid relying on unproven systems: With One Login’s certification issues and surveillance concerns, companies should carefully evaluate what method aligns best with privacy obligations and risk posture. Train your teams: Ensure legal, compliance, and onboarding personnel are briefed on the new requirements and understand how to trigger verification workflows in your internal systems. Centralize KYB and KYC: Director verification doesn’t exist in a vacuum. Integrating this into a broader KYB process will improve efficiency, oversight, and your ability to handle future regulatory changes.

 

Why It Matters

Identity is more than a checkbox. For compliance teams and operations professionals, it’s the first gate of trust. Getting it right not only satisfies Companies House—it protects your business, your directors, and your clients from exposure, fraud, and reputational harm. These new requirements aren’t just about control. They’re about clarity. And clarity, when delivered through systems like iComply, means less friction, less stress, and fewer late-night compliance fire drills.

One Month Left

The countdown is on. In one month, director identity verification in the UK becomes mandatory. You can choose to rely on a centralized system or you can empower your firm with a trusted identity verification solution that puts security, privacy, and accountability at the core.

Start your free trial of iComply today. Stay ahead. Stay trusted.

At Bluesky, we're constantly working to help you personalize your experience. We know that staying connected means different things to different people, and sometimes, you just need to cut through the noise. That's why we're excited to introduce three updates to notifications:

Activity Notifications: Opt-in to receive push notifications from specific accounts. Enhanced Notification Settings: Controls to fine tune which notifications you receive. Repost Notifications: Receive notifications when someone likes or reposts posts you’ve reposted.
Activity Notifications: Never Miss a Post Again! Tap the bell to receive push notifications from a specific account.

Staying connected with the accounts that matter most to you just got easier with Activity Notifications, which let you receive push and in-app notifications directly from specific accounts. Never miss a breaking update, a new thought, or a live moment from the accounts you follow closely.

It's simple to enable these new notifications:

Navigate to a profile: Visit the profile of an account you love. Look for the bell icon: If they have this feature enabled, you'll see a small bell icon next to the 'Follow' button. Tap the bell: Press it, and you'll be able to enable notifications specifically for their new posts, and optionally, even their replies.

You can easily opt in to manage the list of people you're receiving "Activity Notifications" from at any time by going to Settings > Notifications > Activity Notifications.

For posters: if you want to keep things more mellow, you have the option to disable this feature entirely, or enable it only for people you follow, by going to Settings > Privacy and Security > Allow others to get notified of your posts.

Enhanced Notification Settings: Take Charge of Your Notifications Press the settings icon in the top right of your notifications to fine-tune what you receive.

We’re rolling out new controls over the notifications you receive. Head over to Settings > Notifications to fine-tune your preferences. You can now choose to receive notifications from:

Everyone: Stay in the loop with all interactions. People you follow: Filter out the noise and focus on your close connections. No One: For when you need a moment of peace and quiet.

Here are the notification types you can now customize:

Replies: Control who can notify you when they reply to your posts. Mentions: Decide when you're pinged for a mention. Quotes: Manage notifications for posts that quote yours. Likes: Get notified when someone likes your posts. Reposts: See when your posts are reposted. New followers: Keep track of your growing audience. Likes of your reposts: Get feedback on the content you curate. Reposts of your reposts: See how far your shared content travels. Everything else: This covers general notifications, like when someone joins via one of your Starter Packs, or verification notifications. We've kept this category flexible so we can add more helpful updates in the future.

You can also enable and disable whether you receive push notifications for each of these categories, giving you even more granular control.

A Note on Priority Notifications: Our previous "priority notifications" feature has been replaced by these new, comprehensive settings. If you previously had priority notifications enabled, your settings have been seamlessly migrated to these new options. Changing your reply, mention, and quote notifications to "people you follow only" will have the same effect as priority notifications did previously.

Get Notified About Your Reposts! You'll now receive notifications for likes and reposts of your reposts.

Finally, we’re introducing a new improvement for those who love to curate and share posts: you can now receive notifications when someone likes or reposts content you've reposted. Of course, you can adjust these notifications in your settings, choosing to receive them from everyone, just people you follow, or turning them off entirely.

We believe these updates will empower you to shape your Bluesky experience to be exactly what you want. Dive into your settings and explore the new controls you have!

Unlock cost-effective image optimization with Fastly Object Storage. Zero egress & operations fees for superior performance. Scale freely & iterate rapidly.

Have you ever stopped to think about how systems like banking apps, eKYC platforms, or even e-learning portals know whether the person verifying their identity is real — and not just a photo or a deepfake? In a digital world where identity fraud is growing smarter every day, verifying a face isn’t enough anymore.

Enter the liveness detection SDK, the invisible but powerful tool that ensures the face on screen belongs to a real, physically present human being.

In this blog, we’ll walk you through what a liveness detection SDK is, how it works, why it’s a must-have in 2025, and how Recognito offers one of the most secure, developer-friendly solutions available today.

 

What Is a Liveness Detection SDK?

A liveness detection SDK is a set of developer tools that allows businesses and developers to integrate anti-spoofing capabilities into their apps, websites, and digital workflows. It works in tandem with a face recognition SDK to verify not just the identity of a user but also their presence.

While facial recognition determines who the person is, liveness detection ensures they are real, not a printed image, video replay, deepfake, or 3D mask.

Liveness detection SDKs are particularly valuable in:

Digital onboarding and eKYC Secure login and access control Financial transaction approvals Telemedicine patient identity checks Online exam proctoring

Recognito build SDKs that use advanced AI, computer vision, and biometric algorithms to carry out liveness detection in real-time with ultra-high accuracy.

How Does a Liveness Detection SDK Work?

Let’s break this down into an easy-to-follow process that mirrors real-world use cases:

Step 1: Face Detection

The system identifies a human face in front of the camera using machine learning-based face detection.

Step 2: Visual Capture

The SDK captures a short video or a burst of frames to analyze facial dynamics.

Step 3: AI-Based Analysis

The AI model checks for key indicators like depth, blinking, subtle facial movements, skin texture, or even blood flow patterns.

Step 4: Spoof Detection

Based on the data collected, the system determines whether the image is real (live) or fake (spoofed).

Step 5: Verification Result

If the user passes the liveness detection for face recognition, the identity verification continues instantly and securely.

 

This process takes just a few seconds, with no manual intervention required. It ensures that digital platforms can operate 24/7 with a high degree of trust.

 

Passive vs. Active Liveness Detection

A strong face liveness detection SDK usually includes both passive and active detection methods:

Type Description Ideal Use Case Passive Liveness Detection No user interaction required. Relies on analyzing facial features, textures, and natural movements. Seamless onboarding, user-friendly apps Active Liveness Detection Requires users to carry out specific facial gestures like eye blinking, head rotation, or smiling. High-security environments like digital banking, border control

Recognito’s liveness detection SDK supports both passive and active modes, giving organizations the flexibility to balance user experience with the level of security needed.

 

Why Is a Liveness Detection SDK Essential in 2025?

As fraud evolves, so must our defenses. Here’s why integrating a liveness detection SDK is no longer optional:

1. Prevent Identity Spoofing

Modern spoofing attacks use high-resolution printed photos, digital screen replays, or even AI-generated deepfakes. A liveness detection SDK stops them in their tracks by requiring real-time, live biometric data.

2. Real-Time Identity Verification

Whether onboarding a customer or authenticating a returning user, decisions are made in under 2 seconds without human review.

3. Seamless UX

No OTPs, no passwords, no frustrating forms. Users verify their identity through natural interactions or no interaction at all in the case of passive detection.

4. Regulatory Compliance

Industries like fintech, healthcare, and telecommunications are governed by strict KYC, AML, and GDPR rules. Facial liveness detection helps meet those standards while minimizing user friction.

5. Easy Developer Integration

Recognito’s liveness detection SDK comes with detailed API documentation, mobile and web libraries, and support for Android, iOS, and desktop platforms.

6. Cost Reduction

Automated identity checks reduce the need for human intervention, speed up onboarding, and lower overall costs.

 

Use Cases for Liveness Detection SDK Across Industries

Liveness detection SDKs are used globally across a wide range of sectors. Here are a few industry-specific examples:

Banking & Fintech Enable passwordless logins Prevent fraud during mobile banking transactions Speed up digital KYC onboarding E-commerce & Marketplaces Verify seller and buyer identities Stop impersonation and account takeovers Reduce fake listings and review fraud Healthcare & Telemedicine Ensure only authorized patients access sensitive records Confirm the identity of remote consultation participants Secure access to telehealth platforms Education & eLearning Secure online exam proctoring Confirm student identity for certifications Prevent cheating or account sharing Travel, Immigration & Border Control Automate ID verification at airports or checkpoints Reduce wait times while increasing security Enable contactless boarding and hotel check-ins Recognito: Your Partner in Trusted Liveness Detection

At Recognito, we believe biometric security should be fast, accurate, and easy to integrate. That’s why our face liveness detection SDK is trusted by leading brands across sectors.

What sets us apart:

Real-time results in under a second Dual-mode passive and active liveness detection Developer-first design with robust APIs GDPR, KYC, and AML-compliant architecture NIST FRVT-evaluated performance Open-source support and detailed documentation via GitHub

Explore our live demo tools or try our Face Biometric Playground to see the technology in action.

Introduction to FaceSeek.online
FaceSeek.online is an easy-to-use tool for reverse face search, image-based lookup, and AI-generated faces. No login is needed — just upload a photo and start exploring.

Visit FaceSeek.online

Final Thoughts

In today’s digital age, identity verification is more than just matching faces; it’s about verifying that a real, live person is behind the screen. That’s when liveness detection SDK really shows its value.

With spoofing attacks growing in sophistication, your digital platform needs an equally sophisticated line of defense.

By implementing a powerful face liveness detection SDK like Recognito’s, you can deliver lightning-fast, user-friendly, and fraud-resistant identity experiences across every device and use case.

So, are you ready to upgrade your security while simplifying user access?
Let’s make it happen and protect your users with the future of biometric authentication.

Are you trying to decide between Google Meet vs Zoom for your online meetings or virtual classes? With the explosion of remote work and online learning, choosing the right video conferencing tool is more crucial than ever. This article will dive deep into a Google Meet vs Zoom comparison and overall user experience, to help you make the best decision.

Overview of Google Meet and Zoom Google Meet Developed by Google, integrated with Google Workspace

Google Meet, developed by the tech giant Google, is a core component of Google Workspace, offering seamless integration with tools you already use, like Gmail, Calendar, and Drive. This deep ecosystem integration makes it incredibly convenient for businesses and individuals already embedded in Google’s cloud services, often being the default choice for quick, efficient virtual connections without needing to switch platforms.

Known for simplicity, security, and seamless Google ecosystem integration

Renowned for its simplicity and robust security features, Google Meet prioritizes user-friendliness and data protection. Its intuitive interface allows for quick meeting setup and participation, reducing the learning curve for new users. Furthermore, Google’s strong security infrastructure helps ensure that your conversations and data remain private and secure. Therefore, addressing critical concerns for any user weighing Google Meet vs Zoom for sensitive communications.

Zoom Independent platform, popular for versatility and robust features

Zoom stands out as an independent platform renowned for its versatility and robust feature set, making it a strong contender in the ongoing Google Meet vs Zoom debate. Unlike integrated solutions, Zoom’s standalone nature has allowed it to develop a broad array of functionalities, from advanced meeting controls like breakout rooms and webinars to extensive customization options for virtual backgrounds and in-meeting chat, catering to diverse communication needs across various user types and industries.

Widely used across industries for meetings, webinars, and events

Zoom’s widespread adoption across numerous industries – including corporate, education, healthcare, and event management – underscores its adaptability for everything from daily team meetings to large-scale webinars and virtual events. Its comprehensive suite of tools for hosting, managing, and engaging participants has made it a go-to solution for organizations seeking powerful and flexible video conferencing capabilities, often being preferred for more complex or external-facing communications when comparing Google Meet vs Zoom

Brief history and market positioning in 2025

Looking at its market positioning in 2025, Zoom rapidly ascended to prominence, especially during the pandemic, solidifying its place as a household name in video conferencing. While maintaining a significant market share, Zoom is actively expanding beyond its core meeting functionalities. This strategic evolution into a broader AI-powered collaboration platform, focusing on agentic AI capabilities and a “Workplace” suite. Zoom aims to redefine its market position and compete more directly with comprehensive ecosystems like Google Workspace and Microsoft 365 in the competitive Google Meet vs Zoom landscape.

Feature Comparison: Google Meet vs Zoom FeatureGoogle MeetZoomMeeting CapacityUp to 1,000 participants with enterprise-level plans, ideal for large corporations, educational institutions, or significant online events within Google Workspace.Up to 1,000 participants with specific add-ons or higher-tier plans, suitable for webinars, conferences, and virtual events across diverse industries.Video and Audio QualityHD video with AI-driven intelligent noise cancellation and auto-lighting adjustments for optimal appearance in varying conditions.HD video with advanced audio controls, echo cancellation, background noise suppression, and customizable virtual backgrounds for privacy and personalization.Screen Sharing and CollaborationScreen sharing (entire screen, specific window, or Chrome tab) with Jamboard integration (third-party whiteboard integrations promoted as Jamboard winds down in 2025) and real-time live captions for accessibility.Versatile screen sharing (desktop, applications, or screen portions), native whiteboard for collaborative brainstorming, and breakout rooms for private, focused discussions.Recording and TranscriptionIntegrated recording for higher-tier Google Workspace plans with auto-transcription for searchable, accessible meeting content.Local and cloud recording options (cloud with paid plans) and transcription features with paid subscriptions for comprehensive meeting documentation.IntegrationsDeep integration with Google ecosystem (Google Calendar, Drive, Gmail) for seamless scheduling, document sharing, and meeting access.Extensive third-party integrations via Zoom Marketplace, including Slack, Microsoft Teams, CRM, and project management tools, for flexible workflow compatibility. Pricing and Plans: Google Meet vs Zoom Google Meet

For users weighing Google Meet vs Zoom based on cost, Google Meet provides a robust free plan that allows for group meetings of up to 60 minutes with up to 100 participants. This makes it an excellent choice for individuals, small teams, or casual calls, especially given its seamless integration. Beyond this generous free offering, advanced features, extended meeting durations (up to 24 hours), and increased participant limits are accessible through various Google Workspace paid plans. This includes Business Starter, Standard, and Plus tiers, providing scalable solutions for growing businesses and enterprises.

Zoom

For users comparing Google Meet vs Zoom based on cost and accessibility, Zoom offers a popular free plan that accommodates up to 100 participants, though group meetings are limited to a 40-minute duration. This generous free tier has contributed significantly to Zoom’s widespread adoption for personal use, small team collaborations, and short virtual sessions, making it a highly accessible entry point into video conferencing. For more extensive needs, Zoom provides scalable paid plans, including Pro, Business, and Enterprise tiers, increases participant capacity, and unlock a wide array of advanced features such as cloud recording, comprehensive administrative controls, and dedicated customer support.

Usability and User Experience Google Meet

For users prioritizing ease of access in the Google Meet vs Zoom comparison, Google Meet offers a distinct advantage by being entirely browser-based, eliminating the need for any app downloads or installations. This frictionless entry point is particularly intuitive for individuals already familiar with the Google ecosystem. Users can simply click a meeting link from Google Calendar or Gmail while they’re instantly in the meeting. This makes an incredibly convenient option for quick, spontaneous calls and for external participants who might not want to download additional software.

Zoom

One of Google Meet‘s significant strengths is its minimal learning curve, making it ideal for rapid setup and immediate use. Its clean, uncluttered interface focuses on core functionalities like video, audio, and screen sharing, presented in an easy-to-understand layout. This straightforward design ensures that even first-time users can quickly navigate meeting controls and participate effectively, reducing onboarding time and allowing teams to jump straight into productive conversations without extensive training, a key benefit in Google Meet vs Zoom ease-of-use analysis.

Mobile experience FeatureGoogle MeetZoomApp AvailabilityDedicated apps for Android and iOS, offering a consistent experience across devices.Dedicated apps for Android and iOS, widely available and user-friendly.Ease of UseIntuitive interface with seamless integration into Google Workspace (e.g., Google Calendar, Gmail). Users can join meetings with a single tap from calendar invites. Minimalistic settings for straightforward navigation.User-friendly but slightly more complex due to extensive features. Requires app download for hosting/scheduling, though joining is possible via browser. More options can lead to occasional navigation challenges.Feature Parity with DesktopOffers nearly identical functionality on mobile as desktop, including hosting, joining, and managing meetings (e.g., muting, screen sharing). Automated mic/camera checks enhance user experience.Limited host controls on mobile phones compared to desktop (e.g., no polls, breakout rooms, or public streaming). Advanced features like annotations and virtual backgrounds are available but less comprehensive.Screen SharingSupports screen sharing on mobile, including entire screens, specific apps, or Chrome tabs (with audio for tabs). Limited to 720p for shared content.Robust screen sharing on mobile, including entire screens, specific apps, or content from a second camera. Supports 1080p for shared content, offering higher resolution.Performance and StabilityAdapts well to low-bandwidth connections (as low as 128 Kbps), reducing data usage and call drops, ideal for mobile networks.Higher bandwidth usage (up to 3 Mbps at 1080p) but adjusts quality dynamically. Smoother video performance on mobile with richer controls. Best Use Cases: When to Choose Google Meet or Zoom Google Meet

Google Meet stands out as the ideal solution for organizations and individuals deeply integrated into the Google Workspace ecosystem. Its seamless connection with Google Calendar, Gmail, and Drive makes it perfect for small teams and casual internal meetings that prioritize streamlined workflows and ease of use. Furthermore, for educational institutions leveraging Google Classroom, Meet offers a compelling advantage with its tight integration, simplifying virtual class management and fostering interactive learning, positioning it as a strong contender in the Google Meet vs Zoom comparison for both business and academic environments.

Zoom

When evaluating Google Meet vs Zoom for high-impact virtual events, Zoom truly excels as the go-to solution for large webinars and complex meetings that demand advanced features like breakout rooms. Its robust functionality allows hosts to meticulously manage participants, facilitate interactive discussions in smaller groups, and deliver professional presentations to vast audiences. This makes it a preferred platform for event organizers, large enterprises, and organizations operating outside a strictly Google-centric ecosystem, where versatility and specialized tools for comprehensive virtual engagement are paramount.

Conclusion

In the Google Meet vs Zoom showdown, the ultimate winner hinges on your specific needs. Google Meet shines for its seamless integration within Google Workspace, making it ideal for Google-centric teams and education. Conversely, Zoom excels with its rich feature set, including breakout rooms and extensive third-party integrations, catering to large webinars, complex meetings, and diverse tech ecosystems. Choose Google Meet for unified Google workflows and everyday ease, or Zoom for advanced functionality and broad compatibility. Always check official sites for the latest pricing and features to make the best decision for your unique requirements.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Google Meet vs Zoom: Which Video Conferencing Tool Wins? appeared first on Herond Blog.

The post Google Meet vs Zoom: Which Video Conferencing Tool Wins? appeared first on Herond Blog.

Staying on top of your internet consumption is more crucial than ever, with limited data plans and the constant demands. Ever wondered how to check for data usage across all your devices, from your smartphone to your desktop? You’re not alone! Understanding where your data goes can help you avoid costly overage charges and optimize your internet habits. This comprehensive guide will explore various free tools and built-in methods to help you monitor your data usage effectively on any device you own.

Why You Should Monitor Data Usage Avoid Costly Average Charges and Save Money

Understanding how to check for data usage is crucial for anyone looking to save money and avoid unexpected bills. Many data plans come with strict limits, and exceeding these caps can lead to costly overage charges. This would quickly inflate your monthly expenses. By regularly monitoring your consumption, you can identify when you’re nearing your limit. This allows you to adjust your usage habits or consider purchasing a data add-on proactively. More than that, it will help preventing bill shock and ensuring you stay within your budget.

Optimize Data Allocation for Enhanced Performance

Knowing how to check for data usage empowers you to intelligently optimize data allocation across your various applications. This leads to better performance and more efficient consumption. For instance, you can identify if high-bandwidth activities like streaming videos or using social media apps are consuming the bulk of your data. With this insight, you can adjust settings within those apps to use less data or restrict their background data usage. Ensuring your most essential applications have the bandwidth they need while extending your overall data plan.

Improve Device Performance and Longevity

Learning how to check for data usage isn’t just about saving money. It can also significantly improve your device’s overall performance. Data-heavy applications often run processes in the background, constantly consuming resources and potentially slowing down your device. It will help draining its battery faster, and even impacting its long-term health. By identifying and managing these data-hungry apps, you can free up system resources. Therefore, you can extend battery life, and ensure your smartphone, tablet, or computer operates smoothly and efficiently.

Support Eco-Conscious Habits for a Greener Digital Footprint

Beyond personal benefits, understanding how to check for data usage aligns with increasingly important eco-conscious habits. Every byte of data consumed requires energy, from the power needed to run data centers to the electricity consumed. By reducing unnecessary data consumption, you actively contribute to lowering your digital carbon footprint. This mindful approach to data usage helps conserve energy and supports a more sustainable online environment. It will help making a small but significant impact on global energy consumption.

Top Free Tools on How to Check for Data Usage GlassWire Description

GlassWire is a highly recommended free application available across multiple platforms, making it a versatile choice for anyone wondering how to check for data usage on various devices. This powerful tool provides real-time data usage tracking, offering an immediate visual representation of your internet activity. Its broad compatibility ensures that you can monitor your data consumption seamlessly, giving you a holistic view of your digital footprint.

Features

One of GlassWire’s standout features is its ability to provide a detailed per-app data breakdown. This means you can easily identify exactly which applications are consuming the most data. Whether it’s a streaming service, a game, or a background process. Furthermore, GlassWire excels in proactive monitoring with its smart alerts for unusual activity. If an application starts using an unexpected amount of data or tries to connect to the internet without your knowledge, GlassWire will notify you. This app helps you spot potential malware or inefficient apps that are silently draining your data allowance.

How to use

Getting started with GlassWire is straightforward, making it an accessible tool for anyone looking to understand how to check for data usage. Simply download the free application from glasswire.com for your respective device. Once installed, GlassWire’s intuitive dashboard provides a clear, visual representation of your network activity over time. You can easily navigate through graphs and tables to view historical data, set data limits, and gain insights into your online habits, empowering you to manage your data more effectively and potentially save on costly overage charges.

My Data Manager Description

My Data Manager is a highly popular mobile application designed specifically for Android and iOS devices. This app offers an intuitive solution for anyone eager to learn how to check for data usage on their smartphone or tablet. Unlike desktop-focused tools, My Data Manager provides a clear, real-time overview of both your mobile data and Wi-Fi consumption directly from your pocket. This mobile-first approach makes it incredibly convenient for users who are constantly on the go and need to keep a close eye on their daily data habits, helping them avoid unexpected charges from their carrier.

Features

One of My Data Manager’s key strengths lies in its advanced features, which go beyond simple tracking. Users can set custom alerts that notify them when they approach specific data thresholds. This feature allows proactive management before hitting limits. Furthermore, it offers unique shared plan tracking, a particularly valuable feature for families or groups on a single data plan. This allows the primary user to monitor the data consumption of each individual device connected to the shared plan. Ensuring fair usage and helping to prevent any single user from inadvertently exhausting the family’s entire allowance.

How to use

Getting started with My Data Manager is straightforward. Simply install the application from your device’s respective app store. Once installed, you’ll be guided through a quick setup process where you can input your monthly data plan limits and billing cycle dates. From there, My Data Manager will automatically begin monitoring your usage, providing clear visual reports and actionable insights. It helps empowering you with the knowledge of how to check for data usage effectively and take control of your mobile and Wi-Fi consumption.

NetGuard Description

NetGuard is a highly effective and free Android application that functions as a powerful firewall while also providing essential insights into how to check for data usage on your device. Unlike traditional data monitoring apps, NetGuard’s core strength lies in its ability to manage internet access for individual applications, giving you granular control over what connects to your mobile data or Wi-Fi. This makes it an invaluable tool for users looking to enhance privacy, reduce data consumption, and even save battery life by preventing apps from running in the background.

Features

A key set of features that makes NetGuard stand out includes its robust capability to block data for specific apps. This means if you have an application that’s notorious for consuming excessive data in the background, you can simply toggle off its internet access within NetGuard. Furthermore, the app provides detailed usage reports, offering a clear breakdown of which applications are using your data. It allows you to identify data-hungry culprits and make informed decisions about their internet permissions. This level of control is crucial for optimizing your data plan.

How to use

To begin utilizing NetGuard to manage how to check for data usage and control app access, you can install the application directly from netguard.me or the Google Play Store. After installation, NetGuard will set up a local VPN service, which is how it gains the ability to filter internet access. From its intuitive interface, you can then review real-time statistics, set rules for each app, and gain complete mastery over your device’s data flow.

How to Use These Tools Effectively Choose the Right Tool for Each Device

The first step in how to check for data usage comprehensively is to select the right tool for each device. For instance, GlassWire excels on Windows and Mac, providing detailed firewall capabilities and per-app usage insights that are perfect for desktop environments. Conversely, My Data Manager is a fantastic choice for mobile users on Android and iOS, offering features like shared plan tracking and custom alerts tailored for smartphone and tablet consumption. By matching the tool to the device, you ensure the most accurate and actionable data monitoring experience.

Set Up Data Limits to Match Your Plan

Once you have your chosen tools, a crucial step in managing how to check for data usage effectively is to configure them with your specific data plan limits. Whether you have a 10GB/month mobile plan or a capped home internet connection, setting these limits within your data monitoring app (or your device’s built-in settings) provides a clear benchmark. This proactive measure ensures that your tools can accurately track your progress towards your limit, giving you visual cues and warnings before you incur any overage charges, empowering you to stay within budget.

Regularly Review Per-App Usage to Identify Culprits

To truly optimize your data consumption and understand how to check for data usage at a granular level, make it a habit to regularly review the per-app data usage reports provided by your chosen tools. These reports will highlight which applications are consuming the most data, often revealing surprising culprits. For example, you might discover that popular streaming apps like YouTube or social media platforms like TikTok are draining your data rapidly even in the background. Identifying these data-heavy apps allows you to adjust their settings, restrict their background activity, or simply be more mindful of their usage, leading to significant savings.

Utilize Alerts to Prevent Overage Charges

Leveraging the alert features of data usage monitoring tools is a powerful strategy to prevent costly overages. My Data Manager allow you to set custom notifications when you reach a certain percentage of your data plan. These timely alerts are indispensable for knowing exactly when to moderate your online activities or seek additional data, ensuring you’re never caught off guard by unexpected charges on your mobile or internet bill.

Combine Tools with Built-in Device Settings for Comprehensive Monitoring

For the most robust and accurate insights into how to check for data usage, it’s highly recommended to combine dedicated third-party tools with your device’s built-in data usage settings. While apps like GlassWire or My Data Manager offer advanced features and cross-platform visibility, your smartphone (Android/iOS) and computer (Windows/macOS) also provide native reports on data consumption. Using both in conjunction allows for cross-verification of data, fills potential gaps in monitoring, and gives you the most comprehensive picture of your internet habits across your entire digital ecosystem.

Conclusion

Understanding how to check for data usage is no longer just a technicality; it’s an essential skill for savvy internet users in an increasingly connected world. By leveraging the free tools and built-in features discussed in this guide – from comprehensive desktop monitors like GlassWire to mobile-first solutions like My Data Manager and the powerful firewall capabilities of NetGuard – you gain unprecedented control over your digital consumption.

Implementing strategies like setting up data limits, regularly reviewing per-app usage, and utilizing timely alerts empowers you to avoid costly overage charges, optimize device performance, and even contribute to more eco-conscious online habits. With these free resources at your fingertips, you can confidently navigate the digital landscape, ensuring your internet usage remains efficient, cost-effective, and always within your control, regardless of the device you’re on.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post How to Check for Data Usage – Free Tools for Any Device appeared first on Herond Blog.

The post How to Check for Data Usage – Free Tools for Any Device appeared first on Herond Blog.

Liminal members enjoy the exclusive benefit of receiving daily morning briefs directly in their inboxes, ensuring they stay ahead of the curve with the latest industry developments for a significant competitive advantage.

Looking for product or company-specific news? Log in or sign-up to Link for more detailed news and developments.

Here are the main industry highlights of this week impacting identity and fraud, cybersecurity, trust and safety, financial crimes compliance, and privacy and consent management.

🪄Innovation and New Technology Developments

Philippines Expands eGov PH Super App with 1,000+ Services to Advance Digital Transformation

The Philippines has integrated over 1,000 government services into its eGov PH super app, marking a major milestone in its digital transformation initiative. Designed to streamline access to public services and improve bureaucratic efficiency, the app incorporates various government-issued IDs and provides access to major agencies such as the Social Security System and Philippine Health Insurance Corp. The app and the related e-government data exchange platform (eGovDX) have received regional recognition for enhancing service delivery and data privacy. Additionally, a unified Persons with Disabilities (PWD) ID system will be piloted in July to promote inclusivity and prevent misuse of benefits. (Source)

Guyana’s $35.4M e-ID Rollout Delayed Over Integration Hurdles but Set to Launch Within a Year

Guyana’s US$35.4 million electronic ID card system has been delayed for over two years due to a technical issue integrating the e-ID platform with the existing passport database, according to Vice President Bharrat Jagdeo. The German firm Veridos Identity Solutions is responsible for the integration, which has proven to be the most complex part of the project. The government now expects the chip-based e-ID cards to be rolled out within the next 12 months. Once launched, the cards will be integrated with the country’s Smart Country surveillance system and will be mandatory for foreigners, enabling real-time tracking and biometric identification. The Digital Identity Card Bill of 2023 mandates that applicants provide a range of personal and biometric data, and the card will be essential for banking and employment eligibility. (Source)

💰 Investments and Partnerships

Grindr Introduces Age Verification in UK with Video Selfie or ID to Comply with Online Safety Act

Grindr has implemented a new age verification process for users in the UK, requiring individuals to confirm they are over 18 using either a video selfie or a combination of a selfie and official photo ID. This measure, introduced in response to the UK’s Online Safety Act, is designed to prevent underage access to the app, which is intended exclusively for adults. The verification must be completed once per account and also applies to visitors using the app while in the UK. Partnering with biometric firm FaceTec, Inc., Grindr assures users that all verification data will be handled privately and deleted after the process is complete. (Source)

Intercede and Gulf IT Partner to Expand Digital Identity Solutions Across the Gulf Amid Regulatory Push

Digital transformation across the Middle East is driving increased adoption of digital identity and authentication technologies, spurred by government mandates and growing cybersecurity needs. In response, UK-based Intercede has partnered with Gulf IT to introduce its MyID credential management system throughout the Gulf region. The collaboration combines Intercede’s expertise with GulfIT Network Distribution’s regional reach to deliver secure, scalable identity solutions to sectors such as government, finance, healthcare, and defense. This move aligns with recent regulatory changes, such as the UAE’s mandate for financial institutions to adopt biometrics and soft tokens, signaling growing market demand for advanced identity infrastructure. (Source)

IN Groupe Acquires Idemia Smart Identity to Strengthen Leadership in Phygital Identity Solutions

IN Groupe has completed its largest acquisition to date by purchasing IDEMIA Smart Identity, significantly enhancing its capabilities in biometrics and digital identity. The merger positions IN Groupe as a global leader in secure, end-to-end physical and digital identity solutions, leveraging both companies’ complementary strengths. This aligns with its “phygital” strategy—blending physical and digital offerings—to pursue accelerated growth in domestic and international markets. The acquisition, reportedly valued up to €1 billion, gives IN Groupe deeper control over the identity value chain, from chip design to facial recognition. With over 4,000 employees and a turnover exceeding €1 billion, IN Groupe is now strategically placed to lead the EU’s digital ID space and expand its global footprint (Source)

Cyera Acquires Otterize to Tackle Cloud Identity Sprawl and Advance Global Data Security Strategy

Cyera, an Israeli cybersecurity unicorn, has acquired Otterize—an innovator in managing non-human cloud identities—for tens of millions of dollars to strengthen its position in cloud data security. Otterize’s intent-based access control (IBAC) technology automates permissions for cloud services, and will be integrated into Cyera’s platform to address the growing challenge of identity sprawl in cloud environments. This is Cyera’s third Israeli acquisition, following Trail Security and Shape AI, and comes shortly after raising $540 million in a Series E round, boosting its valuation to $6 billion. The deal reflects both strategic ambition and national resilience, having been signed during the ongoing Israel-Iran conflict. With Otterize’s team and technology onboard, Cyera aims to accelerate its mission to become the world’s leading data security platform. (Source)

Cato Networks Raises $359 Million to Scale AI-Powered SASE Platform and Expand Global Footprint

Cato Networks has raised $359 million in a new funding round, bringing its valuation to over $4.8 billion and total funding to more than $1 billion. The investment reflects strong investor confidence in AI-driven cybersecurity solutions amid rising cyber threats and increased demand for secure network infrastructure. Led by Vitruvian Partners and ION Crossover Partners, the funding will support Cato’s expansion of its AI capabilities, global reach, and research and development. Analysts see cybersecurity as a resilient investment area, with projected double-digit growth through 2028 and potential IPO activity on the horizon. Cato’s cloud-based SASE platform, which integrates networking and security, is well-positioned in a market expected to grow to $25 billion by 2027. (Source)

Clearspeed Secures $60 Million Series D To Expand Global Leadership in AI Voice Analytics for Secure Screening

Clearspeed has raised $60 million in Series D funding, bringing its total capital to $110 million, with Align Private Capital leading the round and Anna Nekoranec joining the board. The company specializes in AI-enabled voice analytics used for high-stakes risk assessments across sectors like government, defense, and insurance. Their technology has proven commercial impact, including a 30x ROI in insurance and a 95% reduction in government vetting cycle times. Major clients like Zurich Insurance use Clearspeed to speed up claims processing and reduce fraud, enhancing customer outcomes significantly. With the new funding, Clearspeed plans to scale globally, expand its team, and invest in further innovation to solidify its leadership in secure, trust-driven screening solutions. (Source)

Yodlee to Spin Out from Envestnet Under STG Ownership to Accelerate Innovation in Open Finance

Envestnet has agreed to sell its open finance and data analytics subsidiary, Envestnet | Yodlee, to private equity firm STG Labs, with the transaction expected to close in Q3 2025. This move allows Yodlee to operate independently under STG, which has a strong track record in scaling software and analytics companies, and manage over $12 billion in assets. STG plans to accelerate Yodlee’s innovation and growth, enhancing its product offerings and customer experience in the open finance space. Envestnet will refocus on its core wealth management platform but will maintain a partnership with Yodlee to continue offering its data aggregation services. Yodlee’s leadership team will remain intact, aiming to deliver seamless service and next-generation financial solutions with the backing of increased investment and operational agility. (Source)

⚖️ Policy and Regulatory

Georgia Judge Blocks Social Media Age Verification Law Over Free Speech Concerns

A federal judge has blocked Georgia’s law requiring age verification for social media users, citing violations of free speech and constitutional protections. The law, which was set to take effect this week, mandated that platforms verify users’ ages and obtain parental consent for those under 16. Judge Amy Totenberg issued a preliminary injunction, agreeing with trade group NetChoice that the law restricts minors’ rights, hinders anonymous speech, and limits access to information. Georgia plans to appeal the decision, while this case adds to a growing list of similar laws halted in at least eight other states due to constitutional concerns. (Source)

Cloudflare Shifts to Default AI Bot Blocking with Pay Per Crawl Model

Cloudflare has shifted its policy on AI web crawling, now blocking AI bots by default unless explicitly permitted by website owners. This move ends the previous opt-out model and introduces a “Pay Per Crawl” system, allowing publishers to set pricing terms for AI data access. The change follows widespread adoption of the opt-out option by over a million Cloudflare customers and aims to give content creators more control in the face of increasing generative AI activity. Experts suggest the policy could significantly disrupt GenAI business models reliant on free web data, particularly amid growing legal scrutiny and competition. (Source)

Qantas Data Breach Exposes Personal Information of Up to 6 Million Customers via Third-Party Platform

A cybersecurity breach affecting Qantas has potentially exposed the personal data of up to 6 million customers, including names, email addresses, phone numbers, dates of birth, and frequent flyer numbers. The breach targeted a third-party platform used by a Qantas contact center, though Qantas systems themselves were not compromised. The airline has notified relevant Australian authorities and continues to investigate the extent of the breach, which is suspected to involve the hacking group Scattered Spider. Financial data and login credentials were not accessed, and frequent flyer accounts remain secure. (Source)

South Dakota Enacts Broad Age Verification Law for Adult Sites Following Supreme Court Backing of Texas Measure

Following a recent Supreme Court decision upholding Texas’ age verification law for pornographic websites, South Dakota is implementing a similar law requiring all sites that regularly host adult content to deploy age verification or estimation technology. Unlike Texas’ law, which applies only if a third of a site’s content is adult in nature, South Dakota’s legislation imposes no such threshold. Supporters, including Attorney General Marty Jackley, cite the Supreme Court’s decision as validation, while critics, such as the ACLU and Justice Elena Kagan in her dissent, warn the measures could infringe on adults’ First Amendment rights by overly restricting access to protected speech. (Source)

FinCEN Grants Banks Flexibility to Collect TINs from Third Parties under CIP Rule

FinCEN has issued an order allowing banks to collect Tax Identification Number (TIN) information from third-party sources instead of directly from customers, offering greater flexibility in meeting compliance requirements under the Customer Identification Program (CIP) Rule. The move, made in coordination with key banking regulators, reflects changes in how customers interact with financial institutions and incorporates public feedback from a 2024 request for information. While optional, the order requires banks to maintain risk-based procedures to verify customer identities effectively. The exemption aims to reduce administrative burden without increasing financial crime risks. (Source)

German Regulators Push Apple and Google to Delist DeepSeek Over GDPR Breach Concerns

Germany’s data protection authorities have formally urged Apple and Google to consider removing the Chinese AI chatbot DeepSeek from their app stores over alleged violations of the EU’s General Data Protection Regulation (GDPR). The request follows similar actions by regulators in Italy and Ireland and centers on concerns that DeepSeek inadequately protects European user data transferred to China. The German complaint cites GDPR Article 44, which restricts cross-border data transfers without sufficient safeguards. If upheld, the enforcement could lead to broader EU restrictions, with app store delistings significantly limiting DeepSeek’s presence in the region. (Source)

🔗 More from Liminal

Access Our Intelligence Platform

Stay ahead of market shifts, outperform competitors, and drive growth with real-time intelligence.

Market & Buyer’s Guide for Data Security 2025

Security leaders are replacing point solutions with unified platforms that combine access control, AI data governance and ransomware prevention. This guide reveals what buyers prioritize and where innovation is reshaping data protection.

Link Index for Business and Entity Verification (BEV)

Discover the Top 20 Vendors on the Link Index for BEV and gain an unfair competitive advantage through unparalleled access to expert insights.

The post This Week in Identity appeared first on Liminal.co.

Aergo Talks #15 — AMA Recap

This week’s Aergo Talks was a smaller, more casual session, giving the team a chance to answer pre-submitted community questions and speak more freely about what’s happening behind the scenes.

