Company Feeds | Identosphere Blogcatcher

Christian Stricker is Digital Marketing Intern at Tokeny.  Tell us about yourself!

I’m Christian Stricker, born in Luxembourg to Danish parents. Currently finishing a Bachelor’s Degree in Media Design in Eindhoven, which is the latest on my big list of projects/problems to solve. Having something to work towards always keeps me motivated, and that can be something simple like creating my favorite dish, to more complex projects where I utilize my full potential.

I have a few hobbies but the main ones are motorsports and fitness. I often participate in virtual sim racing competitions in cars which I have designed myself. A perfect way to blend my professional skills and hobbies into one. For the fitness side, I play touch rugby with the Luxembourgish team every week, go on runs in the forest, and ski.

 

What were you doing before Tokeny and what inspired you to join the team?

Before Tokeny, while I was completing my bachelors degree, I was involved in a global project of building and managing a website overhaul for a factory automation company. This taught me a lot about web development, project management and marketing. I thoroughly enjoyed this, so when the opportunity to join Tokeny arose I was ecstatic. Especially since I have been looking at working in the web3 industry.

How would you describe working at Tokeny?

Innovative, challenging but very rewarding. The team is very motivated and everyone working here has a strong belief in what Tokeny is doing for the future. I am not just a number here, my inputs are valued and working alongside the others has taught me a huge amount about myself, and the web3 industry.

What are you most passionate about in life?

If I were to condense all my passions into one it would be: Learning and Improving. My main passion is racing. Ever since I was a kid, I always wanted to be a driver and as I grew up I tried making this a reality. I spent countless hours learning racecraft and how to handle a car, then I would apply my learnings to the track in karts. I have taken part in a few karting races and won 2 of them. Beating the competition is the motivation, and nothing is more rewarding than finally earning the top spot of the podium.

What is your ultimate dream?

To live a life knowing I did my best, even if I don’t achieve all my goals. As long as I have given it my best shot, I will never have to think, what if?

What advice would you give to future Tokeny employees?

Don’t be afraid of accepting new challenges, keep an open mind, and the team is always there to help you improve. Your hard work will be recognized.

What gets you excited about Tokeny’s future?

We are at the beginning of something that can completely change the way we do finance in the future. Opening up a whole new world of opportunities for institutions and investors. I am excited to be part of this journey and see where it leads us.

He prefers:

Coffee

check

Tea

check

Movie

Book

Work from the office

check

Work from home

check

Dogs

Cats

Call

check

Text

check

Burger

Salad

check

Mountains

Ocean

check

Wine

Beer

check

Countryside

City

check

Slack

Emails

check

Casual

Formal

check

Crypto

check

Fiat

Night

check

Morning

More Stories  Tokeny’s Talent｜Sefa’s Story 24 November 2022 Tokeny’s Talent｜Thaddee’s Story 2 June 2022 Tokeny’s Talent｜Mihalis’s Story 28 January 2022 Tokeny’s Talent | Tiago 27 July 2023 Tokeny’s Talent｜Joachim’s Story 23 April 2021 Tokeny’s Talent | Fedor 10 April 2024 Tokeny’s Talent｜Barbora’s Story 28 May 2021 Tokeny’s Talent｜Cyrille’s Story 17 September 2021 Tokeny’s Talent | Omobola 25 July 2024 Tokeny’s Talent｜Ivie’s Story 1 July 2022 Join Tokeny Solutions Family We are looking for talents to join us, you can find the opening positions by clicking the button. Available Positions

The post Tokeny’s Talent | Christian’s Story appeared first on Tokeny.

by Paul Fisher

January 17, 2025 marks a milestone for the EU’s Digital Operational Resilience Act (DORA), as financial entities across the EU must now fully comply with its requirements. While no longer in the EU, UK financials still need to comply for any cross border activity. Once again, Brexit doesn’t really mean Brexit when it comes to GRC!
But while DORA aims to bolster operational resilience, it hasn’t yet convinced senior cybersecurity professionals that their weakest link—supply chain security—is any stronger. A recent study by Green Raven Limited, conducted in partnership with Censuswide, reveals insights into the state of supply chain cybersecurity. Despite the extensive preparations financial entities have made for DORA, confidence in the resilience of supply chains remains tepid at best.

The Numbers Don’t Lie
The research surveyed 200 senior cybersecurity professionals, including 21 from the financial sector, all representing UK organisations with over 1,000 employees. The findings are clear:

44% of all respondents acknowledged their supply chain is the weakest part of their cybersecurity. In the financial sector, the figure was 43%, virtually identical to the broader sample.

Source: Censuswide 2025

What’s concerning  is that even after preparing for DORA, so many still see their supply chains as the weakest link. This raises an important question: if supply chain security isn’t their greatest concern, what is? Could it mean some financial organisations have addressed supply chain risks effectively during their DORA preparations, or does it indicate other areas of cybersecurity are more precarious? On the other hand, 87% of the UK businesses surveyed said they were compliant by October 17th for the related EU NIST 2 deadline. 

Supply Chain Risk: Still Top of Mind
For banks and other financial institutions, Third-Party Risk Management (TPRM) has long been a priority, and DORA’s provisions specifically mandate enhanced oversight of ICT suppliers. Yet Green Raven’s research found that an even higher proportion—53% of senior cyber professionals working in supply chain-related roles—identified supply chains as their weakest link.

This doesn’t necessarily mean these organisations lack confidence in their overall cybersecurity posture. Rather, it underscores the complex, multifaceted risks supply chains pose—risks that remain a dominant concern, even with frameworks like DORA in place.

The Takeaway
DORA compliance is a step forward for operational resilience, but it’s clear the journey is far from over. Supply chains remain a critical vulnerability, and addressing this requires more than ticking regulatory boxes—it demands proactive, continuous oversight and investment in robust monitoring solutions.

As financial organisations adapt to DORA, the real question isn’t whether compliance alone will reduce risk, but whether these efforts will translate into a stronger, more resilient supply chain.

The bottom line for all business, UK or otherwise, is that being compliant doesn’t protect you from a cyberattack. It just means that the minimum legal requirements have been met, and a penalty may be avoided (but not guaranteed). Finally, compliance legislation is always playing catch up with current cyberattack methods and trends and is often years behind once it finally becomes law.

More on this from KuppingerCole 

https://www.kuppingercole.com/blog/balaganski/software-supply-chain-security

https://www.kuppingercole.com/watch/software-supply-chain-security

https://www.kuppingercole.com/watch/rethinking-supply-chain-security

https://www.kuppingercole.com/watch/smart-sourcing-key-to-secure-supply-chains-pannel-cre24

by Alejandro Leal

Descope, founded in 2022 and based in Los Altos, California, is a cloud-based no/low-code CIAM platform specializing in passwordless authentication. Backed by $53 million in seed funding, the company has a distributed team of 65 employees and a geographically diverse customer base.

The Biden administration’s latest Executive Order (EO), on “Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” focuses on preventing digital identity theft as a critical component to reducing cybercrime and fraud.

By: Tim Spring

Stronger digital identities

The White House released the final Executive Order from the Biden administration today calling for strong cybersecurity measures, and one measure they pointed out specifically was “the acceptance of digital identity documents to access public benefits programs that require identity verification, so long as it is done in a manner that preserves broad program access for vulnerable populations and supports the principles of privacy, data minimization, and interoperability.”

This effectively means replacing the current account and password systems that most online portals use. While these current systems offer a convenient, quick way to gain access, they have been known to be insecure for years.

So what would these “digital identity documents” actually look like?

At the most basic level a digital identity document is a combination of personally identifiable information that you can tie to an individual to prove who they are online. One example that you might have heard of is a Mobile Driver’s License or mDL, which are also referenced in the order as a potential way to gain access to public benefit programs.

Moving past the basics, to get the most functionality and security out of these documents they will need a few additional features.

They need to be stored locally with the end user

Third party storage of personal data for identity authentication is always at risk of a data breach

They need to be tamper-proof and un-copyable

The integrity of the information must be verifiable and it must be bound to the person it belongs to in a way that someone else can’t use it.

They need to be interoperable

Being locked out because you’re on a mac and the other party is on PC and they don’t play well together won’t work at this scale, we need a universal solution

The Executive Order also stresses the privacy preserving nature of these documents, saying they should “support user privacy and data minimization by ensuring only the minimum information required for a transaction — often a “yes” or “no” response to a question, such as whether an individual is older than a specific age — is requested from the holder of the digital identity document.”

Decentralized identity

Decentralized identity is the solution to the White House Executive Order. Everyone controls their own personal data and that data can be verified as authentic, as bound to the person it rightfully belongs to, and that it has not been manipulated.

The benefit of decentralization is portable trust. Any information — and not just personal data — can be sealed in a digital container called a Verifiable Credential. The way that container is created means you always know where it came from. The way the data is sealed means that any attempt to tamper with it breaks the seal.

As an architecture for our information economy, decentralized identity takes out the weak points of our current system — centralized databases filled with personal data for verifying identity — and replaces them with a much simpler, resilient, seamless way of proving who we are to each other.

The result is that information can go from anywhere to everywhere and be immediately acted on — and of course, by providing a reliable method for individuals and organizations to prove their identities online, verifiable credentials help reduce the risk of identity theft and unauthorized access to sensitive systems.

Decentralized identity frameworks offer a transformative approach to identity management. Unlike traditional centralized systems, decentralized identity places control of personal data back in the hands of individuals. This model not only enhances privacy and security but also reduces the risk of large-scale data breaches that have plagued centralized databases.

The Executive Order’s promotion of innovative developments and use of emerging technologies is an acknowledgment of the potential of decentralized identity to strengthen the nation’s cybersecurity infrastructure. 

To better see how these technologies work, you can see a demonstration of using Verifiable Credentials to access your bank account, or fly internationally in a joint effort between Indicio, SITA, Delta Airlines, and the Government of Aruba.

The team at Indicio is ready to support this initiative with our proven solutions in Verifiable Credentials and decentralized identity. If you’d like to talk to us about how you can implement digital identities across your organization you can reach out to our team here.

Together, look forward to building a resilient and secure digital infrastructure that protects everyone’s critical assets and fosters innovation in the cybersecurity landscape.

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post How you can be ready for the new White House order to strengthen digital identity appeared first on Indicio.

Digital credentials are on the road to broad availability in the U.S. These cryptographically signed digital documents are one variety of VDC, or Verifiable Digital Credential. They enhance user privacy while making credential checks faster and more trustworthy, using unforgeable cryptographic signatures to prove their authenticity and accuracy.

As VDC usage continues to grow within the United States and other nations, a new challenge rises ahead: creating digital versions of passports and international travel documents with the same privacy and security benefits as the mobile driver’s license. SpruceID is now contributing to the effort to push VDC-based digital identity beyond U.S. borders. Read on to learn more about the benefits of digital identity for travelers, immigrants, and the world.

User Privacy and National Security

Digital passports, immigration, and work authorization documents are still almost entirely analog documents – paper, usually backed up by a database. The next generation of these credentials, though, will be able to “live” on your smartphone or other mobile device. Cryptographic signatures will prevent them from being copied or altered while making it possible to verify them without checking a separate database.

Read More: Digital Signatures

These Verifiable Digital Credentials (VDCs) are sometimes also known as privacy-preserving digital credentials (PPDCs), highlighting how central privacy is to their technical design. One major privacy benefit of travel and immigration documents based on VDCs is selective disclosure – proving your citizenship, for instance, without sharing less relevant data like your spouse’s name. Similarly, part of the stated goal of the push for digital travel documents is to minimize the system’s reliance on biometrics, such as face-scanning, which can generate high-risk data. The potential to verify digital credentials without contacting a central server for confirmation also means VDCs can be used without leaving “footprints” that could be used for surveillance.

This doesn’t just serve individual privacy: the broader stakes for national security have also become increasingly clear. State-affiliated hacks targeting infrastructure and data are becoming larger, more frequent, and more pernicious. Though it sounds extreme, it’s not difficult to imagine a long-term compromise of digital travel control systems giving a foreign enemy or other bad actors detailed visibility into the movements of government officials or high-ranking business leaders.

Such a compromise could be a very powerful intelligence advantage for America’s enemies. That’s one reason for a recent U.S. government push for privacy-preserving data tools. If travel systems are digitized in a privacy-first way, the current moment is an opportunity to spread the privacy advantages of digital credentials around the world.

More Secure Processes and Borders

In addition to enabling more private verifications, VDCs are also more trustworthy compared to paper documents – particularly in situations where remote verification isn’t available or practical. Fully verifying a paper document generally requires access to a central database, but access to that database is often restricted. Just as regional driver’s license databases are often restricted to law enforcement, insurers, and a handful of other entities, passport information is even more strictly limited – in the U.S., to the State Department and Department of Homeland Security. 