1. HPP Launch Is Coming Sooner Than Expected

The news that HPP is arriving sooner than expected is a major win for the community and the broader ecosystem. Initially scheduled for Q4, the timeline has now been accelerated to Q3 thanks to strong alignment across product, engineering, and strategic planning. This early delivery not only reflects the team’s execution capability but also signals growing momentum behind the shift from traditional infrastructure to AI-native intelligence.

There is no official launch date yet. As Ben explained, setting a launch date too early doesn’t make sense for a digital-native Web3 platform, which operates with more flexibility than traditional industries. But the key takeaway is clear: the team is ahead of plan, and what was once months away is now just around the corner. It’s a strong signal that HPP is gaining momentum and entering the final phase of readiness.

2. About Upcoming Partnerships

Community members asked when new partnerships would be announced. Ben clarified that there is no fixed announcement schedule. Instead, the team forms partnerships when they make sense for the product and support the long-term goals of HPP.

Rather than focusing on announcing partnerships regularly, the priority is working with the right partners at the right time. As HPP grows, more projects are expected to build on it, but announcements will come when they are ready.

3. What’s the Vision for HPP?

HPP is about bringing Aergo into the AI era. Ben shared that the team is evolving Aergo’s foundation in two key ways.

First, HPP is being built to support AI-powered agents and decentralized logic, a major leap from traditional smart contracts. Second, the network encourages developers to build directly on the shared utility layer, instead of launching new Layer 2 tokens for every use case.

This makes the token more useful, the ecosystem more cohesive, and the developer experience more scalable.

4. Robinhood and Arbitrum

One question asked whether Robinhood’s move to launch stock trading on Arbitrum has anything to do with Aergo or HPP. Ben confirmed there is no connection. While Aergo collaborates with Arbitrum, there is no direct involvement in that initiative.

5. Looking Ahead

Aergo is evolving quickly into HPP, and the momentum is building. Projects like ArenAI (AI-native trading platform) and Noösphere (off-chain coordination and agent SDKs) are actively in development. The HPP mainnet rollout is on track for Q3, and infrastructure partnerships with EigenLayer, Arbitrum, and Conduit are already forming the backbone of what HPP will become.

As these pieces come together, Aergo will no longer be seen as just an enterprise blockchain. It will stand alongside the growing category of AI-native crypto protocols.

Ben summed it up clearly: “We’re not just participating in the AI conversation. We’re building the stack that makes it possible.”

Aergo Talks #15 — AMA Recap was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.

Learn how to enable your customers to customize the login experience of your B2B SaaS application and integrate it into their systems by accessing your APIs.

Scams have become one of the most lucrative forms of illicit activity in crypto. According to the FBI, US citizens lost $9.3 billion to crypto scams throughout 2024. As scam operations become increasingly sophisticated and industrialized, they pose growing challenges for virtual asset compliance professionals tasked with protecting users and maintaining platform integrity.

As the U.S. reshapes its compliance landscape—tightening some rules while loosening others—iComply equips regulated firms with the infrastructure to lead. From stablecoin frameworks and BOI reporting to KYB automation and fraud detection, compliance remains the backbone of financial freedom.

July 4th is excellent opportunity to take a moment and reflect on the systems that make financial freedom possible.

In 2025, the U.S. compliance landscape is evolving rapidly. Some frameworks are changing rapidly, like the Corporate Transparency Act and new stablecoin legislation. Others are being challenged, dismantled, or reinterpreted, such as elements of Operation Chokepoint and state-by-state approaches to privacy and crypto regulation.

This blend of innovation and deregulation reflects the core tension in American markets: freedom and responsibility. And compliance sits squarely at the intersection of both.

Innovation at the Heart of Financial Integrity

This year, the U.S. Senate advanced landmark stablecoin legislation that would require issuers to meet strict reserve, audit, and licensing requirements under the Bank Secrecy Act. At the same time, FinCEN’s Corporate Transparency Act came into force, obligating millions of legal entities to report beneficial ownership information under the new BOI rule. These measures signal a renewed focus on transparency and financial crime prevention, even as the broader regulatory narrative shifts.

Where does that leave firms operating in or entering the U.S. market?

Caught between rising expectations for digital oversight and growing scrutiny of enforcement overreach, the winners will be those who can move fast and still prove trust.

That’s where iComply comes in.

Case Study: Alt5 Sigma

Alt5 Sigma, a U.S.-based provider of digital asset infrastructure, offers crypto-as-a-service for banks, financial institutions, and fintechs. With increasing demand from traditional institutions to offer digital assets, Alt5 needed a compliance engine that could keep pace with product development – without sacrificing the integrity required to establish themselves as industry leaders in compliance.

By integrating iComply, Alt5 gained:

Modular onboarding portals for both individuals and entities

Real-time KYB and UBO workflows aligned with BOI requirements

Sanctions, PEP, and adverse media screening with full audit trails

Advanced device fingerprinting, geolocation, and behavioural fraud analytics

Whether issuing digital assets, onboarding institutions, or responding to regulators – Alt5’s full AML readiness has fuelled growth and allowed them to build market trust at scale.

Built for Both Stability and Change

At iComply, we recognize that compliance is about building the infrastructure that lets innovation thrive without compromising accountability.

That’s why we built our platform to be:

BOI-Ready: iComply automates beneficial ownership collection and reporting for entities covered under the Corporate Transparency Act – providing KYB and UBO workflows tailored to U.S. disclosure requirements.

Fraud-Aware: With device fingerprinting, geolocation, and behavioural analytics, we help firms detect fraud before it happens.

Edge-Secure: Our use of edge computing ensures personal data is processed and encrypted locally, giving U.S. firms privacy compliance by design—without relying on overseas servers or risky third-party subprocessors.

The Freedom to Lead

Independence isn’t just about autonomy – it’s about stewardship. The freedom to innovate means little without the responsibility to protect your clients, your institution, and your market.

This July 4th, as American firms navigate an evolving patchwork of regulatory clarity and ambiguity, we offer a simple proposition: compliance isn’t a constraint. It’s your competitive edge.

Happy Independence Day from the team at iComply.

PIPEDA is Canada’s key privacy law, regulating how organizations handle personal data. Compliance ensures legal protection and builds customer trust. Based on ten core principles—like consent, accountability, and transparency—PIPEDA requires strong privacy policies, employee training, and ongoing audits. This article explores how to meet these requirements, overcome common challenges, and go beyond compliance to promote ethical data practices and long-term trust.

London, July 3, 2025  – IDnow, a leading identity verification platform provider in Europe, today announces its strategic partnership with Keyless, a leader and pioneer in privacy-preserving biometric authentication, signifying a significant step in the future of digital identity security.

This collaboration integrates IDnow’s robust range of identity verification and digital signature solutions with Keyless’ biometric multi-factor authentication technology. Organizations can now enroll customers with IDnow and authenticate them with Keyless, introducing the concept of Continuous Trust. When a high-risk action occurs – like changing personal details or recovering an account – the biometric Keyless captures for authentication is matched against the biometric IDnow captured during signup.

In an era where digital interactions are increasingly susceptible to sophisticated threats, such as deepfakes and AI-driven fraud, the need for seamless and secure digital identity has never been more critical. IDnow’s commitment to embedding trust at every stage of the digital experience aligns seamlessly with Keyless’ innovative approach to biometric authentication, which ensures user privacy by eliminating the need to store biometric data.

Trust is no longer a one-time checkpoint but a continuous process. Our partnership with Keyless enhances our ability to fight emerging fraud typologies amid a rapidly evolving regulatory landscape, ensuring that digital identities remain secure and trustworthy throughout their lifecycle.

Andreas Bodczek, CEO of IDnow

Keyless delivers multi-factor authentication in under 300 milliseconds by checking both the user’s face and their device was the one used during enrollment. It combines this with a unique cryptographic approach that transforms all biometric data into a non-PII format, guaranteeing user privacy. By layering privacy-first authentication from Keyless with IDnow’s flexible verification capabilities, organizations gain a future-ready solution that evolves with new threats, user behaviors, and regulatory demands.

One of the biggest questions we get is whether users need to enroll twice – with the IDV and with Keyless. Until recently, the answer was yes. But what’s pivotal about the partnership with IDnow is that we can silently enroll users into Keyless during the IDnow verification flow. It’s a game changer for reducing friction.

Fabian Eberle, COO and Co-founder of Keyless

This partnership is particularly significant for industries where security and compliance are paramount, such as banking, fintech, and healthcare. By integrating technologies, IDnow and Keyless offer a scalable, intelligent trust framework that not only meets current regulatory standards but is also adaptable to future challenges.

Predictoor DF148 rewards available. DF149 runs July 3rd — July 10th, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 148 (DF148) has completed.

DF149 is live today, July 3rd. It concludes on July 10th. For this DF round, Predictoor DF has 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF149 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF149

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF148 Completes and DF149 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

A number of recent high-profile hacks and breaches have one key thing in common: the IT helpdesk. Although many new and technologically advanced threats have arisen in recent years to challenge cybersecurity professionals, numerous cybercriminals are still operating from a tried and true playbook that leans on social engineering, phishing, and the exploitation of a known vulnerability that exists in almost every organization: the human desire to help.

 

Read on for a deep dive into this threat vector and the best practices organizations should adopt to avoid being the next name in the news.

The partnership will focus on Indicio’s Proven Auth, a simple way to use powerful Verifiable Credentials for single sign on, account access and management, and protection against phishing. Tokyo and Seattle: Indicio and Nippon RAD Inc. (TSE: 4736) are pleased to announce that they have entered a strategic partnership, combining Indicio’s market-leading decentralized identity and authenticated biometric technology with Nippon RAD Inc.’s expertise in systems integration and enterprise solutions

The partnership will focus on making Indicio Proven Auth available to the Japanese market.

Against a background in phishing attacks and identity fraud, Proven Auth removes a key weakness in account access and systems login by replacing usernames and logins with tamper-proof Verifiable Credentials for seamless, cryptographic authentication and policy-based access management.

Proven Auth enables companies and organizations to issue Verifiable Credentials and define granular access policies based on role, time, device, or other criteria. This removes the need for third-party identity management or API calls to check centralized data.

Instead, tamper-proof digital identity is fully portable, bound to a person and their device, and can even incorporate biometrics for the highest level of digital identity assurance. This unique combination of features makes Proven Auth more powerful and cost effective than other authentication solutions.

“Customers and businesses need a 21st century digital identity technology that can solve current security weaknesses, protect people’s data and privacy, and deliver better user experiences — all in a cost effective way,” said Heather C. Dahl, CEO of Indicio. “And this is what they get with Proven Auth. It’s a simple, elegant, and streamlined way to manage identity and data — and it provides a foundation for companies and organizations to develop new seamless products and services around portable, digital trust, along with the capacity for these solutions to interoperate globally.”

“We’re very excited to be working with Nippon RAD to bring this to the Japanese market. They have decades of experience building real-world systems for some of Japan’s top companies, and they know what it takes to deliver technology that works at scale. Together, we’re helping businesses move past outdated login systems and into something more secure and flexible.”

“Nippon RAD is committed to introducing secure, innovative technologies that help our clients,” said Michimasa Suzawa, CTO of Nippon RAD. “Proven Auth is a breakthrough in authentication. Indicio’s leadership in decentralized identity and credential security made them a natural partner. Their solution is robust, standards-compliant, and built for scale.”

Contact us for a demonstration of Indicio Proven Auth’s advanced authorization and authentication features and see how easy and secure login can be. 

——-

About Nippon RAD
Nippon RAD Inc (TSE: 4736) has provided enterprise IT and IoT integration services since 1971. With a focus on industry clients in healthcare, automotive, and smart manufacturing, Nippon RAD develops and supports application systems, cloud services, business intelligence, and IoT platforms. Their recent IoT deals with Advantech underline their strength in delivering next-gen, domain-driven solutions in Japan.

About Indicio
Indicio is the leading provider of technology and infrastructure for customers around the world to issue, hold, and verify Verifiable Credentials that can be derived from government documents and biometrics. Its technology helps customers reduce fraud, streamline access, and deliver seamless digital experiences. Aligned with global standards including eIDAS 2.0, the EUDI framework, and ICAO Digital Travel Credentials (DTCs), Indicio powers secure, privacy-preserving identity solutions across borders and industries.

The post Indicio and Nippon RAD Inc. announce partnership to bring decentralized identity technology to the Japanese market for seamless, secure authentication and access management appeared first on Indicio.

Explore Fastly's 2025 AppSec survey on AI's impact, budget shifts, and security trends amidst economic changes. Get key insights now!

Holochain 0.5.3 ready for use

Building on the big speed and reliability improvements in past Holochain 0.5.x releases, Holochain 0.5.3 is ready for general development. We’ve taken feedback on user experience and made further improvements to startup time and gossip reliability.

The big changes in Holochain 0.5.3 are:

Agents more quickly declare and share their ‘storage arc’, the region of the DHT they claim to be holding. This makes other nodes recognise them as an authority so they can start sending new data directly to them. Nodes detect and remember offline peers now. If any peer is unresponsive, the node makes a note of this in their peer metadata and doesn’t try requesting data from them or gossiping until they receive a new agent info record about them (which online peers will publish every twenty minutes). All DHT requests are now sent to three random peers in parallel, and the quickest peer to respond with data wins. (Note that this isn’t necessarily the most in-sync peer, although this has always been true of DHT gets. This is helpful for nodes that don’t hold any DHT data for the address being requested, such as mobile nodes, and for any DHT query with a GetStrategy::Network.) Previously one peer at a time was contacted, and if that peer was unresponsive or didn’t hold the data, the request would time out in 60 seconds and return no data.

You don’t need to do anything special to update your project to Holochain 0.5.3. HDK 0.5.2 and HDI 0.66.2 are compatible with Holochain 0.5.3, so most projects could simply choose to update Holochain but continue using the same zome dependencies. But if you do want to update your zomes to use HDK 0.5.3 and HDI 0.6.3, you’ll need to also add one explicit dependency; read the upgrade guide for instructions.

CI tooling changes

If you’re a regular contributor to Holochain repositories, we’ve introduced new org-wide policies and processes, enforced by CI workflows. All commit messages must be in the Conventional Commits format, e.g., feat: Add new admin API endpoint ListFoos or fix!: Change serialization for delete_foo(). A new bot, cocogitto, will enforce these rules on a PR by posting error comments and blocking merge for any commit that doesn’t comply.

Conventional Commits will be used in two ways:

The commit messages will be used to decide how to bump version numbers (see the Conventional Commits website for details). The changelog will now be automatically generated from commit messages.

Read the release automation readme for details on how commits and merges work now. I found this section of this config file especially helpful in understanding how commit messages are parsed into changelog items.

Office Hours 25 June: mobile WASM support

During our last Office Hours call, the topic of WebAssembly runtimes came up — specifically Wasmer’s support for mobile operating systems. We have supported various approaches in the past, including precompiled binaries for iOS (now removed) and an interpreted WebAssembly back-end. Some topics discussed include:

Maintaining the interpreted back-end (WAMR) The challenge of pre-compiling WebAssembly bytecode to machine code and including in a package, which results in large package sizes Supporting Google’s V8 as a WebAssembly back-end, which is currently supported by Wasmer, but only for 64-bit ARM devices

This topic is super important, as most people’s phones are their primary computing devices, and we also happen to have a partner who makes mobile phones. Discussions are ongoing, and we need your input too. If you develop mobile applications, please share your needs in the #mobile-holochain channel in the DEV.HC Discord.

A new name, a new interface (which will arrive gradually) and a smoother experience for your Drive, Passwords, Notes and Home Screen.

And that's just the beginning: major updates are coming very soon.

We've got something simple, useful and even a bit fun in store for you.

And the best part? You don't have to do a thing. Everything will happen automatically. Your data will of course remain securely hosted in France and we're staying Open Source.

Twake Drive

Drive's new state-of-the-art interface is designed to simplify and enhance your daily file sharing experience

Twake Notes

Stay focused on what's most important - the minimalistic and simple interface will help you do that

Twake Pass

Working with passwords has become even easier with the new Web interface

Meet New Home Screen

A vibrant new home screen. We left only the essentials and made it a little better

Soon in your Twake Workplace

Twake Chat

Secure by design, Twake Chat is powered by the Matrix protocol for decentralized communication. Perfect for both work and personal use, Twake ensures the high levels of security with respect to your privacy.

Twake Mail

Twake Mail — new generation of secure JMAP protocol based e-mail solutions at the edge of cloud and AI. Control your data and keep your e-mails private with advanced encryption. Get a strong shield from any cyber attack with build-in threat detection.

We welcome feedback from you

Ensuring KYC compliance isn’t just about checking boxes. For organizations across banking, crypto, fintech, and other regulated sectors, it’s a foundational part of preventing fraud, meeting regulations, and preserving customer trust.

The post Understanding the Essentials of KYC Pricing Models first appeared on ComplyCube.

June has been a busy month in the world of crypto, with anonymous crypto soon to be banned by the EU, AML fines being handed out left right and centre, new crypto AML laws in the works, and much more. Buckle up, it's time for Crypto.

The post The CryptoCubed Newsletter: June Edition first appeared on ComplyCube.

Data Availability for Reasoning-Centric Applications

Aergo is integrating with EigenLayer to bring high-performance data availability into its AI-native Layer 2 network. With EigenDA, we’re setting up the infrastructure needed for agents and AI systems to interact with data in a secure and scalable way.

This includes supporting:

Real-time agent-to-agent messaging and coordination Tamper-proof storage of model inputs and inference results Reliable access to training datasets and decision logs Transparent data flows for AI governance and identity systems

EigenDA provides the scale and security necessary to power decentralized automation at both the enterprise and protocol levels in an environment where reasoning relies on trusted information.

Why EigenLayer?

EigenLayer is building a powerful foundation for Ethereum’s future. It brings new utility to ETH through restaking while offering critical infrastructure like data availability. For Aergo and HPP, this unlocks:

Fast, decentralized data availability via EigenDA Scalable pipelines for inference and agent updates Strong cryptoeconomic incentives for verifiable coordination A future-ready path to shared security and trust Why This Matters for HPP

HPP is all about intelligent systems working together on-chain. That only works if the data is accessible, verifiable, and fast. With EigenDA, we can store everything from inference checkpoints to agent messages in a way developers and protocols can trust.

As HPP grows into a full coordination layer for AI and decentralized logic, working with EigenLayer helps us ensure the data side is as solid as the compute.

Looking Ahead — EigenLayer × Aergo(HPP)

With EigenLayer and EigenDA, we’re building the data backbone for decentralized reasoning. From inference logs to agent coordination, our focus is on delivering trusted data flows for intelligent systems.

This is just the beginning. Follow Aergo and EigenLayer on X for upcoming milestones.

About Aergo(HPP) and EigenLayer

Aergo is a hybrid blockchain platform designed for secure, scalable, and intelligent apps. It has powered production systems in both enterprise and public sectors, and is now expanding into a Layer 2 network built for AI-native applications and verifiable coordination.

EigenLayer is a protocol built on Ethereum that introduces restaking and data availability services to the modular blockchain stack. Through EigenDA, it provides high-throughput, decentralized data availability that enables emerging L2s and app-specific chains to scale securely without compromising trust.

Building the Backbone of On-Chain Intelligence: Aergo(HPP) x EigenLayer was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.

MChat Coming Soon: Metadium’s AI-powered Conversational Blockchain Explorer & Upcoming Launch of New AI Service ‘Daepa’ MChat Coming Soon: Metadium’s AI-powered Conversational Blockchain Explorer & Upcoming Launch of New AI Service ‘Daepa’

Hello, Metadium Community!

We’re excited to share that MChat, an innovative AI-powered conversational blockchain explorer designed explicitly for the Metadium ecosystem, is launching soon!

MChat represents a significant step forward in blockchain exploration by transforming complex blockchain data and queries into an intuitive, conversational experience. Leveraging cutting-edge AI technology, MChat provides a seamless and user-friendly way to interact with the Metadium blockchain.

Block Explorer: https://explorer.metadium.com/

What is MChat?

MChat is an interactive platform where users can easily explore and understand blockchain data through natural, conversational dialogue. Instead of navigating complicated tables or technical jargon, ask questions about transactions, blocks, wallet addresses, and token transfers directly to MChat in plain language.

Beyond blockchain data, Mchat also delivers real-time answers to a wide range of queries related to Metadium itself, such as technology updates, partnerships, and recent announcements. It’s designed to be your personal AI-powered assistant for everything associated with Metadium.

Key Features of Mchat:

Conversational Blockchain Exploration: Ask questions in everyday language and receive instant, accurate, and easy-to-understand responses. Real-Time Information: Get immediate access to the latest blockchain data and Metadium-related updates. Enhanced Accessibility: No prior technical expertise is needed — Mchat bridges the gap, making blockchain accessible for everyone. Continuous Learning and Improvement: The AI powering Mchat continuously learns from interactions, ensuring progressively accurate and helpful responses.

Why MChat?

Blockchain explorers have traditionally required users to have a technical understanding, which has posted a barrier for mainstream adoption. With MChat, Metadium lowers this barrier significantly, ensuring blockchain technology is accessible, inclusive, and user-centric.

Integrating sophisticated AI into blockchain exploration, MChat enhances usability and enriches the user experience, making blockchain interactions more engaging and informative.

Upcoming Launch of New AI-based Conversational Service ‘Daepa’

We’re also excited to share that a new AI-based conversational service is currently under development in collaboration with our technology partners. After beta testing, this upgraded service will be launched as ‘Daepa’, offering an enhanced user experience.

By integrating the core functions of the previously announced ‘Majoo’ service and advanced AI dialogue capabilities, ‘Daepa’ aims to meet the market’s evolving needs more effectively. Metadium’s DID will be used as a key component in authentication within this new service, demonstrating continued real-world utility and expansion of the Metadium ecosystem.

We truly appreciate your ongoing support and interest, and we look forward to sharing more updates and innovations with you very soon.

🚀 MChat is scheduled to launch soon. Please note that the release date is subject to change.

Thank you,
The Metadium Team

메타디움 AI 기반 대화형 블록체인 익스플로러 ‘MChat’ 출시 예정 & 새로운 AI 서비스 ‘대파(Daepa)’ 예고

안녕하세요, 메타디움 커뮤니티 여러분!

메타디움 생태계를 위한 혁신적인 AI 기반 대화형 블록체인 익스플로러, MChat이 곧 출시될 예정입니다!

MChat은 복잡하고 기술적인 블록체인 데이터를 누구나 쉽게 접근할 수 있도록 자연스러운 대화형 방식으로 제공하는 새로운 서비스입니다. 최첨단 AI 기술을 활용하여 메타디움 블록체인을 보다 직관적이고 편리하게 탐색할 수 있도록 돕습니다.

Block Explorer: https://explorer.metadium.com/

MChat이란?

MChat은 사용자가 일반적인 언어로 질문하면 블록체인 관련 정보를 대화 형식으로 알려주는 인터랙티브 플랫폼입니다. 거래 내역, 블록, 지갑 주소, 토큰 전송 등 복잡한 내용을 기술 용어 없이 간편하게 확인할 수 있습니다.

또한 메타디움 관련 기술 업데이트, 파트너십, 최신 소식 등 다양한 정보를 실시간으로 제공합니다. 말 그대로 메타디움과 관련된 모든 것을 AI 기반으로 손쉽게 확인할 수 있는 개인 어시스턴트입니다.

MChat 주요 기능:

대화형 블록체인 탐색: 누구나 일상 언어로 질문하고 빠르고 정확한 답변을 받을 수 있습니다. 실시간 정보 제공: 최신 블록체인 데이터 및 메타디움 소식을 즉시 확인할 수 있습니다. 높은 접근성: 기술 지식이 없어도 누구나 쉽게 사용할 수 있습니다. 지속적 학습과 향상: AI가 사용자와의 상호작용을 통해 점점 더 똑똑해지고 정교한 답변을 제공합니다.

왜 MChat인가요?

기존 블록체인 익스플로러는 사용자의 기술 이해를 요구하며 진입 장벽이 있었습니다. MChat은 이러한 장벽을 낮춰 블록체인을 누구나 쉽게 이용할 수 있도록 합니다.

정교한 AI 기술을 접목한 MChat은 블록체인 이용의 편의성을 극대화하고, 사용자 경험을 보다 풍부하고 유익하게 만듭니다.

새로운 AI 기반 대화형 서비스 ‘대파(Daepa)’ 출시 예정 안내

현재 기술 파트너사에서 준비 중인 새로운 AI 기반 서비스가 곧 베타 테스트를 거쳐 정식 출시될 예정입니다. 해당 서비스는 더욱 고도화된 대화형 경험을 제공하며, 예정되어 있던 ‘마주’ 서비스의 기능과 강화된 AI 기술을 결합한 형태로 선보일 계획입니다.

이를 통해 사용자는 더욱 직관적이고 깊이 있는 AI 대화 경험을 누릴 수 있으며, 메타디움 DID는 본 서비스 내 인증 수단으로 활용될 예정입니다.

앞으로도 메타디움은 다양한 서비스와의 연계를 통해 실생활 속 DID 활용을 확대해 나가겠습니다. 커뮤니티 여러분의 지속적인 관심과 성원에 진심으로 감사드리며, 더 좋은 서비스로 보답하겠습니다.

🚀 MChat은 곧 출시될 예정이며, 출시 일정은 변경될 수 있습니다.

감사합니다.
메타디움 팀 드림

Website | https://metadium.com Discord | https://discord.gg/ZnaCfYbXw2 Telegram(EN) | http://t.me/metadiumofficial Twitter | https://twitter.com/MetadiumK Medium | https://medium.com/metadium

MChat Coming Soon: Metadium’s AI-powered Conversational Blockchain Explorer & Upcoming Launch of… was originally published in Metadium on Medium, where people are continuing the conversation by highlighting and responding to this story.

In this article, Simon Wistow shares why hybrid AI is gaining ground and how semantic caching unlocks better performance and sustainability.

Are your Verifiable Credentials the real thing? Not every digital credential that says it’s “verifiable” is what you think it is. A new report from Indicio explains how to tell.

By Helen Garneau

A new report from Indicio’s VP of Governance, Trevor Butterworth, breaks down one of the most important questions in digital identity today: What makes a credential truly verifiable?

This report is written for decision-makers and technical teams alike. Whether you work in cybersecurity, identity verification, product development, or if you’re building or relying on digital credentials, this is the simple document providing the distinction you need. This is especially relevant if your organization handles biometric data, works with EU citizens, or is looking for ways to prevent fraud from AI-generated deepfakes.

At the heart of it, if a credential needs to check in with a server or call back to the issuer every time it’s used, then it’s not a true Verifiable Credential. Sure it’s digital, and it may even be marketed as “decentralized,” but at the end of the day, it’s not actually a Verifiable Credential, just a digital permission slip. Because if the issuer goes offline, so does the credential. No verification. No efficiency. 

In this report, Trevor explains how real Verifiable Credentials are different. They allow anyone to confirm who issued the credential and whether the data has been altered—without needing to contact the original source. That’s because the data is sealed inside the credential using advanced, tamper-proof cryptography. It’s verifiable on its own, instantly and securely.

The report walks through why this matters, especially for organizations that deal with sensitive data or biometrics. Most digital credentials today rely on API calls to backend databases. That means storing personal data which comes with major security, privacy, and compliance risks. 

With Verifiable Credentials, you don’t need to store anything in a database. You can verify biometric identity without ever holding on to biometric data. This is essential for staying compliant with privacy regulations, particularly in the EU.

Trevor also addresses another common point of confusion: decentralization. 

Many digital identity solutions use the term without truly delivering on it. Decentralization does not mean data, even encrypted data, is forced to run through a third-party system in order for the data to be verified. Real decentralization happens when Verifiable Credentials, which can be controlled by people, organizations, devices, even AI agents, are used to authenticate and exchange data directly, without intermediaries. 

A decentralized approach to digital identity that uses real Verifiable Credentials equates to faster processes, lower costs, and fewer risks. It also means trust can move securely across systems, industries, and borders, without complex integrations or third-party brokers.

The report ends with a five-point checklist to help you quickly tell the difference between real Verifiable Credentials and the ones that only use the label. You’ll also learn how Indicio’s Proven solution supports the full stack of credential formats, protocols, and real-world deployment needs.

Because once you’ve seen the real thing, you’ll understand why anything less isn’t good enough.

Download the report or schedule a free workshop to see how Verifiable Credentials can help you reduce risk, improve efficiency, and stay in control of your data.

The post New report: why “verifiable” doesn’t always mean Verifiable Credentials, and why that matters appeared first on Indicio.

The post A Verifiable Credential Is Much More Than A Digital Credential That’s Verifiable appeared first on Indicio.

On July 1, 2025, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC)sanctioned Aeza Group LLC (along with 3 associated entities) “for its role in supporting cybercriminal activity targeting victims in the United States and around the world.” According to OFAC’s press release, the Aeza Group “has provided BPH services to ransomware and malware groups such as the Meduza and Lumma infostealer operators, who have used the hosting service to target the U.S. defense industrial base and technology companies, among other victims globally.” The designation of the Aeza Group follows the February 2025 designation of the Russian BPH services Zservers, further demonstrating OFAC's commitment to disrupting cybercriminal infrastructure.

When you’re processing 300+ million screenings a quarter with >99.99% uptime, you need engineering principles that can handle scale. During a recent webinar,  Elliptic's engineering team pulled back the curtain on the core principles that have enabled us to scale over 20X in the last four years. 

Poker has gone from a casual card game to a full-blown entertainment genre. From solo Twitch grinds to live-streamed cash games with six-figure pots, poker has found a new identity online that appeals to strategy lovers, gaming fans, and viewers hungry for drama. And business is booming.

Millions now tune in not just to watch the hands unfold, but to follow personalities, break down big bluffs, and interact with players in real time. A recent episode of the Digital Social Hour podcast laid out just how far poker streaming has come, featuring high-stakes moments, huge communities, and the growing role of poker as entertainment, not just a game of skill. Some streams even boast prize pools worth millions, with other popular streamers taking home up to $300,000. 

That surge in popularity is encouraging rapid innovation. Poker content has evolved beyond plain hand reviews or tournament replays. Now, it’s personality-driven, visually dynamic, and constantly adapting to new formats. At the crossroads of this evolution are VTubers: virtual streamers who blend performance art, gaming culture, and digital creativity. With their rising popularity across YouTube, Kick, and even Web3 platforms, it’s only a matter of time before they get dealt into the poker game.

Poker in America: A Legal Patchwork Paving New Roads

To understand why poker streaming is such fertile ground for VTubers, it helps to look at the current poker environment in the U.S.—a legal maze that requires agility, creativity, and sometimes, a bit of boldness.

At the federal level, online poker is still technically prohibited. However, enforcement varies wildly, and many players rely on offshore platforms. To illustrate, let’s look at how online poker in New York has played out. Since online poker has yet to be legalized, locals play on sites such as the internationally-recognized Americas Cardroom, which operates in a legal gray area by being based outside U.S. jurisdiction. These platforms process real-money games and offer the kind of liquidity that’s nearly impossible to match in state-run markets. This includes 24/7 access to massive tourneys, like their flagship Venom series, where prizes can exceed $10 million. Such reliance on trusted offshore sites is also the norm for most American online poker players, since only nine states currently legalize this sector. 

Meanwhile, the live scene presents its own brand of innovation. For example, poker rooms in Texas, despite having some of the country’s strictest anti-gambling laws, have become hotspots thanks to a clever workaround. Instead of charging rake, poker rooms in cities like Dallas operate on membership fees, effectively creating private clubs. A recent court ruling upheld these arrangements, reinforcing the model and giving local poker a second wind.

This patchwork system of legality creates an ideal environment for content creation. Poker players are adapting fast, and streamers are even faster. Whether they’re beaming in from New York using an offshore platform or live-casting hands from a Dallas club, content creators have found ways to showcase the game without breaking the rules. Add VTubers into that mix, and you have a model that allows full creative freedom, even in restrictive jurisdictions.

Streaming Teams and the Rise of Poker Personalities

The content game in poker has matured dramatically in the last five years. What was once niche is now mainstream. And poker platforms know it.

For instance, Americas Cardroom launched its online team in 2024, including popular streamers. Originally called ACR Team Online, they now go by the Stormers, with members regularly sharing content on platforms like Twitch. This isn’t just a marketing push—it’s a recognition that the future of poker involves creators just as much as it involves players. These team members aren’t necessarily all crushers at the table. They’re storytellers, entertainers, and community builders. Their primary edge is connection.

In this world of brandable personalities, VTubers fit perfectly. The poker industry has long leaned into identity and style. Look at how Phil Hellmuth built a legacy on emotional outbursts, or how Daniel Negreanu used charisma and table talk to cultivate his fan base. VTubers take that same idea and push it into the future, allowing for characters that are larger-than-life, aesthetically unique, and made for modern internet consumption.

A fox-masked analyst who breaks down bluffs like a samurai? A gothic vampire who runs high-stakes satellites under the cover of darkness? With VTubing, there are no limits. The avatar becomes the brand, and in today’s competitive streaming ecosystem, standing out is the name of the game.

Why VTubers Make Sense for Poker

Let’s break it down.

1. Privacy with performance: Not every poker streamer wants to show their face, especially if they’re moonlighting, shy on camera, or just want to keep their real identity separate from their poker content. VTubers solve this beautifully. They can be expressive, animated, and memorable without ever going on camera.

2. Elevated engagement: The average poker stream is static—just a headshot and a screen share of cards. VTubers, by contrast, can react with motion, facial expressions, sound effects, and dynamic backgrounds. This keeps viewers more engaged during long sessions and slow hands. Dead air becomes prime entertainment real estate.

3. Cross-community appeal: VTubing originated in anime and gaming circles, but it’s growing fast across other verticals like education, commentary, and now, potentially poker. The online poker audience overlaps heavily with crypto, gaming, and fandoms that are already receptive to digital avatars. VTuber poker streamers wouldn’t be outsiders—they’d be pioneers.

4. Monetization beyond the table: Most poker streamers monetize via donations, affiliate codes, and maybe the occasional merch drop. VTubers, on the other hand, can monetize their characters directly through plushies, art, sound packs, stickers, and even meet-and-greets in virtual spaces. For poker content creators trying to grow beyond ad revenue, this opens a world of opportunities.

5. Narrative potential: Poker is filled with arcs—downswings, upswings, lucky runs, and soul-crushing bubbles. VTubers, with their highly customizable personas, can turn these moments into compelling content. Themed overlays, emotional reactions, fantasy backstories—they can build a poker universe that feels more like a show than a stream.

As explained in this article Vtuber Avatars: A Gateway to Creative Expression about how these avatars can enhance content creativity and connection, VTubers are opening up new dimensions of identity and audience connection. If that’s true for gaming, there’s every reason to believe it applies to poker, too.

All-In on the Avatar Future?

The writing’s on the felt: poker is changing. And the next big chapter might be animated. VTubers bring a potent blend of creativity, anonymity, and audience magnetism to a game that thrives on expression and personality. They could lower the barrier for new streamers, provide fresh content styles, and attract new fans who might never have clicked on a traditional poker stream. Best of all, they add a layer of storytelling that can make every bluff, hero call, and bad beat feel like part of a larger narrative.

As iGaming continues to grow, expect poker platforms to embrace more experimental content and VTubers to step up to the table. Whether a full-time streamer launches an avatar to refresh their brand or a new player enters the scene fully digital from day one, the movement is already underway.

The avatar era isn’t just coming. It’s shuffling up and getting ready to deal.

The post Are VTubers the Next Step for Poker Streamers? appeared first on Union Avatars.

What if your compliance team could spend more time on investigating complex cases, and less on repetitive triage?

The world of crypto compliance and blockchain analytics is evolving at breakneck speed. High alert volumes, increasingly sophisticated criminal typologies, and ever-tightening regulatory demands are now everyday realities for compliance teams and risk leaders. It's no wonder that conversations about AI in compliance spark both excitement and concern. Will automation really make our lives easier, or does it threaten to sideline the very expertise we've spent years building?

“We’ve all heard the calls for more resilient digital identity systems.“

Heck, I covered that in the blog posts I did a few weeks ago on centralization vs. decentralization. Resilience is on my list of the top ten buzzwords of the year. Whether we’re looking at geopolitical turmoil, AI disruption, or yet another IdP outage, it’s clear that the infrastructure we’ve relied on for decades is straining under new (and not-so-new) pressures.

The catch to this demand, however, is that resilience is expensive. And in standards development, it’s often treated like it’s free.

Identity professionals usually talk about resilience as a technical or operational problem, how to recover when something fails. In my early days as a sys admin, disaster recovery and business continuity were my jam, so I get it. But from a standards and governance perspective, I keep coming back to a different question:

What kinds of resilience are current standards actually enabling? And where are we still pretending flexibility comes without cost?

oooooh, hard question!

A Digital Identity Digest Resilience Isn’t Free: What Standards Can (and Can’t) Prepare Us For Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:11:33 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

Resilience is the wrong word if you can’t afford to change

Most modern identity standards build in some notion of flexibility. You’ll find language about “pluggable” trust frameworks, revocable credentials, and multi-source identity assertions. It all sounds great, on e-paper.

But in practice, very few implementers can afford to build and maintain all the branches that the standards suggest. Most systems implement the bare minimum required to pass a test suite (please tell me there is a test suite) or ship a product. The more complex the flexibility, the less likely it will be used or maintained.

This tension came up repeatedly in my recent blog series on centralization and decentralization. It’s not that one model is better than the other; it’s that resilience requires the ability to shift between these architectures. Shifting means you need a governance structure that can manage both states, not just technical plumbing that supports a theoretical toggle.

Governance is expensive, as is testing rarely used failover paths. Yet we talk about flexibility as if it’s a universal good. It’s not. It’s a luxury, and we need to be honest about that.

Most standards assume stable trust anchors

I want to be clear: assuming stability isn’t inherently bad. The Internet only works because we assume certain things, like DNS will resolve, certificates will validate, and revocation servers will be online. “Turtles all the way down,” as the saying goes. If you don’t trust anything at all, then you cannot actually use the Internet.

But most identity standards still assume that key pieces of the trust chain are always available and operating neutrally. Whether it’s SAML federation metadata, OpenID Connect trust frameworks, or verifiable credential issuers and resolvers, there’s usually no plan B.

When systems fail due to policy shifts, infrastructure outages, or organizational collapse, the standard itself rarely provides fallback guidance. At best, you’ll get some MAY clauses. More often, it’s left to implementers to figure out what to do when their trust anchor disappears.

Some specs (notably in the decentralized identity world) are starting to grapple with this. But many others still reflect a stable-world mindset. That’s a mismatch for the world we’re actually living in.

Delegation, AI agents, and identity sharing are afterthoughts

What makes me sad is that we, the people working in tech, knew these problems were coming, and we kicked the can anyway.

Delegation has been a known issue in identity for years. We’ve seen efforts like User-Managed Access (UMA) define how to handle “on-behalf-of” scenarios, layered roles, and AI agent use cases. But they’ve remained niche, partly because the implementation complexity is real, and partly because the incentives haven’t been there.

Now we’re scrambling to retrofit standards that were never designed to handle autonomous agents, shared credentials, or multi-party authorization flows. And we’re trying to do it without breaking existing infrastructure that assumed a much simpler world.