Somewhat surprisingly, passports have in recent years been the most frequently forged identity documents around the world, according to Identity Week. This is driven not by individuals hoping to travel on a fake passport, as airport security checkpoints are far more likely to use a remote database for confirmations. Instead, forged passports are most often used to deceive employers trying to determine a job applicant’s work eligibility. For instance, forged British and Irish passports are widely used to circumvent eligibility requirements to work in France and mainland Europe – a situation where the document itself must stand as the final source of trust.

Thanks to physical security features, paper passports are difficult to forge—but clearly, not impossible. In fact, it appears that we are on the cusp of a potential flood of fake paper documents unleashed by AI: reports in 2024 found that AI is making forged identity documents much less expensive to produce.

Read More: AI is the Final Blow for an ID System Whose Time Has Passed

The signature scheme behind VDCs is vastly superior to paper documents in this and similar cases. While identity database access is constricted, a directory of valid signatures on a digital document can be entirely public, and the signature cannot be forged by anything short of a physical attack on the servers where a document issuer’s digital “keys” are securely stored.

Faster and More Convenient – Online and Off

Using digital signatures instead of paper documents to verify passports can also dramatically speed travel processing. Without access to a central database, individual screeners will often have to devote considerable time to evaluating individual documents. Verification of a digital document using cryptographic signatures is near-instant while also eliminating the ambiguities and risks of physical document review.

Another emergent benefit of digital credentials for migrants and travelers is the ability to store and manage virtual documents on the mobile phone you already carry. In regions where payments and identity tools are already available on smartphones, consumer preference is quickly shifting towards being able to leave the house with a phone but without physical credit cards or ID. While it’s a radical shift from as little as a decade ago, smartphones have become ubiquitous enough that the same habit is likely to become common worldwide. It seems likely to be particularly appealing for refugees or other migrants in unstable situations when keeping track of one smartphone is easier than a large sheaf of paperwork.

Finally, VDCs are a step-change in the accuracy and ease of verifying documents online. Physical documents are particularly vulnerable to forgery when presented online, particularly in the post-AI era. Presenting a passport as a digital photo, for instance, makes it impossible to accurately check physical security features like a hologram. A digital signature, by contrast, can be confirmed by a website or kiosk as quickly and accurately as by a human operating a scanning device. This dramatically increases the reliability of immigration and travel management through remote online portals.

A Safer, Freer World

The United States is pursuing VDC-based international travel systems in significant part because the technology comports with Western democratic values. VDC technology is easy to use to work outside of omnipresent surveillance while surpassing the trustworthiness of paper documents.

SpruceID’s work with the Department of Homeland Security is part of a broader U.S. national strategy to push VDCs and other privacy-preserving digital technology forward. We hope to help drive adoption outside of the U.S. as well, with potentially substantial benefits for privacy and security worldwide.

Learn About SpruceID’s Work With DHS

About SpruceID: SpruceID is building a future where users control their identity and data across all digital interactions.

Demo Auth0 - a series where we explore auth use cases and demonstrate how to build them using Auth0

Welcome to ID Tech’s digest of identity industry news. Here’s what you need to know about the world of digital identity and biometrics today: White House Executive Order Calls for […]

SITA and Palo Alto Networks have formed a strategic partnership to strengthen cybersecurity protection for critical airport applications and transportation systems. The collaboration integrates Palo Alto Networks’ AI-powered security platforms […]

The White House has issued a sweeping executive order that includes measures to promote the adoption of digital ID solutions and mobile driver’s licenses in the United States. Framed as […]

The European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security, and Justice (eu-LISA) has released its latest report, detailing insights from its […]

The Korea Financial Telecommunications & Clearings Institute (KFTC) has entered into an agreement with Connect Inc. to implement a distributed biometric information management service, marking a significant expansion of biometric […]

FaceEsign has unveiled a new multi-layered biometric verification system that combines facial, voice, and live video authentication technologies. The patented solution aims to address digital fraud challenges. The system operates through […]

Nigeria’s Federal Ministry of Agriculture and Food Security has initiated a partnership with the National Identity Management Commission (NIMC) to develop a comprehensive digital farmers’ register. The new system will […]

A coalition of over two dozen civil society organizations and individuals has called on the European Union to prioritize human rights in upcoming guidelines for the EU AI Act implementation. […]

The UK’s communications regulator Ofcom has announced new requirements for websites hosting pornographic content to implement strict age verification measures for UK users by July of this year. The regulations, […]

Barcelona is becoming a magnet for spyware and cybersecurity firms, attracting companies with its favorable living conditions, tax benefits, and accessibility to the global market.

by Martin Kuppinger

Identity Governance and Administration (IGA) has long been a cornerstone of effective access management in enterprises. However, in the Digital Era, where every business is increasingly a software business, relying on digital services as competitive differentiators, traditional IGA approaches fall short. Organizations must rethink IGA to address the complexities of diverse workforces, fast-evolving application landscapes, and stringent compliance requirements.

Why Traditional IGA Falls Short

Adapting to a digital-first and fast-changing environment

Traditional IGA was designed for stable, hierarchical organizations with predictable application environments and largely static workforces. Its core components—role-based access control (RBAC), periodic access certifications, and manual entitlement management—were sufficient in the era of on-premises IT and long development cycles. But today’s reality is fundamentally different.

A dynamic workforce: Employment models now include contractors, freelancers, and remote workers. Many of these users require temporary, highly specific access to systems, making static role models impractical. Changing work environments: Remote work has become a standard. Even as some companies attempt to bring employees back to offices, the flexibility demanded by workers is here to stay. Rapid application turnover: Cloud services dominate, with applications being procured, retired, and updated at unprecedented speeds. The rise of shadow IT—applications purchased without IT oversight—further complicates governance. Autonomous agents: AI-powered bots and other automated components are increasingly acting on behalf of users, requiring precise governance of their access rights.

The slow, manual processes of traditional IGA—like assigning roles and performing access reviews at six-month intervals—cannot keep up with this rapid pace of change.

The Need for Modernized IGA

Agility, automation, and compliance for the digital enterprise

Modern IGA must be reimagined with agility and automation at its core. Businesses need solutions that enable rapid responses to changing needs while maintaining compliance with ever-stricter regulatory requirements, such as those governing sensitive financial data and personally identifiable information (PII).