If we want identity infrastructure that can survive the next decade, we have to stop treating delegation and agentic identity as edge cases. They’re central to how identity will work going forward, and they’re crucial to any conversation about long-term resilience.

There’s no such thing as neutral infrastructure

Let’s talk about government-issued credentials.

They’re often framed as the gold standard for trust, and for many high-assurance use cases (finance, travel, health), they are. But they’re also highly contextual. They encode the priorities, capabilities, and politics of the issuer. Not everyone trusts their government. Not every government trusts other governments. And, not every global corporation can figure out how to deal with all the government requirements, especially when governments contradict each other.

A system that assumes government credentials are always the best option risks becoming brittle. What happens when a user doesn’t have access to those credentials? Or when the trust in a government changes?

The DC API

This question is playing out in real time in the standards world. A recent discussion about the Digital Credentials API in the W3C’s Federated Identity Working Group points out that not all wallets are created equal, and neither are the governance models behind them.

A government-issued wallet may want to authorize verifiers through its own mechanism, asserting tight control over how its credentials are used. A browser acting as an intermediary might conflict with that, unless a protocol allows the wallet to enforce its preferences. But for other, non-government wallets, such as those used in enterprise, education, or social scenarios, the browser might be the only line of defense, especially where verification risk is low and wallet quality varies.

This is where the fiction of neutrality breaks down. When browsers or OS platforms decide how wallets should behave, who gets trusted, and what protocols are supported, they stop being passive conduits and start shaping the structure of the ecosystem. And that has consequences for which identity models can thrive. (To be fair, I’m not sure they have a choice, given how they are held liable for when things break down, but it’s still a matter of consequences.)

Resilience, then, isn’t just about supporting many wallets. It’s about enabling multiple trust frameworks to coexist, even when their needs are in tension.

That means standards shouldn’t default to one “gold standard” credential or wallet model. They should support a plurality of issuers, governance structures, and levels of assurance, because no single model is durable enough to anchor every identity system, everywhere, forever. No one is going to “win” the wallet wars.

If resilience is the goal, we need better defaults

We often measure the success of a standard by how widely it’s adopted. And that makes sense; if no one uses it, it doesn’t matter how flexible or forward-looking it is.

But in a world where trust assumptions are increasingly unstable, we also need to ask:

Can this standard still function when the environment shifts? Can it support multiple deployment models? Multiple trust anchors? Conflicting governance approaches?

Adoption is essential, but it’s not enough. Standards that can’t adapt get ripped out when the world changes, assuming we pay the technical debt. That might not happen in year one. But over time, brittle assumptions break, and infrastructure that once seemed “standard” adds to the debt that’s breaking our industry.

If resilience is the goal, we need better defaults:

Defaults that don’t assume the trust anchor is always online. Defaults that let delegation and AI participation evolve without rewriting the spec. Defaults that recognize different types of wallets, verifiers, and issuers will operate under different rules, but they still need to work together.

And maybe we also need more standards participants with risk assessment experience (please and thank you), so we can start designing for volatility from the beginning, not just retrofitting it later.

Wrapping up

I’m not arguing that we need to abandon federation or centralized identity, or that VCs are the answer to everything. I’m arguing that we need to stop building identity infrastructure that assumes everything will go right.

Resilience isn’t about architectural preference. It’s about designing for a world where the map keeps changing. If we want our standards to hold up under pressure, we need to stop pretending that flexibility is free and start deciding where we’re willing to invest.

Because trust might be turtles all the way down, but someone still has to check on the turtles.

Want to stay updated? I write about digital identity and related standards—because someone has to keep track of all this! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here] 

Transcript

(00:00) Let’s talk about one of the most common words in tech media today: resilience.

(00:37) In 2025, it’s everywhere. But when it comes to digital identity systems, what does resilience actually mean—and perhaps more critically, who pays for it?

(00:51) Many assume resilience just means flexibility. But building flexible systems isn’t cheap. Flexibility costs money, and lots of it.

Flexibility on Paper vs. Resilience in Practice

(01:13) Most modern identity standards suggest adaptability. For example:

Pluggable trust frameworks Support for multiple issuers Credential revocation paths Selective disclosure mechanisms

(01:41) These sound like flexible, future-ready systems. But in practice, most implementers don’t have the budget, time, or political will to build beyond what’s required today.

(02:10) When deadlines loom or audits approach, resilience features—fallback flows, delegation models—often get cut. They’re seen as luxuries, not priorities.

(02:27) The result? When a major provider goes offline, everyone scrambles to fix what should have been planned for.

Resilience Requires Planning for Change

(02:46) In earlier blog posts on centralization and decentralization, I made the case that resilience isn’t just about choosing one architecture. It’s about adapting between models as conditions shift.

(03:08) But those shifts require governance, testing, and long-term maintenance—and few standards talk about that part.

What Happens When Trust Anchors Fail?

(03:18) Most identity standards assume certain things are stable: DNS, certificate authorities, federation metadata, DID resolvers.

(03:45) And most of the time, that’s a fair assumption. But not always. Trust anchors wobble—frameworks get deprecated, registries go dark, support drops.

(03:56) What happens to the systems that depend on them?

(04:06) Often, nothing is specified. The standard assumes uptime, not failure. Resilience needs to plan for volatility, not just stability.

Real-World Examples of Fragility

(04:24) Consider some common standards:

OpenID Connect Federation: Trust chains fail if any node is unreachable SAML: Metadata URLs are assumed always available Verifiable Credentials: Depend on persistent, resolvable identifiers

(04:59) These aren’t bad standards. They’re doing critical work. But they often lack mechanisms for handling breakage—when, not if, it happens.

Delegation Is a Core Identity Requirement, Still Underserved

(05:06) Delegation is a cornerstone of identity. We’ve known this for years.

(05:11) Parents act for children. Executives delegate to assistants. Spouses share insurance logins. Healthcare proxies access private records.

(05:30) And now, we’re adding AI agents to the mix—bots booking appointments, filling forms, accessing systems.

(05:46) Most identity systems don’t handle this. There’s no consistent model for “on behalf of,” no standardized scoping, and no way to validate consent.

(06:06) UMA (User Managed Access) aimed to solve some of this. But it remains niche—important, yes, but far from mainstream.

(06:21) Now we’re stuck retrofitting delegation into systems that weren’t designed for multi-actor flows or digital intermediaries.

Wallet Diversity: Who Governs the Gate?

(06:45) One of the most timely conversations today is about wallet governance.

(06:55) In the W3C’s Federated Identity Working Group, Issue #246 asks: how should different wallets—government, enterprise, personal—be treated by browsers and platforms?

(07:16) Should a government wallet control its credential usage? Should browsers enforce a uniform model? It’s complicated.

(07:29) Government wallets have strong policies. Social wallets may offer more flexibility—but with lower assurance.

(07:43) So who decides?

(07:49) When browsers mediate everything, they start shaping governance—intentionally or not. That creates platform lock-in and infrastructure fragility.

(08:01) If your wallet only works on Platform A, but not Platform B, we’re undermining interoperability—and resilience.

Supporting Governance Pluralism

(08:18) True resilience means supporting pluralism—multiple governance models, even conflicting ones.

(08:28) Standards can’t just hope it all works out. They need to explicitly support this diversity, or risk failure as soon as conditions shift.

Measuring Adoption vs. Measuring Adaptability

(08:37) In most standards work, success is measured by adoption.

(09:12) But adoption isn’t the same as resilience. A brittle standard can be widely used—and still collapse when a key component fails or use cases evolve.

(09:20) Conversely, a highly adaptable standard that sees no uptake contributes nothing.

(09:28) We need to measure both adoption and adaptability if we want identity systems that can survive real-world conditions.

Toward Risk-Aware Standards

(09:43) So how do we move forward?

(09:46) One answer: bring more people into standards work who understand risk. Not just technical threats, but governance risk, market volatility, and long-term trust dynamics.

(10:04) Resilient standards aren’t paranoid—they’re durable.

The Real Cost of Resilience

(10:18) Digital identity resilience requires:

Flexibility, but not as an afterthought Fallback paths and pluralist design, not idealized assumptions A willingness to acknowledge the cost of preparation—and invest in it A design approach that accepts the world won’t always cooperate

(10:28) We don’t have to throw out everything we’ve built. But we do have to ask what breaks when things shift—and what we’re willing to invest to prevent that.

Final Thoughts

(10:38) Thanks for listening. If this got you thinking, I’d love to hear from you. Reach out on LinkedIn or check out the written version at sphericalcowconsulting.com.

(10:57) And if this helped make identity just a little clearer—or at least more interesting—consider sharing it with a friend or colleague. See you in the next episode.

The post Resilience Isn’t Free: What Standards Can (and Can’t) Prepare Us For appeared first on Spherical Cow Consulting.

June 2025 Real Estate Tokenization Takes Off in Dubai

Dubai’s real estate market is breaking records.

According to data shared by Property Finder, Dubai recorded AED 66.8 billion (~$18.2 billion) in real estate sales across 18,700 transactions in May 2025. That’s a 44% year-on-year surge, driven by both local and international investor demand.

Source: Cointelegraph

Yet for global asset managers, accessing this market remains complex.

The barriers global asset managers still face

While Dubai’s real estate market is booming, it remains difficult for global asset managers to access directly.

Legal complexity. Buying real estate in Dubai often requires setting up a local entity or relying on nominee arrangements. These structures are time-consuming, costly, and raise concerns about transparency and control. Operational inefficiencies. Servicing investors, tracking ownership, handling subscriptions and redemptions, distributing yields, and maintaining compliance, is still highly manual in most setups. This creates friction, especially for cross-border investors onboarding and ongoing fund administration. Limited exit options. Even when fractional shares are available, liquidity is often locked. Without proper secondary market infrastructure, redemption or transfer opportunities are rare, making the asset less attractive for both managers and investors. How tokenization is changing the game

These barriers are now being removed.

Through tokenization and a local, reputational licensed fund administrator like Apex Group, asset managers can offer Dubai real estate exposure in a fully regulated and digital-native format.

Our solutions, which have now been integrated into the Apex Group’s services, allow asset managers to experience a one-stop shop experience and use the permissioned token standard ERC-3643 to enforce investor eligibility, transfer rules, and compliance logic right into their tokens.

Unlock what wasn’t possible before  Multi-platform distribution: List real estate tokens across multiple compliant distribution platforms Improved liquidity: Enable peer-to-peer secondary market transfers under control 24/7 Access: Offer 24/7 subscription and redemption for open-ended real estate funds Real-time tracking: Track all activity in real time for full auditability

For asset managers, this means faster launches, broader investor reach, and the ability to offer modern real estate products that meet today’s expectations for accessibility and liquidity.

Market demands are real

On May 1, MultiBank Group, MAG, and Mavryk announced a $3 billion deal to tokenize MAG’s luxury real estate to democratize access to high-end real estate and enable global investors to participate with full legal certainty. Then, on June 11, Dubai saw its second tokenized apartment sell out in 1 minute and 58 seconds, with 149 investors from 35 countries and over 10,700 waitlisted.

Tokenized real estate has found its product-market fit.

Why it’s working now: Clear rules from VARA

On May 19, Dubai’s Virtual Assets Regulatory Authority (VARA) updated its Rulebook to formally regulate tokenized real-world assets (RWAs) under the new Asset-Referenced Virtual Assets (ARVA) classification.

The regulatory clarity is in place. The infrastructure is proven. The demand is there. The future? Real estate tokens will increasingly plug into broader digital finance ecosystems, including lending, automated market making, and 24/7 liquidity via compliant DeFi.

Dubai is showing the way, and we’re ready to help you lead.

Tokeny Spotlight

Apex Group Acquisition

Apex Group announces the acquisition of a majority stake in Tokeny. A major milestone for tokenized finance.

Read More

NASDAQ TradeTalks

Our Head of Americas, unpacks the real challenge behind institutional adoption of digital assets.

Read More

Press Release

MTCM Securitization Architects partners with Tokeny to launch dual-format issuance framework.

Read More

Tokeny Talent

Learn about Thaddee Bousselin, who has been at the forefront of Tokeny’s implementation team.

Read More

Tokeny & Apex Celebration

Tokeny and Apex Group celebrate the integration of our technology and team into the Apex family.

Read More

Tokenizing Infrastructure

Our partner DitoBanx is bridging the Atlantic and Pacific Oceans with security tokens.

Read More

Tokeny & Apex Celebration

Tokeny and Apex Group celebrate the integration of our technology and team into the Apex family.

Read More

Press Release

KERDO partners with Tokeny to unlock accessibility in private markets for European professional investors.

Read More

Welcome to The Team

 Sergi Roca joined us in December as a Blockchain Developer. We’re thrilled to have you with us.

Read More Tokeny Events

ETHcc
June 30th – July 3rd, 2025 | 🇫🇷 France

Register Now

Real World Asset Summit
July 1st, 2025 | 🇫🇷 France

Register Now ERC3643 Association Recap

The First ERC3643 Podcast is Live

Dennis O’Connell, and Luc Falempin, come together in the first episode to explain ERC-3643 and share behind-the-scenes insights on how the standard was built and where it’s going.

Watch the Podcast here

The ERC3643 Association Proudly Welcomes 24 Selected New Members Building the Future of Onchain Finance With Us

The momentum for RWA tokenization is growing, fast. With backing from major financial institutions and innovative blockchain builders, the collaboration to bring capital markets onchain is more powerful, and more coordinated, than ever.

Read the full press release here

Subscribe Newsletter

A monthly newsletter designed to give you an overview of the key developments across the asset tokenization industry.

Previous Newsletter  Jul1 Real Estate Tokenization Takes Off in Dubai June 2025 Real Estate Tokenization Takes Off in Dubai Dubai’s real estate market is breaking records. According to data shared by Property Finder, Dubai recorded… May13 Is the UAE Taking the Lead in the Tokenization Race? April 2025 Is the UAE Taking the Lead in the Tokenization Race? As you know, the U.S. is now pushing to become the crypto nation.… Apr1 No Yield for Stablecoins, Tokenized MMFs To Take the Lead March 2025 No Yield for Stablecoins, Tokenized MMFs To Take the Lead With MiCA in Europe, and the STABLE draft law in the USA, regulators… Mar3 Memecoins Are Crashing, Hackers Are Cashing In, Where Are Smart Investors Moving Next? February 2025 Memecoins Are Crashing, Hackers Are Cashing In, Where Are Smart Investors Moving Next? Over the past month, we’ve attended key events across the…

The post Real Estate Tokenization Takes Off in Dubai appeared first on Tokeny.

This Canada Day, we’re sharing a personal look at the people, values, and vision behind iComply. From a Métis founder’s philosophy of stewardship to a Slovak-born tech leader’s passion for building secure, scalable systems. This is the story of how a grass-roots Canadian idea became a global compliance platform.

July 1st means different things to different people. For many of us, it’s fireworks, lake days, and barbecue. For us at iComply, it’s a chance to pause and appreciate where we come from, why we do what we do, and where we’re headed next.

Matthew, our CEO and founder, was raised in a Mennonite German household in the prairies, he later reconnected with his Métis heritage and brought together two powerful worldviews: Indigenous stewardship and immigrant opportunities. “My heritage taught me to value both responsibility and resilience,” Matthew says. “When I founded iComply, I adopted the principle of Seven Generations thinking – not as a cultural reference but as a design philosophy. What we build today should serve the world for generations to come.”

That mindset has shaped every decision we’ve made since day one. iComply wasn’t built to be another checkbox tool for regulators. Our vision is to restore trust in digital identity and regulatory systems. To protect privacy, not exploit it. To empower users, not burden them. And to reflect Canadian values: fairness, integrity, and future-minded responsibility.

Our CTO and co-founder, Matej, brings a complementary perspective. A Slovak immigrant and systems architect, Matej came to Canada with a dream of solving hard problems. When he met Matthew, their shared vision and values on privacy and identity led to the founding of iComply. Together, they built iComply from the ground up: modular, multilingual, and secure by design. “Most platforms in this space are stitched together from third-party APIs and cloud hacks,” Matej says. “We knew that wouldn’t cut it. So we did the hard work ourselves.”

iComply cofounders “The Matts” at Web Summit Vancouver

Today, iComply supports clients in 195 countries, works in over 140 languages, and enables real-time ID verification for more than 14,000 government-issued ID types. And every client we serve still benefits from the same founding principles: keep data sovereign, respect user privacy, and future-proof for generations to come.

So this Canada Day, we’re celebrating the people, ideas, and commitments that built this company and continue to guide it.

Happy Canada Day from all of us at iComply.

Monetize AI bot traffic! Fastly's Bot Management and TollBit have teamed up to offer granular control, performance, and flexibility to manage bots & unlock new revenue.

The Threat is Real and It’s Here Now

On Friday, June 28, 2025, the FBI issued an urgent cybersecurity alert: the notorious Scattered Spider hacking collective has expanded its targeting to include the airline industry. This isn’t a theoretical future threat, it’s happening right now. Hawaiian Airlines confirmed a cyberattack on Thursday, and Canada’s WestJet has been dealing with an ongoing breach since June 13. Both incidents bear the hallmarks of Scattered Spider operations.

For airline executives reading about yet another cybersecurity threat, this one demands immediate attention. Scattered Spider isn’t your typical cybercriminal group. They weaponize something every organization has in unlimited supply: helpful employees and IT systems that assume someone calling with the right story must be legitimate. While security teams spend millions hardening networks and patching systems, these attackers simply pick up the phone and ask nicely for the keys to the kingdom—and they get them.

Understanding the Enemy: Why Scattered Spider is Different

Scattered Spider (also known as UNC3944, Octo Tempest, and several other aliases) represents a new breed of cybercriminal. This loosely organized collective of primarily English-speaking hackers has perfected the art of social engineering at enterprise scale.

Their recent victims read like a Fortune 500 directory: MGM Resorts, Caesars Entertainment, Marks & Spencer, Twilio, and now multiple airlines. What makes them particularly dangerous is their systematic approach to identity-based attacks:

Social Engineering Excellence: They research their targets extensively, often impersonating specific employees or contractors when calling IT help desks. They know company terminology, recent projects, and organizational structure well enough to convince even experienced support staff that they’re legitimate employees.

MFA Bypass Mastery: While many organizations believe multi-factor authentication protects them, Scattered Spider has developed multiple techniques to circumvent these controls:

MFA fatigue attacks that bombard users with push notifications until they accept one Convincing help desk staff to add attacker-controlled MFA devices to legitimate accounts SIM swapping to intercept SMS-based authentication codes Phone-based social engineering to extract one-time passcodes directly from users

Legitimate Tool Abuse: After gaining initial access, they use approved remote access tools and live-off-the-land techniques, making their activities difficult to distinguish from legitimate IT operations.

Why Airlines Are Perfect Targets

The aviation industry presents an irresistible combination of vulnerabilities that make it ideal for Scattered Spider attacks:

Call Center Dependencies: Scattered Spider specifically targets airline call centers, exploiting the high-volume, time-pressured environment where help desk staff process hundreds of authentication requests daily.

Complex Identity Management: Distributed teams across multiple time zones and locations create numerous potential entry points and make identity verification challenging across all touchpoints.

High-Stakes Environment: Thin operational margins and zero tolerance for downtime create pressure to restore access quickly—exactly the environment where security shortcuts occur during incident response.

High-Value Data: Extensive PII, travel patterns, cargo manifests, and operational data provide valuable monetization opportunities for attackers.

The FBI’s Warning: Attack Vectors Airlines Must Address

The recent FBI alert specifically highlights the tactics Scattered Spider uses against aviation targets:

Help Desk Infiltration: Attackers call IT support claiming to be employees who’ve lost access to their accounts. They use publicly available information about the company and specific employees to build credibility.

Third-Party Vendor Targeting: The FBI warns that “anyone in the airline ecosystem, including trusted vendors and contractors, could be at risk.” Scattered Spider often attacks less-defended suppliers to gain access to primary targets.

MFA Device Registration Abuse: Once they convince help desk staff of their legitimacy, attackers request that new MFA devices be added to accounts they claim to own.

An Identity-First Defense Strategy

Traditional cybersecurity approaches fail against Scattered Spider because they focus on protecting systems rather than verifying identities. When attackers can convince legitimate users or help desk staff to grant access, perimeter defenses become irrelevant.

The most effective defense requires securing the identity layer itself. Here’s how identity-first security addresses each of the attack vectors the FBI warns about:

Verifiable Identity Authentication

The Challenge: Scattered Spider succeeds because authentication systems verify what users know (passwords) or have (phones, tokens) rather than who they are.

The Defense: Identity platforms that require users to prove their actual identity through biometric verification tied to government-issued identification. When someone calls the help desk claiming to be an employee, the system can definitively verify whether the caller is actually that person.

Phishing-Resistant, Passwordless Authentication

The Challenge: Traditional MFA can be bypassed through push notification fatigue, SIM swapping, or social engineering.

The Defense: Eliminating passwords entirely and using FIDO2-compliant biometric authentication that cannot be phished, fatigue-attacked, or socially engineered. There are no push notifications to accidentally accept and no codes to read over the phone.

Identity-Bound Access Controls

The Challenge: Current systems often grant access based on device compliance or network location, which can be spoofed or compromised.

The Defense: Tie every access request to a verified biometric identity. Even if attackers gain access to approved devices or networks, they cannot authenticate without the legitimate user’s biometric signature.

Centralized Identity Governance

The Challenge: Organizations lose visibility into identity-related activities across multiple systems and lack consistent identity policies.

The Defense: Centralized visibility into all identity-based access events with detailed audit trails and risk scoring. Security teams can immediately identify unusual authentication patterns or unauthorized access attempts.

Real-World Implementation Scenarios

For airline security teams wondering how this translates into practical protection, consider these scenarios:

Scenario 1: Help Desk Social Engineering A Scattered Spider attacker calls the IT help desk claiming to be a pilot who’s lost access to crew scheduling while on layover. The caller knows recent route changes, mentions specific flights, and provides the pilot’s employee ID. With traditional systems, overwhelmed help desk staff often approve password resets and MFA device additions during off-hours when supervisors aren’t available, especially when the caller sounds stressed about missing a flight assignment.

With identity-first security: Any account changes require biometric verification that cannot be provided remotely by an impersonator, regardless of how convincing their story.

Scenario 2: Contractor Account Compromise Attackers target a ground services contractor to gain access to airline systems through the supplier relationship. Traditional vendor management often relies on basic password policies and standard MFA across multiple client systems.

With identity-first security: All contractor access requires the same level of identity verification as employee access. Even if contractors’ traditional credentials are compromised, attackers cannot authenticate without their verified biometric identity.

Scenario 3: After-Hours Emergency Access An attacker claims to be a maintenance supervisor who needs urgent access to aircraft diagnostic systems for a grounded plane. They call during the night shift when fewer security personnel are available and pressure help desk staff with operational urgency.

With identity-first security: Emergency access protocols still require biometric verification, preventing attackers from exploiting time pressure and reduced oversight during off-peak hours.

Implementation Considerations for Airlines

Regulatory Compliance: Airlines operate in highly regulated environments requiring certifications like FedRAMP High Authorization, NIST 800-63-3, ISO 27001, SOC II Type 2, and ISO/IEC 30107-1 and 30107-3. Identity platforms meeting these standards demonstrate they can handle the stringent regulatory requirements airlines face across multiple jurisdictions.

Operational Continuity: Identity-based attacks can ground flights and disrupt operations for days or weeks. The MGM attack cost that organization $100 million in operational disruption. Preventing such incidents protects both revenue and reputation.

Customer Trust: High-profile breaches erode passenger confidence. Airlines that can demonstrate advanced security measures for protecting personal data gain competitive advantage in an increasingly security-conscious market.

Security Architecture: Centralizing identity verification can streamline overall security architecture while improving protection levels, reducing the complexity of managing multiple authentication systems across diverse airline operations.

The Time to Act is Now

Scattered Spider’s expansion to airlines isn’t a future threat, it’s happening right now. With the FBI issuing urgent warnings and multiple carriers breached in the last month, every organization in the aviation ecosystem faces immediate risk.

Rather than detecting attacks after they’ve begun, identity-first security prevents them from succeeding in the first place by securing the identity layer that Scattered Spider targets. The question isn’t whether your organization will face an identity-based attack—it’s whether you’ll be ready when it comes.

Contact 1Kosmos today to secure your airline’s identity layer against Scattered Spider and learn how verifiable identity authentication protects your operations, passengers, and reputation.

The post Stopping Scattered Spider at the Identity Layer: Protecting Airlines from Identity-Based Cyberattacks appeared first on 1Kosmos.

Comprehensive blockchain data and monitoring of activity. That's how our investigation started.

ComplyCube, the award-winning KYC and AML leader, has won the “RegTech Partner of the Year” award for the second time at the British Bank Awards 2025. The award underscores ComplyCube’s commitment to excellence in the RegTech field.

The post ComplyCube Wins RegTech Partner of the Year 2025 first appeared on ComplyCube.

The identity landscape is undergoing a major transformation and digital credentials are at the center of it.

In a recent live discussion, we explored how digital identity is reshaping Identity and Access Management (IAM) and Identity Governance and Administration (IGA). We were joined by two industry experts: Henrique Teixeira, SVP of Strategy at Saviynt, and Tim Cappalli, Senior Architect of Identity and Standards at Okta.

Together, they unpacked where digital ID credentials can deliver the most value, how to think about ROI, and what it will take to integrate these technologies into existing architectures.

So, you’ve decided to integrate digital signatures into your tech stack, but don’t know where to start. Here we help you understand the difference between an SES, AES and QES, and the importance of a QTSP.

There are many reasons why forward-thinking organizations are choosing to integrate digital signature solutions into their tech stack, but perhaps the most obvious is that digital signatures just work – incredibly well, for businesses and users, across most industries. 

In fact, usage is increasing by the day and will almost certainly continue to climb as per the collective driving forces – and adoption pushes – from eIDAS 2.0 and the upcoming Anti-Money Laundering Regulation. 

For more information on the business and customer benefits of digital signatures in your industry, read ‘Here’s why 95% of businesses are using digital signatures to optimize operations?’

Not all signatures are created equally.

Although the purpose of a digital signature is relatively straightforward (linking a signer to a document), there are different types with different levels of security and legal assurance. Businesses tend to offer one of either Simple Electronic Signatures (SES), Advanced Electronic Signatures (AES) or Qualified Electronic Signatures (QES) depending on the particular use case required. 

But which solution is right for you and your customers? Here we explain everything you need to know about making the most out of digital signatures in 2025.

Digital certificates vs digital signatures. What’s the difference?

The relationship between a digital certificate and a digital signature is fundamental to how trust and authenticity are established in digital transactions. According to eIDAS, a digital signature is defined as “data in electronic form that is attached or logically associated with other data in electronic form, and which is used by the signatory to sign.” A digital signature performs three core functions:

Authenticity: Confirming the identity of the signer.  Integrity: Ensuring the document has not been changed after signing.  Non-repudiation: Preventing the signer from denying they have signed the document.

A digital certificate is an electronic document that links a person’s or entity’s identity with a cryptographic key pair made up of a public key and a private key. It is issued by a trusted entity, such as a Qualified Trust Service Provider (QTSP). 

When someone signs a document digitally, they use their private key to create the signature, and the recipient uses the sender’s public key to verify it. As only the signer has access to their private key, it is almost impossible for someone else to forge the signature or for the signer to claim they did not sign. The digital certificate provides the assurance that the public key belongs to the sender.

Expert guide to digital signatures. As the world shifts from physical to online, digital signatures will be essential in ensuring trust and authenticity in transactions. Check out this handy guide to discover the history of signatures and how digital signatures can be used to unlock valuable business opportunities. Download now Navigating the different types of digital signatures.

IDnow offers a comprehensive suite of digital signature solutions to satisfy whatever the regulatory requirement or industry use case. Our solutions adhere to security and encryption standards, including Public Key Infrastructure (PKI) to a) ensure the signer’s identity and b) enable trust in the signature. They also leverage hashing algorithms to prevent the signed document from being altered without detection.  

Lower levels of digital signature solutions (SES) are easier and faster to use, while higher levels (AES + QES) involve more steps but provide stronger guarantees.

Simple Electronic Signature (SES).

IDnow’s SES solution is the simplest and quickest form of digital signature we offer. It can be represented by a textual name at the end of an e-mail, a scanned signature, a ticked checkbox, or a click on an “I agree” button. Although legally valid, SES solutions cannot track document changes, or verify the identity of signers, only the ownership and authorization of the sending domain or email address. As such, this signature is best suited for no- to low-risk transactions or informal agreements such as terms & conditions or internal protocols.

Advanced Electronic Signature (AES).

IDnow’s AES solution provides a higher level of security and authentication than SES. As AES links the signature to both the signer and the data in a way that alterations are detectable, it is suitable for medium to high liability risk transactions that require strong identity verification without the full regulatory weight of QES, such as permanent employment contracts, insurance applications, NDAs, powers of attorney, or privacy statements.

Qualified Electronic Signature (QES).

IDnow’s QES represents the highest security standard and is the legal equivalent of a handwritten signature across the EU under eIDAS regulation. Created using a qualified digital certificate from a Qualified Trust Service Provider, such as IDnow Trust Services AB, a QES provides maximum legal certainty for high-stake transactions. It is non-repudiable and equivalent to a handwritten signature on paper. QES is commonly used where the law specifically requires the highest level of assurance, such as life insurance or government contracts.

IDnow’s Simple Electronic Signature. IDnow’s Advanced Electronic Signature. IDnow’s Qualified Electronic Signature. 5 considerations to help you select the right digital signature solution. Regulatory requirements? What level of signature does your industry regulation require for your specific transaction type? 
  What is the transaction value? Higher-value transactions generally warrant stronger signature types (AES or QES). 
  Risk profile? Consider the potential for fraud or dispute in the specific transaction context. While QES comes with an inherent scheme of storing proofs of a transaction, AES and SES require companies to record an audit trail of their own. 
  User experience priorities? What experience do your customers expect? Speed, security or a balance of the two? 
  Budgets and deadlines? Although neither is likely to be the deciding factor as to why organizations would choose one solution over the other, SES and AES can typically be implemented quicker than QES solutions, while SES are considerably cheaper to implement. Here’s how we integrate digital signature solutions.

So, now you have a good idea of which IDnow digital signature solution is right for you. Next let’s explore our different implementation options.  

We understand that implementation flexibility is critical for businesses at different digital maturity stages, which is why we offer multiple integration options. We also offer a hybrid approach, where organizations can embed different integration methods across channels based on specific needs and technical capabilities.

API integration.

For organizations seeking seamless integration with existing systems, IDnow provides comprehensive APIs and SDKs that enable: 

• Direct embedding within existing applications and workflows 
• Customization of the user interface to match brand identity 
• Real-time status updates and event notifications 
• Automated document processing and storage 

Web-based solution.

For rapid deployment without extensive development resources, IDnow offers web-based solutions that provide:

• Quick implementation with minimal IT involvement 
• Secure document transmission and storage 
• Branded customer experience 
• Detailed reporting and analytics 

Mobile SDK.

For businesses prioritizing mobile experiences, IDnow’s mobile SDK enables:

• Native integration within iOS and Android applications 
• Offline signing capabilities 
• Device-based biometric authentication 
• Optimized mobile user experience 

Our digital signature solutions also seamlessly integrate with your Customer Relationship Management, Enterprise Resource Planning, and document management systems to transform digital signing from a standalone feature into a core component of your business processes. This drives efficiency, accuracy and compliance, and provides a superior user experience.

Why IDnow? Trusted, accredited digital signature solutions for the future.

Customers that choose IDnow will benefit from streamlined procurement and contractual simplicity by receiving both identity verification (from automated to video verification and  eID) and trust services from a single, unified process with a trusted vendor. 

As the joint venture partner of IDnow Trust Services AB – a Qualified Trust Service Provider (QTSP), IDnow undergoes rigorous audits and assessments to prove we meet the highest standards for security, data protection, and operational reliability. We are also listed on official trust lists, such as the EU Trusted List, which is a clear commitment that we take our customers’ security and compliance seriously.  

Plus, as accredited vendors are required to stay up to date with the latest legal and technological requirements, IDnow customers can rest assured that their digital signature solution integration will remain compliant whenever laws change, which reduces the burden on their internal teams to constantly monitor and adapt to regulatory shifts. 

Digital signatures are no longer just nice-to-haves, they’re essential for modern business. In fact, recent analysis shows that adopting e-signatures helps businesses close deals 28% faster, cut costs by 26%, and boost revenue by 19%. The real question isn’t if you should integrate digital signatures, but when. 

Ready to take the next step and enable your customers to sign on the digital dotted line? Our team is here to help.

By

Jody Houton
Senior Content Manager at IDnow
Connect with Jody on LinkedIn

The Trust Playbook. Discover how top teams from your industry are turning digital identity and trust into growth strategies.​ Download now

圖靈新聞室

In Step with NATO Summit, Turing Europe Launches in The Hague to Support Europe’s Digital Resilience

2025/06/10

The Hague, Netherlands – 10 June 2025 – Turing Europe, the EU headquarters of a global cybersecurity innovator Turing Space specializing in eID and digital credentials, has officially launched operations in The Hague. This move addresses the accelerating demand for digital trust, self-sovereign identity (SSI), and cross-border verification frameworks essential for today’s interconnected environment. The launch coincides with the 2025 NATO Summit, held in the same city, reflecting Europe’s broader agenda to strengthen cyber resilience, data sovereignty, and critical infrastructure protection. 

Turing Europe delivers tamper-proof, interoperable, and privacy-centric credentialing solutions that empower public institutions and high-stakes sectors across the EU to verify identities, qualifications, and compliance in real–time while maintaining transparency and embedding privacy-by-design principles. 

“As geopolitical tensions rise and cyber threats grow more complex, European nations are under increasing pressure to establish interoperable and sovereign digital ecosystems,” said Jeff Hu, Founder and CEO of Turing Europe. “We are committed to bridging these gaps by partnering with key stakeholders, alliances, and authorities, enabling seamless cross-border cooperation and building a foundation of mutual trust to support the continent’s security, economic resilience, and democratic values.” 

A Seamless Landing in the Netherlands

This European expansion was supported by the Netherlands Foreign Investment Agency (NFIA) and the Invest in Holland network, including Municipality of The Hague, InnovationQuarter, and Security Delta (HSD), guiding Turing Europe’s initial market exploration to support the company’s incorporation. The Netherlands’ standing as a digital innovation gateway combined with its progressive governance frameworks made The Hague the ideal hub for Turing Europe’s continental operations. 

“The Dutch ecosystem warmly embraces trust technology frontrunners like Turing Europe, whose mission aligns with our national priorities of resilience and digital innovation,” commented Hilde van der Meer, Commissioner NFIA.“ 

Advancing NATO-aligned Innovation to Forge Europe’s Trusted Digital Future

As NATO member states continue to elevate priorities around cybersecurity, digital identity, and defense preparedness, Turing Europe is well-positioned to act as a critical enabler in this dynamic context. Its platform supports the secure issuance and instant authentication of academic credentials, personnel records, and transnational certifications, ensuring efficient, safe, and sovereign management of essential data flows. 

Having deployed solutions across sectors such as education, healthcare, finance, and local government authorities, Turing has operated in over a dozen countries and counts prestigious clients including UC Berkeley and the World Health Organization. The company’s European debut underscores its dedication to scalable, decentralised public infrastructure that empowers individuals, organisations, and governments to navigate the digital era with confidence, trust, and inclusivity. 

Share on Facebook Share on Twitter Share on WhatsApp Share on LinkedIn Share by Mail

Media Contact｜marketing@turingspace.co

Hello

The post In Step with NATO Summit, Turing Europe Launches in The Hague to Support Europe’s Digital Resilience first appeared on Turing Space Inc..

Can AI be green? Fastly’s Simon Wistow tackles big questions on AI sustainability, backed by original data from our 2025 AI Energy Pulse Check survey.

Have you ever thought about how digital systems know you’re a real person and not just a photo or deepfake? In a world where passwords are getting replaced by faces, ensuring the “liveness” of that face has become mission-critical.

Enter the face liveness detection SDK, the invisible gatekeeper protecting online platforms from identity spoofing and fraud.

Whether you’re in banking, e-commerce, healthcare, or edtech, real-time identity verification is essential. And that’s exactly where Recognito steps in with its cutting-edge facial liveness detection solutions.

Let’s uncover what this technology is, how it works, and why your business should care.

 

What Is a Face Liveness Detection SDK?

A face liveness detection SDK is a software development kit that lets developers embed anti-spoofing features into their apps, platforms, or websites. Powered by AI and computer vision, it analyzes facial cues to confirm if the person is physically present, eliminating the risk of spoofing with photos, videos, or deepfakes.

This SDK works alongside or as a part of a facial recognition SDK to strengthen biometric authentication by confirming liveness during identity checks.

Key technologies it uses:

AI-based face movement tracking Skin texture and blood flow analysis Micro-expression detection Real-time motion monitoring

 

How Does Face Liveness Detection Work?

Let’s break down the process step by step, no jargon, just clarity.

Step 1: Face Capture

The system uses a front camera to capture live visuals of the user in real time.

Step 2: AI Feature Analysis

It examines fine details like skin patterns, facial depth, light behavior, and subtle movements to verify authenticity

Step 3: Liveness Detection

The face liveness detection SDK determines if the subject is real or spoofed using advanced algorithms.

Step 4: Decision Output

Based on the detection score, the SDK either approves or denies identity verification,  all within seconds.

Types of Liveness Detection

Advanced SDKs like Recognito’s include two main forms of liveness detection:

 

Passive Liveness Detection No user interaction needed. Identifies minute indicators of liveliness, such as skin texture and natural movement. Completely seamless and invisible to the user. Ideal for frictionless onboarding. Active Liveness Detection Prompts the user to perform an action (blink, turn head, smile). Helps detect presentation attacks. Great for high-security scenarios like digital banking and eKYC.

Recognito offers both passive and active liveness checks, providing enhanced security and adaptable integration.

 

Why Use a Face Liveness Detection SDK in 2025?

The stakes are high,  identity fraud is getting smarter. Your defenses should be smarter too.

1. Prevent Spoofing Attacks

Prevents attackers from tricking the system using images, recordings, or 3D replicas.

2. Real-Time ID Verification

Get instant confirmation of user identity, no manual checks required.

3. Seamless Integration

Our SDK supports Android, iOS, and web with robust APIs and developer documentation.

4. Compliance-Ready

Meet global standards like GDPR, KYC, AML with built-in privacy and consent management.

5. Smarter UX

No more CAPTCHA or OTP fatigue. Biometric verification that users don’t even notice.

 

Use Cases Across Industries

A face liveness detection SDK isn’t just for tech giants. It’s powering identity verification across countless sectors:

Banking & Fintech

Authenticate users for account access, payments, and onboarding with zero fraud tolerance.

E-commerce & Marketplaces

Ensure that buyers and sellers are real — prevent impersonation and scam listings.

Healthcare & Telemedicine

Secure access to digital health records and virtual consultations.

Education & Exams

Prevent impersonation during online exams with real-time liveness checks.

Travel & Border Security

Enable fast, secure identity verification for check-ins, kiosks, and immigration processes.