Key characteristics of modern IGA include:

Policy-based entitlements: Moving away from static role models to automated, policy-driven assignment of access rights. This ensures that access is dynamically adjusted based on contextual factors, such as job function or project requirements. Time-restricted access: Temporary access rights, particularly for contractors or project-based work, reduce the risk of lingering permissions and simplify access management. Rapid onboarding and offboarding: Automated onboarding processes ensure that new applications and users are integrated into governance frameworks quickly and securely, minimizing manual intervention. GenAI-backed tools: Leveraging generative AI for tasks such as application onboarding and policy configuration can significantly enhance efficiency while reducing errors. Continuous access certifications: Transitioning from periodic reviews to ongoing monitoring and validation of access rights ensures compliance without the lag of traditional approaches. Balancing Speed with Compliance

Ensuring secure access to sensitive data in real time

While agility is a central tenet of modern IGA, compliance remains a critical priority. Regulators are increasingly focused on ensuring robust controls over access to sensitive data, with substantial penalties for non-compliance. A modern IGA solution must:

Support granular access controls, ensuring only authorized users and entities can access sensitive resources. Provide clear, auditable records of access, ensuring compliance with laws such as GDPR or SOX. Enable proactive risk management through AI-driven insights into potential access violations or unusual patterns. Conclusion: IGA for the Digital Future

Building resilience in a fast-moving, digital-first world

Modernizing IGA is not merely an operational necessity—it’s a competitive advantage. By embracing agile, policy-driven solutions, businesses can ensure that their access management systems are as dynamic as their digital landscapes. This not only strengthens security but also empowers organizations to innovate without fear of non-compliance or inefficiency.

For enterprises aiming to thrive in the Digital Era, rethinking IGA is no longer optional. It’s time to move beyond the traditional and embrace a future-ready approach that aligns with the speed, complexity, and regulatory demands of today’s digital-first world.

by Martin Kuppinger

Layer X Security, founded in 2021 in Tel Aviv, specializes in browser security and recently completed a Series A funding round. Its solution enhances standard browsers, providing seamless integration without requiring specialized software. The product strengthens endpoint security while maintaining user flexibility.

by Martin Kuppinger

Secude, founded on April 1, 2023, in Lucerne, Switzerland, is a growing vendor in the Secure Information Sharing market with offices in New York and Chennai. Backed by private equity, it focuses on enhancing Microsoft Purview Information Protection (MPIP) capabilities. Its solutions protect sensitive data in industries like manufacturing, aerospace, and defense, particularly within SAP and CAD/PLM environments.

Huione Guarantee is a Telegram-based marketplace serving fraudsters in South East Asia, including those responsible for so-called “pig butchering” scams. Merchants on the platform sell technology, personal data and money laundering services. With transactions totaling at least $24 billion, it is the largest illicit online marketplace to have ever operated. Huione Group has recently launched a range of crypto-related products including a US dollar stablecoin, blockchain, crypto exchange and messaging app. Our analysis shows that Huione Group entities have received at least $89 billion in cryptoassets to date. Elliptic has identified thousands of wallet addresses associated with Huione businesses and illicit vendors operating on Huione Guarantee, enabling our customers to protect themselves from exposure to this activity.

 

Thales supports IET and DSTL’s report addressing challenges in integrating quantum technologies into complex systems Language English simon.mcsstudio Thu, 01/16/2025 - 12:26

Thales contributed to the IET and DSTL white paper, "Quantum Technologies: A New Frontier for Systems Engineering," which examines the integration of quantum technologies into operational systems.

Launched at Portcullis House, in the House of Commons, the report highlights quantum’s transformative potential in secure communications and advanced sensing. It also addresses challenges such as non-determinism, entanglement, and decoherence that complicate systems engineering, when applied to systems that contain quantum components or subsystems.

David Harvey, Chief Technical Consultant at Thales, shared insights on overcoming these barriers through modular design, standardisation, and interdisciplinary collaboration. This approach ensures effective integration of quantum innovations into diverse applications while preserving established engineering methodologies.

Read the full paper on "Quantum Technologies: A New Frontier for Systems Engineering?"

/sites/default/files/database/assets/images/2025-01/Banner_page_quantum_V2.jpg 16 Jan 2025 United Kingdom Thales contributed to the IET and DSTL white paper, "Quantum Technologies: A New Frontier for Systems Engineering," which examines the integration of quantum technologies into operational systems Type News Hide from search engines Off

by Alejandro Leal

Keyless, founded in 2019 in London, specializes in privacy-preserving biometric authentication with its "zero-knowledge biometrics" technology. It uses facial biometrics on devices with front-facing cameras, enabling seamless onboarding, PSD2-compliant transaction signing, and continuous identity assurance. The company serves regulated industries like financial services, fintech, gaming, and government.

Predictoor DF124 rewards available. DF125 runs Jan 16— Jan 23th, 2024 1. Overview

Data Farming (DF) is Ocean’s incentives program. In DF, you can earn OCEAN rewards by making predictions via Ocean Predictoor.

Data Farming Round 124 (DF124) has completed.

DF125 is live today, Jan 16. It concludes on January 23th. For this DF round, Predictoor DF has 37,500 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF125 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF125

Budget. Predictoor DF: 37.5K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and Predictoor

Ocean was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF124 Completes and DF125 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

Metadium Mainnet Update Notice

[go-metadium m0.10.1 Update Notice]

Dear Community,

We want to provide information regarding the mainnet update scheduled for this week.

[Schedule]

• Expected release date: January 17, 2025, at 2 pm

[Details]

1. Mainnet update for go-metadium version m0.10.1 to activate the TRS (Transaction Restriction Service)

• What is TRS?

TRS is a feature that identifies specific wallet addresses and restricts transactions with those addresses. It is managed by the TRSList contract and aims to provide a more reliable transaction environment on the Metadium network.

2. Key Points of the Update

• Stability of version m0.10.1

This version was deployed to the testnet on June 20, 2024, allowing sufficient time for testing.

• Role of BP nodes

BP nodes, participating in Metadium governance can subscribe to the TRSList contract and choose to use the TRS service.

• TRS activation on the mainnet

All BP nodes on the Metadium mainnet will subscribe to the TRS service, creating a more trusted transaction environment.

• Operation of EN nodes

After upgrading to version m0.10.1, EN nodes on the Metadium network will stop broadcasting transactions from specific wallet addresses registered in the TRSList contract.

[Update Version Release Notes]

• https://github.com/METADIUM/go-metadium/releases/tag/m0.10.1

Thank you for your continued interest and support. We will do our best to provide better services going forward.

Metadium Team

[go-metadium m0.10.1 업데이트 공지]

안녕하세요, 메타디움 팀입니다.

금주 예정된 메인넷 업데이트에 관해 안내드립니다.

[업데이트 일정]

- 배포 예정일: 2025년 1월 17일 14시

[업데이트 내용]

1. TRS(Transaction Restriction Service) 서비스 활성화를 위한 go-metadium 버전 m0.10.1 메인넷 업데이트

- TRS란? TRS는 특정 지갑 주소를 식별하여 해당 주소와의 거래를 제한하는 기능입니다.

이 기능은 TRSList 컨트랙트를 통해 관리되며, 메타디움 네트워크에 더욱 신뢰할 수 있는 거래 환경을 제공합니다.

2. 업데이트 주요 사항

- m0.10.1 버전의 안정성:

해당 버전은 2024년 6월 20일에 테스트넷에 배포되어 충분한 테스트 기간을 거쳤습니다.

- BP 노드의 역할:

메타디움 거버넌스 참여 노드인 BP 노드들은 TRSList 컨트랙트를 구독하여 TRS 서비스를 선택적으로 사용할 수 있습니다.

- 메인넷에서의 TRS 활성화:

메타디움 메인넷의 모든 BP 노드들은 TRS 서비스를 구독하여 더욱 신뢰할 수 있는 거래 환경을 제공합니다.

- EN 노드의 동작:

메타디움 네트워크의 EN 노드는 m0.10.1 버전 업그레이드 후 TRSList 컨트랙트에 등록된 특정 지갑 주소의 트랜잭션을 전파하지 않게 됩니다.

[업데이트 버전 릴리즈 노트]

https://github.com/METADIUM/go-metadium/releases/tag/m0.10.1

여러분의 지속적인 관심과 성원에 감사드리며, 앞으로도 더 나은 서비스를 제공하기 위해 최선을 다하겠습니다.

감사합니다.

메타디움 팀

Website | https://metadium.com

Discord | https://discord.gg/ZnaCfYbXw2

Telegram(EN) | http://t.me/metadiumofficial

Twitter | https://twitter.com/MetadiumK

Medium | https://medium.com/metadium

Metadium Mainnet Update was originally published in Metadium on Medium, where people are continuing the conversation by highlighting and responding to this story.

Amid the constant changes that organizations endure — whether through personnel decisions, new vendor selection, tech stack updates, or department restructuring — they must ensure sensitive company resources and applications remain secure and are only accessible by authorized users.

 

Managing employee and third-party access privileges to enterprise applications, data, and networks is no easy feat, though it’s crucial to overall security, compliance, and operational efficiency.

 

Fortunately, automated user access reviews with identity and access management (IAM) systems allow organizations to verify proper user privileges and prevent unauthorized access.

On January 7, 2025, Fidelity Digital Assets rolled out its 2025 Look Ahead report.  The main message of financial behemoth Fidelity Investments is that it is not too late to invest in digital assets because “2025 has the potential to be the year that is looked back on as the pivotal time where the “chasm … Continue reading Crypto 2025 is not Internet 1995 →

As we enter 2025, data privacy and identity protection will remain some of the hottest topics around. Watch out for the continued meteoric rise of digital identity verification and management, more data privacy laws, tighter regulations around artificial intelligence, and the continued emergence of quantum computing. Here’s our take on what lies ahead:

Digital identity verification and management will take centre stage

Impersonation and fraud, particularly in banking and finance, have become so prevalent and sophisticated that digital identity verification and management will fast become the go-to solution for protecting customers and building trust, replacing paper-based and other vulnerable systems. We agree with industry predictions that identity will be the “linchpin of business resilience” going forward, and that “digital identity verification will have a breakout year in 2025”. There’s likely to be a rush to digital identity wallets and digital and biometric credential verification methods, particularly since regulations like eIDAS 2.0 in the EU are driving the transition to decentralized identity technologies. Go Inside Version 3.0 of the Most Advanced Mobile Wallet SDK on the Market. Explore our guides.

The US will get more state privacy laws, but no federal privacy law

In an unsurprising development, most pundits agree that the United States’ chances of finally achieving a comprehensive federal privacy law are slim to none in 2025. IAPP and TechRadar commentators believe securing bipartisan agreement on such a law is likely to remain elusive under the Republican-controlled Congress, which TechRadar suggests “could leave Americans relying on digital tools to claim back their online privacy for themselves.” Anonyome Labs’ MySudo and RECLAIM apps are great examples of proactive consumer privacy tools.

As always, stepping into the breach from an absent federal privacy law will be state privacy laws, and we’ll see many more of those in 2025. Twenty-six of the 50 US states now have a state privacy law, expanding consumer rights and ratcheting up compliance obligations on business. In 2024, four more state laws came into effect:

Texas Data Privacy and Security Act (TDPSA), effective July 1, 2024
Florida Digital Bill of Rights (FDBR), effective July 1, 2024 
Oregon Consumer Privacy Act (OCPA), effective on July 1, 2024
Montana Consumer Data Privacy Act (MCDPA), effective October 1, 2024.

January 2025 saw four more state privacy laws come into effect—Delaware, Iowa, New Hampshire, and New Jersey—and later in 2025, Tennessee and Maryland will introduce theirs.

Regulation around AI will tighten but privacy and security issues will remain

Generative AI will be the thing to watch in 2025, with artificial intelligence becoming integral to core application design and service delivery for its efficiency, UX and cost-saving benefits. But this emerging tech will also remain acutely challenging, particularly from a data privacy and security perspective.

Regulation around AI will tighten in 2025, but the IAPP puts a good question: “While there is a consensus AI should be regulated, and there are increasing efforts in this sense — such as the highly anticipated EU AI Act [and Colorado’s AI Act] — the fact is AI privacy risks remain uncharted waters, leaving both AI practitioners and privacy professionals with a feeling of unease. After all, since AI technologies are advancing faster than regulation, how should privacy pros approach AI privacy risks in a way that makes new products viable, while safeguarding data subjects’ rights?” It’s a question that may linger well beyond 2025.