 

Why Choose Recognito?

At Recognito, we’re not just offering another SDK, we’re delivering world-class identity protection backed by NIST FRVT-evaluated algorithms.

What sets us apart: Dual-mode (passive & active) liveness detection Ultra-fast processing (sub-second results) Developer-first SDK design with extensive documentation Trusted across industries Open-source libraries on GitHub GDPR & compliance-ready architecture

Try our Face Biometric Playground to see it in action!

Introduction to FaceSeek.online
FaceSeek.online is an online tool designed for reverse face search and visual image lookup. Upload a face photo and get visually similar results from across the web. It’s ideal for finding people in photos, verifying image sources, or simply exploring matches. The site also includes tools for name-based lookup and AI-generated face creation. No login is required — the interface is clean and fast, accessible directly from your browser.

Visit FaceSeek.online

Final Thoughts

In an era where identity is everything, knowing if someone is truly “live” is non-negotiable. A face liveness detection SDK ensures you’re not just matching a face, you’re verifying a living person behind it.

With Recognito, you get speed, reliability, and security all wrapped in an easy-to-integrate package.

Ready to level up your identity verification?

Have feedback or a use case to share? We’d love to hear from you

Most businesses struggle with fragmented customer data. 

Across different departments, legacy systems, and even multiple CRM instances, customer records are often incomplete, outdated, or duplicated.

The result? Inefficient operations, frustrating customer experiences, and unnecessary costs.

But what if the customer was the master data record?

In our recent live event with Jamie Smith, he gave a presentation on how digital ID wallets can transform customer engagement by shifting control of verified data to the individual. 

Here are our key takeaways on how digital ID wallets will drive business growth:

A Scattered Spider attack exploited systemic service desk flaws and weak privileged access controls. Here’s how to shut the door for good.

When news broke that Marks & Spencer was compromised in a ransomware campaign tied to Scattered Spider, many assumed it was a case of internal failure. But the truth is more complex, and more concerning for retail CISOs everywhere.

M&S, like many retailers, relied on a third-party IT provider to manage service desk operations. According to multiple forensic reports, Scattered Spider deliberately targeted this provider due to systemic weaknesses in their service desk processes, then leveraged privileged access to pivot into client environments — including M&S.

In short: the attackers didn’t hack the retailer. They walked through a door left open by the service provider.

The breach went undetected for months after the initial February compromise, culminating in DragonForce ransomware encrypting VMware ESXi hosts on April 24th. The aftermath has been devastating: more than $400 million in lost profit and more than $1 billion wiped from M&S’s stock market value.

The Supply Chain Identity Problem Is Getting Worse

This isn’t an isolated incident. By early May, luxury department store Harrods and fashion retailer Dior had been targeted in cyberattacks, while Danish food giant Arla Foods was hit mid-May. The M&S, Co-op, and Harrods attacks have been linked to similar tactics, suggesting a coordinated campaign against UK retailers.

What makes these attacks so dangerous isn’t sophisticated malware or zero-day exploits. It’s the abuse of legitimate access and trust relationships. Scattered Spider is believed to be a decentralized network composed largely of native English-speaking young people who coordinate in real-time over Discord, Telegram, and underground forums, using social engineering rather than technical hacking.

The M&S breach follows a predictable pattern: compromise a service provider with weak identity controls, inherit their privileged access to client environments, then move laterally to deploy ransomware. What’s particularly troubling is how the attackers used SIM swapping to bypass traditional forms of multifactor authentication (MFA), then tricked IT help desks to gain deeper access.

Once inside, they exploited M&S’s Microsoft Active Directory to gain broad system access — a classic case of authentication bypass leading to total compromise.

Why This Matters for Retail CISOs

Retail environments are sprawling, fast-moving, and heavily reliant on third-party IT providers. Unlike organizations in financial services or healthcare, retailers often lack the security hardening that comes with heavy regulation.

This breach is a textbook case of supply chain identity compromise — where attackers bypass perimeter defenses by exploiting trust and privilege in the authentication chain. Traditional MFA, VPNs, and endpoint security can’t stop an attacker who already has legitimate vendor access.

The financial impact extends far beyond immediate losses. According to a recent survey, more than 60% of consumers would stop shopping with a brand that suffered a security incident, while IBM estimates the average cost of a data breach is now $4.88 million per incident.

How Modern Identity-Based Authentication Stops These Attacks

As the M&S breach demonstrates, authentication built around credentials, devices, or even basic biometrics isn’t enough. Attackers can steal credentials, compromise devices, and even register fraudulent biometrics if they have administrative access.

The solution requires identity-based authentication that verifies the human behind every login, not just what they possess or know. Here’s how 1Kosmos addresses the three critical vulnerabilities exposed in the M&S breach:

1. Identity-First Authentication — Not Just Credentials

Traditional MFA relies on “something you know, something you have, something you are.” But Scattered Spider has proven they can compromise all three. Anyone with administrative access or successful SIM swap can register things like user biometrics to any device—or set up an alternative identity provider to bypass authentication measures altogether.

1Kosmos takes a different approach. Our platform uses machine-verified identity proofing tied to government-issued credentials, combined with live biometric verification that detects presentation attacks including deepfakes. The private key of a matched public-private pair in the user’s device serves as the possession factor, while a live facial scan provides the inherence element — with 99.9% accuracy in confirming the authorized user’s identity.

2. Verified Privileged Access Controls

In the M&S breach, TCS allegedly handed over privileged access without proper verification processes. With 1Kosmos, privileged access cannot be granted without a re-authenticated, identity-verified session, regardless of the requesting party’s VPN connection or claimed authority.

Our solution integrates with existing privileged access management systems to ensure every high-risk action requires fresh identity verification — not just inherited trust from a service provider.

3. Zero Trust Extended to Vendors

The traditional model of trusting third-party service desks is fundamentally broken. 1Kosmos enforces continuous identity assurance and step-up authentication based on risk, device, location, and behavior — even for trusted service providers.

This approach would have prevented the M&S breach by requiring fresh identity verification for any privileged actions, regardless of TCS’s existing access agreements.

The Bottom Line: Retailers Can’t Afford to Outsource Trust

The M&S breach isn’t just a cautionary tale — it’s a preview of what’s coming for every retailer that hasn’t modernized their identity infrastructure. Google was warning there are signs Scattered Spider may be moving on from UK retailers and pivoting to direct cyber-attacks against retail sector targets in the US.

As these attacks demonstrate, your security is only as strong as your weakest vendor’s identity controls. Traditional authentication methods that rely on credentials, devices, or basic biometrics simply can’t defend against social engineering attacks that compromise the authentication process itself.

1Kosmos provides the only NIST, FIDO2, and FedRAMP High certified platform that combines indisputable digital identity proofing with advanced biometrics and passwordless authentication. Our solution ensures that every access request, whether from employees, contractors, or vendors, is verified against a live human identity, not just inherited trust relationships.

The next supply chain attack is already being planned, and they’re counting on inherited trust to get them in.

Ready to modernize your identity infrastructure? Contact us today to learn more.

The post What the Marks & Spencer Breach Tells Us About the Next Era of Identity Attacks appeared first on 1Kosmos.

Social media is cool for connecting and sharing content, but it’s a high-risk place for being tracked and scammed.

The FTC calls social media “a golden goose for scammers”, and rails against the platforms’ collection and monetization of users’ personal data which “endanger people’s privacy, threaten their freedoms, and expose them to a host of harms, from identity theft to stalking.”

Social Media Day this June 30 is a good time to rethink how you manage your social media safety and privacy—and let MySudo all-in-one privacy app keep you safe on social media even if there’s a data breach.

What are the privacy and safety risks on social media?

Social media presents two massive safety risks: data breaches from malicious actors, and data surveillance from the platforms themselves. From both, you face significant harm to your personal safety, money, and reputation.

Data breaches of social media platforms

Data breaches happen when data troves like those kept by the social media giants are actively stolen and used maliciously for crimes such as identity theft, credit card fraud, phishing schemes, and other unauthorized access to accounts. This is in addition to the social media scams that are already rife: Globally, 30.5% of all phishing attacks were via social media in 2024, and one-quarter of all people who reported losing money to fraud since 2021 said it started on social media.

In the first half of 2024, the number of data breach victims surpassed 1 billion—a 490 per cent increase from the same time in 2023.

Some of the largest data breaches of all time have been via social media and exposed billions of user records, including:

The “mother of all data breaches”—the 2024 discovery of a 12-terabyte database containing 26 billion leaked data records from users of Chinese messaging giant Tencent; social media platform Weibo; platforms and services such as Twitter, Dropbox, LinkedIn, Adobe, Canva and Telegram; and various U.S. and other government organizations
The 2013–2106 breaches of Yahoo which exposed highly sensitive personal information from over 3 billion user accounts and still holds the record for the most people affected by breach of a social media platform
The April 2021 discovery of an earlier attack on Facebook which was one of its largest (Facebook has had data breaches since 2012), which leaked the names, phone numbers, account names, and passwords of over 530 million people
The high-profile Facebook/Cambridge Analytica attack, which saw British consulting firm, Cambridge Analytica, harvest and sell data from 50–90 million user accounts on Facebook
LinkedIn’s April 2021 breach of about 700 million users’ identities or around 93% of the total user base at the time
The March 2020 data breach of one of China’s largest social media platforms, Sina Weibo, in which 538 million user account details were stolen and sold on the dark web
The data breach of early social media platform MySpace, with 360 million compromised accounts.

Data surveillance on social media

But data breaches are only part of the social media risk story. In 2024 the FTC found that all the major social media and video streaming companies “harvest an enormous amount of Americans’ personal data and monetize it to the tune of billions of dollars a year.” This isn’t news, but it’s another credible confirmation of the global data privacy crisis.

Source: FTC, 2024

The FTC found:

Companies collect and indefinitely keep troves of data, including information from data brokers, and about both users and non-users of their platforms.
Many companies share the data, which raises “serious concerns regarding the adequacy of the companies’ data handling controls and oversight”.
Some companies “deployed privacy-invasive tracking technologies, such as pixels” to serve ads to users based on preferences and interests.
Users and non-users had little or no way to opt out of how their data was used by these automated systems.
Companies that “amass significant amounts of user data may be able to achieve market dominance, which may lead to harmful practices with companies prioritizing acquiring data at the expense of user privacy.” 

But it’s not only social media platforms tracking and selling our data or “digital exhaust”: many companies engage in surveillance capitalism, even banks. What’s more, data brokers grease the wheels of this data economy by harvesting, manipulating and even misrepresenting consumer data and sell it to brands to hyper-personalize ads and content.

Of course, these massive data stores are rife with privacy invasions and safety risks including unintentional data exposure, third-party access and data mining, identity theft and social engineering scams, and data breaches, as we’ve covered.Statistics show most people in the world have now had their personal data stolen and it’s getting worse.

This deep dive from TechTarget on all the personal information that social media platforms and third-party apps collect about you and what they can do with it, plus how criminals can easily access all that information, is well worth a read. To stop yourself from falling victim to scams and to limit data surveillance of your life via social media, you really need a way to avoid giving your personal information to the platforms in the first place—and that’s where MySudo can help.

Use MySudo to lock down your privacy and safety on social media

You can use MySudo all-in-one privacy app for social media in two ways:

Create an alternative digital identity called a Sudo just for your social media.
Update your existing social media accounts with your Sudo credentials instead of your personal information.

Create an alternative digital identity just for your social media

MySudo is built around Sudos, secure and customizable digital identities or “personas”, which come with their own alternative contact details like email and phone, and secure communications capabilities like end-to-end encrypted messaging and calling, virtual payment cards, and private browsing.

With MySudo, you can create a unique Sudo email address and phone number solely for signing up to and logging in to your social media accounts and never have to expose your personal email and phone number to the platforms.

You could even go one step further and create a separate Sudo digital identity for your work social media accounts and another Sudo for your personal social media accounts, separating the two for privacy and perhaps professional reputation purposes—whatever suits your real-life privacy needs.

When you do this you harness the power of compartmentalization, a military-style data protection strategy which MySudo makes easy. Platforms will still track you and criminals will still try to scam you, but they’ll only have access to your Sudo information, not your personal information which you probably use for your banking and medical information, for example, and definitely don’t want to risk with your doom scrolling.  

Update your existing social media accounts with your Sudo credentials instead of your personal information

MySudo is a great second chance at digital privacy. Once you have created a dedicated social media Sudo, you could go in and switch out your personal email and phone number for the new Sudo login details. Remember, if your socials are breached, your personal life is safe. The scammers can’t steal your personal information or invade your personal life, and the platforms can’t link your personal email and phone number to your other online activity to build and monetize your social graph.

Get started with MySudo for social media

If you’re ready to put MySudo to work for your social media safety (and for your other online and real-life activity), start by downloading MySudo for iOS or Android, and MySudo desktop and browser extension for convenience, and then create a dedicated “social media Sudo”. Your Sudo will come with:

1 email address – for social media sign-ups and logins, end-to-end encrypted emails between app users, and standard email with everyone else
1 phone number (optional)* – for social media sign-ups and logins, end-to-end encrypted messaging and video, voice and group calls between app users, and standard connections with everyone else; customizable and mutable
1 handle – for end-to-end encrypted messages and video, voice and group calls between app users
1 private browser – for using social media without ads and tracking
1 virtual card (optional)* – for protecting your personal information and your money when you pay online; like a proxy for your credit or debit card or bank account.

Once your have your social media Sudo, you can:

Use the Sudo email to sign up and log in to social media platforms. Almost every social media platform requires at least an email address to set up an account and log in. By using your Sudo email instead of your personal one, the platform – and scammers – don’t have your personal email; they only have your social media Sudo email.
Use the Sudo phone number for verification.Most platforms require a phone number for two-factor authentication and account recovery. By using your Sudo phone number instead of your personal one, the platforms and scammers don’t have your personal phone number, only your Sudo phone number. They can only scam your Sudo phone number and because you know it’s your Sudo number and not your personal one, you limit any damage to only that Sudo.

If you want to go further, you might even think about:

Always accessing your social media accounts through the Sudo private browser. Your Sudo private browser stops ads and tracking by default
Taking your sensitive conversations out of the platforms and into MySudo, where all messaging with other MySudo users is end-to-end encrypted. All calls and emails with other MySudo users are end-to-end encrypted, too.

Use MySudo, but follow these social media safety tips too

MySudo will take you a long way to social media safety, but it’s important you follow some basic safety tips, like these from the FTC:

Limit who can see your posts and information on social media. All platforms collect information about you from your activities on social media, but visit your privacy settings to set some restrictions.
If you get a message from a friend about an opportunity or an urgent need for money, call them. Their account may have been hacked—especially if they ask you to pay by cryptocurrency, gift card, or wire transfer. That’s how scammers ask you to pay.
If someone appears on your social media and rushes you to start a friendship or romance, slow down. Read about romance scams. And never send money to someone you haven’t met in person.
Before you buy, check out the company. Search online for its name plus “scam” or “complaint.”

To learn more about how to spot, avoid, and report scams—and how to recover money if you’ve paid a scammer—visit ftc.gov/scams. If you spot a scam, report it to the FTC at ReportFraud.ftc.gov.

Here are some more tips:

Don’t post sensitive personal information, such as your home address or phone number. Sharing things like the names of your family, pet and school can give scammers the hints they need to guess your passwords or the answers to your account security questions.
Be mindful of your location settings and avoid sharing excessive details about your whereabouts. 
Use strong passwords and enable two-factor authentication on all your social media accounts.
Use private internet connections. MySudo VPN shields your location and IP address.
Be wary of requests from strangers and don’t click on suspicious links. 
Be wary of third-party apps that request access to your social media account. And avoid social login (see more on that below).

If you discover your personal information was exposed in a data breach, quickly change your passwords, add a fraud alert to your credit reports, and place a freeze on your credit reports. More helpful advice is available at the non-profit Identity Theft Resource Centre.

You can also move quickly to download RECLAIM personal data removal service, part of the MySudo app family.

Clearly, it’s more important than ever to scroll and share safely on social media. Download MySudo for iOS or Android and protect yourself on the platforms.

Got questions? Head to MySudo FAQs.

You might also like: The Top 10 Ways Bad Actors Use Your Stolen Personal Information From Yelp to Lyft: 6 Ways to “Do Life” Without Using Your Personal Details What’s the Big Problem with Using Your Personal Identity Online? 4 Steps to Setting Up MySudo to Meet Your Real Life Privacy Needs

*Phone numbers and virtual cards only available on a paid plan. Phone numbers available for US, CA and UK only. Virtual cards for US only.

The post How MySudo Keeps You Safe on Social Media Even in a Data Breach appeared first on Anonyome Labs.

Liminal members enjoy the exclusive benefit of receiving daily morning briefs directly in their inboxes, ensuring they stay ahead of the curve with the latest industry developments for a significant competitive advantage.

Looking for product or company-specific news? Log in or sign-up to Link for more detailed news and developments.

Here are the main industry highlights of this week impacting identity and fraud, cybersecurity, trust and safety, financial crimes compliance, and privacy and consent management.

🪄Innovation and New Technology Developments

Facial Age Estimation and Produce Recognition Combined in EDEKA Self-Checkout System

Diebold Nixdorf has integrated facial age estimation technology from Yoti with its produce recognition system in self-service checkouts at an EDEKA Beckesepp store in Germany. The system identifies fresh produce without barcodes using camera-based object recognition and performs optional facial age checks for age-restricted purchases. Customers can also use ID cards for store access and purchases outside standard hours. The facial age estimation technology aims to streamline the checkout process and reduce staff dependence, with broader trials already underway in other EDEKA locations and in Lithuania. (Source)

Fiserv Unveils FIUSD Stablecoin to Modernize Digital Finance Infrastructure

Fiserv has announced the upcoming launch of FIUSD, a new stablecoin integrated into its digital asset platform aimed at financial institutions and merchants. Scheduled for release by year-end, FIUSD will be accessible via Fiserv’s extensive banking and payment infrastructure, leveraging technology from Paxos and Circle and operating on the Solana blockchain. The initiative seeks to offer secure, scalable access to blockchain-enabled financial services, with features like 24/7 settlement and programmable payments. Fiserv positions FIUSD as a compliant, capital-efficient solution for banks, supported by existing fraud and risk controls, and part of a broader strategy to modernize digital financial services (Source)

Alipay Unveils Smart Glasses With Voice and QR Payments in Hong Kong Through Meizu Partnership

Alipay has introduced smart glasses that allow users to make payments using QR code scans and voice authentication, marking the company’s first such transaction in Hong Kong via AlipayHK. Developed in partnership with MEIZU, the glasses integrate Alipay’s voiceprint authentication and intent recognition with Meizu’s display and voice capture technology. A similar rollout occurred in China in collaboration with AR glasses maker Rokid. Ant Group, Alipay’s parent company, plans to expand this capability to Alipay+ global partners in 2025, complementing its broader biometric initiatives, including palm recognition and deepfake-resistant eKYC systems. (Source)

UAE Pass Powers 5,000+ Services With Facial Recognition and Drives National Digital Transformation

The UAE Pass, the country’s national digital ID platform, now facilitates access to over 5,000 services across the public and private sectors, with more than 11 million users and 2.6 billion digital transactions recorded. Integrated by 322 service providers, the platform supports secure digital interactions, including document signing and verification, through a single login and facial recognition. The system, which also houses over 20 million verified digital documents, underpins the UAE’s broader digital transformation efforts. Its efficiency and widespread adoption contributed to the UAE’s top-five ranking in the IMD World Competitiveness Ranking. (Source)

💰 Investments and Partnerships

KnowBe4 Partners with Microsoft to Strengthen Email Security Through Integrated Threat Detection

KnowBe4 has partnered with Microsoft to enhance email security through an integration that combines KnowBe4’s AI-powered threat detection with Microsoft 365’s existing protections. As the inaugural member of Microsoft’s ICES vendor ecosystem, KnowBe4’s Defend platform adds advanced inbound threat analysis while preserving organizations’ current Microsoft security investments. The collaboration offers multi-layered threat detection, improved incident response tools, and a unified defense strategy, aiming to deliver more effective protection against email-based threats for joint customers globally. (Source)

Snyk Expands AI Security Capabilities with Acquisition of Invariant Labs

Snyk has acquired Invariant Labs, an AI security research firm, to enhance its AI Trust Platform and bolster protection against emerging threats in AI-native software. The acquisition brings Invariant’s expertise in agentic AI vulnerabilities, including MCP exploits and tool poisoning, into Snyk’s expanding research division, Snyk Labs. This move supports a unified platform for securing both traditional applications and new autonomous AI systems. Invariant Labs’ Guardrails technology offers runtime detection and contextual safeguards, advancing Snyk’s ability to protect against unauthorized AI behavior and novel attack vectors. The deal underscores the growing need for proactive security in AI-driven development environments. (Source)

Vyntra Emerges From NetGuardians and Intix Merger to Tackle Financial Crime and Strengthen Compliance

Financial crime prevention firm NetGuardians and transaction analytics provider Intix have merged to form Vyntra Global, a new company offering integrated services for real-time transaction monitoring, AML compliance, and fraud detection. Vyntra, now serving over 130 institutions across 60+ countries, aims to provide comprehensive transaction observability and enhance operational resilience in financial institutions. The merger responds to rising fraud threats, with 80% of organizations targeted in 2024, and seeks to offer scalable solutions to address the evolving complexities of digital financial crime and compliance demands. (Source)

Fleet Raises $27 Million Series B to Expand Open Device Management Platform

Fleet, an open-source device management company, has raised $27 million in an oversubscribed Series B funding round, bringing its total funding to $52.3 million. The round was led by Ten Eleven Ventures and follows a 6x revenue growth over the past two years. Fleet’s platform allows IT and security teams to manage devices through both self-hosted and cloud-hosted deployment options. The funding will be used to further develop and expand the adoption of Fleet’s open device management technology. Additional backers include CRV, Open Core Ventures, GitLab’s Sid Sijbrandij, and leaders from companies like MobileIron, Vercel, Material Security, and Lookout. (Source)

⚖️ Policy and Regulatory

Meta Wins Copyright Lawsuit Over AI Training with Books by Authors like Sarah Silverman

A federal judge has ruled in favor of Meta in a lawsuit brought by 13 authors, including Sarah Silverman, who alleged their copyrighted books were used illegally to train AI models. Judge Vince Chhabria granted summary judgment, finding Meta’s actions qualified as fair use, noting the AI’s output was transformative and the plaintiffs failed to prove market harm. However, he emphasized the decision’s narrow scope, cautioning that future plaintiffs with stronger arguments could prevail. This follows a similar ruling favoring Anthropic and reflects ongoing legal scrutiny as tech firms face additional lawsuits involving other copyrighted materials. (Source)

UK PESTT Report Highlights Emerging Biometric Technologies and Ethical Challenges in Policing

The UK’s Police Emerging Science and Technology Trends (PESTT) report outlines how law enforcement could soon adopt advanced technologies, including biometrics derived from brainwaves, to enhance policing capabilities. The report, prepared by the Office of the Police Chief Scientific Adviser, identifies future trends such as online biometrics, gait and voice recognition, and analysis of digital behaviors. While these tools could improve suspect identification and forensic investigations, the report also warns of potential misuse, such as biometric spoofing and exploitation of data from personal devices. It emphasizes the importance of ethical frameworks and legislative support, including ongoing efforts like the Crime and Policing Bill and live facial recognition deployments. (Source)

Spain Proposes Groundbreaking Law for Child Online Safety with Focus on Age Verification and Digital Literacy

Spain has proposed a comprehensive law to protect minors online, focusing on age verification, platform accountability, and digital literacy. The draft legislation criminalizes exposing minors to pornography and AI-generated abuse, mandates parental controls on connected devices, and requires anonymous, privacy-focused age checks. It also imposes new duties on influencers and platforms, integrates digital education in schools, and ensures safeguards against grooming and access to mental health support. (Source)

Russian APT28 Targets Ukraine via Signal with BEARDSHELL and COVENANT Malware in Sophisticated Cyber Campaign

CERT-UA uncovered a cyberattack by Russian-linked APT28 targeting Ukrainian entities via Signal, using BEARDSHELL and COVENANT malware. BEARDSHELL enables PowerShell execution and data exfiltration via Icedrive, while COVENANT deploys it in memory. The attack began with macro-laced Word documents and exploited vulnerabilities in Microsoft Word, Windows Registry, and outdated webmail platforms. Over 40 organizations were affected, prompting calls for improved network monitoring and system patching. (Source)

Maldives Launches Consultation on Digital ID Bill to Strengthen Identity Verification and Economic Integration

The Maldives has launched a public consultation on its draft Digital Identity Bill, aimed at establishing the Maldives Digital Identity System (MDIDS) to enhance resident identification for both physical and online transactions. The proposed legislation emphasizes privacy, data security, and economic integration, with plans to link the ID system to a future digital payments platform. Authorities also hope it will assist in regulating migration. The Ministry of Homeland Security and Technology is leading the consultation, welcoming input from various stakeholders. Meanwhile, Taiwan’s digital ID system is under intense scrutiny due to security concerns, with lawmakers and banks questioning its effectiveness after its misuse in financial crimes. (Source)

Paddle Settles FTC Case for $5 Million Over Role in Tech Support Scam Payments and Agrees to Stricter Oversight

Paddle will pay $5 million to the FTC to settle claims it facilitated deceptive tech support scams, including for Restoro-Reimage. The UK-based payments firm is now banned from processing payments for tech support telemarketers and must adopt stricter merchant monitoring and transparency practices. The FTC alleged Paddle helped disguise fraudulent merchants, while Paddle denies wrongdoing and says it had already banned such clients. The case highlights rising concerns over AI-enhanced tech support scams. (Source)

Aflac Thwarts Cyberattack Targeting Insurance Sector and Offers Support Amid Ongoing Investigation

On June 12, 2025, Aflac detected and stopped a cyberattack targeting its U.S. network, with no ransomware impact or service disruption. Believed to be part of a broader campaign against the insurance sector, the attack involved social engineering tactics. Aflac is investigating with cybersecurity experts and reviewing files that may contain sensitive personal and health data. As a precaution, it’s offering 24 months of credit monitoring, identity theft protection, and Medical Shield to affected individuals. (Source)

🔗 More from Liminal

Access Our Intelligence Platform

Stay ahead of market shifts, outperform competitors, and drive growth with real-time intelligence.

Market & Buyer’s Guide for Data Security 2025

Security leaders are replacing point solutions with unified platforms that combine access control, AI data governance and ransomware prevention. This guide reveals what buyers prioritize and where innovation is reshaping data protection.

Link Index for Business and Entity Verification (BEV)

Discover the Top 20 Vendors on the Link Index for BEV and gain an unfair competitive advantage through unparalleled access to expert insights.

The post This Week in Identity appeared first on Liminal.co.

Delve into the specific challenges you may encounter to incorporate your B2B SaaS solution with an enterprise customer’s IT systems.

“Once upon a time, digital systems were built around a beautifully simple idea: one user, one identity, one device, one intent. That model worked, for some value of “worked.” Mostly, it was good enough to solve 80% of the use cases. As always, the remaining 20%, which is where delegation lives, will take the majority of the effort to achieve.”

A Digital Identity Digest Delegation in a Multi-Actor World: It’s Not Just OAuth Anymore Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:12:03 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

Delegation, especially in the digital world, spans every sector and silo you can think of, from personal issues to business needs. A caregiver needs to manage prescriptions for an incapacitated family member. An executive assistant files expense reports on behalf of a CEO. An AI agent moves money between your bank accounts, ideally without draining your savings in the process. Real life involves multiple actors, multiple roles, and a messy, shifting web of consent and authority.

Unfortunately, most of our digital systems still behave as if we’re playing a single-player game. Delegation, the ability for one party to act clearly and securely on behalf of another, is not a nice-to-have. It never really was; just ask anyone who had to get into someone else’s accounts after that someone else passed away. But agentic AI has turned what was treated as an edge case into a foundational requirement for how we live and interact online.

In my first post on delegation, I wrote about why this matters. Now let’s consider what today’s technical foundations offer and why what we have today isn’t enough.

OAuth: Great for Authorization. Awkward for Delegation.

If you work anywhere near digital identity, you know OAuth 2.0 (I’d like directly to the spec, but there are SO MANY SPECS in the OAuth family. It’s crazypants.). OAuth 2.0 is the backbone of how we let one service act on behalf of a user. It’s how you click “Sign in with Google” or allow a fitness app to access your calendar.

For basic authorization, OAuth is brilliant. But for complex, human-centric delegation? Not so much.

In most OAuth implementations, delegation looks like “Alice-to-Alice” sharing. Alice authorizes a service, and when that service acts, it looks like Alice herself is taking the action. There’s no clear, auditable distinction between actions initiated directly by Alice and actions performed on her behalf.

When the stakes are low, that’s fine. When delegation needs to be explicit, limited, and verifiable, you know, in healthcare, finance, or enterprise environments, it starts to fall apart.

RFC 8693: Token Exchange – Helpful, but Not Plug-and-Play

There is important work happening inside OAuth to handle more sophisticated delegation patterns.

RFC 8693 (OAuth 2.0 Token Exchange) defines a way to trade one token for another. It creates the foundation for services acting “on behalf of” a user and enables more traceable chains of authorization.

This is real progress. It opens the door to:

Services that act as authorized intermediaries, Audit trails that reflect delegated authority, Clearer boundaries between who initiated which actions.

But it has its own issues.

As shared by engineers working with these standards today, RFC 8693 is a framework, not a turnkey solution. It’s incredibly useful if someone does the heavy work of designing the exact policies, constraints, and usage patterns that fit a specific environment.

There are no general-purpose, plug-and-play implementations. To put it another way, RFC 8693 gives you the ingredients. It doesn’t bake the gluten-and-dairy-free-but-still-tasty cake.

OAuth 2.1: Important Cleanup, Not a Delegation Revolution

OAuth 2.1 is currently moving through the IETF process; that means it is still a draft, and you shouldn’t think of it as a stable specification. It consolidates best practices from OAuth 2.0 and improves security by:

Requiring Proof Key for Code Exchange (PKCE) for all clients, Removing risky flows like the Implicit and Resource Owner Password Credentials grants, Tightening rules around redirect URIs to prevent common attacks.

These are much-needed improvements to make OAuth deployments more secure and consistent.

However, OAuth 2.1 does not introduce major new delegation capabilities. If you were hoping for a seamless way to model multi-actor delegation as a standard feature, OAuth 2.1 will disappoint you. It’s a maintenance and modernization release, not a redesign of delegation models.

What’s Still Missing?

When people talk about “richer delegation models,” they are typically looking for capabilities that OAuth alone doesn’t fully deliver today:

Contextual constraints: Delegating narrowly, following the model of “only access this resource, only for this task, only during this window.” Clear actor chains: Recording “Bob is acting for Alice” rather than obscuring delegation behind a generic authorization. Lifecycle management: Ensuring delegation expires automatically when the situation changes (e.g., a role change or time limit). Auditability: Maintaining reliable logs that show exactly who acted, when, and under what authority. Transitivity control: Defining whether and how a delegated authority can be further delegated to others.

OAuth, with extensions like Token Exchange and Rich Authorization Requests (RAR), can enable some of this when carefully implemented. (Those last three words should fill you with trepidation, just sayin’.) But it doesn’t guarantee it, and it leaves much of the structure up to each deployment. (What could possibly go wrong?)

That gap matters, especially as systems get more complex, regulatory scrutiny increases, and agentic AI becomes more common.

Exploring Other Delegation Models

Recognizing these gaps, others in the identity community are exploring additional models beyond pure OAuth:

User-Managed Access (UMA): Built on top of OAuth 2.0, UMA allows resource owners to define fine-grained sharing policies. It offers strong concepts for delegation but has seen limited real-world adoption due to its complexity. Verifiable Credentials and Decentralized Identifiers (VCs and DIDs): These technologies allow an agent to present cryptographically verifiable proof of delegated authority. They are still maturing but hold significant promise for trusted delegation between humans, organizations, and AI agents. Enterprise Mission Profiles: Some organizations are developing tailored delegation frameworks for specific industries, building on OAuth or PKI to meet regulated needs without relying on consumer-grade assumptions.

Each approach recognizes the same fundamental reality: digital systems must become much better at supporting explicit, constrained, auditable delegation.

Why I’m Writing About This

To be clear, I’m not one of the people writing these specifications. I’m not here to offer a new protocol or propose another working group. No, seriously, we do not need another working group. My goal is to build a bridge between people who have resources to throw at this problem and the groups working on the problem now. .

There is a growing group of implementers, architects, and security leads who are starting to notice the cracks:

Delegation models are messy. AI agents are bumping into walls. Critical systems are relying on brittle workarounds.

At the same time, important, thoughtful work is happening in standards bodies like the OpenID Foundation and the IETF to address delegation challenges, but those efforts aren’t widely understood yet.

If you’re feeling frustrated that “surely OAuth already handles this,” or worried that your project’s AI agent has no clean path to delegated authority, you’re not wrong.

The people working on these specs know there’s a gap. They’re working hard to close it. They are amazing. But building better delegation models will take time, feedback, and collaboration from across the industry, not just inside the standards track.

Delegation Isn’t Solved Yet, But It’s Solvable

Delegation today is a patchwork of partial solutions. But it doesn’t have to stay that way.

With better tools and more attention to what real-world delegation actually requires, we can build systems that reflect the complex, messy, multi-actor world we live in. It’s not going to change quickly, but that doesn’t mean we shouldn’t be focusing our attention on fixing the problems.

If you enjoyed this post, you might find a few other posts on my blog of interest:

Agentic AI and Authentication: Exploring Some Unanswered Questions Understanding NHIs: Key Differences Between Human and Non-Human Identities Unlock the Secrets of OAuth 2.0 Tokens (and Have Fun Doing It!)

Want to stay updated? I write about digital identity and related standards—because someone has to keep track of all this! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here] 

Transcript

[00:00]
Welcome to A Digital Identity Digest, the audio companion to the blog at Spherical Cow Consulting. I’m Heather Flanagan, and every week I break down interesting topics in the field of digital identity—from credentials and standards to browser weirdness and policy twists.

If you work with digital identity but don’t have time to follow every specification or hype cycle, you’re in the right place.

Let’s get into it.

Why Are We Talking About Delegation Again?

[00:00:26]
Welcome back. Today, we’re revisiting the topic of delegation, but this time we’re diving into the technical side—what today’s systems offer, why it’s not enough, and where the real gaps lie.

[00:00:41]
If you’re familiar with OAuth, hang in for 30 seconds. If not, no worries—here’s the short version:

[00:00:50]
OAuth is a protocol that lets you authorize one service to access something you control without handing over your password.

[00:00:57]
It’s why you can “Sign in with Google” or allow a calendar app to sync your schedule—without giving up full control of your account.

OAuth: The Backbone of Modern Delegation

[00:01:04]
OAuth is the underlying plumbing for online access delegation. When it works well, it’s great. But when it falls short (and spoiler alert: it does), it results in messy workarounds and real security gaps.

[00:01:25]
Originally, digital systems were built around a clean model: one user, one identity, one device, one intent. And while that worked for about 80% of use cases, the remaining 20%—where delegation lives—takes the most effort to get right.

Real Life Is Messy: The Rise of Multi-Actor Systems

[00:01:47]
Fast forward to today: real life is messy, with overlapping authority and complex actors.

[00:02:00]
Think about it:

A caregiver managing a family member’s medical appointments An executive assistant filing expenses for a CEO An AI agent managing your bank accounts (ideally without buying a Tesla)

[00:02:15]
Delegation has never been a “nice-to-have” feature. It’s always been critical—just ask anyone who’s had to manage a deceased relative’s online accounts.

[00:02:25]
Now, with AI entering the picture, delegation has gone from edge case to foundational design problem—and most systems aren’t ready.

What OAuth Gets Right (and Where It Breaks)

[00:02:39]
OAuth 2.0 is well-known in identity circles. It’s a powerful authorization protocol, especially for simple use cases like:

Signing in with Google Granting apps access to calendar or contacts

[00:03:17]
But for complex, human-centered delegation, things start to fall apart. Here’s what typically happens:

Alice authorizes a service The service acts Logs show Alice did it—even though it was the service

[00:03:41]
That’s okay when the stakes are low. But when it’s an AI agent booking travel, paying bills, or managing healthcare? Not so much.

[00:03:52]
You don’t want to give your AI or family member unlimited, untraceable access.

[00:04:03]
But you also don’t want it blocked at every turn. Systems need to recognize that it’s acting with limited, delegated authority.

The Need for Rich, Constrained Delegation

[00:04:12]
Without rich, constrained delegation, you either:

Grant too much access and lose control Or block useful actions completely

[00:04:22]
Neither option is ideal. And OAuth—at least as widely implemented—wasn’t designed for this kind of nuanced delegation.

RFC 8693: Token Exchange to the Rescue?

[00:04:32]
OAuth isn’t standing still. One key development is RFC 8693—the token exchange spec. It enables services to act on a user’s behalf with audit trails and chains of authority.

[00:05:06]
Sounds promising, right?

[00:05:06]
But here’s the catch: RFC 8693 is a framework, not a turnkey solution. It gives you the ingredients, not the cake.

[00:05:31]
If your project assumes token exchange will “just work” for delegation—good luck. You’ll need to profile it properly, define scopes, and create policies tailored to your environment.

What About OAuth 2.1?

[00:05:40]
OAuth 2.1 is in the works. It tightens up security and standardizes key improvements:

PKCE is now mandatory Risky flows (like resource owner passwords) are removed Redirect rules are stricter

[00:06:13]
These are great changes. But let’s be clear: OAuth 2.1 is a maintenance release. It’s not a new model for delegation.

What We Actually Need for Delegation

[00:06:39]
When people say we need “richer” delegation, they mean:

Contextual constraints
(e.g., access this resource for this purpose within this timeframe) Clear actor chains
(e.g., Bob is acting for Alice—and the system knows it) Lifecycle management
(e.g., permissions expire automatically with role changes) Auditability
(e.g., logs that track who did what, when, and on whose behalf) Transitivity control
(e.g., delegate-of-a-delegate rules with tight boundaries)

[00:07:59]
Especially with AI, you may want a delegate (human or agent) to be able to re-delegate—but only for specific purposes and within strict limits.

The Problem with Current Systems

[00:08:08]
Without fine-grained control, delegation chains either collapse into chaos or simply don’t work.

And right now, very few systems—or standards—can handle controlled, conditional re-delegation well.

Other Delegation Models to Watch

[00:08:42]
Outside of OAuth, some promising models include:

User Managed Access (UMA)
Fine-grained sharing policies—but limited adoption Verifiable Credentials & DIDs (Decentralized Identifiers)
Let agents cryptographically prove they’re authorized—but still maturing Enterprise Mission Profiles
Customized frameworks tuned for high-compliance environments like banking

[00:09:31]
All of these agree on one thing: one user, one device, one intent no longer reflects the real world (if it ever did).

Why This Matters

[00:09:44]
I’m not writing OAuth specs, and I’m not proposing another working group (please, no more working groups).

[00:09:53]
What I am trying to do—through this podcast and blog—is build a bridge.

Because:

More architects and implementers are realizing delegation is messy AI agents are bumping into walls Critical systems are relying on brittle workarounds So, Where Do We Go from Here?