The IAPP highlights these 12 risks from AI, which come from Carnegie Mellon University and Oxford University’s adaptation of earlier work by Professor Daniel Solove:

Surveillance: AI exacerbates surveillance risks by increasing the scale and ubiquity of personal data collection.
Identification: AI technologies enable automated identity linking across various data sources, increasing risks related to personal identity exposure.
Aggregation: AI combines various pieces of data about a person to make inferences, creating risks of privacy invasion.
Phrenology and physiognomy: AI infers personality or social attributes from physical characteristics, a new risk category not in Solove’s taxonomy.
Secondary use: AI exacerbates use of personal data for purposes other than originally intended through repurposing data.
Exclusion: AI makes failure to inform or give control to users over how their data is used worse through opaque data practices.
Insecurity: AI’s data requirements and storage practices risk of data leaks and improper access.
Exposure: AI can reveal sensitive information, such as through generative AI techniques.
Distortion: AI’s ability to generate realistic but fake content heightens the spread of false or misleading information.
Disclosure: AI can cause improper sharing of data when it infers additional sensitive information from raw data.
Increased accessibility: AI makes sensitive information more accessible to a wider audience than intended.
Intrusion: AI technologies invade personal space or solitude, often through surveillance measures.

Debate and developments around these 12 risks from AI (and potentially others) will be a hallmark of 2025.

Quantum computing will make more headlines

We were interested to see quantum computing moving onto the “trends to watch” lists for 2025. The race to quantum computing has been going on for a while now, and things are definitely heating up.

Many industries have use cases for quantum computing for simulations (e.g. simulating molecular structures in drug discovery or climate modelling) and optimization (e.g. optimizing shipping routes and flight paths, enhancing machine learning algorithms, or developing advanced materials). But as we’ve said before the quantum age does present some real threats, particularly the looming arrival of quantum computers that are sufficiently powerful and error-resistant to break conventional encryption algorithms (RSA, DSS, Diffie-Hellman, TLS/SSL, etc.) and expose the world’s vast stores of secured data. The race is on to Q-Day and we’ll likely see more about that in 2025. 

The US Government has issued a quantum readiness guide to developing and building capabilities to secure critical information and systems from being compromised by quantum computers. 

More people will worry about data privacy and act to protect their personal information

Consumers are growing increasingly worried about the safety of their personal information, particularly on social media and around AI. With 2024 recording the biggest and most destructive data breaches, and new stats [NB1] showing most people worldwide have already had their personal information stolen, it’s not surprising that people fear data surveillance and scammers. Cisco’s annual privacy study did, however, reveal that all this worry is making people more proactive about protecting their own data, which can only be a good thing, and tools like Anonyome Labs’ consumer apps MySudo and RECLAIM make it easy. Anonyome also offers businesses a suite of next generation digital identity and privacy tools.

As we head into 2025, we wish everyone a happy and safe year. If you’d like to know more about Anonyome Labs’ privacy and identity protection tools, head here for consumer solutions and here for business solutions.

You might also like:

Americans Say Data Privacy is a Human Right: Here are 3 Apps that Achieve It 

Gartner Confirms Anonyome Labs’ Solutions Offer Competitive Edge

Anonyome Wins Prestigious SuperNova Award for Digital Wallet that Will Transform Agriculture

The post 5 Trends to Watch in Data Privacy and Identity Protection in 2025 appeared first on Anonyome Labs.

Join us for a webinar on KuppingerCole’s latest Leadership Compass report on Synthetic Data. Discover how synthetic data is revolutionizing data security by mitigating risks associated with real data usage. We'll explore the leading capabilities in this space, examine innovative approaches, and discuss how synthetic data is being applied across industries to enhance machine learning models, ensure compliance, and protect sensitive information.

Anne Bailey, one of the co-authors of the report, will provide an overview of the synthetic data landscape. They will highlight key market trends, solution capabilities, and the role of synthetic data in addressing challenges like data scarcity and bias in AI applications. Attendees will gain actionable insights into selecting and implementing synthetic data solutions that align with their organization's security and privacy objectives.

In today's interview, Mirela Ciobanu, Lead Editor at The Paypers, talks with Sergej Epp, CISO at Sysdig, about the ever-evolving world of cybersecurity and its impact on industries worldwide.

🌟 Key Topics explored:

Sergej’s journey into cybersecurity: from a young coder to a leading industry expert. Why understanding organizational risks is crucial—and how oversimplifying cybersecurity can lead to vulnerabilities. The persistent threat of ransomware and emerging risks in supply chains and open-source software. The importance of "assume breach" mentality and red teaming to stay ahead of attackers. Strategies for mitigating risks, including zero trust architectures and prioritizing secure modernization over excessive security add-ons.

Discover how financial institutions, healthcare, and other critical sectors can address escalating challenges while embracing innovative solutions. From nation-state attacks to ransomware groups, Sergej provides actionable insights on navigating modern threats, managing supply chain security, and fostering transparency.

Learn why human expertise and risk-focused approaches remain pivotal alongside cutting-edge technologies like blockchain and zero trust. Whether you’re a cybersecurity professional or a business leader, this interview is packed with practical takeaways to secure your organization in today’s dynamic digital landscape.

Dormant online accounts created by employees at failed companies that used Google SSO can be hijacked by anyone who buys expired domain names, a researcher said at the ShmooCon hacker conference.

Guest Essay by Neville Pattinson More than our signature, fingerprint or even voice, our face is the most fundamental form of identification that is in plain view most of the […]

After establishing an updated inventory of self-hosted apps within a network, Orchid leverages LLM analytics with optimal reasoning and code recognition capabilities for identity control and authentication evaluations that consider cybersecurity framework compliance, according to the firm.

In this episode of The Future of Identity Podcast, I’m joined by Diego Fernández, co-founder of QuarkID and Sovra, to discuss the innovative decentralized identity solution rolled out by the city of Buenos Aires. QuarkID has garnered international attention for its self-custodial identity wallet app, and Diego provides a fascinating behind-the-scenes look at its development, challenges, and growing adoption.

In this episode, we explore:

The journey of QuarkID, from its origin story to its evolution as a decentralized identity solution. Insights into adoption challenges when launching a self-custodial identity wallet app in February and the breakthrough moment of integrating it into the government mobile app. The impressive growth of QuarkID, with over 200,000 users onboarded in just 40 days and adoption accelerating at an increasing rate. Diego’s visionary perspective on the shortcomings of current identity systems and how improved digital identity can drive prosperity and empowerment. Practical lessons for governments and organizations looking to implement decentralized identity systems.