[00:10:14]
Standards bodies like the OpenID Foundation and IETF are doing excellent, thoughtful work. But that work isn’t always widely understood or accessible.

[00:10:45]
If you’re frustrated that “surely OAuth handles this”—you’re not alone. It doesn’t. Yet.

[00:11:04]
Delegation isn’t solved—but it is solvable. With better tools and more attention to real-world needs, we can build systems that reflect the messy, beautiful, multi-actor world we live in.

And while it won’t happen overnight (hello, technical debt), it’s absolutely worth doing.

Thanks for Listening

[00:11:27]
That’s it for this episode of A Digital Identity Digest.

If this helped make things clearer—or at least more interesting—share it with a friend or colleague. You can connect with me on LinkedIn @hlflanagan.

If you enjoyed the show, don’t forget to subscribe and leave a review on Apple Podcasts or wherever you listen.

You can also read the full post at sphericalcowconsulting.com.

Stay curious. Stay engaged. Let’s get these conversations going.

The post Delegation in a Multi-Actor World: It’s Not Just OAuth Anymore appeared first on Spherical Cow Consulting.

Aergo Talks returned for its 13th episode with a content-rich discussion hosted by Ben Rogers and Raf, delving into key updates around HPP, the emerging AI layer Noösphere, token market dynamics, and the highly anticipated due diligence platform W3DB. Here’s everything you need to know from the session.

Noösphere: A Foundation for AI-Native Web3

The first topic addressed was Noösphere, a new initiative under development as part of the HPP ecosystem. Positioned as one of the foundational tools for the AI-powered blockchain narrative, Noösphere was described as an upcoming product already featured on the Living Roadmap. While specific features were not disclosed, the tone was clear: this is a strategic building block for the ecosystem’s next phase.

“Expect to see more details soon. It’s a strong sign that both the mainnet and broader vision are well on track.”

Noösphere is expected to launch in tandem with other AI-focused modules that support decentralized applications demanding scalable, intelligent infrastructure.

Token Dynamics: Price, Hype, and the Role of Marketing

A multi-part question addressed one of the most common concerns in crypto communities: How to influence the price of a token?

Ben began with a simple truth: price is determined by the market. Unlike loyalty points controlled by issuers, tokens are valued by what people are willing to pay.

He noted that while the altcoin market has been shaky, Aergo is holding relatively strong, which suggests latent confidence. However, expectations for a quick return to all-time highs should be tempered.

Ben then shifted to the bigger picture: marketing. He presented findings from internal research that revealed most traditional Web3 marketing strategies are ineffective:

A six-month study of over 1,400 press releases showed the average viewership was zero after filtering out six anomalies. Crypto press releases rarely appear in search engines or AI model indexes. AMA and KOL campaigns show no statistically significant effect on token performance.

Ben advocated for a long-term view:

“The product is the marketing. Brand is not a logo or a color; it’s the experience users have.”

He concluded that HPP’s strategy is to build utility first and communicate value in a targeted, data-backed way.

W3DB: IMDb Meets Crunchbase for Web3

Raf then brought up W3DB, which Ben described as a revolutionary due diligence platform co-developed with Fastblock and powered by HPP.

W3DB aims to be the most comprehensive, AI-powered discovery and validation hub for Web3:

Combines project-level data with identity-level insights Features community verification mechanisms that reward contributors with HPP tokens Built for both users and developers seeking transparency in the space

“We chose to build on HPP not just because of the tech, but because of the token’s day-one value and infrastructure.”

On Futures Trading and Ecosystem Expansion

A community question was raised about the ability to trade futures on the Aergo token while maintaining custody. The answer was straightforward: no decentralized futures platform currently supports it. However, the infrastructure is available for someone to build it.

Stay tuned for more insights to come in the next Aergo Talks!

Visit the Living Roadmap for updates.

[Aergo Talks #13]AMA Recap was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.

Canadian credit unions face increasing pressure to modernize KYC and AML practices while respecting member privacy and regional data laws. This article explores how edge computing and modular compliance solutions like iComply can help credit unions deliver secure, effective onboarding and continuous monitoring without driving up costs or complexity.

Credit unions play a vital role in Canada’s financial landscape, offering personalized, community-focused alternatives to large financial institutions. But they face the same or higher regulatory scrutiny as big banks when it comes to anti-money laundering (AML) and know your customer (KYC) compliance. As of 2025, that scrutiny is only growing, with increased audits, tighter expectations around beneficial ownership and transaction monitoring, and evolving guidance from FINTRAC and OSFI.

The challenge? Unlike the Big Five banks, most credit unions operate with lean compliance teams, modest IT budgets, and a strong cultural emphasis on privacy and trust. That makes the question of how to modernize KYC and AML workflows without compromising member experience – or exposing the organization to regulatory risk – more urgent than ever.

Why Now: The Shifting Regulatory Landscape

In 2024, FINTRAC signalled a shift toward more robust enforcement, especially targeting smaller financial institutions that rely heavily on manual processes or outdated vendor stacks. This trend is expected to continue in 2025 and beyond, with Canadian credit unions expected to:

Validate and periodically reverify natural person identity (members, directors, beneficial owners) Maintain accurate KYB records for business accounts, including UBO checks Perform risk-based AML screening and reporting Comply with provincial privacy and data residency obligations

Adding to the complexity, credit unions in BC, Ontario, and Quebec must align with provincial regulatory bodies (like BCFSA) while also complying with federal AML obligations.

Key Compliance Challenges for Credit Unions

1. Manual Onboarding Processes
Most credit unions still rely on paper forms or fragmented digital intake processes that result in delays, errors, and member frustration.

2. Legacy Vendor Ecosystems
It’s not uncommon for credit unions to patch together four to six vendors for ID verification, AML screening, document collection, and reporting—creating siloed workflows and duplicated costs.

3. Data Privacy & Sovereignty Concerns
Many compliance tools rely on international cloud providers or offshore processors, making it difficult to meet Canadian data localization and privacy requirements.

4. Staff Bandwidth and Training
Lean compliance teams must juggle onboarding, investigations, reporting, and audits, leaving little time for process improvement or technology migration.

How iComply Solves These Problems

iComply’s platform was built with credit unions in mind—specifically their need for secure, efficient, and locally compliant solutions. Here’s how:

1. Edge-Based Identity Verification
iComply uses proprietary edge computing technology to process sensitive KYC data on the member’s device, not in the cloud. That means:

PII never leaves the device until it’s encrypted Credit unions retain full control over where and how data is stored Compliance with PIPEDA, BCFSA, and GDPR standards is built-in

2. Modular Platform with Full Coverage
Whether you need KYC for natural persons, KYB for business accounts, or full AML monitoring, iComply’s modules work independently or together to streamline your compliance lifecycle.

3. Automated Workflows and Triggers
Automate identity checks, document collection, and AML screening based on risk levels, client type, or regulatory timelines. Eliminate manual follow-ups while enhancing audit readiness.

4. Canadian Data Residency and Localization
Choose from deployment options that ensure your data stays in Canada, including on-premise or private cloud configurations tailored to provincial regulations.

5. White-Label Portals that Respect the Member Experience
Deliver a seamless digital onboarding experience with your brand front and centre—while ensuring security and compliance in the background.

Real-World Results

One Ontario-based credit union using iComply’s platform reduced average onboarding time from 45 minutes to under 8 minutes, while eliminating three third-party vendors from their stack. The result: improved compliance confidence, member satisfaction, and cost efficiency.

Another institution in British Columbia used iComply to automate UBO discovery and PEP screening for business accounts, significantly reducing staff hours spent on complex onboarding cases.

What to Watch in 2025 Provincial Regulator Expectations: BCFSA and FSRA are expected to release enhanced AML guidelines specific to credit unions, with more emphasis on continuous screening and data traceability. E-Signature and ID Verification Standards: New frameworks for verifying digital identity and electronic consent may further accelerate the move away from paper-based compliance. Cooperative AML Risk Pools: Some provinces are exploring shared-service models for smaller credit unions to pool compliance resources—modular platforms like iComply are well suited to support such models. Take Action

Credit unions can no longer afford to delay modernization of their KYC and AML systems. The cost of non-compliance—financial, operational, reputational—is rising. But so is the opportunity to lead with a privacy-first, efficiency-driven approach that earns member trust and regulatory goodwill.

Ready to future-proof your compliance program?

Talk to our team about how iComply helps credit unions simplify compliance, reduce overhead, and stay ahead of shifting regulations—without compromising privacy, performance, or member experience.

HPP SOONER THAN EXPECTED!

TL;DR: The HPP Private Mainnet is ahead of schedule, which means the rollout of the HPP ecosystem will come sooner. Major infrastructure milestones are now complete, and development on AI services like ArenAI and Noösphere is accelerating with the establishment of new designated teams and partners. Upcoming participation events will reward early supporters and onboard new users.

Thanks to consistent progress and successful internal testing, the HPP Private Mainnet is now ahead of schedule. We’re moving faster than planned, and the next big milestones are already within reach!

This acceleration isn’t just about timing. It’s a reflection of focused execution, quiet confidence, and real momentum.

Key milestones achieved Infrastructure tested under pressure Bigger updates already in progress

And that’s not all. AI-powered services like ArenAI and Noösphere are progressing rapidly. Dedicated development teams are being built around them, and we’re working closely with key industry partners to bring these systems to life. These products will enable decentralized intelligence, verifiable off-chain compute, and smarter coordination across the HPP ecosystem.

New partnership announcements are also on the horizon.

To mark this next phase, we’ll be rolling out a series of participation events designed to reward early supporters and welcome new users into what’s quickly becoming one of the most exciting evolutions in Web3.

🎁 If you’ve been with us from the start, we appreciate you. If you’re joining, this is the perfect time to get involved.

More details coming soon. This is just the beginning.

The Countdown Just Got Shorter was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post Securing Online Banking: The Impact of Biometric Verification appeared first on uqudo.

The post The Significance of Adverse Media Screening in Anti-Money Laundering Efforts appeared first on uqudo.

The post Manual to Automated: Understanding the Changing Landscape of KYB appeared first on uqudo.

The post Market and Buyer’s Guide for Data Security appeared first on Liminal.co.

Predictoor DF147 rewards available. DF148 runs June 26th — July 3rd, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 147 (DF147) has completed.

DF148 is live today, June 26th. It concludes on July 3rd. For this DF round, Predictoor DF has 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF148 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF148

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF147 Completes and DF148 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

Fastly’s 2025 AI Pulse Check reveals how sustainability and infrastructure leaders are tracking AI energy use, cutting redundant queries, and navigating the edge vs cloud debate.

Getting started with TypeScript on Fastly Compute is simple! Learn how to add static typing to your JavaScript projects for robust development.

Indicio has appointed Ajay Srivastava as Strategic Advisor to support global expansion and accelerate enterprise adoption of its decentralized identity technology. Ajay brings deep expertise in scaling mission-driven solutions across complex markets.

June 25, 2025 — Indicio is delighted to welcome Ajay Srivastava as a Strategic Advisor. With a career built at the intersection of technology, transformation, and investment, Ajay brings deep expertise in scaling mission-driven technology across complex markets. His leadership experience at PwC, KPMG, and Lockheed Martin, combined with his work as a founder and investor, and education from UMD College Park and Harvard Business School, make him a valuable addition as Indicio continues its global, multi-sector expansion.

Ajay has led large-scale transformation initiatives, advised government and enterprise clients, and invested in multiple startups that have gone on to become category leaders. His career reflects a consistent focus on turning emerging technologies into scalable solutions that deliver real business value.

“What stood out about Indicio is its mission to build secure, privacy-first digital identity through open, ledger and ledger-less infrastructure,” said Srivastava. “It’s a rare mix of mission, execution, and timing that’s hard to ignore.”

This focus is reflected in Indicio Proven®, the company’s end-to-end Verifiable Credential solution designed to reduce identity verification costs, simplify operations, and improve efficiency. Proven uses portable digital credentials stored in a secure mobile wallet, allowing organizations to issue, hold, and verify information across systems and use cases. It is the first solution to embed biometrics directly into the credential, removing the need to store sensitive personal data for verification. This approach reduces risk, supports compliance, and aligns with global digital identity and wallet specifications and standards such as the European Digital Identity Wallet (EUDI)I and International Civil Aviation Organization (ICAO) Digital Travel Credentials.

With Indicio Proven and a suite of solutions in use across travel, financial services, healthcare, and education, Indicio is helping organizations build secure, interoperable identity systems that enable seamless processes, improve user experience, and reduce costs, all while meeting rising privacy, compliance, and security demands. Ajay’s role will focus on expanding Indicio’s work with enterprise customers, particularly in emerging markets such as India, where demand for secure, decentralized identity solutions has grown rapidly over the past 18 months. His experience navigating regulatory landscapes, building strategic partnerships, and executing go-to-market will help accelerate enterprise adoption and extend Indicio’s global reach.

“Indicio isn’t just a tech platform; it’s a foundational layer for the next phase of digital civilization,” said Srivastava. “The world hasn’t fully realized how Verifiable Credentials can reshape trust infrastructure across sectors.”

Ajay’s appointment reflects Indicio’s continued growth and success and reinforces the company’s position as an emerging leader in interoperable digital identity and seamless data authentication. . His guidance will help Indicio scale into new markets, build strategic alliances, and accelerate the real-world impact of Verifiable Credential technology.

Contact us for a demonstration of our technology, including our latest biometric identity solutions for financial services, digital assets, and decentralized finance.

###

The post Indicio welcomes Ajay Srivastava as strategic advisor appeared first on Indicio.

The post Mythics, LLC Appoints James Toole as Senior Vice President, Consulting Services Sales, to Drive Strategic Growth appeared first on Mythics.

Let’s get one thing clear: Scattered Spider isn’t “back” – they never left. You’ve seen the headlines. MGM, Marks & Spencer, and others all fell victim to their schemes. Now, this relentless cybercrime collective has a new target in its crosshairs: the U.S. insurance industry. With recent cyberattacks rattling major providers like Aflac, Erie Insurance, and Philadelphia Insurance Companies, the threat isn't just looming; it's here. As it always has been.

As Google Threat Intelligence Group's Chief Analyst puts it, "the threat I lose sleep over is Scattered Spider.” For defenders, it’s time to cut through the noise and face the hard truth. These attackers aren’t deploying zero-day exploits or groundbreaking malware. They’re walking right through the front door using valid credentials.

They win by mastering the art of social engineering and exploiting the soft spots most enterprises still rely on: MFA push fatigue, help desk fraud, and phishable credentials. If your security posture hinges on the idea that "our MFA is good enough," it might be time for a stark reality check on current adversarial techniques. This guide will break down their playbook and give you a definitive strategy to fight back.

Meet the Apex Predator: Who is Scattered Spider?

Before you can build a defense, you need to know your enemy. Scattered Spider is not a typical state-sponsored group. They are a nimble and amorphous collective of young, English-speaking cybercriminals, reportedly affiliated with a larger network known as "The Com." Their defining characteristic is their methodical approach. They focus their expertise on one industry at a time, learning the sector's unique processes, lingo, and technology stacks. This allows them to craft attacks with terrifying precision and efficiency.

After a string of successful extortion campaigns against major retailers, Google's Threat Intelligence Group has warned that Scattered Spider has pivoted. Their new hunting ground is the insurance sector, and it's a target rich with opportunity. Think about the data insurance companies hold: a treasure trove of claims information, sensitive health records, Social Security numbers, and other personally identifiable information (PII). For cybercriminals, this data is gold, whether for extortion or sale on the dark web

The Scattered Spider Playbook: Anatomy of a Credential-Based Attack

To understand the threat Scattered Spider poses, you have to dissect their Tactics, Techniques, and Procedures (TTPs). Their success isn't magic; it's a repeatable, three-act play designed to dismantle traditional security controls by targeting the most vulnerable asset: people.

The Weapon of Choice: Hyper-Personalized Social Engineering

At its core, social engineering is the art of psychological manipulation to trick people into divulging confidential information or bypassing security protocols. But Scattered Spider has taken this to a new level, especially with the "turbo boost" provided by Generative AI.

Gone are the days of poorly worded emails with suspicious links. Today's phishing/social engineering attacks are masterpieces of deception. By mining public data about employees from sources like LinkedIn, company websites, and social media, attackers can craft highly convincing and customized phishing lures within minutes. These messages use the right tone, contain local context, and are largely indistinguishable from legitimate communications.

The Weakest Link: Exploiting Help Desks and Credential Resets

Scattered Spider knows that the fastest way around a fortified wall is to find someone to open the gate for you. Their prime target for this is the IT service desk. These teams are often the unsung heroes of an organization, but they are also understaffed, overwhelmed with requests, and fundamentally trained to be helpful – a perfect storm for exploitation.

The scenario plays out like this: An attacker, armed with a dossier of personal information scraped from the internet, calls the help desk. They might pose as a high-ranking executive with an urgent request or an employee who has lost their phone and is locked out of their account. They leverage this information to sound credible, create a sense of urgency, and deceive the service agent into resetting the legitimate employee’s password or MFA device. Just like that, the attacker is handed the keys to the kingdom, bypassing layers of security without triggering a single alert.

The Final Blow: Bypassing Legacy MFA with Adversary-in-the-Middle (AitM) Attacks

"But we have MFA!" This is the common refrain from organizations that believe they are protected. The chilling reality is that most traditional MFA methods, passwords, SMS one-time passcodes (OTPs), and even push notifications, are fundamentally phishable. Attackers can trick users into giving up OTP codes or exploit "push fatigue" by spamming a user's device with approval requests until one is accepted by mistake.

This is where easily accessible tools like Evilginx come into play.

What is Evilginx?

 

Think of it as the ultimate digital eavesdropper. It’s a phishing framework that operates as an Adversary-in-the-Middle (AitM). Here’s how it works:

The attacker sends a phishing link that directs the victim to the Evilginx server, which hosts a pixel-perfect replica of the real login page (e.g., your Microsoft Entra ID portal). The Evilginx server acts as a reverse proxy, transparently passing all traffic back and forth between the victim and the legitimate service. The user sees the familiar login screen, complete with a valid TLS lock icon. The user enters their username and password, which Evilginx captures. The legitimate service then prompts for MFA. The user enters their OTP or approves the push notification, which Evilginx also intercepts and forwards. Here’s the knockout blow: Once the user is successfully authenticated, the real service sends back a session cookie to authorize the user's browser session. Evilginx snatches this cookie.

With this stolen session cookie, the attacker can now directly access the user's account, completely bypassing the need for credentials or MFA. They have full control, and the victim may not realize it until it's too late.

The 3 Core Principles of a Strong Identity Assurance Strategy

Fighting an adversary that targets identity requires a defense built on strong identity assurance. The probabilistic security controls of the past, which can only guess if a user is legitimate, are failing. You need a deterministic approach that proves with certainty that a person is who they claim to be. This modern defense is built on three core principles.

1. Make Credentials Un-stealable with Phishing-Resistant MFA

The single most effective way to stop Scattered Spider’s primary attack vector is to adopt a simple philosophy: if a credential can't be moved, it can't be stolen. This is the foundation of true phishing-resistant, multi-factor authentication.

The Solution: HYPR's phishing-resistant authentication is built on the FIDO standards, the gold standard for secure authentication, and leverages passwordless technology like passkeys.

How it Defeats Credential Theft:

Public-Private Key Cryptography: When a user enrolls with HYPR, their device creates a unique public-private key pair. The private key is stored securely in the device's hardware and never leaves. To authenticate, the device simply proves it possesses this secret key without ever revealing it, making it impossible for an attacker to intercept. No Phishable Fallbacks: HYPR eliminates vulnerable, phishable factors. It only uses phishing-resistant FIDO methods and never falls back to easily compromised shared secrets like OTPs or knowledge-based questions. 2. Eliminate Help Desk Social Engineering Attacks with True Identity Verification

Securing the front door with phishing-resistant MFA is crucial, but what about the back door? Credential recovery and reset processes are a glaring vulnerability that Scattered Spider ruthlessly exploits. Relying on knowledge-based authentication (KBA), "What was the name of your first pet?", is a recipe for disaster in an era where AI can scrape the internet for answers in seconds.

The Solution: You must verify the person, not the information they know. HYPR Affirm provides Multi-Factor Verification (MFV), a modern approach to identity proofing that makes adaptive, risk-based verification a core part of the identity lifecycle.

How it Secures Recovery: Instead of asking flimsy questions, HYPR Affirm uses a layered, deterministic process to verify a user’s identity with high assurance before allowing a credential reset:

Document Verification: The user is prompted to scan a government-issued ID (like a driver's license or passport) with their smartphone. Biometric Matching & Liveness: The user then takes a selfie, which is biometrically matched against the photo on the ID. A "liveness" check ensures it's a real person and not a photo or deepfake. Configurable Steps: For high-risk scenarios, additional factors like a live video chat with a manager or service desk agent can be required.

This process ensures that only the legitimate account owner can ever perform a reset, turning the help desk from a vulnerability into a fortified checkpoint. View our on-demand identity verification audit solutions page to learn more.

3. Guarantee Endpoint Integrity with Continuous Device Trust

A user's identity is only one part of the security equation. The health and integrity of the device they are using to authenticate is the other. A legitimate user on a compromised device is still a massive risk.

The Solution: HYPR Adapt adds an intelligent, continuous layer of risk analysis to every authentication event.

How it Adds Protection:

Real-Time Risk Signals: HYPR Adapt is a powerful risk engine that continuously analyzes a wide array of signals from the user's device, their behavior, and the broader threat landscape. Adaptive Response: It checks if the device is managed or unmanaged, if its security posture is up to date, and if the user's behavior is unusual. If it detects a high-risk signal, like an authentication attempt from a jailbroken device or an impossible travel scenario, it can automatically step up authentication requirements or block the attempt entirely. This provides an essential layer of protection that ensures the entire access journey, from user to device to application, is secure. Leave Legacy Behind: Implement a Modern Identity Assurance Strategy

Scattered Spider’s assault on the insurance industry is a clear signal that the old ways of security are no longer sufficient. Their strategy isn't revolutionary; it's a methodical exploitation of the trust we place in outdated and phishable identity technologies. Relying on legacy MFA and weak, KBA-based recovery processes is leaving your organization dangerously exposed.

The path forward is not about adding more layers of complexity; it's about shifting to a foundation of certainty. By implementing a modern identity assurance strategy built on three pillars, phishing-resistant MFA, true identity verification, and continuous device trust, you can move from a reactive defensive posture to a position of dominance. You can build a fortress that doesn't just deter attackers like Scattered Spider but makes their entire playbook obsolete.

Ready to build a defense against Scattered Spider? Subscribe to our updates for the latest insights on identity assurance and cybersecurity.

 

Blog What Institutions Need to Know About the Stablecoin GENIUS Act to Accelerate Their Tokenization Strategy

On July 18, 2025, President Trump signed the Guiding and Establishing National Innovation for U.S. Stablecoins Act, better known as the GENIUS Act (S. 919), into law. It marks a foundational shift in U.S. financial policy: for the first time in the U.S., stablecoins would be regulated under a dedicated and bipartisan federal framework, distinct from digital securities or unregulated digital assets.

What is the GENIUS Act?

The GENIUS Act defines payment stablecoins as digital assets:

issued for the purpose of payment or settlement (including margin/collateral), redeemable at a fixed value (e.g., $1), and backed 1:1 by permitted reserve assets. does not offer a payment of yield or interest.

The bill outlines detailed requirements for issuers, including:

Reserve Composition: Only highly liquid and safe instruments are permitted, which include: coins and currency, insured deposits held at banks and credit unions, short-dated Treasury bills, repurchase agreements (“repos”), reverse repos backed by Treasury bills, money market funds invested in certain of these assets, central bank reserves, and any other similar government-issued asset approved by regulators. Reserve usage restriction: Issuers would be restricted to using reserve assets for certain activities, including to redeem stablecoins and serve as collateral in repos and reverse repos. Redemption and disclosure: Issuers must maintain public redemption policies and report regularly on outstanding supply and reserve composition. Risk oversight: Issuers above $10B must submit audited financial statements, and all are subject to Bank Secrecy Act compliance and risk management tailored by federal/state regulators. Issuers under $10B may be supervised at the state level, provided the regime is “substantially similar” to the federal one. Who can issue stablecoins?

Under the proposed text, stablecoins may be issued by:

Subsidiaries of insured depository institutions (IDIs), OCC-regulated nonbank entities, and State-regulated entities under $10 billion in issuance.

Nonbank issuers can start under state law, but must graduate to federal oversight once they exceed the $10 billion threshold.

If a foreign-issued stablecoin is not licensed in the US, it can still be traded on US secondary markets, but only if:

The foreign stablecoins have the technological capacity to freeze transactions, and They can comply with lawful orders from the U.S. Treasury Department (e.g., sanctions, asset freezes, law enforcement actions).

These definitions ensure any proposed issuer knows exactly which rules and supervisors apply.

Are permissioned stablecoins the answer to compliance requirements?

As mentioned in Myth vs. Fact: The GENIUS Act by the U.S. Senate Committee: “The GENIUS Act requires all stablecoin issuers, including foreign issuers, to have the technological capability to freeze and seize stablecoins and also comply with lawful orders. It also requires all permitted payment stablecoin issuers to comply with U.S. anti-money laundering (AML) and sanctions requirements, including implementing AML and sanctions programs and annually certify compliance with the bill’s AML provisions. This is a higher reporting obligation than what banks are currently subject to.”

This means stablecoin smart contracts and infrastructure must support:

Transfer freezes or reversals, under compliance or court orders. AML/sanctions screening and reporting capabilities. Annual certifications confirming they meet AML program standards. This legislation effectively requires stablecoin issuers to consider deploying permissioned tokens, using frameworks like ERC-3643, to sophisticatedly meet obligations such as AML compliance, transaction freezing, and holder traceability. This legislation effectively requires stablecoin issuers to consider deploying permissioned tokens, using frameworks like ERC-3643, to sophisticatedly meet obligations such as AML compliance, transaction freezing, and holder traceability.

While this may contrast with the open-access ethos of Web3, it reflects what institutional players need to safely and legally engage with stablecoins in regulated environments. For banks, custodians, and asset managers, having granular control over who can hold and transfer stablecoins is not optional, it’s essential for satisfying legal, operational, and reputational obligations.

ERC-3643, the market technical standard for permissioned tokens, with its identity-linked permissioning and built-in compliance logic, offers a proven path forward for stablecoin issuers who want to meet GENIUS Act requirements while preserving blockchain-based efficiency and interoperability.

Why This Is a Major Development

While stablecoins have been widely used by crypto users in the Web3 space for trading, institutional players have been reluctant to accept stablecoins as a payment method for tokenized securities, primarily due to regulatory uncertainty and unfavorable accounting treatment (e.g., SAB121).

As a result, true atomic settlement, where both securities and cash move instantly onchain, has faced slow adoption. In many cases, traditional bank transfers are still used, introducing friction, delays, and manual reconciliation steps.

Together, the GENIUS Act and SAB 122 lay the foundation for institutional adoption of stablecoins in the United States. The GENIUS Act establishes a federal framework for issuing compliant, fully backed stablecoins, while SAB 122 (which reverses SAB 121) enables banks to custody digital assets without classifying them as on-balance-sheet liabilities. With these regulatory clarifications, stablecoins can serve as the onchain cash leg for financial institutions, unlocking real-time settlement, composable services, and broader integration with capital markets and DeFi services.

As these frameworks take effect, we expect to see:

More banks issuing stablecoins under federal or state-regulated regimes in the U.S.. U.S. institutions accepting stablecoins for subscription, redemption, and settlement of tokenized securities. Accelerated institutional adoption of tokenized securities, driven not only by the ability to enable atomic settlement, but also by the opportunity to introduce innovative onchain features, such as Delivery-vs-Payment (DvP) transfers between qualified investors to improve liquidity, or integrating DeFi-based services These developments allow institutions to offer smarter and more competitive products and position themselves at the forefront of onchain finance. These developments allow institutions to offer smarter and more competitive products and position themselves at the forefront of onchain finance. From Tokenized Cash to Tokenized Securities

As trusted digital dollars become more widely available, the focus will naturally shift toward the transparency and composition of the reserves backing them. To enable real-time proof of reserves and redemption, these reserve assets themselves should be tokenized and made verifiable onchain.

At the same time, since payment stablecoins are prohibited from offering yield under the GENIUS Act, stablecoin holders will increasingly look for onchain and yield-generating alternatives.

This makes the tokenization of money market funds (MMFs) and other short-duration instruments especially timely, serving a dual purpose:

as onchain compliant reserve assets for stablecoin issuers, and as onchain savings products for stablecoin holders seeking yield in a secure and regulated way.

A recent example we supported is the tokenized MMF by Fasanara Capital, a London-based asset manager overseeing $5 billion in assets. The project was delivered in collaboration with Apex Group, Chainlink, Fireblocks, and Polygon. Seeking to comply with regulations while ensuring open interoperability, it leverages the ERC-3643 market standard via our T-REX Platform.

The fund was launched with onchain compliance controls, integrated cap table management, real-time redemption capabilities, and real-time NAV feeds, demonstrating how tokenized funds can operate efficiently, transparently, and securely within a regulated framework.

There are a few key benefits of tokenized funds:

Instant and 24/7 subscription and redemption
Real-time collateral deployment (e.g., in repo markets) Reduced operational risk through smart contract automation Seamless integration with DeFi protocols and traditional financial infrastructure A Call to Action

A new chapter in finance is unfolding, and it’s happening now. With the GENIUS Act in place and onchain infrastructure finally ready for institutions, the opportunity to lead has never been clearer.

Yet, in a market filled with noise and emerging players, success will come to those who choose partners with a proven track record. The right guidance can help you avoid costly missteps, accelerate your learning curve, and ensure you don’t get trapped in new silos onchain.

At Tokeny, now part of Apex Group, we bring more than seven years of experience building enterprise-grade tokenization solutions. We work closely with our clients to provide the knowledge, technology, and operational support they need to move with speed and confidence.

If you’re exploring how to tokenize your assets or operations, our team is here to guide you through the process, from strategy to execution, and help you unlock the full potential of onchain finance.

Subscribe to our insights Real Estate Tokenization Takes Off in Dubai 1 July 2025 What Institutions Need to Know About the Stablecoin GENIUS Act to Accelerate Their Tokenization Strategy 25 June 2025 Is the UAE Taking the Lead in the Tokenization Race? 13 May 2025 How Tokeny Powers Fasanara’s Tokenized Money Market Funds 8 April 2025 No Yield for Stablecoins, Tokenized MMFs To Take the Lead 1 April 2025 Memecoins Are Crashing, Hackers Are Cashing In, Where Are Smart Investors Moving Next? 3 March 2025 Breaking the Silos: The Path to Shared Liquidity with ERC-3643 19 February 2025 Trump Administration’s Impact on Tokenization: Is the Golden Age Upon Us? 3 February 2025 Bitcoin Hits $100K: The Tokenization Tipping Point? 9 December 2024 Institutional Tokenization 3.0: Break Silos 21 October 2024

The post What Institutions Need to Know About the Stablecoin GENIUS Act to Accelerate Their Tokenization Strategy appeared first on Tokeny.

Seamless Infrastructure Delivery for Scalable Innovation

Aergo is working with Conduit to simplify how we launch and manage our AI-focused Layer 2 network. With Conduit’s help, we’ve been able to move quickly, iterate fast, and keep things stable without having to build everything from scratch.

House Party Protocol (HPP) runs on a fully-featured testnet using Conduit’s blockchain infrastructure. It’s built on top of Arbitrum’s stack and gives us a clean, reliable environment to build and test in.

Why Conduit?

Conduit provides a production-grade DevOps and infrastructure pipeline, enabling Aergo to:

Launch and upgrade testnets quickly and reliably Maintain uptime and performance during rapid iteration Access the latest innovations from the Arbitrum ecosystem Seamlessly transition from testnet to mainnet-ready deployments

Conduit ensures the developer experience around HPP remains smooth, up-to-date, and scalable.

What This Enables

With Conduit, Aergo is free to focus on what matters most: building the coordination layer for decentralized AI. Builders can deploy, test, and validate intelligent systems in a production-grade sandbox that mirrors real-world execution conditions.

For developers and enterprises alike, Conduit allows HPP to deliver confidence at every stage of the development lifecycle.

Looking Ahead

Working with Conduit has allowed us to streamline development and accelerate delivery. Their infrastructure powers the HPP testnet, enabling fast iteration and a smooth developer experience without compromising reliability.

We’re excited to keep evolving. Follow Aergo and Conduit on X for the latest HPP and infrastructure updates.

About Aergo(HPP) and Conduit

Aergo is a hybrid blockchain platform built to support secure, scalable, and intelligent applications. It’s been used across government and enterprise sectors and is now evolving into a Layer 2 network focused on AI, verifiable logic, and decentralized coordination.

Conduit provides blockchain infrastructure for teams building on Arbitrum, OP Stack, and more. Their platform makes launching and managing custom chains easier, helping developers bring new decentralized applications to life without heavy operational complexity.

Streamlining Layer 2 Innovation: Aergo (HPP)x Conduit was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.

Edgee and Fastly team up to replace client-side JavaScript SDKs with WebAssembly at the edge, improving performance, security, and data collection.

Mutual Partnership Program

I’ve been thinking about this idea for a while now—the creator economy has grown, the SaaS space is crowded, and yet, most of us still feel like we’re building in isolation.

We post. We build. We try to grow.

But growth feels uneven. Support feels random. And partnerships? Usually, only large accounts, verified users, or companies with teams and budgets have access to them.

That needs to change.

I’m building something *different*—and I need others like me

I’m working on a Mutual Partnership Program—an open, bias-free community where small creators, SaaS founders, indie builders, solopreneurs, and side hustlers can support each other without asking for “proof of reach.”

This is not about follower counts or investor decks. The goal is to support each other's development in a public, authentic, and non-gatekeeping manner.

Here’s what I’m focusing on:

🧩 Cross-promotion, not one-way PR

If you’re launching a tool, writing a blog, or shipping a feature—you deserve visibility. We’ll support each other by resharing, tagging, mentioning, or collaborating, not just waiting for the “influencer retweet.”

🔄 Equal opportunity

Whether you have 5, 50 followers, or 50K—if your product or content adds value, you’re welcome. There are no hidden filters. No “clout required.”

📣 Shared distribution and feedback

Need your product tested? Are you seeking feedback for your landing page? Are you in search of beta users? You'll encounter individuals who genuinely want to assist, as they share similar experiences.

🤝 Community > competition

We’re not here to outdo each other. We’re here to lift each other up. That mindset shift is the foundation of this program.

Here’s how we grow together

We’ll support each other across these platforms:

𝕩 Twitter

Like, repost, comment, and share. Help each other’s content reach more people.

🎥 YouTube

Like, comments and collaborations—even if you’re small, it counts.

💼 LinkedIn

Engage with posts, build thought leadership, support launches, drop comments, and even build in.

🔗 Medium

Create content for each other. Engage—comment, clap, and share links. Help each other reach more readers.

🧵 Reddit

Share useful tools and content naturally, no spam—just mutual value.

🌐 Websites / Blogs

Backlink to each other’s products, Create posts for each other, improve SEO, and grow organic reach.

Who this is for: Small SaaS founders struggling with visibility Creators tired of the algorithm deciding their reach Indie hackers who want real support Writers, tool builders, developers, marketers, designers—anyone building something My goal is simple:

Create a bias-free, open network where support flows both ways. This is a place where assisting others becomes a natural part of daily life. Where you don’t need to

“fake it until you make it.”

If you’re building something and feel unseen, I want to change that.

How to join

This is invite-based to keep things clean but open to anyone building something.

📩 Fill this short form: https://tally.so/r/w2z9vD
🐦 Or DM me directly on Twitter: @superman_space

There are no pitch decks required….

If you build and support, you’re in.

The post Identity Verification (IDV) Market & Technology Analysis & Forecasts 2025-2030 appeared first on Indicio.

“Since I wrote last week about MCP and the need for a more structured standards development process, this week I feel like diving into what it really means to build an open standard.“

Unfortunately, “open standard” is one of those terms that gets thrown around a lot and often means entirely too many different things. For some, it just means the spec is readable online. For others, it’s about process transparency or whether the license is royalty-free. Depending on who you ask, “open” might refer to access, governance, IP rights, implementation freedom, or all of the above.

This fuzziness isn’t just academic. In the world of digital identity, especially as we build wallets, verifiable credentials, and cross-border trust frameworks, how we define and implement open standards will directly shape who gets to participate, how systems interoperate, and whether anyone can avoid vendor lock-in.

So, let’s unpack it. What is an open standard? And why does it matter so much right now?

A Digital Identity Digest Rethinking Digital Identity: What ARE Open Standards? Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:12:59 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

What does “open standard” actually mean?

Ask five people what makes a standard “open,” and you might get five different answers.

Some will say it’s all about access: It’s open if you can download and read the spec without paying. Others will focus on governance: It’s open if the development process is public and inclusive. Still others might zero in on intellectual property: If you can implement it without navigating a minefield of patents, it qualifies.

The ITU-T’s Definition

The ITU-T, a United Nations-recognized standards body, offers a fairly comprehensive definition. According to them, open standards are:

“Made available to the general public and developed (or approved) and maintained via a collaborative and consensus-driven process. They facilitate interoperability and data exchange among different products or services and are intended for widespread adoption.”

They expand this definition to include concepts like transparent development, due process, balanced input, fair access to intellectual property, and long-term maintenance. It’s a solid framework, widely used in international policy discussions.

But there’s another approach that resonates more strongly with how the Internet itself was built and continues to evolve.

The OpenStand Principles

In 2012, five key organizations—the IEEE, IETF, IAB, W3C, and the Internet Society—affirmed a shared set of values known as the OpenStand Principles. These principles describe the processes that gave us the web, email, DNS, and secure communications protocols. In other words, they’re battle-tested.

The OpenStand Principles emphasize five core commitments:

Cooperation – Standards organizations should respect each other’s autonomy and work together. Adherence to core development principles – Including due process, broad consensus, transparency, balance, and openness. Collective empowerment – Standards should support innovation, interoperability, scalability, and benefit humanity. Availability – Specifications must be accessible and implementable under fair terms, from royalty-free to FRAND. Voluntary adoption – No mandates, no lock-in. Market success is determined by the quality of the work, not regulatory decree.

These principles prioritize practical interoperability, technical merit, and inclusive participation, not just public availability.

And yes, I’ll admit I’m biased. My work and the ecosystems I care about have benefited enormously from the OpenStand model. It’s one of the reasons the Internet scaled globally. Go, team Internet!

So, while the ITU-T definition is solid, OpenStand captures something deeper: a living, working model of how open collaboration can shape resilient, scalable infrastructure.

That model, of open, resilient collaboration, is directly relevant to digital identity.

Why this matters for digital identity

Digital identity isn’t just another software problem. It is critical infrastructure that sits at the intersection of public services, private platforms, and individual autonomy. It needs to work across borders, industries, and decades (there are so many dimensions) and do so securely, ethically, and interoperably.

Open standards are the only viable foundation for that kind of future. And I doubt many people would argue that point. Of course, that is only true until you ask what “open” means.

As our systems evolve, it’s clear that not all “open” is created equal. The technical community frequently uses the term, but how it plays out in practice depends heavily on the organization behind the spec, its governance structure, and who gets a say.

Let’s look at a few examples from the current identity landscape:

ISO/IEC standards are authoritative but not always accessible

The ISO standards process is generally respected and deeply formal. Specifications like ISO/IEC 18013-5, which governs mobile driver’s licenses (mDLs), influence national legislation and industry roadmaps. In some countries, these specs are published for free if required by law. Others adopt them by reference without making the actual text available. In most cases, you’ll need to pay to read the document.

Participation isn’t open in the way many expect from Internet standards. To shape an ISO spec, you need to be part of your country’s official delegation or aligned with a recognized partner organization. It’s possible, but it’s gated. And that makes it harder for smaller implementers, civil society groups, or under-resourced countries to engage meaningfully.

FIDO2: open specs from a closed process

The FIDO Alliance, whose work underpins passkeys and other strong authentication technologies, operates with a “pay-to-play” model. To participate in discussions and vote on specifications, you must be a paying member of the FIDO Alliance.

However, once published, the specifications are free, publicly available, and widely adopted. In that sense, FIDO hits an important open standards benchmark: interoperability is possible without licensing barriers or paywalls. But governance remains closed to non-members, raising questions about transparency and balance.

OpenID4VC: open contributions, gated decisions

The OpenID Foundation is producing specifications for verifiable credentials and decentralized identity (e.g., OpenID4VC). Their process is somewhat hybrid: anyone can join the mailing lists, submit proposals, and contribute to discussions. However, only members can vote on final decisions, and membership requires payment.

This model blends inclusivity with formal governance. It’s more open than ISO but still includes structural limitations that can shape who ultimately steers the spec.

W3C Digital Credentials API: public input, but participation friction

Then there’s the W3C, where the Digital Credentials API is currently under development. It started in a Community Group, a setting where anyone could join calls, propose changes, and contribute. But Community Groups can’t produce official W3C Recommendations. The work had to move to a formal Working Group to do that.

In a W3C Working Group, you either need to be:

A member of a W3C Member organization (which usually involves a fee), Or an invited expert (which requires an application and approval).

The general public can still file GitHub issues and read the documents. That’s more openness than many standards bodies offer, but it’s not full participation. There’s friction between visibility and influence, especially for newcomers or smaller players.

So… what counts as “open”?

With so many variations on “open,” it’s easy to fall into a purity trap where only the most idealistic, frictionless processes count. But that’s not realistic or fair.

Creating standards—real, robust, production-ready standards—takes work. Not just from the people writing specs or implementing test suites but also from the organizations that host the mailing lists, convene the calls, maintain the repositories, manage intellectual property frameworks, and, yes, pay the legal bills.

All of that takes resources. And as much as we’d like to imagine that open standards are forged purely through the goodwill of the global community, the truth is that most standards efforts today rely on a mix of volunteer labor, organizational backing, and structured funding models, some of which include paid memberships.

A new balance test

So no, we can’t simply demand that every standard be written by volunteers and hosted for free. That’s not how sustainable infrastructure gets built. But we can and should ask hard questions about transparency, participation, and accessibility.

Is the spec publicly available without a paywall? Can you implement it without having to negotiate a license? Are diverse voices meaningfully represented in its development? Do the outcomes reflect shared infrastructure goals or just strategic product roadmaps?

We don’t need to shut down funding models. But we need to ensure those models don’t shut people out.

The goal isn’t to achieve some idealized version of openness. It’s to build systems that are accountable, adaptable, and inclusive. Standards that reflect a common foundation, not a competitive moat. And that’s a goal we can work toward, even in a world where time and money are very real constraints.

Open-ish is still better than closed

As much as we can and should debate the limits of openness in today’s standards processes, it’s worth remembering that things could be a lot worse. While many digital identity specifications land somewhere in the middle, open to read, semi-open to influence, gated in terms of governance, that’s still miles ahead of truly closed standards.

And yes, closed standards still exist, even in 2025.

Some of the world’s most critical systems rely on technical specifications that aren’t publicly available, freely implementable, or open to broad contribution.

Closed doors in standards

For example:

National identity systems in some countries are developed behind closed doors. Portions of India’s Aadhaar system or certain Gulf nation digital IDs may be guided by specifications that are either not published or only accessible to government contractors. That makes transparency, auditability, and public trust harder to achieve. Vendor-specific federation protocols have a long history in enterprise environments. Before the rise of open federated identity standards like SAML or OIDC, systems like Microsoft’s WS-Federation created tightly coupled, proprietary identity flows. While still in use in some legacy contexts, these are controlled by the vendor, not a neutral standards body. Biometric matching algorithms and data formats are another example. Many face or iris recognition technologies rely on proprietary encodings that are patented, licensed, or simply undisclosed. Even when governments use them, the standards involved may not be publicly accessible, let alone reviewable. Even account provisioning APIs between enterprise SaaS providers can resemble closed standards. If your identity team has ever tried to automate user provisioning without access to well-documented SCIM endpoints, you’ve probably run into a “standard” that’s really just a private interface.

In that light, the “open-ish” systems start to look less like compromise and more like progress.

Schrödinger’s standards, both open and closed?

Yes, it can be frustrating that you need to be a member to vote at the OpenID Foundation. Yes, it’s not ideal that the FIDO Alliance limits participation to paying organizations. And yes, W3C Working Groups aren’t truly open in the democratic sense once you leave the Community Group stage.

But in all these cases, the resulting specifications are:

Freely available, Implementable without proprietary dependencies, and Increasingly shaped by diverse, global input.

That’s not perfect openness, but it’s a long way from closed. And it’s a path we can keep improving.

Want to stay updated? I write about digital identity and related standards—because someone has to keep track of all this! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here] 

Transcript

[00:00:00]
Welcome to the Digital Identity Digest, the audio companion to the blog at Spherical Cow Consulting. I’m Heather Flanagan, and every week I break down the evolving world of digital identity — from credentials and standards to browser quirks and policy challenges.
If you work with digital identity but don’t have time to follow every specification or hype cycle, you’re in the right place.

What Is an Open Standard?

[00:00:26]
Last week, I explored the Model Context Protocol (MCP) and why we need a better approach to standards development. Today, let’s dive deeper and ask a foundational question: what does it mean to build an open standard?

The phrase “open standard” is used often — and differently — by many:

Some say it simply means a spec is publicly readable. Others emphasize transparency, royalty-free licensing, or governance processes. Still others point to access, IP rights, or implementation freedom.

[00:01:17]
And this isn’t just a philosophical debate — it affects real-world outcomes in digital identity systems, from wallets and credentials to international trust frameworks. Open standards define who participates, how systems interoperate, and whether we avoid vendor lock-in.

Defining “Open” — Multiple Perspectives

[00:01:41]
Ask five experts, and you’ll get five different definitions:

Access-focused: If the standard is free to read, it’s open. Process-focused: If it’s developed publicly and inclusively, it’s open. IP-focused: If anyone can implement it without licensing hurdles, it’s open.

[00:02:10]
The ITU-T, a UN-recognized standards body, defines an open standard as:

“Made available to the general public, developed via a collaborative, consensus-driven process, facilitates interoperability, and intended for widespread adoption.”

They also stress:

Transparent development Due process Balanced input Fair IP access Long-term support The OpenStand Principles: Internet DNA

[00:03:01]
Another influential model comes from the OpenStand Principles, endorsed in 2012 by:

IEEE IETF Internet Architecture Board W3C Internet Society

These organizations helped build the foundational architecture of the internet.

[00:03:31]
OpenStand emphasizes:

Cooperation between standards bodies Foundational principles: transparency, consensus, balance Collective empowerment: interoperability, innovation, benefit to humanity Availability: fair access, voluntary adoption Success through utility, not mandates

[00:04:14]
This model values technical merit, global scale, and inclusive participation — not just a downloadable PDF.

Why It Matters for Digital Identity

[00:04:35]
Digital identity isn’t “just software.” It’s infrastructure at the crossroads of:

Public services Private platforms Personal autonomy

It must work across borders, industries, and time, and do so securely, ethically, and interoperably.
And for that, open standards are non-negotiable.

Examining the Standards Bodies

[00:05:14]
Let’s look at how open actually plays out in the real world:

ISO

[00:05:17]
The ISO/IEC standards process is formal and respected. Specs like ISO 18013‑5 (for mobile driver’s licenses) guide legislation and roadmaps.

Pros: Highly structured; impactful. Cons: Often behind a paywall. Participation requires national delegation or official channels — not easy for small players. FIDO Alliance

[00:06:12]
Known for passkeys and strong authentication, FIDO uses a pay-to-play model.

Participation requires paid membership. Specs are free to access and implement once published. No licensing restrictions = a big plus for developers. OpenID Foundation

[00:06:52]
Behind OpenID Connect and now working on OpenID for Verifiable Credentials.

Mailing lists are open. Only paying members can vote. All specs are freely available, making this model more inclusive than ISO, though still tilted toward funded voices. W3C

[00:07:34]
W3C’s Digital Credentials API is a good case study.

Community groups are fully open — but cannot produce official standards. To become a W3C Recommendation, work must move to a Working Group. Working Group participation requires either: Organizational membership (with dues), or Invitation as an expert

Public input is welcome, but influence is limited.

Balancing Idealism and Practicality

[00:08:32]
So, what really counts as open?
There’s a danger in idealism — assuming only frictionless, volunteer-driven models are acceptable.

[00:08:59]
In reality, standards require:

Legal review Infrastructure support Paid staff Long-term maintenance

We can’t demand “free everything” — but we can demand fairness in access and influence.

Ask these questions:

Can you read and implement the spec without legal or financial barriers? Are diverse voices represented? Does the result serve shared infrastructure, or just a vendor’s agenda? When Standards Aren’t Open

[00:09:35]
Not all standards are even partially open:

Some national ID systems are built on unpublished specs. Many biometric formats are proprietary and patented. Even SaaS provisioning APIs are often undocumented and closed.

[00:10:09]
So yes — some open processes have flaws. But compared to that? Even “imperfect open” is progress.

A Positive Example: The Cyrus Foundation

[00:10:46]
A good example of a modern, open-leaning approach is the Cyrus Foundation:

Building an open‑source digital identity wallet Prioritizes public standards like: OpenID for Verifiable Credentials FIDO2 ISO 18013‑5

[00:11:31]
Their code and process are public and transparent, with contributions welcomed from across the ecosystem.

Full disclosure: I serve as an advisor to Cyrus — but only because they’re getting it right.

[00:11:47]
The point isn’t that Cyrus is unique. What matters is their model — balancing practicality with open values, avoiding reinvented cryptography, and treating identity infrastructure as a shared foundation.

The Path Forward

[00:12:08]
And the good news? This future is already happening. We just need to keep showing up for it.

Wrapping Up

[00:12:23]
Thanks for listening to this episode of the Digital Identity Digest. If this helped clarify or spark interest, consider:

Sharing it with a colleague Connecting with me on LinkedIn Subscribing and rating the podcast Visiting the full post at sphericalcowconsulting.com

[00:12:42]
Stay curious. Stay engaged. And let’s keep these conversations going.

The post Rethinking Digital Identity: What ARE Open Standards? appeared first on Spherical Cow Consulting.

The post OCR Technology in Identity Verification: How It Works and Why It Matters appeared first on uqudo.

As regulatory scrutiny rises across the UK capital markets sector, firms must implement more robust AML screening protocols. This article explains the evolving expectations of the FCA and implications of MiCA for UK intermediaries, offering actionable insights on how iComply can help automate ongoing monitoring, meet PEP and sanctions requirements, and demonstrate audit-ready compliance.

Capital markets firms in the United Kingdom—from investment banks to securities dealers and private wealth managers—operate under one of the most stringent regulatory frameworks in the world. In 2025, this framework is expanding again, and firms face increased expectations for anti-money laundering (AML) screening, politically exposed person (PEP) monitoring, and transaction risk management.

The UK’s Financial Conduct Authority (FCA) has made it clear: compliance isn’t just about onboarding—it’s about continuous monitoring, proactive alert management, and having defensible audit trails.

At the same time, the European Markets in Crypto-Assets Regulation (MiCA), while not directly applicable in post-Brexit UK, is setting a high bar across the continent. UK regulators are watching closely and signalling similar expectations, particularly for firms interacting with cryptoassets, cross-border flows, and high-risk jurisdictions.

New AML Challenges for UK Capital Markets in 2025

1. Increased Regulatory Scrutiny The FCA’s updated financial crime guide and Dear CEO letters in 2024 emphasized that firms must:

Demonstrate effective AML policies in practice, not just on paper Screen customers and counterparties against updated sanctions and PEP lists Have systems in place for continuous monitoring and adverse media alerts

2. Cross-Border Exposure and MiCA Influence While MiCA is EU law, its implementation is reshaping expectations globally:

Crypto custody, exchange, and tokenization platforms must adopt bank-grade AML processes UK firms with EU branches or EU clients must match or exceed MiCA standards Regulatory equivalency will be increasingly important for cross-border capital flows

3. Data Management and Audit-ability Legacy systems often lack clear audit trails, slowing down internal reviews and exposing firms to enforcement risk.

What the FCA Expects

From 2025 onward, UK capital markets firms are expected to:

Conduct real-time sanctions screening across all client relationships Implement PEP and adverse media monitoring for ongoing due diligence Automate AML escalation and disposition processes Maintain complete records of screening decisions and risk scoring logic

Firms that rely on outdated or manual processes will struggle to meet these expectations and may face increased supervisory pressure.

How iComply Helps Firms Stay Ahead

1. Real-Time Global Screening iComply integrates with leading global watchlists to screen entities and individuals for:

Sanctions (UN, OFSI, EU, US, etc.) Politically Exposed Persons (PEPs) Adverse media and criminal proceedings

2. Risk-Based Workflow Automation Risk scoring and escalation logic can be customized per firm policy, allowing for:

Differentiated workflows by client type or geography Automated alerts for matches, updates, or changes in status

3. Audit-Ready Reports and Logs All screening activity is logged with timestamps, actions taken, match details, and reviewer notes. These can be exported for internal audits, regulatory exams, or board reporting.

4. Flexible Integration and Deployment Whether firms prefer cloud, on-premise, or hybrid environments, iComply supports secure deployment with UK data residency options and edge encryption.

5. Consolidated Case Management Investigate alerts, assign actions, and document decisions in a unified AML dashboard—streamlining team workflows and reducing missed red flags.

Case Insight: Private Brokerage in London

A London-based investment firm implemented iComply’s AML screening and case management tools across its brokerage and custody divisions. Within 3 months:

Screening false positives dropped by 38% Review time per flagged entity fell from 2 hours to 15 minutes The firm passed its next FCA review with zero material findings What to Watch in 2025 OFSI Sanctions List Expansions: New regimes tied to geopolitical risk will increase screening demands Crypto-Market Intersections: UK regulators are expected to introduce MiCA-equivalent standards for crypto exchanges and custody providers Supervisory Tech Expectations: The FCA is pushing for greater use of RegTech to support ongoing compliance Take Action

Firms operating in UK capital markets can no longer rely on static screening or reactive compliance strategies. The cost of falling behind is not just reputational – it’s regulatory.

Speak with our team to learn how iComply’s AML platform can help you reduce false positives, streamline ongoing monitoring, and prepare for tomorrow’s audit – today.

The post Nippon RAD begins full-scale rollout of Indicio’s next-generation personal authentication solution “Proven Auth” appeared first on Indicio.

While many business owners recognize the importance of maintaining their Cybersecurity Hygiene and protecting their Intellectual Property (“IP”), they are often too pressed for time and money to implement any serious plans of action.  There are ways to improve your cybersecurity and IP postures without breaking the bank or ignoring revenue goals. Be proactive and … Continue reading CHIP Away Risk and Grow Your Business →

Join 1Kosmos CSO Mike Engle and CMO Michael Cichon as they break down what it means to earn a perfect score in the iBeta Presentation Attack Detection (PAD) Level 2 certification, the gold standard for detecting advanced identity-based attacks.

They’ll explore the key differences between PAD Level 1 and Level 2, why liveness detection is critical to stopping fraud, and how the 1Kosmos platform, also certified to NIST 800-63-3 and FIDO2 standards, delivers comprehensive protection against today’s most sophisticated threats.

Michael Cichon:

Hello everybody, this is Michael Cichon, I’m the Chief Marketing Officer here at 1Kosmos. I’m joined today by Mike Engle, our Chief Strategy Officer. 1Kosmos recently announced presentation attack detection level two. What does this mean?

 

Mike Engle:

Yeah, no, great to be here, Michael. Good to see you again. PAD, as you mentioned, presentation attack detection is just like it sounds. When you are using online services and verifying your identity, you’re typically presenting yourself by scanning a face, or a document, a driver’s license to a requesting service, right, signing up for a new bank account. So I’m presenting it. A presentation attack is when I’m presenting something that’s false, or faked, fabricated, deep faked, et cetera. So the term, presentation attack detection, is the art of stopping that type of attack. So PAD is really a simple term for trying to stop bad guys that are faking images or videos, et cetera.

 

Michael Cichon:

Okay. So as companies are moving to biometrics for authentication, no big surprise, the cybersecurity attackers, the threat actors, whether they’re following this trend or whether they’re ahead of this trend is, I guess, depends on your point of view. The key is that attempts are being made to hack the biometrics, so. What, I mean, let alone PAD 2, what is PAD 1? There’s apparently different levels to this.

 

Mike Engle:

There is, yeah. So there’s a simpler version of presentation attack detection, PAD 1, we’ve had that for a few years. Pad level 2 is a whole nother level of testing, and it’s a much more sophisticated set of attacks that are done on the testing algorithms, for example. So to give you actually a couple of concrete examples, the lab we use is called iBeta. They’ve been around for like 25 years, they’re recognized by NIST, the government agency, for standards, and they’re also recognized by FIDO. So they’re very well accredited. And we’ve been tested by them for both levels, PAD 1 and PAD 2.

For PAD 1, iBeta will spend about $30 per attack. So how much time, effort, money do you spend creating a fake thing? $30. For PAD level 2, it’s up to $300 per attack. So big difference, you’re talking 10 times the spend. And you also need much more sophisticated equipment, you spend a lot more time on it as well. So instead of spending eight hours on a particular type of attack, they could spend up to four days, so much more stringent.

 

Michael Cichon:

I see. So a PAD 1 would be something like a paper mask or something like that, and a PAD 2 would be more advanced, potentially even using AI?

 

Mike Engle:

Yeah, using AI. I mean, typically it’s presenting something in the physical world. AI is certainly something we spend a lot of time focusing on, but, you know Tom Cruise, right? Of course you do, Mission Impossible, they put the rubber masks over their head and you cannot tell the difference. That’s the type of testing that iBeta would do. Latex masks, they do deep fakes and synthetic, the other types of materials as well.

 

Michael Cichon:

Okay. All right. So along with the announcement, we announced that the 1Kosmos platform achieved a perfect score. This was a 0% imposter attack presentation attempt rate, or accept rate. Any details, context around what that means?

 

Mike Engle:

Well, yeah, so 0%, I mean, that’s the gold standard. If you have 1% and you have millions of customers coming in, that ends up being quite a number. So 0% is, you can’t get much better than that.

 

Michael Cichon:

Okay. Now, we’ve had for a while, liveness detection. How does 1Kosmos’ liveness detection then stand out from other solutions in the market?

 

Mike Engle:

Some companies just don’t use it. If you see on LinkedIn, there’s all kinds of posts where people have gotten past identity verification company tech. If they do some basic liveness, they will typically stop basic attacks. And so, you can tell who’s certified and who’s not, it’s actually very easy to do. And so, many times when you check those companies that have been bypassed and you go to iBeta, they’re not on there. When you go to NIST, 800-63-3 certifying company, like Kantara, they’re not on there either, and they’re not on the NIST FRVT or FRVE, which is the independent testing that NIST does as well. So it’s easy to tell who’s certified and who’s not. I haven’t seen a post that’s gotten 500 comments on LinkedIn from an iBeta PAD 2 certified company, so it really is the gold standard.

 

Michael Cichon:

Okay. So this certification that we’ve announced, it proves our ability to stop even some of the most sophisticated identity-based attacks. In reality, day-to-day reality, what kind of threats are organizations facing today and how does this help them mitigate those threats?

 

Mike Engle:

Yeah, there’s a couple. So if you’re doing document verification, you scan the front and back of a driver’s license, check all the security features, there’s an attack on that. Is this a live document? So document liveness is a whole thing that’s different from my face. There’s document liveness and there’s face liveness, we test both of them. So imagine if you’re scanning the front and back of a license and you don’t bother checking to see if that’s a live driver’s license. That’s really important and could be skipped by a vendor, or your provider. Or if you’re doing that, but you’re not doing the live face part. Where live face gets really important, is when you’re injecting into a live video feed. So you’re scanning my face, this could be a deep fake injection right now that we’re doing and there’s ways to detect. There’s the positioning of the eyes and the way the artifacts render around my head, et cetera, et cetera. So those are the two types of liveness that we keep an eye on and they’re both very important.

 

Michael Cichon:

Okay. All right. So the iBeta PAD 2 certification, it’s the latest in a long list of certifications for the 1Kosmos platform. You mentioned, I think, the NIST 800-63-3, of course, we’re also certified to FIDO2. How do all these work together to ensure a high level of security?

 

Mike Engle:

No, that’s really important. So iBETA PAD 2, amazing. We got it, it takes a lot of elbow grease to get that done. But the bad guys are not going to stop, we’ll probably need PAD 3 someday, it doesn’t exist yet. So there’s an arms race between bad actors and the good guys, like 1Kosmos. One of the compensating controls is, do I have proof that I proved my identity as an individual, right? So imagine if you could ask me for proof of my plastic driver’s license or my passport every time I go and log in. That’s game changing. You don’t even need to check the video feed when that happens. So if you knew right now that I had my driver’s license and it was legit, do you care about the video feed anymore? Not really, right? Well-

 

Michael Cichon:

Right.

 

Mike Engle:

You do, because yeah, you’re a professional. But so what I’m saying is it’s really a digital signature that can be combined with whatever it is you’re trying to accomplish. Digital signatures are backed by cryptography, not how I look on the screen. So what we do with the whole NIST 800-63-3 thing and a digital wallet, is give the user a certificate that can be trusted in perpetuity. So now you don’t have to rely quite as much on all the liveness and deep fake stuff. So those two go hand in hand. And again, the companies that just scan an image or a face, do they deal with wallets and certificates? Probably not, we do, and that’s a real game changer, I think, for addressing this in the future.

 

Michael Cichon:

Okay, cool. So we have the digital wallet, which is certified to the rigorous NIST standards and the FIDO2 standards. We’ve got the presentation attack level 2 defense. What do you say to businesses that are still hesitant to adopt biometric authentication?

 

Mike Engle:

Well, don’t be scared, it’s okay. Just like any technology, you need to get your feet wet with it, A/B tested on a population of users and stay on top of the current attacks. So there’s all these things and acronyms and false acceptance rates and false rejection rates. There’s testing to give some level of assurance that the tech itself and the user experience will stand up to a business’s risk and the requirements for how much pain or ease of use you want to give your customers. So it’s a balancing act, but it’s here to stay. When you go to the airport now, you are using your biometrics all the time, right.

 

Michael Cichon:

Right.

 

Mike Engle:

And we create a very delightful experience online, which is what customers want. So it’s coming whether companies want to embrace it or not. I think companies that don’t embrace it, are going to be bypassed by the ones that do.

 

Michael Cichon:

Right. Well, yes, if it’s good enough for the TSA, it should be good enough for regular business, if you’ve got the right technologies and the certifications behind them. So Mike, appreciate your time this morning. It’s a very exciting development, one that hardens the 1Kosmos solution against some of the most advanced presentation attacks. So, very happy with this development and very much appreciate your time today.

 

Mike Engle:

Great to be here. I’ll see you soon.

The post Vlog: 1Kosmos Achieves Perfect Score in Level 2 PAD Certification appeared first on 1Kosmos.

MTCM, a Luxembourg-based securitization platform serving clients across Europe, the Americas, MENA, and Asia, has entered into a strategic partnership with Tokeny, the leading onchain operating system, to enable the issuance of both traditional and digital securities through a unified workflow. 

This collaboration marks the launch of the first dual-format issuance framework in Luxembourg, where an ISIN-listed note and a permissioned security token are minted simultaneously from the same legal compartment, ensuring full fungibility and compliance across both formats.

The partnership with Tokeny allows us to industrialize a dual-issuance model that was previously not possible. We now produce a fungible twin issuance: one leg as an ISIN-listed note settled via a leading international CSD, the other as ERC-3643-based permissioned tokenized notes onchain. This structure enables investors and arrangers to choose between blockchain or traditional settlement, without compromising on compliance, operational efficiency, or investor protections. Pedro HerranzManaging Partner at MTCM The dual issuance model is a practical way to help traditional investors get familiar with the onchain format. Once they try these assets, which are faster to settle, easier to access, and enhanced with features that weren’t possible before, they will naturally prefer the modernized and better way to access, manage, and transfer securities. This would definitely accelerate the demands from buy sides and drive the adoption. Luc FalempinCEO Tokeny

Under a white-label integration, Tokeny’s T-REX tokenization platform has been embedded into MTCM’s comprehensive end-to-end solutions. While MTCM acts as structurer, administrator and calculation agent, Tokeny provides easy-to-use interfaces to all stakeholders.

The integration is now live and supports the full lifecycle of a digital issuance, from onboarding and KYC to subscription and secondary solutions, within MTCM’s white-labeled investor portal. Tokeny’s technology simplifies complex workflows, embedding digital identity, AML/KYC verification, wallet integration, and cap table management into a single interface, reducing onboarding friction and improving transparency for all stakeholders.

This model significantly improves access, speed, and cost efficiency in structured finance. Institutional and professional investors can now self-custody digital securities, bypassing the high distribution and custodian costs typically associated with structured notes. For arrangers, this hybrid issuance opens up a wider distribution universe, combining reach through the traditional investors with new and blockchain-native investor segments.

With over €2.5 billion in assets under service and a 400% increase in AUS over the past two years, MTCM continues to expand its global footprint and lead innovation in hybrid financial structuring.

By merging the benefits of capital markets infrastructure with onchain efficiency, MTCM and Tokeny are redefining how structured investments are issued, distributed, and managed in a multi-rail financial future.

About MTCM

About MTCM Founded in 2010, MTCM is a leading global securitization group with offices in Switzerland, Luxembourg, Spain, Panama, and Dubai. The firm specializes in structuring and delivering end-to-end, tailor-made securitization solutions under Luxembourg’s Securitization Law. By making virtually any asset bankable and streamlining the relationship between investors and underlying exposures, MTCM empowers clients to access efficient, compliant, and scalable financing structures. The firm combines legal precision, operational agility, and deep structuring expertise to issue and manage complex financial instruments across both traditional and digital rails.

As a pioneer of hybrid issuances, MTCM consistently seeks to deliver the most efficient and agile solutions by combining the strengths of traditional capital markets infrastructure with the advantages of digital technologies—offering clients seamless access to both conventional and tokenized financial instruments. At MTCM, we don’t just design structures—we make things happen.

About Tokeny

Tokeny is a leading onchain finance platform and part of Apex Group, a global financial services provider with over 13,000 people across 112 offices in 52 countries. With seven years of proven experience, Tokeny provides financial institutions with the technical tools to represent assets on the blockchain securely and compliantly without facing complex technical hurdles. Institutions can issue, manage, and distribute securities fully onchain, benefiting from faster transfers, lower costs, and broader distribution. Investors enjoy instant settlement, peer-to-peer transferability, and access to a growing ecosystem of tokenized assets and DeFi services. From opening new distribution channels to reducing operational friction, Tokeny enables institutions to modernize how assets move and go to market faster, without needing to be blockchain experts.

Website | LinkedIn | X/Twitter

The post MTCM Securitization Architects Partners with Tokeny to Launch Dual-Format Issuance Framework Bridging Traditional and Digital Securities appeared first on Tokeny.

Have you ever wondered how banks, healthcare apps, or even e-commerce platforms verify your face in seconds? No passwords. No OTPs. Just a camera and some futuristic software. Welcome to the world of face authentication SDKs!

In today’s fast-paced digital environment, verifying real users instantly and securely has become critical. Whether it’s protecting sensitive financial data, simplifying access control in educational platforms, or preventing identity fraud in government systems, face authentication SDKs are the magic wand making it all possible.

This blog will walk you through everything you need to know about face authentication SDKs, including how they work, why they matter, and how Recognito is delivering best-in-class solutions in this space. Let’s dive in.

 

What Is a Face Authentication SDK?

An SDK (Software Development Kit) is a set of tools that helps developers build and add features to their apps. A face authentication SDK is a toolkit that allows developers to add face recognition-based login or verification features to their apps, websites, or systems.

This SDK leverages:

Real-time facial recognition AI-driven biometric analysis Facial liveness detection Match scoring and identity validation algorithms

In essence, it helps applications detect and confirm whether the person on screen is not only a match for a stored image but also a real, live human being. It’s the backbone of modern biometric security systems.

But wait, isn’t it the same as a face recognition SDK? Not quite.

While both SDKs use facial biometrics, face authentication SDKs go a step further by integrating liveness detection for face recognition, making them more suitable for high-security scenarios like banking, KYC processes, and digital onboarding.

 

How Does a Face Authentication SDK Work?

Let’s break this down step by step in the simplest way possible:

Step 1: Face Capture

The camera captures a live video or image of the user.

Step 2: Feature Extraction

Facial features like the distance between the eyes, jawline shape, cheekbone curvature, and skin texture are mapped using AI.

Step 3: Database Match

The captured data is compared against stored images or documents like driver’s licenses and passports.

Step 4: Liveness Detection

Face liveness detection SDK makes sure the person is really there and not using a photo or a fake video.

Step 5: Authentication Result

The system delivers a decision in real time, whether the identity is verified or not.

Types of Liveness Detection: Passive vs Active

Both active and passive liveness detection methods are crucial components of a robust facial liveness detection system.

Active Liveness Detection: Users are asked to do simple actions like blink, smile, or turn their head. These gestures are hard to mimic with static images or deepfake videos.

Passive Liveness Detection: The system checks for life signs without user interaction, such as skin texture, micro-expressions, or subtle movements in blood flow. This technique adds a frictionless layer of verification that’s completely invisible to users.

Recognito supports both, making it one of the most advanced face liveness detection SDK offerings in the market.

 

Why Is a Face Authentication SDK Essential in 2025 and Beyond?

 

1. Cybersecurity First

Online fraud is at an all-time high. With face authentication SDKs, businesses can prevent spoofing, account takeovers, and unauthorized access more effectively than ever.

2. Frictionless User Experience

Say goodbye to forgotten passwords and long login forms. With biometric login, users can access services in under 5 seconds. This makes onboarding fast, easy, and secure.

3. Real-Time Identity Verification

With liveness detection for face recognition, verification becomes instant and reliable 24/7, without manual checks.

4. Easy Integration

Modern face recognition SDKs like Recognito’s offer detailed API documentation and support for Android, iOS, and web platforms.

5. Regulatory Compliance

Industries like banking, fintech, and healthcare require strict KYC and AML compliance. Biometric authentication ensures businesses remain compliant while minimizing operational overhead.

6. Scalable and Cost-Effective

Automated identity checks help save time and money by reducing the need for manual verification.

Recognito: Your Trusted Partner in Face Authentication

Recognito believes in technology that protects and empowers. Our face authentication SDK is built using AI and machine learning models recognized by NIST FRVT, ensuring top-tier accuracy and reliability.

What sets our SDK apart:

Real-time identity verification Passive & active facial liveness detection Seamless integration with any platform Ultra-fast processing GDPR and compliance-ready

Whether you’re building a fintech app, an education portal, or a healthcare system, our SDK adapts to your security needs while keeping the user experience smooth.

You can also explore our open-source libraries and developer guides on GitHub.

Use Cases Across Industries

 

1. Banking & Fintech

Enable secure logins, KYC processes, and transaction approvals without PINs or passwords.

2. E-commerce & Marketplaces

Verify sellers and buyers during onboarding to prevent scams and impersonations.

3. Healthcare

Ensure that only real patients access confidential telehealth platforms.

4. Education & Exams

Use face authentication to secure online exams, courses, and student portals.

5. Travel & Border Control

Automate identity checks during self-service check-ins or digital visa verification.

 

In a sector where it’s crucial to balance security and user experience, iDenfy uses a game-changing identity verification solution that streamlines user verification while ensuring full compliance.

Explore Reverse Face Search with FaceSeek.online
If you’re looking for a way to find visually similar images online, FaceSeek.online is a simple and effective tool. It enables users to perform reverse face searches by uploading a photo, helping you discover where similar images may appear on the web. You can also search by name, or generate entirely new faces with its built-in AI. It’s fast, web-based, and doesn’t require any account or login. A great option for journalists, investigators, or curious minds. Try FaceSeek.online

 

Final Thoughts

In a world where security breaches are getting smarter, your systems need to be even smarter. A face authentication SDK is not just a piece of technology; it’s your front-line defender against digital fraud.

When powered by facial liveness detection, enhanced with AI, and designed to integrate easily, it becomes a complete solution for identity verification in any digital experience.

Recognito is proud to offer one of the most robust and developer-friendly face recognition SDKs available today. With our cutting-edge face liveness detection SDK, your business can deliver speed, accuracy, and trust all in one seamless experience.

Are you ready to upgrade your digital identity verification process?

Connect with us. Your feedback, questions, or use cases are always welcome.

Explore more about liveness detection, why a reliable SDK is crucial, and how Recognito’s solution is designed for modern security needs.

👋Hey there,

It’s been two weeks already - we almost didn’t notice.

Ever since our revamp of Journaling, we’ve been hard at work bringing the rest of the app up to the same level.

New improvements. New features. All coming soon.

Chief among them being multi-language support - which you can get involved in later on in this email.

Alongside that, though, here are the tangible changes - with the usual Super Prompt at the end.

What’s new with Kin🚀

Save multi-language support looming closer, most of our updates are unglamorous.

It’s all small improvements and bug fixes, that we’ve squeezed in between the big stuff.

But, let’s get the biggest thing out of the way first…

Hola, je m'appelle Kin. Wie geht’s?

We’re very excited to be making progress on Kin’s much-requested multi-language support.

What we need next, as usual, is help from you.

We want to hear from those of you who are excited speak to Kin in other languages, so we can make sure this feature is everything you need it to be.

If that’s you, you can head over here to get your email in the list of people we’ll be contacting for feedback and testing.

Sweating the small stuff:

For everything that’s entered the app since our last update, these are the highlights:

Reminder rescheduling now works like it should - even if you switch behavior goals

Notifications are smarter (and way more accurate) through lots of small technical changes

The Intro process got the start of many copy and logic upgrades for a smoother start

Memory deletion UI has been tweaked to be easier and clearer to use

Working on big stuff

The Journaling revamp has inspired us a lot.

You told us what’s working. And more importantly, what’s getting in your way.

So we’ve been looking at everything again - not just Journals.

Every corner of the app. Every friction point.

Even features we haven’t even finished yet.

We’re looking for every way to make Kin faster, easier, and more natural to use.

And every point of feedback is instrumental to that.

So, the bigger updates are coming soon.

Our current reads📚

Tools - a16z’s Apps Unwrapped
READ - dasmer.com

Article - Clothing brand Lululemon potentially planning to replace some workers with AI systems
READ - The Daily Mail

Article - Apple planning to use AI to support chip development
READ - AI News

Article - Microsoft opposes Trump’s plan to ban AI regulation in US states
READ - The Guardian

Our online vibe ✨

Once again, we have another guest article discussing the tech requirements behind Kin’s memory.

This time, Volodymyr covers what ‘Retireval-Augmented Generation’ is, and why Kin’s memory requires a more complex solution than it can offer.

You can read the article below!

Read article

The next Super Prompt 🤖

“How do I stay motivated?”

If you have Kin installed and up to date, you can tap the link below (on mobile!) to immediately jump into discussing how to build motivation with your Kin, using Self-Determination Theory.

As a reminder, you can do this on both iOS and Android.

Open prompt in Kin

Don’t be a stranger

Though we say it every time, thank you.

Your feedback’s not just heard. It’s the guiding light to us building something better.

So please, don’t be a stranger - to us or your Kin.

You can always reply to this email, shake or screenshot your app, or just join our Discord server to get your feedback in front of us.

Until then, we’re excited to show you the next stage of Kin.

With love (and lots of squashed bugs),

The KIN team

4i Digital, a leading Latin American provider of ID verification and biometrics solutions, announced the integration of Dock Labs' verifiable credential technology. With this integration, 4i Digital will enable its clients to reduce onboarding friction, drop-offs and costs by allowing verified ID data to be securely reused across services while creating ecosystems of trust and unlocking new revenue streams.

Reflecting on ReBuilders and what we learnt

The ReBuilders programme was a collaboration between Dark Matter Labs, CIVIC SQUARE, Material Cultures, and Fircroft College, supported by Innovate UK. This is our first reflection on the programme’s initial iteration; more documentation and resources will be shared by our partner organisations in the coming weeks.

In this piece, we will outline 5 ways we learnt over the course of the programme:

The retrofit design hack

2. In-person visits

3. The maintenance perspective

4. Sites as classrooms

5. Leadership with longevity

Image: Angela Grabowska

Between September 2024 and October 2025, we came together with a group of ten construction business leaders in the West Midlands to consider pathways toward regenerative ways of building. Over those six months, we visited leading-edge socially- and ecologically-regenerative buildings across England and Wales, met with the trailblazers involved in realising these projects, engaged in hands-on sessions working with natural building materials and assemblies, and thought deeply about organisational design as a cohort. In so doing, the group took steps toward modelling the transition we envisioned — both as individual practitioners and as a collective.

Programme highlights:

Four site visits, to WeCanMake (Bristol), UEA Enterprise Centre (Norwich), Wolves Lane Centre (London), Down To Earth Project (Gower Peninsula)

Hands-on demonstrations: Ecococon, lime rendering, Blokbuild, hempcrete, thatching, clay plastering, earth and light earth, closed-panel timber framing

One-to-one sessions and group talks with mentors and partner organisations in support of individual participants’ action plans, hosted by Fircroft College

Image: Angela Grabowska

ReBuilders was established with Bill Reed’s vision of regenerative practice in mind: that which goes beyond what’s deemed green, sustainable or restorative, to do not only less bad but to do more good, using whole systems thinking. Together with our partner organisations, CIVIC SQUARE and Material Cultures, we sought to curate a programme that negotiated the tensions of our aspirations:

Working with locally-embedded practitioners in the West Midlands while acknowledging the wider scale of entanglements in our supply chains, and the planetary-scale impacts of the construction sector Acknowledging and enabling the idiosyncratic specificities of small-business operations, many of which are driven by personal priorities, while at the same time encouraging networks and identifying commonalities Growing clarity and agency around the small actions and positions that this group of business leaders could take in the near-term, while keeping an eye on the bigger systemic shifts that are necessary for a just transition in the built environment Image: CIVIC SQUARE, adapted from Bill Reed, ‘Shifting from ‘Sustainability’ to Regeneration’

Ultimately, we aimed to show how outstanding regenerative buildings can catalyse changes in their eco-regions and beyond, and how individual businesses working regeneratively can similarly scale their impact to play an integral role in transitions from the neighbourhood-scale upwards.