This episode is a must-listen for professionals in digital identity, government innovation, and technology ecosystems. Whether you’re interested in decentralized identity, user adoption strategies, or creating impactful public-private partnerships, this conversation offers valuable insights.

Enjoy the episode, and don’t forget to share it with others who are passionate about the future of identity!

Learn more about QuarkID at https://quarkid.org/.

Subscribe to our weekly newsletter for more announcements related to the future of identity at trinsic.id/podcast

Reach out to Riley (@rileyphughes) and Trinsic (@trinsic_id) on Twitter. We’d love to hear from you.

All HTTP requests created using FastHTTP have been leveraged for brute-force and multi-factor authentication fatigue attacks against Azure Active Directory endpoints, with Brazil accounting for most of the malicious traffic, followed by Turkey, Argentina, Uzbekistan, and Pakistan, according to an analysis from incident response firm SpearTip.

This blog post forms part of our 2025 Regulatory Outlook series. Over the next several weeks, we’ll be outlining key regulatory and policy trends we expect to see across the coming year. 

by Nitish Deshpande

Identity and Access Governance as a core part of IGA is one of the key technologies within IAM for any organization. This is due to the massive impact of security and governance risks arising due to issues in managing access controls such as over-entitlements and gaps in enforcing the least privilege principle, Segregation of Duties (SoD) violations, and access governance controls. There are several access-related security risks in today’s organizations that have a direct impact on business, including but not limited to, intellectual property theft, business fraud in ERP systems including SOD conflicts and other policy violations, reputational damage due to the loss of customer information and privacy-related data, and many more. Thus, an adequate access governance framework is essential for organizations dealing with continually changing paradigms of security and risk management.

by Anne Bailey

This KuppingerCole Executive View looks at the Microsoft Entra Suite, a complete Zero Trust user access solution to secure employee access across the organization. The Microsoft Entra Suite takes an identity-centric zero trust approach to applying adaptive access policies to protect all employee identities and secure their access to all resources and applications (SaaS, websites, and on-premises), from anywhere (on-premises and remote) in the organization. The products included in the Suite are Microsoft Entra Private Access, Microsoft Entra Internet Access, Microsoft Entra ID Governance, Microsoft Entra ID Protection and Microsoft Entra Verified ID.

Thales adopts the UN Women’s Empowerment Principles prezly Wed, 01/15/2025 - 09:00

Thales reaffirms its commitment to gender equality and diversity by signing up to the 7 “Women’s Empowerment Principles” established by the United Nations Global Compact and UN Women, to promote women’s roles in the business world and ensure gender equality.

“We must continue to encourage more women to pursue careers in science and mathematics – starting at an early age – to provide them with the same career opportunities as men and enable them to thrive in a safe and inclusive working environment. Thales has made encouraging progress, but we need to accelerate our efforts to achieve gender equality at all levels,” said Patrice Caine, Chairman & Chief Executive Officer of Thales.

Since 2017, Thales has implemented a Gender Diversity Action Plan to accelerate the recruitment of women across all its professions, support their development through dedicated mentoring programmes, and enhance their promotion to the highest levels of responsibility while increasing their representation on Management Committees.

By the end of 2023, women held 20.4% of leadership positions at Thales, compared to 16.5% in 2018. In parallel, 86.8% of the company’s Management Committees included at least three women, up from 49% in 2018.

The company’s target for 2026 is to have 22.5% of leadership roles filled by women and at least 75% of Management Committees comprising at least four women. For more information on Thales's initiatives supporting gender equality and diversity, please consult the 2023-2024 Integrated Report.

/sites/default/files/prezly/images/THALES_LAS_IAS_FCS_2022_Fleury81_0.jpg Documents [Prezly] PR_Thales adopts the UN Women’s Empowerment Principles.pdf Contacts Cédric Leurquin 15 Jan 2025 Type Press release Structure Group Thales reaffirms its commitment to gender equality and diversity by signing up to the 7 “Women’s Empowerment Principles” established by the United Nations Global Compact and UN Women, to promote women’s roles in the business world and ensure gender equality. prezly_709451_thumbnail.jpg Hide from search engines Off Prezly ID 709451 Prezly UUID c6533c3d-25e9-483f-ad2a-34c1fc0ea406 Prezly url https://thales-group.prezly.com/thales-adopts-the-un-womens-empowerment-principles Wed, 01/15/2025 - 10:00 Don’t overwrite with Prezly data Off

The Identity Fabric paradigm has established as the guiding principle for building modern Identity & Access Management (IAM) infrastructures. Since the introduction by KuppingerCole Analysts more than five years ago, many organizations have adopted this concept to streamline their IAM architecture, portfolio, and investments. With the newest release of the Identity Fabric, KuppingerCole Analysts provides an updated framework that not only reflects the evolution of IAM with respect to supported identity types and technologies, but also provides additional perspectives and layers to help organizations shape their own Identity Fabric for human and non-human identities. The Reference Architecture as second major framework of KuppingerCole Analysts adds more detail to the Identity fabric by going more into detail on IAM.

Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, will look back at the evolution of the Identity Fabric and provide insights into the guiding principles of the Identity Fabric, serving both as a fabric producing identity services and a mesh connecting different elements within the IAM infrastructure of organizations.

Dr. Phillip Messerschmidt, Lead Advisor at KuppingerCole Analysts, will dive deeper into the most recent versions of the Identity Fabric and the Reference Architecture, providing insights into what is new, why we’ve added and changed certain elements, and how this helps organizations on their IAM journey. He also will elaborate on why and how the Identity Fabric and the Reference Architecture help future-proofing your Identity Security environment.

One of the key benefits of Verifiable Credentials is the time savings from reduction in repetitive, manual data entry. Here we will examine just how much time can be saved by using decentralized identity to automatically fill in information for us.

By: Tim Spring

The time cost of forms

How many hours a year do you spend filling out forms? While it might seem like an annoyance that comes up every now and then, the US Chamber of Commerce Technology Engagement Center released a report in 2022 that found that the government has 9,881 unique forms, which took an estimated 10.3 billion hours to complete.

And these numbers are only increasing, if you use the tool provided by the Office of Information and Regulatory Affairs and apply it to 2024 numbers, you can see that we are up to almost 12.3 billion hours. 