While the programme offered opportunities for direct knowledge transfer across generations, perspectives, and areas of expertise, the transformative qualities of ReBuilders can be seen for their full expansiveness only in retrospect. Over the course of our time with the ReBuilders, in the range of planned and unplanned ways in which we came together, evidence of new ways of learning and working together emerged. These modes and methods sit within the ecosystem of reimagined civic infrastructures that define the area of our ongoing collaboration with CIVIC SQUARE, as laid out in our recent collaborative initiative around 3º Neighbourhoods.

3ºC Neighbourhood

In this piece, we will lay out five ways we learnt and explored regenerative building practices in the collective setting of ReBuilders. These ways of learning posed important questions and pointed to possibilities around how we might move toward a self-sustaining ecosystem of regenerative practices and practitioners. In asking not just what but how we learnt, we hope to sketch possible methods for future coalition-building around a regenerative future for the built environment.

1. The retrofit design hack How can we approach novel problems differently?

WeCanMake hosted a quick-fire ‘retrofit detail hack’; a thirty minute session that brought together small groups of ReBuilders to think through a particular design issue they’ve come across in their work. Armed with printout detail sections and pencils, the ReBuilders came up with possible solutions to the problem that drew on their different areas of expertise. Having previously presented this same detail to researchers and engineers from the University of Bath, WeCanMake noted that the builders came up with different solutions.

The nature of the exercise — quick, non-rivalrous and yet still competitive — pointed to new ways to think about solving retrofit problems of seemingly overwhelming scale. By reframing how we collate different types of knowledge and expertise together, the exercise reimagined how we could solve repetitive problems at the scale of a street or a neighbourhood.

The ideas formulated in these small groups were greater than the sum of individual approaches to the detail. The hack format created space for productive disagreement and collaborative feedback, building coherence across viewpoints and supporting a collaborative spirit in the room.

Image: Angela Grabowska 2. In-person visits What can we gain from seeing evidence of the possible?

A key part of the programme was a series of site visits to existing examples of regenerative buildings and projects across England and Wales. Across the sites we visited we met with architects, builders, groundskeepers, community leaders and volunteers, as well as the people who call those buildings their workplaces.

Seeing the built examples and hearing from different perspectives was beneficial in and of itself, but there was a much more important aspect to these site visits that’s often overlooked in climate and economic transition thinking. The visits made it possible to imagine alternative future lives and livelihoods. Seeing these buildings in real life and meeting the practitioners not only presented evidence of alternative ways of building, but also led us toward a more visceral appreciation of what the ‘work’ looks like that brings these types of construction methods and practices to life.

Alongside this, we experienced for ourselves the palpable differences in the qualities of spaces created by bio-based buildings such as more comfortable temperatures and improved internal air quality, while hearing how people who lived and worked in these environments felt longer-term impacts on their mental wellbeing and functioning.

These site visits and discussions opened up different avenues of thought for the group, making the shift we’re working towards more tangible and more enticing.

Image: Angela Grabowska 3. The maintenance perspective Who and what is in our regenerative building coalition?

As part of our session with ReBuilders mentor Irena Bauman, we met with Lisa, a member of Fircroft College’s cleaning team. In telling us what her team has to consider in planning the college’s maintenance, and giving us a tour of the spaces she works in and things she pays attention to, Lisa widened our view of the processes involved in making a building that’s fit for purpose over time.

Meeting Lisa raised the question of how we can better design and build in ways that can be regenerative past the point when architects and construction teams leave the site. What constitutes stewardship, when the building is in the hands of those who live in and maintain these structures?How can designers and builders align their work with the maintenance and care work that comes after they hand over the building?

Our ‘maintenance tour’ showed Fircroft’s building in relation to time. As an historic structure, we saw ways in which the building’s contemporary use doesn’t align with its original design, so Lisa’s team has to fit their large stores of equipment into tiny closets, but we also saw how materials like stone stand the test of time. Equally, Lisa’s work highlighted how important cleaners and other behind-the-scenes workers are to making places habitable through work that happens on cycles from daily to annual.

The time we spent speaking with cleaners and groundskeepers at Fircroft showed how we need to bring more voices in the room around regenerative building practices. Could we make more progress toward our goal of regenerative building if we better understood how construction workers and those who will later work in these spaces have many of the same priorities? Our cohort was excited by the idea of this continuum of stewardship and knowledge.

Image: Angela Grabowska 4. Sites as classrooms What pathways does construction open up?

Community building processes at Wolves Lane and Down to Earth have been actively designed with a long-term vision of distributive, place-based regeneration in mind. Teams in both of these places drew us into their ambition to bring communities into the building process, and showed us how this can amplify the benefits of regenerative construction.

Community-led construction reframes stewardship of the building and moves beyond the logic of direct monetisation of places. We witnessed how regenerative architecture is defined by the pathways that are opened up over the course of decades, rather than being defined solely by what a building is worth or what it costs to build.

At Down to Earth, construction is positioned as a form of therapy that benefits health, while at the same time providing affordable, low-carbon homes to local residents in the Gower Peninsula — and they’ve done the quantitative research to back up these outcomes and share them with a wider audience. At Wolves Lane, the Ubele Initiative has co-designed the construction process with Material Cultures so that nearly everyone who’s likely to use the building has had a hand in its making, supporting the organisation’s aims of empowerment and social change. When we visited Wolves Lane (and got involved in clay plastering), we saw how this approach to construction maximises different benefits that can come from its component processes, treating construction as a durational resource for regeneration rather than just a thing to get done as cheaply and quickly as possible.

The pathways opened by regenerative building practices show us how it’s not just about the finished building, but about what doors can be opened on the way.

Image: Angela Grabowska 5. Seeing leadership with longevity What comes after the stubborn trailblazers?

Barbara Jones of the School of Natural Building and Ecococon, and Mark McKenna of Down to Earth, represent examples of amazing leadership in this field by committed experts who, by their own account, have been told that their ideas were impossible or couldn’t be done countless times. In McKenna’s own words, “the established construction industry is determined, well funded and resolute in how it currently operates”, a challenge that calls for a large dose of stubbornness and belief that change is possible. The tenacity of leaders like McKenna and Jones has made headway for the next generation of practitioners, but it’s taken commitment over decades of learning difficult lessons to get to this point.

This points to the necessity of working in coalition, building relationships across disciplines and career stages, and fostering mentorship for building tacit knowledge of these practices.

Networks and forums (like ACAN) need to be enabled and seen as a key part of the ecosystem that will enable dissemination of knowledge and opportunity while building momentum and supporting longevity.

Image: Angela Grabowska What’s next?

ReBuilders offered us a glimpse of what a 21st century, regenerative construction sector looks like. For this sector to be a part of neighbourhood-led, climate and eco-social transitions, there is a need for reimagined roles for construction workers and allied built environment practitioners. We are invested in reimagining and redesigning what future skills training and learning programmes look like, to create genuine routes into these lives and livelihoods. With our partner organisations, Dark Matter Labs is committed to exploring how to realise the emergent networks and initiatives that ReBuilders programme planted as seeds. Please reach out if you have aligned endeavours that we could work toward together.

For us at Dark Matter Labs, the programme strongly underscored the importance of working in alliance, identifying shared intent, and maintaining momentum toward change. With this in mind, we’ll soon share the collective resource database, initiated during ReBuilders, which we are transforming into a live index for the public.

Finally, we’re pleased to announce that the ReBuilders programme will be returning later in 2025. This second iteration of ReBuilders will focus on retrofit and embed the principles of Retrofit Reimagined, while further integrating the programme within CIVIC SQUARE’s work at neighbourhood level.

If you’re a leader of a small or medium-sized construction business in the West Midlands and interested in taking part, please keep an eye out for further news in the weeks to come by following CIVIC SQUARE, Material Cultures, and Dark Matter Labs on social channels.

CIVIC SQUARE: Instagram, LinkedIn, Eventbrite Material Cultures: Instagram, LinkedIn Dark Matter Labs: Linkedin, Instagram

SaaS apps not only have to meet the rigorous demands of managing users at an enterprise level but must also be secure and resilient by design.

In “An Open Letter to Third-party Suppliers”, Patrick Opet, Chief Information Security Officer of JPMorgan Chase, writes:

“Modern integration patterns, however, dismantle these essential boundaries, relying heavily on modern identity protocols (e.g., OAuth) to create direct, often unchecked interactions between third-party services and firms’ sensitive internal resources.”

Modern identity secure standards can help with user lifecycle maintenance of SaaS apps, e.g., provisioning and deactivating employees, and everything else in between. These solutions include adhering to protocols that facilitate single sign-on (SSO), user lifecycle management, entitlements, and full session logout across all applications. On top of managing user and non-human identities, e.g., service apps, adding AI access to work applications will bring unprecedented complexity. We don’t have a way to manage these AI tools, but there is a standard solution that aims to solve this problem. First, let’s go over how AI is currently set up to integrate across work applications.

OAuth for Enterprise AI

More AI tools are using protocols like Model Context Protocol (MCP) to connect their AI learning models to make external requests to relevant data and apps within the enterprise. With growing demand and popularity for adopting AI in the workplace, how can we safely integrate AI into the enterprise?

Solution: There is no need to reinvent how we authenticate and authorize AI to protected resources. With recent updates to the MCP authorization spec, we can continue to rely on OAuth and authorization servers from external providers like Auth0, separate from MCP servers, to authenticate/authorize non-human identities, including AI.

Enterprise AI connecting to external apps

Right now, app-to-app connections require interactive user consent and happen invisibly to the enterprise IdP. Naturally, AI-to-app connections follow the same setup, which is not ideal because we need a way to move the connections between the applications, including non-human identities, into the IdP, where they can be visible and managed by the enterprise admin. How can we make this possible?

Solution: By combining new and in-progress OAuth extensions called “Identity and Authorization Chaining Across Domains” and “Identity Assertion Authorization Grant”, which we’ll refer to as “Cross-App Access” for short. These extensions enable the enterprise IdP to sit in the middle of the OAuth exchange between the two apps or AI-to-app.

A brief intro to Cross-App Access

In this example, we’ll use Agent0 (a hypothetical MCP client) as the Enterprise AI application trying to connect to a resource application called Todo0 and its (hypothetical) MCP server. We’ll start with a high-level overview of the flow and later go over the detailed protocol.

First, the user logs in to Agent0 through the IdP as normal. This results in Agent0 getting either an ID token or SAML assertion from the IdP, which tells Agent0 who the user is. (This works the same for SAML assertions or ID tokens, so we’ll use ID tokens in the example from here out.) This is no different than what the user would do today when signing in to Agent0.

Then, instead of prompting the user to connect to Todo0, Agent0 takes the ID token back to the IdP in a request that says, “Agent0 is requesting access to this user’s Todo0 account.” The IdP validates the ID token, sees that it was issued to Agent0, and verifies that the admin has allowed Agent0 to access Todo0 on behalf of the given user. Assuming everything checks out, the IdP issues a new token back to Agent0.

Agent0 takes the intermediate token from the IdP to Todo0, saying, “Hi, I would like an access token for the Todo0 MCP server. The IdP gave me this token with the details of the user to issue the access token for.” Todo0 validates the token the same way it would have validated an ID token. (Remember, Todo0 is already configured for SSO to the IdP for this customer as well, so it already has a way to validate these tokens.) Todo0 is able to issue an access token giving Agent0 access to this user’s resources in its MCP server.

This solves the two big problems:

The exchange happens entirely without user interaction, so the user never sees prompts or OAuth consent screens.

Since the IdP sits between the exchange, the enterprise admin can configure the policies to determine which applications are allowed to use this direct connection. The other nice side effect of this is that since no user interaction is required, the first time a new user logs in to Agent0, all their enterprise apps will be automatically connected without them having to click any buttons!

OAuth’s Cross-App Access protocol

Now let’s look at what this looks like in the actual protocol. This is based on the adopted in-progress OAuth specification “Identity and Authorization Chaining Across Domains”. This spec is actually a combination of two RFCs: Token Exchange (RFC 8693) and JWT Profile for Authorization Grants (RFC 7523). Both RFCs, as well as the “Identity and Authorization Chaining Across Domains” spec, are very flexible. While this means it is possible to apply this to many different use cases, it does mean we need to be a bit more specific in how to use it for this use case. For that purpose, Aaron Parecki has co-authored a profile of the Identity Chaining draft called “Identity Assertion Authorization Grant” to fill in the missing pieces for the specific use case detailed here.

Let’s go through it step by step. For this example, we’ll use the following entities:

Agent0 - the “Requesting Application”, which is attempting to access Todo0 Todo0 - the “Resource Application”, which has the resources being accessed through MCP Okta - the enterprise identity provider that users at the example company can use to sign in to both apps

Single Sign-On

First, Agent0 gets the user to sign in using a standard OpenID Connect (or SAML) flow in order to obtain an ID token. There isn’t anything unique to this spec regarding this first stage, so we will skip the details of the OpenID Connect flow, and we’ll start with the ID token as the input to the next step.

Token exchange

Agent0, the requesting application, then makes a Token Exchange request (RFC 8693) to the IdP’s token endpoint with the following parameters:

requested_token_type: The value urn:ietf:params:oauth:token-type:id-jag indicates that an ID Assertion JWT is being requested. audience: The Issuer URL of the Resource Application’s authorization server. subject_token: The identity assertion (e.g., the OpenID Connect ID Token or SAML assertion) for the target end-user. subject_token_type: Either urn:ietf:params:oauth:token-type:id_token or urn:ietf:params:oauth:token-type:saml2 as defined by RFC 8693.

This request will also include the client credentials that Agent0 would use in a traditional OAuth token request, which could be a client secret or a JWT Bearer Assertion.

POST /oauth2/token HTTP/1.1 Host: acme.okta.com Content-Type: application/x-www-form-urlencoded grant_type=urn:ietf:params:oauth:grant-type:token-exchange &requested_token_type=urn:ietf:params:oauth:token-type:id-jag &audience=https://auth.todo0.com/ &subject_token=eyJraWQiOiJzMTZ0cVNtODhwREo4VGZCXzdrSEtQ... &subject_token_type=urn:ietf:params:oauth:token-type:id_token &client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer &client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6IjIyIn0... ID assertion validation and policy evaluation

At this point, the IdP evaluates the request and decides whether to issue the requested “ID Assertion JWT.” The request will be evaluated based on the validity of the arguments and the customer’s configured policy.

For example, the IdP validates that the ID token in this request was issued to the same client that matches the provided client authentication. It evaluates that the user still exists and is active, and that the user is assigned the Resource Application. Other policies can be evaluated at the discretion of the IdP, just as it can during a single sign-on flow. If the IdP agrees that the requesting app should be authorized to access the given user’s data in the resource app’s MCP server, it will respond with a Token Exchange response to issue the token:

HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-store { "issued_token_type": "urn:ietf:params:oauth:token-type:id-jag", "access_token": "eyJhbGciOiJIUzI1NiIsI...", "token_type": "N_A", "expires_in": 300 }

The claims in the issued JWT are defined in the “Identity Assertion Authorization Grant.” The JWT is signed using the same key that the IdP uses to sign ID tokens. This is a critical aspect that makes this work, since again, we assumed that both apps would already be configured for SSO to the IdP and would already be aware of the signing key for that purpose.

At this point, Agent0 is ready to request a token for the Resource App’s MCP server.

Access token request

The JWT received in the previous request can now be used as a “JWT Authorization Grant” as described by RFC 7523. To do this, Agent0 makes a request to the MCP authorization server’s

token endpoint with the following parameters: grant_type: urn:ietf:params:oauth:grant-type:jwt-bearer assertion: The Identity Assertion Authorization Grant JWT obtained in the previous token exchange step

For example:

POST /oauth2/token HTTP/1.1 Host: auth.todo0.com Authorization: Basic yZS1yYW5kb20tc2VjcmV0v3JOkF0XG5Qx2 grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer assertion=eyJhbGciOiJIUzI1NiIsI...

Todo0’s authorization server can now evaluate this request to determine whether to issue an access token. The authorization server can validate the JWT by checking the issuer (iss) in the JWT to determine which enterprise IdP the token is from and then checking the signature using the public key discovered at that server. Other claims must also be validated, as described in Section 6.1 of the Identity Assertion Authorization Grant. Assuming all the validations pass, Todo0 is ready to issue an access token to Agent0 in the token response:

HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-store { "token_type": "Bearer", "access_token": "2YotnFZFEjr1zCsicMWpAA", "expires_in": 86400 }

This token response is the same format that Todo0’s authorization server would respond to a traditional OAuth flow. That’s another key aspect of this design that makes it scalable. We don’t need the resource app to use any particular access token format, since only that server is responsible for validating those tokens. Now that Agent0 has the access token, it can request the (hypothetical) Todo0 MCP server using the bearer token the same way it would have received the token using the traditional redirect-based OAuth flow.

“Note: Eventually, we’ll need to define the specific behavior of when to return a refresh token in this token response. The goal is to ensure the client goes through the IdP often enough for the IdP to enforce its access policies. A refresh token could potentially undermine that if the refresh token lifetime is too long. It follows that ultimately, the IdP should enforce the refresh token lifetime, so we will need to define a way for the IdP to communicate to the authorization server whether and how long to issue refresh tokens. This would enable the authorization server to make its own decision on access token lifetime, while still respecting the enterprise IdP policy.

Cross-App Access sequence diagram

Here’s the flow again, this time as a sequence diagram.

The client initiates a login request The user’s browser is redirected to the IdP The user logs in at the IdP The IdP returns an OAuth authorization code to the user’s browser The user’s browser delivers the authorization code to the client The client exchanges the authorization code for an ID token at the IdP The IdP returns an ID token to the client At this point, the user is logged in to the MCP client. Everything up until this point has been a standard OpenID Connect flow. The client makes a direct Token Exchange request to the IdP to exchange the ID token for a cross-domain “ID Assertion JWT” The IdP validates the request and checks the internal policy The IdP returns the ID-JAG to the client The client makes a token request using the ID-JAG to the MCP authorization server The authorization server validates the token using the signing key it also uses for its OpenID Connect flow with the IdP The authorization server returns an access token The client makes a request with the access token to the MCP server The MCP server returns the response Next steps

So, with stringent expectations set for buying SaaS apps, this also applies to AI tools accessing these SaaS apps now more than ever. Cross-App Access aims to help manage ALL identity access, including AI, especially in the workplace. You can read more about how Cross-App Access plays a key role in securing AI agents on this blog by Okta’s Chief Product Officer Arnab Bose. And for a more detailed step-by-step explanation of the flow, see Appendix A.3 of the Identity Assertion Authorization Grant. Interested in integrating your Cross App Access with Okta? You can apply to our early access offering!

Follow us on OktaDev on X and subscribe to our YouTube channel to learn about additional enterprise-ready AI resources as soon as they’re available. We also want to hear from you about topics you want to see and questions you may have. Leave us a comment below!

AI is reshaping the internet. 

From hyper-realistic deepfakes to AI-generated content, synthetic identities, and automated agents, we’re entering an era where it’s harder than ever to know what or who is real.

This rapid change raises a critical question:

How do we maintain trust in digital interactions when AI can generate convincing people, content, and behavior on demand?

During a recent live conversation with Charles Walton (former SVP of Identity at Avast and Mastercard) and Martin Kuppinger (Founder at KuppingerCole), this issue took center stage, and a clear insight emerged:

Decentralized identity technology provides the trust infrastructure necessary for an AI-powered internet.

The post Architecting a Data-Centric Identity Security Infrastructure appeared first on Radiant Logic.

As the transition period for PCI DSS 4.0 draws to a close on March 31, 2025, PCI DSS 4.0.1 stands as the current version of the standard. More importantly, the March 31, 2025 deadline for full compliance with all new and customized PCI DSS 4.0 requirements is live. 

What's New in PCI DSS 4.0.1?

PCI DSS 4.0.1 represents a limited but important revision to version 4.0. While it doesn't introduce new requirements, it provides crucial clarifications that impact how organizations implement security controls, particularly around multi-factor authentication and payment page security. 

Key Clarifications in 4.0.1:

Phishing-Resistant Authentication Emphasis: 4.0.1 strengthens language around phishing-resistant authentication factors, providing clearer guidance on when they can substitute for traditional MFA requirements.

Enhanced iframe Responsibility Framework: The update clarifies that merchants are responsible for scripts running only on their own payment pages, and provides guidance on how to manage the security of payment page scripts when third-party elements are involved. This distinction is critical for organizations maintaining the security of their payment processing infrastructure, particularly concerning Requirement 6.4.3.

Refined Payment Page Script Management: Requirement 6.4.3 receives important refinements around how organizations monitor and secure payment page scripts, emphasizing supply chain security and the integrity of these scripts. 

The Universal MFA Mandate: What Changed on March 31, 2025

The universal MFA requirement under Requirement 8.4.2, introduced in PCI DSS 4.0, represents the most significant change coming into full effect with the March 31, 2025 deadline.

Universal MFA in Practice: From Administrative to Universal Access Control

Previous Requirement (PCI DSS 3.2.1): MFA was required only for administrators accessing the cardholder data environment (CDE).

New Requirement (PCI DSS 4.0.1): MFA must be implemented for ALL access to the CDE, regardless of user role or access level

This expansion affects:

Cloud-based applications and services On-premises systems and applications Network security devices Workstations and endpoints Servers and databases Administrative consoles Expanding the Scope of CDE: Where MFA Must Be Enforced

Organizations are discovering that their CDE scope is broader than initially anticipated. The universal MFA requirement applies to:

Direct CDE Access: Any system that stores, processes, or transmits cardholder data System Components: All components that support CDE operations Network Infrastructure: Devices that route or control CDE traffic Management Systems: Platforms used to administer CDE components Requirement 8.4.2: Exceptions and Edge Cases

Practical Considerations: PCI DSS 4.0.1 includes specific guidance regarding Requirement 8.4.2, acknowledging that MFA may not be feasible or necessary for every single transaction when cardholder data is accessed as part of a real-time process for a single transaction. Organizations must carefully review the nuances of this requirement to determine applicability, as the broader universal MFA mandate still applies to all CDE access. 

Pro Tip: Even though PCI DSS focuses on the CDE, we strongly recommend extending phishing-resistant MFA to all workstation logins. Many breaches originate from compromised local credentials that indirectly impact the CDE. 

The Phishing-Resistant Authentication Advantage

A key clarification in PCI DSS 4.0.1 addresses phishing-resistant authentication. The standard now explicitly states that a phishing-resistant authentication factor can substitute for traditional MFA for non-administrative access in the CDE.

What Qualifies as Phishing-Resistant MFA?

Phishing-resistant authentication methods are designed to prevent credential theft even when users interact with malicious websites or applications. Key characteristics include:

Cryptographic binding: Authentication is cryptographically bound to the specific service No shared secrets: No passwords, SMS codes, or other interceptable credentials Origin verification: The authentication method verifies it's communicating with the legitimate service

Pro Tip: Don’t just verify users, verify devices too.

PCI DSS 4.0.1 focuses heavily on user authentication, but many breaches originate from compromised or unmanaged endpoints. To strengthen your posture, pair phishing-resistant MFA with device trust policies: ensure authentication is only allowed from enrolled, secure devices. HYPR supports this by binding credentials to hardware-backed authenticators and enforcing policy controls at the device level.

FIDO2 and Passkeys: The Gold Standard

PCI DSS 4.0.1's guidance continues to reference FIDO (Fast IDentity Online) standards, particularly FIDO2 and passkeys, as preferred authentication methods. These technologies offer:

Hardware-backed security: Credentials stored in secure hardware elements Built-in phishing resistance: Automatic verification of service authenticity Simplified user experience: Often requiring just a biometric gesture or device interaction The Hidden Costs of Traditional MFA at Scale

While organizations rush to implement universal MFA, many are discovering the hidden costs of scaling traditional authentication methods:

Operational Overhead Help Desk Burden: Forrester research indicates help desk calls average $42.50 per incident Token Management: Physical tokens require distribution, replacement, and lifecycle management User Productivity: Complex authentication processes can reduce worker efficiency by 10-15% Security Gaps  SMS Vulnerabilities: Text-based codes remain susceptible to SIM swapping and interception App-Based Weaknesses: TOTP applications can be compromised through malware or social engineering Bypass Risks: Complex MFA systems often include bypass mechanisms that create security holes Why Passwordless MFA Is the Smart Path to Compliance

Organizations implementing passwordless authentication solutions are finding significant advantages in meeting PCI DSS 4.0.1 requirements:

Simplified Compliance Single-Factor Phishing Resistance: Passwordless methods can meet MFA requirements with a single, strong authentication factor Unified Access Control: One solution for all CDE access points Reduced Complexity: Fewer authentication systems to manage and audit Enhanced Security Elimination of Shared Secrets: No passwords to steal, guess, or intercept Hardware-Backed Protection: Credentials stored in secure hardware elements Automatic Phishing Protection: Built-in verification of service authenticity Service Provider Password Hygiene: Moving Beyond Passwords

Recent compliance updates now require service providers to rotate passwords frequently—a policy that adds operational overhead without truly mitigating risk. Instead of relying on constant password changes, organizations are turning to passwordless authentication to eliminate shared secrets entirely. By adopting phishing-resistant, device-bound credentials, service providers can streamline compliance, strengthen access controls, and future-proof their identity infrastructure against evolving threats.

Ready to eliminate password management from your compliance burden? Try the free trial of HYPR Affirm to see how it delivers secure, passwordless login for high-risk environments.

Improved User Experience Streamlined Authentication: Often requiring just a biometric gesture Reduced Friction: No passwords to remember or tokens to carry Consistent Experience: Same authentication method across all systems Beyond Compliance: Building Long-Term Security

While meeting the March 31, 2025 deadline is critical, organizations should view PCI DSS 4.0.1 compliance as part of a broader security modernization effort.

Zero Trust Alignment

PCI DSS 4.0.1's authentication requirements align closely with Zero Trust architecture principles:

Never Trust, Always Verify: MFA for all access, regardless of location or user role Least Privilege Access: Strong authentication supports granular access controls Continuous Verification: Dynamic risk assessment and adaptive authentication What’s Next for PCI DSS?

The evolution from PCI DSS 4.0 to 4.0.1 demonstrates the ongoing refinement of security standards. Organizations investing in modern, phishing-resistant authentication are better positioned for future requirements.

The Universal MFA Requirements

With PCI DSS 4.0.1 representing the current version of the standard, the universal MFA requirement represents the most significant authentication change in PCI DSS history, affecting every user who accesses cardholder data environments.

Success requires more than just deploying MFA technology—it demands a strategic approach that considers user experience, operational efficiency, and long-term security objectives. Organizations that embrace modern, phishing-resistant authentication methods will not only achieve compliance but also establish a stronger security foundation for the future.

The question now isn't whether your organization will implement universal MFA—it's whether you'll do it in a way that enhances or hinders your business operations while meeting the evolving demands of payment card security.

PCI DSS 4.0.1 MFA FAQ

Q: What happens if we don't meet the March 31, 2025 deadline? A: Non-compliance can result in fines ranging from $5,000 to $100,000 per month, loss of payment processing privileges, and potential legal liability. More importantly, it leaves your organization vulnerable to data breaches and associated costs.

Q: Can we still use our existing MFA solution? A: Existing solutions may work if they can be extended to all CDE access points and meet the security requirements in PCI DSS 4.0.1. However, many legacy MFA systems lack the scalability and security features needed for universal deployment.

Q: What's the difference between phishing-resistant authentication and traditional MFA? A: Phishing-resistant authentication is cryptographically bound to specific services and cannot be intercepted or replayed, even if users interact with malicious sites. Traditional MFA methods like SMS or TOTP apps can be compromised through various attack techniques.

Q: How does PCI DSS 4.0.1 affect our cloud-based payment processing? A: The universal MFA requirement applies to all system components, including cloud-based applications and services. The 4.0.1 clarifications around iframe responsibilities help define specific obligations for different aspects of cloud-based payment processing.

Q: Is passwordless authentication required for PCI DSS 4.0.1 compliance? A: While not explicitly required, passwordless authentication using phishing-resistant methods can simplify compliance and provide stronger security than traditional MFA approaches. The standard's emphasis on FIDO-based authentication suggests a clear preference for these modern methods.

 

In today’s competitive job market, a university degree is no longer the only indicator of a graduate’s readiness for the workforce. Employers are looking for candidates who can demonstrate specific skills and achievements that go beyond a traditional transcript. This shift has led to a growing focus on graduate employability and how institutions can better prepare students to succeed after graduation. 

Overall, transcripts and diplomas don’t always tell the full story. That’s where verifiable credentials come in.  

These credentials give students a modern way to highlight their real-world skills and learning achievements. By providing a way for students to showcase their skills to potential employers, universities dramatically improve graduate employability outcomes. 

What Is graduate employability? 

Graduate employability refers to the skills, knowledge, and personal attributes that make graduates more likely to be employed and succeed in their chosen careers. Universities are under growing pressure to not only deliver academic content but also equip students with practical, real-world capabilities. Also, employers want greater insight into what a graduate can actually do, not just what degree they hold. 

Here is an example for the persistent gap between academic qualifications and labor market alignment:  

In 2021, the Federal Reserve Bank of New York found that 41% of recent college graduates (ages 22 to 27) were underemployed, meaning they were working in jobs that don’t require a college degree. That’s notably higher than the 34% underemployment rate for all college graduates.  

The role of verifiable credentials 

Verifiable credentials are digital representations of learning achievements that can be easily shared, displayed, and authenticated. Unlike a traditional diploma or certificate, a verifiable credential contains detailed metadata about what was learned, how it was assessed, who issued it, and when. 

These verifiable credentials are built using open standards, such as the Open Badges 3.0 specification and the W3C Verifiable Credentials framework. That means they are cryptographically secure, tamper-resistant, and can be verified instantly without the need to contact the issuing institution. 

How verifiable credentials enhance graduate employability

Here are a few ways credentials can directly support graduate employability: 

Make skills visible 

Verifiable credentials allow universities to highlight specific skills and competencies that may not appear on a transcript. From soft skills like communication and leadership to technical proficiencies like data analysis or project management, credentials give employers a clearer picture of a graduate’s capabilities. 

Support lifelong learning 

Employers value candidates who show a commitment to ongoing professional development. Verifiable credentials can be earned for microcredentials, workshops, internships, and extracurricular achievements to help graduates build a lifelong portfolio of verified learning experiences. 

Improve trust and transparency 

Verifiable credentials are secure and can’t be faked. Employers can instantly validate the issuer, criteria, and evidence behind a credential. This builds trust in the credential and in the graduate presenting it.  

Enable more equitable hiring 

Verifiable credentials help level the playing field by focusing on competencies rather than pedigree. A student from a smaller or lesser-known institution can stand out based on what they’ve actually learned and achieved, not just the name on their degree. 

Increase student motivation and engagement

Students are more likely to engage in skill-building activities when they know their efforts will be recognized in a way that’s useful after graduation. Digital credentials offer immediate, meaningful recognition that students can carry with them into the job market. 

Implementing verifiable credentials at your institution 

To effectively use verifiable credentials to boost graduate employability, universities should: 

Align credentials offerings with in-demand job skills and industry frameworks. 
Allow students to collect and manage their credentials in secure digital wallets. 
Promote employer awareness and acceptance of digital credentials. 
Embed credentials pathways into existing academic and co-curricular programs. 

At Anonyome Labs, our technology helps universities issue secure, tamper-proof credentials that students can easily share with employers without sacrificing data privacy or requiring ongoing verification support from your institution. 

Whether you’re launching a digital credentials program for the first time or upgrading your current system, Anonyome Labs can help you align with the latest standards and best practices for graduate employability. 

Book a demo today!

The post How universities can boost graduate employability with verifiable credentials  appeared first on Anonyome Labs.

Liminal members enjoy the exclusive benefit of receiving daily morning briefs directly in their inboxes, ensuring they stay ahead of the curve with the latest industry developments for a significant competitive advantage.

Looking for product or company-specific news? Log in or sign-up to Link for more detailed news and developments.

Here are the main industry highlights of this week impacting identity and fraud, cybersecurity, trust and safety, financial crimes compliance, and privacy and consent management.

🪄Innovation and New Technology Developments

Facebook Adds Passkey Login Option to Boost Mobile App Security

Facebook is introducing passkey support on its mobile app, enabling users to log in using biometric authentication or device PINs instead of passwords. This move aims to enhance account security by reducing the risk of phishing attacks and password leaks. Passkeys link authentication to specific domains, preventing their use on fake websites. Meta plans to extend this feature to the Messenger app and Meta Pay, though no exact launch date has been announced. Users will still be able to use passwords or other login methods like two-factor authentication and security keys alongside passkeys. (Source)

Hopae Launches hConnect to Simplify Global eID Verification via Wallet-Based Authentication

Hopae has launched hConnect, a global electronic ID (eID) verification platform designed to streamline digital identity verification through indirect integration with government-issued eIDs. Unlike traditional document-based identity verification, hConnect leverages the growing adoption of digital identity wallets, particularly in the EU under eIDAS 2.0, to enable faster, more secure, and compliant user authentication. By acting as an intermediary, hConnect bypasses the complexity of direct integration with multiple national systems, offering access to over 100 eIDs, 99% wallet compatibility, and customizable user experiences. The platform is compliant with major standards including eIDAS 2.0, GDPR, and ISO 27001. (Source)

💰 Investments and Partnerships

Bitdefender Strengthens MSP Cybersecurity Portfolio with Acquisition of Mesh Security

Bitdefender has announced its acquisition of Mesh Security, an Israeli startup specializing in advanced email protection solutions tailored for managed service providers (MSPs). Mesh offers a dual-layered defense system that includes both secure email gateway filtering and API-based inbox protection for platforms like Office 365 and Google Workspace. Its technology addresses threats such as phishing, ransomware, and business email compromise through machine learning and threat intelligence. Bitdefender plans to integrate Mesh’s capabilities into its GravityZone platform, enhancing its appeal to MSPs and reinforcing its position in the global cybersecurity market. (Source)

Hypernative Raises $40 Million to Expand AI Threat Prevention Across Web3 and Blockchain Ecosystems

Hypernative has raised $40 million in a Series B funding round co-led by Ten Eleven Ventures and Ballistic Ventures, with participation from StepStone Group and existing backers. The company specializes in real-time, AI-powered threat prevention for Web3, serving over 200 clients and securing more than $100 billion in assets. Hypernative recently expanded its coverage to over 60 blockchain networks and introduced Guardian, a tool for simulating transactions to prevent blind signing. The funding will support expansion into fraud prevention, wallet-level transaction protection, and AI model enhancement. In 2024 alone, Hypernative identified over $2.2 billion in Web3-related security losses, underscoring the urgency of its mission. (Source)

Coralogix Reaches Unicorn Status with $115 Million Raise and Launch of AI Agent Olly for Observability Data

Coralogix has achieved unicorn status with a new $115 million funding round led by NewView Capital, along with CPPIB and NextEquity Partners, pushing its valuation above $1 billion. Despite not yet being profitable, the Israeli data analytics firm has seen a sevenfold revenue increase since its 2022 raise, largely due to continued heavy investment in R&D. As part of its growth, Coralogix launched “Olly,” an AI agent that allows users to query complex observability data through natural language, aiming to make system insights accessible across teams. The move aligns with broader trends in SaaS and AI adoption, as financial and tech sectors increasingly turn to agentic AI systems to manage data complexity and regulatory risk. Read the full article

Stripe Acquires Privy to Strengthen Digital Asset Management and Bridge Fiat-Crypto Systems

Stripe has acquired Privy, a crypto wallet infrastructure company, to enhance its capabilities in digital asset management. Privy, which provides APIs for secure wallet creation and transaction signing, supports over 75 million accounts and facilitates billions in transactions across more than 1,000 developer teams. The acquisition aligns with Stripe’s broader strategy to bridge fiat and crypto systems, following its recent expansion of international money movement tools and support for new payment methods like UPI and Pix. Stripe Co-founder John Collison highlighted the growing importance of stablecoins and AI in transforming online commerce, noting increased interest from banks in integrating stablecoins into their offerings. (Source)

LevelBlue Acquires Aon’s Cybersecurity Units to Build Unified Global MSSP Platform

LevelBlue, a Dallas-based managed security services provider formerly known as AT&T Cybersecurity, is acquiring Aon’s Cybersecurity and IP Litigation consulting groups—including Stroz Friedberg and Elysium Digital—to expand its global cybersecurity offerings. This strategic acquisition brings LevelBlue a team of 300 professionals with deep expertise in incident response, digital forensics, and IP litigation, significantly strengthening its consulting and technical capabilities. The integration aims to create a unified cybersecurity services platform that combines LevelBlue’s AI-driven detection and response with proactive consulting to deliver faster, more comprehensive cyber resilience solutions. The deal also establishes a strategic partnership between LevelBlue and Aon, enabling joint client services and enhancing LevelBlue’s presence among Fortune 500 companies and top law firms. Analysts view the acquisition as a pivotal move that positions LevelBlue as a leading global independent MSSP and boosts its standing with cyber insurers and enterprise clients. (Source)

Securonix Acquires ThreatQuotient to Deliver Unified AI-Driven Threat Detection and Response

Securonix, a Plano-based security analytics platform, has acquired Virginia-based ThreatQuotient to create a unified, AI-driven system for advanced threat detection, investigation, and response. The integration combines Securonix’s Agentic AI capabilities with ThreatQuotient’s curated external threat intelligence to reduce false positives by up to 90% and accelerate incident response by up to 70%. This comprehensive platform aims to modernize security operations by offering real-time analytics, automated workflows, and deeper context, helping teams respond faster and more effectively to evolving cyber threats. Customers and partners will benefit from enhanced scalability, flexible deployment options, and accelerated innovation through the merged R&D efforts. ThreatQuotient will continue as a standalone product while gaining access to Securonix’s broader infrastructure and ecosystem, promising seamless service and expanded value for both enterprise and government clients. (Source)

⚖️ Policy and Regulatory

World Accelerates Thai Expansion Amid Indonesian Suspension Over Biometric Violations

World, the digital identity platform operated by Tools of Humanity, is expanding rapidly in Thailand through partnerships with 11 local firms, including National Telecom and digital asset exchanges such as Bitazza and Binance TH. Since introducing its iris-scanning Orb devices in March, over 100,000 users have submitted biometric data, with plans to reach 2 million users by year’s end. However, in contrast, Indonesia has suspended World’s services due to regulatory violations related to biometric data collection and inadequate protections for vulnerable populations. Authorities have ordered the deletion of collected data and imposed new compliance conditions. Meanwhile, World has launched its first U.S. ad campaign and expanded its Orb rollout and blockchain integration with stablecoin issuer Circle. (Source)

23andMe Fined £2.31 Million by UK ICO for Major Data Breach Exposing Sensitive User Information

The UK Information Commissioner’s Office (ICO) has fined DNA testing company 23andMe £2.31 million for a significant 2023 data breach that exposed sensitive information from over 155,000 UK users. The breach occurred through a credential stuffing attack, leveraging reused passwords from other breaches to access 14,000 accounts, ultimately compromising data related to 6.9 million individuals. While DNA records were not accessed, exposed details included ethnicity, health information, and family histories. The ICO found 23andMe lacked adequate security measures, such as mandatory multi-factor authentication. Amid ongoing bankruptcy proceedings, the firm’s assets are set to be sold to TTAM Research Institute for $305 million, with new commitments to improve data protections and give users greater control over their data. (Source)

Louisiana Faces Backlash Over Bills Mandating Online Age Verification and Parental Consent for Minors

Louisiana is at the center of a legislative clash over online age verification, as two major bills—HB 570 and SB162—provoke controversy from tech companies and civil liberties advocates. HB 570, awaiting gubernatorial approval, would require app stores and developers to implement age assurance for apps with adult content, raising concerns from groups like the CCIA and Google about user privacy and disproportionate burdens on developers. Meanwhile, SB162 mandates parental consent for social media accounts created by minors under 16 and restricts targeted advertising and messaging, but is currently on hold due to a legal challenge from industry group NetChoice, which argues the law is unconstitutional and inconsistently applied. (Source)

DOJ Antitrust Review of Google’s $32 Billion Wiz Acquisition Signals Scrutiny of Cloud Expansion

The U.S. Department of Justice is reviewing Google’s proposed $32 billion acquisition of cybersecurity firm Wiz Inc. to assess potential antitrust concerns. The deal, announced in March, is part of Google’s effort to strengthen its cloud computing services, following a similar move with its 2022 acquisition of Mandiant. The review is in its early stages and could extend for several months, examining whether the merger could unfairly restrict competition. Google has prepared for possible regulatory hurdles by agreeing to a $3.2 billion breakup fee. This scrutiny comes amid broader antitrust actions against Google, including rulings that found the company maintained monopolies in online search and advertising technology markets. (Source)

🔗 More from Liminal

Access Our Intelligence Platform

Stay ahead of market shifts, outperform competitors, and drive growth with real-time intelligence.

Link Index for Business and Entity Verification (BEV)

Discover the Top 20 Vendors on the Link Index for BEV and gain an unfair competitive advantage through unparalleled access to expert insights.

Liminal Demo Day: Combating AI Threats

Learn how leading teams are tackling the rise of deepfakes, bots, and identity fraud in 15-minute demos—no fluff, no marketing buzzwords.

The post This Week in Identity appeared first on Liminal.co.

U.S. community banks are under pressure to improve KYB (Know Your Business) compliance for small business accounts, especially in light of evolving FinCEN and OCC guidelines. This article explores how KYB modernization using iComply can help banks uncover risk, automate beneficial ownership discovery, and streamline business account onboarding—without increasing compliance headcou

Community banks are the backbone of American Main Street. They finance local businesses, support job creation, and deliver personalized service in ways that larger institutions often can’t. But in 2025, these same banks face increasing pressure from regulators to modernize their approach to KYB—Know Your Business—especially when onboarding and monitoring small and medium-sized business (SMB) accounts.

The Bank Secrecy Act (BSA), the Corporate Transparency Act (CTA), and updated FinCEN guidance are reshaping expectations around business verification, beneficial ownership identification, and AML due diligence. For community banks, this means a new era of regulatory scrutiny—with limited resources to meet it.

The Compliance Challenge

Unlike large banks with dedicated compliance divisions and automation budgets, most community banks operate with tight teams and resource constraints. Yet the burden of compliance is growing:

FinCEN’s Beneficial Ownership Information (BOI) Rule now requires detailed UBO disclosures from most business clients OCC guidelines emphasize continuous monitoring and risk-based segmentation of commercial clients SMB clients often have opaque structures—LLCs, trusts, layered ownership—that require more intensive due diligence

Without the right tools, community banks may face:

Slowed onboarding and increased abandonment Gaps in beneficial ownership data Difficulty proving compliance during audits Higher costs and staff burnout Where Traditional KYB Falls Short

Manual Processes: Many banks still rely on PDFs, in-branch document scans, or email back-and-forths to collect business documents and ownership information. This is time-consuming and error-prone.

Fragmented Vendor Stacks: It’s common to see a mishmash of ID verification tools, AML screeners, and reporting systems that don’t talk to each other.

Reactive Risk Management: Without automated triggers, compliance teams may only discover red flags during periodic reviews or when alerted by third parties.

How iComply Modernizes KYB

iComply’s modular platform enables community banks to take a smarter, proactive approach to KYB with tools designed for the complexity of modern SMB verification.

1. UBO Discovery & Corporate Structure Mapping

Automated workflows parse corporate filings, shareholder data, and registry sources to:

Identify direct and indirect beneficial owners Connect ownership chains and nominee relationships Flag high-risk jurisdictions and complex structures 2. Smart Document Collection

Customizable white-label portals guide businesses through document uploads (e.g., Articles of Incorporation, licenses, shareholder agreements) using a risk-based logic tree.

3. Ongoing Risk Monitoring

Integrate AML watchlists, PEP screening, and adverse media scanning into the KYB lifecycle. Set triggers based on changes in ownership, risk score, or business activity.

4. Edge Computing for Privacy Compliance

Sensitive data—like passports or ID documents of directors—is processed locally on the user’s device before encryption and transfer, supporting data sovereignty and reducing breach risk.

5. Ready-to-Audit Records

Every onboarding and refresh event is logged with full audit trails, timestamps, and linked source documents—streamlining exam prep and reducing regulatory friction.

Case Study: Midwestern Community Bank

A regional bank serving agricultural and construction businesses implemented iComply’s KYB module to address onboarding delays and incomplete BO data. The result:

Reduced average onboarding time from 5 days to less than 24 hours Increased accuracy of UBO records by 60% Passed a FinCEN audit with zero deficiencies Regulatory Outlook for 2025 CTA Enforcement: As FinCEN begins enforcing penalties for BOI non-compliance, banks will need stronger controls to validate and monitor client-provided data. OCC AML Exam Priorities: Community banks should expect increased examiner focus on KYB workflows, documentation, and UBO verification methods. Technology Standards: There’s growing regulatory support for adopting centralized platforms that reduce fragmentation in compliance operations. Recommendations

Community banks should:

Review and update KYB policies to reflect CTA and FinCEN rule changes Replace manual and fragmented vendor processes with centralized, automated workflows Prioritize edge-secure solutions that support privacy, security, and audit readiness Talk to Our Team

Is your KYB process ready for 2025? iComply helps U.S. community banks modernize onboarding, uncover hidden risk, and comply with BOI rules—without growing your team.

Connect with us today to learn how we can help you simplify small business compliance and stay ahead of regulatory change.

Metadium Developer Joins the Digital Identity Technology Standard Forum(DITS) to Advance Korea’s DID Standardization and Ecosystem Metadium Developer Joins the Digital Identity Technology Standard Forum to Advance Korea’s DID Standardization and Ecosystem

Hello from the Metadium Team,
We are pleased to announce that CPLABS, the developer of the Metadium mainnet and a leader in Decentralized Identity (DID) technology, has officially joined the Digital Identity Technology Standard Forum (DITSF) — Korea’s core consortium for digital identity standardization.

This move goes beyond a formal membership. By combining Metadium’s differentiated DID technology with the forum’s national standardization strategy, we anticipate generating powerful synergies that will accelerate the advancement of Korea’s digital identity ecosystem.

🛡 Metadium: Technology Innovation for Realizing Self-Sovereign Identity

Since launching its Genesis Block on March 18, 2019, Metadium has been committed to developing a Self-Sovereign Identity (SSI) infrastructure that securely connects real-world and digital identities.

Our key innovations include:

Development of Meta ID, based on DID and Verifiable Credentials (VC) Integration of Decentralized Public Key Infrastructure (DPKI) Privacy-first, consent-based authentication mechanisms

Without relying on third-party certifying authorities, Metadium enables individuals to verify their identity autonomously. Through extensive real-world deployment of our DID services, we have demonstrated both the practicality and security of our platform.

📈 Looking Ahead: Opening a New Era for DID Technology with Metadium

DID technologies are rapidly expanding across various industries, including privacy protection, Know Your Customer (KYC), authentication, and access control. The global DID market is projected to grow from USD 694.37 million in 2024 to over USD 10.66 billion by 2030. Standardization is critical to this expansion.

Metadium will continue to:

Proactively contribute to the standardization of Korea’s DID technology Lead efforts in achieving interoperability across blockchain ecosystems Strengthen technical and policy foundations for global market entry Collaborate with ecosystem participants to share knowledge and solutions

This forum participation marks a meaningful step in connecting Metadium to both domestic and international DID standardization ecosystems — and in realizing a future society based on decentralized digital identity.

📢 Stay Updated — Join the Metadium Community

We’ll continue sharing real-world DID use cases, AI-powered service launches, and partnership news every week.

Website | https://metadium.com Discord | https://discord.gg/ZnaCfYbXw2 Telegram(EN) | http://t.me/metadiumofficial Twitter | https://twitter.com/MetadiumK Medium | https://medium.com/metadium

Thank you.

Metadium team.

메타디움 개발사, 디지털신원기술표준포럼 합류로 대한민국 디지털 신원 표준화 및 생태계 고도화에 기여

안녕하세요, 메타디움 팀입니다.

메타디움 블록체인 메인넷 개발사이자 DID 기술 선도 기업인 (주)씨피랩스가, 국내 디지털 신원 표준화 분야의 핵심 협의체인 디지털신원기술표준포럼(Digital Identity Technology Standard Forum)에 정식 회원사로 참여하게 되었음을 알려드립니다.

이 합류는 단순한 회원 등록을 넘어, **메타디움이 보유한 차별화된 탈중앙화 신원 기술(DID)**과 포럼이 추진하는 국가 DID 표준화 전략이 결합하여, 대한민국 디지털 신원 기술 생태계에 강력한 시너지를 창출할 것으로 기대됩니다.

🛡 메타디움: 자기주권 신원의 실현을 위한 기술 혁신

메타디움은 2019년 3월 18일 제네시스 블록을 시작으로, 현실 세계와 가상 세계의 신원을 안전하게 연결하는 Self-Sovereign Identity(SSI) 비전을 추구해 왔습니다.

DID와 Verifiable Credentials(VC)에 기반한 ‘메타 ID(Meta ID)’ 시스템 개발 Decentralized Public Key Infrastructure(DPKI) 기술 도입 개인 데이터의 프라이버시 보호와 사용자 동의 기반의 인증 구조 실현

메타디움은 제3의 기관 없이도 개인이 스스로 신원을 증명할 수 있는 완전한 탈중앙화 신원 시스템을 구축해왔으며, 다수의 상용 DID 서비스 경험을 통해 실효성과 보안성 모두를 입증했습니다.

🤝 표준 포럼 합류: 국내외 DID 기술 조율과 국제화의 교두보

디지털신원기술표준포럼은 국내 DID 및 SSI 기술의 국제 표준 연계를 목표로 하는 협의체로, 산업계, 학계, 연구기관, 정부기관과 국제 표준기구(DIF, OIDF, ToIP, IETF 등) 간의 기술 정합성과 확산을 이끄는 중추 역할을 수행합니다.

메타디움은 다음과 같은 방식으로 기여할 예정입니다:

W3C DID 기반 상용 서비스의 실무 경험 공유 이종 블록체인 간 상호운용성 확보를 위한 기술 제안 표준화 위원회 및 분과 활동을 통한 정책·기술 제안 최신 글로벌 표준 동향 반영 및 기술 개발 로드맵 통합

특히 메타디움이 전략적으로 추진 중인 ‘Universal ID(유니버설 ID)’ 비전은, 다양한 블록체인 간의 DID 연계와 통합을 지향하며 포럼의 국제화 전략과도 긴밀히 연결됩니다.

📈 미래 전망: 메타디움과 함께 여는 디지털 신원 기술의 새 시대

DID 기술은 개인정보 보호, KYC, 인증, 접근제어 등 다양한 산업에서 빠르게 확산되고 있으며, 2024년 약 6억 9,437만 달러에서 2030년 106억 6,000만 달러까지 급성장이 예측됩니다. 이 가운데, 기술 표준화는 산업 확장의 핵심입니다.

메타디움은 다음을 수행합니다:

대한민국 DID 기술 표준화에 적극 기여 블록체인 기반 신원 기술의 상호운용성 확보 주도 글로벌 시장 진출을 위한 기술 및 정책적 기반 강화 DID 생태계 참여자들과의 지속적 협력 및 기술 공유

이번 표준 포럼 참여를 계기로, 메타디움은 국내외 기술 생태계에 연결되는 실용적 DID 표준화를 추진하고, DID 기반 사회를 실현하는 데 앞장설 것입니다.

📢 매주 발표되는 소식을 받기 위해 메타디움 커뮤니티를 구독하세요

다양한 분야에서 DID의 적용과 AI 기술 활용 사례, 협업 소식이 매주 이어집니다.

Website | https://metadium.com Discord | https://discord.gg/ZnaCfYbXw2 Telegram(EN) | http://t.me/metadiumofficial Twitter | https://twitter.com/MetadiumK Medium | https://medium.com/metadium

감사합니다.

메타디움 팀.

Metadium Developer Joins the Digital Identity Technology Standard Forum(DITS) to Advance Korea’s… was originally published in Metadium on Medium, where people are continuing the conversation by highlighting and responding to this story.

Discovery lies at the heart of research, but without solid data management, even the best datasets risk becoming unusable. Whether you're working solo or on a global team, good RDM keeps data organized, secure, and reusable—long after a project ends. Tools like myLaminin simplify this by supporting key practices like structured file naming, standardized metadata, and secure backups. As funder and journal expectations grow, effective data management is no longer optional - it’s essential.

Predictoor DF146 rewards available. DF147 runs June 19th — June 26th, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 146 (DF146) has completed.

DF147 is live today, June 19th. It concludes on June 26th. For this DF round, Predictoor DF has 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF147 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF147

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF146 Completes and DF147 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

By: Helen Garneau

In March 2025, online brokerage firms in Japan were hit by a massive wave of account takeovers. Criminal groups used phishing sites to steal login credentials from investors, then logged in and executed trades—sometimes worth millions of yen—without the account holders’ knowledge. More than 100 stocks are believed to have been manipulated in the process.

The attack followed a familiar pattern: attackers built fake websites mimicking legitimate brokerage login pages. Unsuspecting investors entered their credentials, which were then used to log in as if they were the real account holders. In one case, a man lost over ¥2 million (about $14,700 USD) in minutes; in another, an account was accessed from an unfamiliar region and drained of nearly ¥10 million (about $70,000) in assets.

No compensation

Because these attacks used valid usernames and passwords, brokerages argued they weren’t at fault and denied compensation to the victims. From the system’s perspective, it looked like the real user had initiated all the trades. 

No protection

Weak authentication that puts all the risk on the customer undermines trust in the entire trading ecosystem. And it’s an unsustainable security position when AI-tools and biometric identity fraud are added to the attacks on user accounts. 

Are brokerages really going to take the position that a fake biometric was “real” as far as their system was concerned — and it’s the customer’s responsibility for their biometric data being faked or stolen?

A better and more powerful way to authenticate account holders

Step 1: Replace usernames and passwords for customer accounts with Verifiable Credentials

A Verifiable Credential is a tamper-proof digital credential that a customer holds in a digital wallet on a mobile device. 

It’s verified by cryptography so authentication is seamless and doesn’t involve the process of inputting personal data that can be phished or stolen. 

The credential can’t be shared or stolen because of the way it is bound to the customer and their device.

Step 2: Add a verified biometric to the credential

This can be done when a customer is onboarded, or it can be derived from a government issued ID during and combined with a liveness check to ensure the image on the ID matches the real, live person.

Now you have a way to cross check a liveness check in real time, mitigating biometric identity fraud and the risk of generative AI deepfakes. The customer has a way of proving that they are really who they present as.

Mutual trust, built in

With this setup, the customer and the brokerage verify each other before any data is shared. Customers can be sure they’re dealing with the real brokerage. Brokerages can be sure they’re dealing with the real customer. And phishing attempts are detected and blocked before they begin.

Built for compliance and trust

Verifiable transactions: Your customer holds and controls their data from their device and you can cryptographically verify their identity and data without having to check it against information held in the cloud or by a third-party identity provider. Simplified compliance: Since biometric data never leaves the user’s device and doesn’t need to be stored by the brokerage or a third party to be verified, brokerages aren’t burdened with the responsibility of storing or managing that sensitive information. This reduces liability and makes it easier to align with strict data protection regulations. Consumer trust: When customers know that no trade can be executed without their personal, biometric consent, they feel secure. Brokerages can point to real safeguards—not just promises—when reassuring their customers that their investments are protected by the latest in identity security technology. Indicio Proven makes all this simple

Indicio Proven makes it easy to issue and verify these credentials, radically simplifying identity assurance and data sharing — and at significantly lower cost than conventional identity providers.

This is why Money2020 selected Indicio as one of one of the key startups in 2025 “transforming the future of money.”

Take the first step to streamlined, secure, globally interoperable digital identity

Book a demo of Indicio Proven Auth and discover how to bring powerful, portable, privacy-preserving digital identity to your platform—reducing risk, lowering costs, and building the foundation for trusted, seamless services.

###

The post Use Case: How Indicio Proven can help to stop account takeovers in securities trading appeared first on Indicio.

Publishing in peer-reviewed journals is more than tradition—it’s a strategic step in advancing careers, meeting funder mandates, and fueling scientific progress. In today’s data-driven world, platforms like myLaminin support researchers at every stage, from managing metadata and version control to ensuring compliance and transparency. With myLaminin, publishing becomes not only easier but also more impactful, aligning with modern research demands.

Fastly earns "Deployed on AWS" status, enhancing procurement and savings for AWS Marketplace users. Explore our cloud-optimized CDN and security solutions today.

When a learner earns a credential, whether it's a workforce certificate, micro-credential, or degree, they deserve to share it with the same trust, control, and clarity that we expect in any other critical verification process.

As Learning and Employment Records (LERs) gain traction across education, training, and workforce systems, we're facing a pivotal challenge: Why aren't these credentials built on the same principles of transparency, consent, and interoperability as other verified information in our digital lives? If LERs continue to rely on fragmented standards, formats, and verification practices, learners are left navigating a maze while employers and institutions struggle to interpret records consistently and securely.

To build trust in the LER ecosystem, we need credentialing infrastructure that meets users where they are: portable, verifiable, and understandable across contexts.

The Existing Model: Simple but Limited

In many implementations, the credential is uploaded to a central service after issuance. The learner shares a static URL or QR code, and anyone with access can view the full contents and verification status, no wallet or special tools are needed on the verifier's side. This ease of access is a clear benefit.

However, the model is generally more centralized than might be desired, which comes with some challenges. First is control of and access to data. The verification experience relies on the availability and integrity of a third-party service (or, commonly, services tied to the issuer) that holds the credential data. If the user is removed from that system, they lose the badge information stored in that system. This makes the holder dependent on the issuer to maintain the service and credential info for them. Next is reliability - if the badge-holding system goes offline or is compromised, the verification capabilities are also lost. Lastly, there is the question of privacy. If the verifier must visit a central service, particularly one managed by the issuer, then the issuer knows who is verifying what information about every badge. That is a powerful set of tracking data.

When the entire credential is shared and made broadly available for verification at a public or semi-public address, there's no opportunity for selective disclosure, either to choose not to share certain information or to give consent per verification request. Even when this type of badge sharing is revocable, these links generally are “all or nothing” and lead to overexposure. 

We want to evolve these solutions as we move towards a more privacy-preserving, user-controlled world of digital data sharing. 

A New Approach: Privacy-Preserving, Standards-Based Verification

At SpruceID, we’ve taken a new approach to building Learning and Employment Record (LER) credentials, one that gives learners more control and privacy. We use the Open Badges 3.0 standard, which defines a common way to describe learning achievements so they can be recognized across different platforms. Open Badges 3.0 specifies the Verifiable Credentials Data Model (VCDM) 2.0 for structuring these credentials, enabling cryptographic security, portability, and tamper resistance. This approach gives learners more control over how their credentials are shared and verified while aligning with emerging ecosystem standards.

For issuing and presenting credentials, we use OID4VC (OpenID for Verifiable Credentials) and OID4VP (OpenID for Verifiable Presentations), which allow credentials to be securely shared in real-time, with the holder’s consent rather than stored on a central server. To support selective disclosure, we package the credential using SD-JWT VC, a format that lets the holder reveal only specific pieces of information rather than the entire credential.

Altogether, this approach lets learners store credentials in their secure digital wallet and decide exactly what they share, when, and with whom, providing stronger privacy, less reliance on intermediaries, and better alignment with data protection laws.

In this model:

Credentials live with the holder, not on a hosted server Verification is interactive, happening in real time between the holder and verifier Only necessary information is shared, thanks to selective disclosure and user consent flows Standards like GDPR and FERPA are easier to support by design

This approach preserves portability: learners can use their credentials across platforms and systems, even if the original issuer or platform disappears. It's also designed for longevity, supporting lifelong learning records that the holder truly owns and controls.

Why This Matters

We believe credential holders deserve the same control over their achievements that they are learning to expect from their identity data. That means user consent, data minimization, and resilience against vendor lock-in.

For issuers, this means credentials that are portable and can be used across systems and platforms.

For verifiers, it means a more secure, tamper-resistant way to confirm qualifications, with standards-based integrations that can plug into existing HR or admissions workflows.

For learners, this means credentials they truly own, not just access to a link but full control over how their accomplishments are shared and seen.

A Familiar Yet More Secure UX

Although this model introduces more real-time interactions, the user experience remains intuitive. For example, when an employer wants a job applicant to verify their appropriate credential, they can embed a QR code for the learner to scan with their credential wallet. This allows the learner to review the request, simply scan the QR code, and tap “approve” when prompted. As more systems begin to use open standards, any compliant wallet or verifier would be able to participate in building out or adopting these solutions. Broad compatibility is critical for long-term ecosystem success.

Verifiers will likely need to adapt their existing processes to a small extent. Instead of reviewing a credential on a webpage, a recruiter or admissions officer might need to share an OID4VP QR code and save the results from that request instead. Although this is a shift, it offers more security and reduces fraud, and simple integrations with verifier products will evolve over time.

Supporting Optionality

We also recognize that one size doesn't fit all. Some credentials are meant to be widely shared and carry less sensitive data. For some use cases, public links will always make sense. These scenarios can still support individuals by adding short-lived presentation tokens or creating one-time verification experiences that can be shared with a key or code. 

Our goal is to offer institutions and holders flexibility to choose between high-trust, high-control models and simpler, open-sharing options depending on what’s appropriate for their business needs.

Building LER Credentials for the Future

As digital credentials become a foundational layer of how we recognize learning and achievement, it's time to evolve the way we verify them. Static links and centralized systems have their place, and have been a baseline and necessary first step, but there are exciting improvements to these expectations that we are beginning to see around privacy, control, and interoperability. 

At SpruceID, we believe that by embracing open standards, centering learner privacy and consent in these processes, and empowering users with modern, secure digital credential wallets, we can create a verification experience that is simultaneously intuitive, resilient, and trustworthy.

Learn More

About SpruceID: SpruceID is building a future where users control their identity and data across all digital interactions.

Back in 2018, our conversations revolved around how India’s UPI is picking up, and similarly why document verification is still so time consuming. We were discussing mainly usecases like VISA processing, Higher education across the border, and dreaded Government office visits in India, where every time you visit, there will be one more document missing between us and what we want to get. That is where we focused on solving for ‘trust’ in digital transactions, leading us to dive deep into something called Verifiable Credentials (VC). 

Fast forward five years, and many usecases spanning from nation scale (ONDC, NPCI etc), and small apartment usecases (for the likes of certificates for cultural programs, sports events etc), we’ve gathered some insights we’d love to share.

Understanding Verifiable Credentials (VC)

VC is a w3c standard for how to share information/credentials. At its core, VC aims to:

Confirm that the credential hasn’t changed since it was issued.
Verify the issuer’s identity.
Check if the credential is still valid (not expired).
Determine if the credential has been revoked.

VCs are a powerful way to manage credentials, helping machines quickly verify digital documents and boosting trust. It also focuses on providing the user the much needed ownership of her/his data. But, alas widespread adoption hasn’t fully taken off yet. The reasons for it are many, and valid when you think from the lens of the adopters. Lets list some.

It is an ecosystem story: You need all 3 parties (Issuer, Holder, and Verifiers) to use it to make it meaningful Interoperability: Even though standard is flexible and provides options to interoperability, majority of the solutions use custom proof section, and ZK (ZeroKnowledge) system, making the issuer data, not easily verifiable from the service providers. Government is a major stakeholder: In many scenarios, and usecases, the ball stops at the government. Because the Government’s adoption is a key blocker to build ‘trust’ in solutions. Changes to existing software products: For many private companies we spoke to, the economics of making changes to existing software stacks was not feasible, and VC standards needed that change to even get started. Who pays? As it is an ecosystem play, the question in mind of for-profit companies is, who should pay? Why should I pay if I am issuing VC, because the service providers are benefiting from ‘Verifiable’ data. For non-profits, it is not sustainable to keep funding the efforts repeatedly For Govt and Executives, the ‘perk’ is not very clear. If people don’t come to offices, how do they ‘exercise’ their power? Few of the visionaries wanted it, but bureaucracy is such that the very few startups in this space can never work with the government because of stricter tender norms.

But someone has to break this huge blocker, and here is how we approached the problem and designed the solution stack.

Data Tokenization by Dhiway

This is where data tokenization comes into play—think of it as adding a powerful new capability of verification without changing your existing data. Here’s what makes it valuable:

Integrity Checks: Easily verify if content remains unchanged by comparing hashes.
Issuer Verification: Use digital signatures (private/public keys) to confirm who issued the document.
Validity Checks: Include expiry directly within your data to manage validity effortlessly.
Revocation Control: The issuer can dynamically manage document status through tokens.

But that’s just the beginning. Data tokenization offers even more advantages than traditional VCs:

Easy Integration: Seamlessly connect with your current systems without additional changes.
Universal Compatibility: Tokenize any document type, not just JSON-based VCs.
Enhanced Trust: Transparent, decentralized logging ensures complete trustworthiness.
Time-series Verification: See document changes over time, not just single-point verification.

Sounds Ideal, What’s the Catch?

The primary limitation is that unlike VCs, which may be verified offline, data tokenization requires internet connectivity to interact with network nodes for verification. Beyond this, data tokenization is remarkably versatile and simple to implement.

More Benefits You Should Know About Compliance Ready: Fully aligns with data privacy standards like DPDP and GDPR.
Flexible Security: Easily rotate keys for added security.
Empowerment: Delegate issuance powers, enabling broader participation.
Enhanced VC (VC++): Even VC JSON data (without embedded proof) can be tokenized for convenient use, much like a digital wallet.
Enhanced mDoc (mDoc++): Supports modern credential formats like mobile Driver Licenses (mDL).
Simplified Storage: Store tokenized data flexibly across various platforms like Google Drive, WhatsApp, local folders, or FTP servers, eliminating the need for dedicated wallets.

One may ask, “ ‘Tokenization’ is the word which is loosely used with web3 and blockchain technologies, isn’t it for ‘Transaction’ only?”. We always say, tokenization is a key word that came to highlight, because more people are using it. It is already being done. The STOCK MARKET works on tokenized shares today. The Bankers Cheque (Demand Draft/DD) is another such example. We are talking about ‘Data’ here, which is surely a superset of every thing we talk about Tokenization.

Does Tokenization solve all the things mentioned above?

Common Standard. Simple API to access.  NO (major) CHANGES to existing software products, they continue to generate documents as is, with a new API added to it.  The government can integrate without concern of sovereignty concerns. Who pays? : This will be explained in a separate blog, many interesting pointers here, and we believe you will come back to read about it It is an ecosystem story: Decentralized networks are designed for ecosystems. With CORD’s OnChain Governance, an option to run an enterprise network, the ecosystem should be able to benefit out.

All good? Let’s see how Dhiway can help.

What does Dhiway do? Simply put, we’re amplifying trust to find and fulfill opportunities. 

Now, our vision is, there would never be ‘one chain to rule them all’, hence providing the document / data creators an option to choose what they need. Public, private, consortium led tokenization network/stack is the right way to make people consume these features faster. Keep customer’s needs, their regulations, and their compliance requirements in mind when we propose a solution.

With that, Dhiway’s CORD based platform allows people to get started quickly on this, and start your journey with ‘Verifiability’.

The post Unlocking the Future with Data Tokenization: Getting the Most from Decentralized Ledgers appeared first on Dhiway.

“I’ve been thinking a bit about the whole Model Context Protocol (MCP) thing.“

According to its documentation, MCP is ‘an open protocol that standardizes how applications provide context to LLMs.’ Given the growing dependence on large language models (LLMs), this is a big deal (remembering that all LLMs are a type of AI, but not all AIs depend on LLMs). If we’re moving toward a world where AIs are expected to do All The Things, interfacing with our applications and services, then having a universal adapter that lets AIs talk to everything is undeniably powerful.

But, me being me, as soon as I saw someone describe MCP as an “open standard,” I immediately had questions.

A Digital Identity Digest The MCP Bandwagon Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:10:02 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

I’m not a developer; I can’t speak to MCP’s utility from a coding perspective. I’m not an architect, either; I can’t tell you where this fits best in your environment. But I am a standards person. So if you tell me something is an open standard, I’m going to want to know: who is standardizing it? What process are they following? Who’s doing the review? What are the intellectual property considerations?

What a standards organization does

Let’s back up for a moment. What does a standards development organization (SDO) actually do?

If you’ve never looked into it, you might joke that SDOs exist to slow things down under the weight of process. OK, fair. But let me ask: why is that always a bad thing?

That process guarantees broader review across multiple dimensions. For example, the IETF requires a security considerations section in every draft submitted for publication. They also mandate cross-area review, requiring input from the different areas: Internet, Web and Internet Transport, Applications and Real Time, Routing, and Security.

Over at the W3C, every spec is subject to privacy, internationalization, accessibility, and architectural review, often more than once during its lifecycle. And all the formal SDOs I’ve worked with have some kind of Intellectual Property Rights (IPR) policy, which goes beyond an open-source license to include licensing terms for essential patent claims.

You have to start somewhere

To be clear, most SDOs didn’t emerge fully formed. They started with a handful of people who weren’t satisfied with the existing processes or the politics. That’s how the WHATWG began, opting for a living-document model and less procedural overhead than the W3C. (Though in my opinion, they eventually ended up with just as much process, just differently shaped.)

So maybe MCP is on its way to becoming its own kind of SDO, at least for this protocol. That’s fine. You have to start somewhere. But if that’s what’s happening, I don’t know where those conversations are taking place. Is there a governance plan? An IPR framework? A mailing list that isn’t just announcements?

So, back to MCP

Anthropic, the company behind Claude, announced MCP late last year to address a real problem they’ve faced as an AI vendor: how to standardize context exchange between apps and LLMs—doing so openly and transparently. That’s great. I genuinely appreciate the transparency, and I understand the desire to move fast in an area evolving as rapidly as AI. However, when people hear ‘open,’ they often assume peer-reviewed, widely adopted, and safely maintained. But an open GitHub repo doesn’t guarantee any of that.

By publishing the spec openly and encouraging others to use it, they’re aiming for what’s often called a “de facto standard”, something widely adopted even in the absence of formal standardization. Go team!

But I’m still worried.

I like the structure of a formal review process. I also like being able to point to exactly who reviewed a spec for security, privacy, and accessibility, and knowing that those reviews weren’t optional. Knowing that if you implement something before those reviews are done, you’re doing so at your own risk is critical.

Will adding a process slow things down? Yes, but I don’t think that’s a bad thing. It’s better to go slower than to trip over a hazard that could’ve been avoided with just a bit more thoughtfulness.

Just look at what’s happened in other areas of tech when we skipped due diligence: poor API scoping, security vulnerabilities, and consent models that collapsed under legal scrutiny. A good standards process helps us catch those kinds of mistakes before they happen. I’ve been in those three-hour meetings. It’s not glamorous. But you know what happens in those meetings? Someone catches the thing no one saw coming.

What happens if MCP becomes the default, without structure?

Let’s talk about the future we might be sliding into without realizing it.

If MCP gets widely adopted without formal structure—no shared governance, no multi-stakeholder review, no clear IPR policy—we don’t get a win for open standards. We get a de facto protocol that locks in early design assumptions, possibly shaped by a single vendor’s priorities, and leaves little room for dissenting use cases or evolving needs.

That might sound fine in the short term. After all, it’s solving a real problem! But over time, we run into real consequences.

What if MCP bakes in patterns that work well for consumer apps but break down in healthcare or financial services, where regulatory audits and fine-grained access controls are non-negotiable? Or, what if it assumes context is something you pull from a user, rather than something the user pushes or consents to, reinforcing an architecture that sidesteps agency and privacy?

What if an entire ecosystem of tooling gets built around early versions of the spec, and then a major vulnerability or design flaw gets discovered, but there’s no defined process or authority to fix it in a way that maintains trust?

If MCP becomes the default before it’s ready, we risk not just technical debt but governance debt, which is harder to see but far more expensive to repay.

Call to action

None of this means MCP is flawed or untrustworthy. It’s solving a real problem, and it’s doing it more openly than many. But openness isn’t the same as structure. So here’s my CTA: does anyone want to help this protocol grow up a bit?

Maybe that means finding a home for MCP within an existing SDO or spinning up something new and bespoke. Either way, the structure needs to happen.

I don’t have any contacts in the project, so this is mostly a wish on my part. But if you have any ideas (and if you agree this is a concern), let’s chat!

Want to stay updated? I write about digital identity and related standards—because someone has to keep track of all this! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here] 

Transcript

[00:00:00]
Welcome to the Digital Identity Digest, the audio companion to the blog at Spherical Cow Consulting. I’m Heather Flanagan, and every week I break down key topics in the world of digital identity—from credentials and standards to browser behavior and policy shifts.

If you work with digital identity but don’t have the time to follow every new specification or hype cycle, you’re in the right place.

What is MCP, and Why Is It a Big Deal?

[00:00:26]
Let’s get into it. I’ve been thinking about the Model Context Protocol (MCP)—a trending topic in the tech world.

[00:00:38]
According to its documentation, MCP is an open protocol that standardizes how applications provide context to large language models (LLMs).

[00:00:48]
And with the rise of LLMs as a dominant type of AI, this protocol could prove essential.

[00:00:56]
If we’re truly heading into a world where AI can:

Summarize documents Write and review code Manage complex schedules Coordinate across digital systems

…then having a universal adapter like MCP is a pretty compelling idea.

[00:01:14]
So I get the excitement—really, I do.

But What Does “Open Standard” Really Mean?

[00:01:16]
Me being me, the moment I saw MCP described as an “open standard,” I had questions.

[00:01:26]
Now, I’m not a developer or a systems architect. But I am a standards person. And when I hear open standard, I ask:

Who’s maintaining it? What’s the review process? Are there intellectual property rights (IPR) concerns? Who decides how and when it changes?

[00:02:00]
Because open can mean very different things.

[00:02:06]
For example:

Open source: The code is public Open access: No login needed to read documentation Open to contribution: Community can propose changes

[00:02:20]
But a true open standard means much more. It implies:

Governance Transparency Neutrality Stability Shared ownership Zooming Out: What Do SDOs Actually Do?

[00:02:44]
Before diving further into MCP, let’s look at Standards Development Organizations (SDOs).

[00:02:54]
If you’ve never worked within one, you might think SDOs are where good ideas go to die—buried under mountains of email and bureaucracy.

[00:03:03]
And yes, it can feel like that some days.

[00:03:08]
But that process exists for good reason.

[00:03:10]
Take the IETF (Internet Engineering Task Force), for example. Every draft must include:

A security considerations section Review across multiple technical areas: transport, application, security, routing Checks that prevent major issues at scale

[00:03:43]
Or consider the W3C (World Wide Web Consortium). They require:

Privacy and accessibility reviews Internationalization checks Architectural coherence assessments

[00:03:57]
These aren’t easy. But they force critical thinking, which ultimately strengthens the standard.

Why Governance Matters

[00:04:27]
When a standard is finally published, developers, vendors, and even regulators rely on it. That trust only exists because of rigorous review and intellectual property safeguards.

[00:04:45]
Because with foundational tech, you really don’t want legal issues popping up years later.

[00:04:57]
All SDOs start small. For instance:

The WHATWG formed because W3C felt too slow W3C itself branched from IETF for the same reason

[00:05:22]
Eventually, though, governance always returns—just with different flavors and speeds.

[00:05:31]
Lesson? You can’t escape governance. If your idea scales, governance will find you.

Where Does MCP Stand Today?

[00:05:55]
Let’s come back to MCP.

[00:06:09]
Anthropic—the creators of Claude AI—released MCP in late 2024 to address a real challenge: how to standardize context exchange for LLMs.

[00:06:25]
They’ve done a commendable job being transparent. The spec is published, and adoption is encouraged. That’s what we’d call a de facto standard—it gains traction because it simply works.

[00:06:48]
But there’s risk here. If MCP becomes the norm without governance or formal review:

We’re embedding one vendor’s assumptions There’s no accountability or shared maintenance Critical decisions become hard to challenge

[00:07:07]
For example:

It may work for consumer apps but fail in regulated industries It might prioritize AI-driven “pull” models, ignoring consent-based “push” models Future changes could break everything, with no obligation to maintain compatibility

[00:07:19]
In short:

What starts fast becomes fragile. What feels open becomes proprietary.

We’ve Seen This Before

[00:07:33]
Consider:

OAuth2: Took years to retrofit its security model after early, chaotic adoption HTML5: W3C and WHATWG had to reconcile major differences just to move forward

[00:07:43]
These were not technical failures—they were governance failures. And they’re costly to fix.

[00:08:19]
This is what I mean by governance debt. It’s invisible—until suddenly, it’s not.

A Call to Action: Help Build the Foundation

[00:08:29]
To be clear: MCP is not broken. It’s solving a real problem, and it’s already more open than many other AI protocols.

[00:08:35]
But openness ≠ structure. A GitHub repo ≠ a standards body.

[00:08:37]
So here’s my question:

Who wants to help give MCP a real foundation?

[00:08:45]
That might mean:

Finding a home for MCP within an existing standards body Forming a lightweight, transparent working group Agreeing on a proper review process (including privacy, security, and accessibility)

[00:08:58]
I don’t care about the venue—IETF, W3C, something new. I care that we do something.

[00:09:06]
Because if this protocol is going to power the AI systems that touch every corner of our lives, we can’t afford to be careless.

Want to Help? Let’s Talk

[00:09:15]
If this interests you, or you want to know more, check out the full blog post.

[00:09:21]
Coming up next: a deep dive into what open standards really mean. I hope you’ll stick around.

Thanks for Listening

[00:09:33]
That’s it for this episode of Digital Identity Digest. If it helped clarify things—or at least made them more interesting—please:

Share it with a friend or colleague Connect with me on LinkedIn @hlflanagan Subscribe and leave a rating on your favorite podcast platform

You can always find the full written post at sphericalcowconsulting.com.

Stay curious. Stay engaged. Let’s keep these conversations going.

The post The MCP Bandwagon appeared first on Spherical Cow Consulting.