There are five stand out departments with the most forms and impact. 2022 numbers provided by the US Chamber of Commerce Technology Engagement Center report:

Department of the Treasury: 1,838 forms 

Department of Health and Human Services 1,242 forms 

Department of Agriculture 553 forms 

Department of Commerce 437 forms 

Federal Communications Commission 436 forms

Have you ever wondered why there is so much paperwork to see a doctor? Or why you need to fill it in every time? It could have something to do with the 1,242 federal forms that the hospital or clinic will need to fill out to comply with the department of Health and Human services, not to mention updating your own charts and patient data. 

Accuracy and user experience improvement

What we could all benefit from is a way to create authenticated data once and reuse it often —  instantly, conveniently, with the touch of a button. 

Here is where Verifiable Credentials come to the rescue, the thing that will make you say “why haven’t we been doing this before?” Verifiable credentials can store any authenticated data (and especially personal data) in a tamper-proof way and allow the user to share it without the need for the verifier to check in with the source. Think of your web browser’s autofill function that remembers your name, email address, phone number, etc, but for the real world. These credentials can store any information that could be on that doctor’s form, such as height, eye color, name, address, or medical history, and share it accurately, instantly. Which is particularly handy because if you need a doctor, you’re probably not in the mood to do paperwork. 

The usefulness grows exponentially when you take a look at what this technology can do for organizations. An American Hospital Association survey found that there are 6,120 hospitals in the United States, and between them had admitted 33,679,935 patients in 2022. 

Fraud reduction

Aside from the time saved from not having to manually enter all this patient data, businesses can benefit in the form of eliminating human error and reducing fraud. If you have almost 33.7 million forms to fill out annually, there are going to be some errors or fraudulent information, which often take time and money to correct. By sharing pre-authenticated data digitally (which is what is inside a Verifiable Credential) you can instantly trust the data and use it however you need, such as verifying a patient’s identity and medical history to begin treatment. This technology also enables biometric patient check-in, which reduces fraud (getting treated under someone else’s name) or giving the incorrect medications due to not reliably identifying the patient as they leave the waiting room for treatment.

Verifiable Credentials have already seen traction in several industries for their ability to fast-track processes. An excellent example of this is in airports and travel, where their authenticated data can be used for pre-authorization for each traveler and leads to significantly faster international border and border crossing. To learn more about this use case you can read a recent article from Indicio. 

No one enjoys paperwork, it is a necessary part of life, but it doesn’t need to be such a big part.

If you would be interested in exploring how you can start using Verifiable Credentials to save your team and users time while providing a significantly better experience, you can learn more about Indicio’s complete solution for Verifiable Credentials, Indicio Proven®, or reach out to our team to discuss your specific needs.

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post How to save billions of hours per year with Verifiable Credentials appeared first on Indicio.

Trelica's cloud service specializes in identifying shadow IT applications -- software-as-a-service tools deployed without IT approval -- by analyzing logs from internal systems.

Mobile apps tracking driver data have been covertly embedded with Arity software, which enables the gathering of real-time location and movement, accelerometer, magnetometer, and gyroscopic details, and other information, including those concerning vehicle acceleration and distracted driving, noted the complaint by Texas Attorney General Ken Paxton.

Update: Since the publication of this report, Elliptic has published further research into Huione Guarantee. See: "Huione: the company behind the largest ever illicit online marketplace has launched a stablecoin".

Huione Guarantee is an online marketplace that has become widely used by scam operators in South East Asia, including those involved in so-called “pig butchering”. Merchants on the platform offer technology, data and money laundering services, and have engaged in transactions totaling at least $11 billion.

Huione Guarantee is part of Huione Group, a Cambodian conglomerate with links to Cambodia’s ruling Hun family.

Our research indicates that another Huione business is actively involved in laundering proceeds of scams from around the world. 

Elliptic customers are able to protect themselves against exposure to this activity through the use of our cryptoasset transaction screening and investigative solutions.

 

by Osman Celik

Organizations of all sizes, from small businesses to large enterprises and government agencies, are responsible for managing complex networks. These networks often include a combination of on-premises infrastructure, cloud services, and hybrid environments, which can make them more challenging to monitor and secure. For these organizations, ensuring network performance is critical for maintaining business operations and for detecting and responding to potential security threats. Failing to monitor and analyze network traffic can lead to undetected performance issues, bottlenecks, and security vulnerabilities. The growing use of encryption at the network layer, while necessary for protecting sensitive data, presents additional challenges for network visibility and security. This is particularly concerning as emerging cybersecurity threats, such as ransomware, advanced persistent threats (APTs), and zero-day exploits, continue to evolve and target network infrastructures. Additionally, organizations must navigate a stringent regulatory environment, where compliance with data privacy and security standards is mandatory. Failure to comply with these regulations not only increases the risk of penalties but also exposes the organization to reputational damage. Today, the majority of organizations rely on firewalls, security information and event management (SIEM), and endpoint protection detection and response (EPDR) tools to prevent threats from accessing the network. However, in many cases, these solutions are inadequate in one or more of the following areas.

La información verificable está transformando rápidamente el panorama de la tecnología Web3. En Extrimian creemos que 2025 será un año clave para potenciar ecosistemas digitales seguros, eficientes e interoperables. Aquí te compartimos 5 tendencias clave para este año:

1. Ecosistemas integrados con identidades verificables

Imagina a un estudiante universitario que utiliza su credencial digital emitida por su institución para acceder a una cuenta fintech, contratar un seguro médico, alquilar una vivienda de confianza, resolver situaciones académicas y disfrutar de beneficios exclusivos. 

Esta interoperabilidad ya es una realidad gracias a soluciones basadas en SSI, como IDConnect de Extrimian, que resuelven problemas de identidad y verificación al conectar múltiples verticales en un solo ecosistema. Durante este año, veremos más adopción, más atracción y mayor sinergia entre actores e industrias.

2. IA como motor para la eficiencia

En 2025 los frameworks con inteligencia artificial revolucionarán la gestión de la identidad digital. Según un reporte de IBM, los procesos de gestión de datos impulsados por IA incrementarán su eficiencia en un 40%. 

En este contexto, tecnologías como IDConnect integrarán IA para automatizar procesos clave, como la creación y verificación de credenciales, la detección de errores y la asistencia de un copiloto. Esto no solo mejorará la experiencia del usuario, sino que también incrementará la seguridad, la productividad y la eficiencia en la gestión operativa.

3. Crecimiento exponencial tras casos de éxito

El éxito de QuarkID y su implementación en miBA, que posicionó a Buenos Aires como la primera ciudad del mundo en usar credenciales verificables para gestión pública, ha marcado un antes y un después. Este modelo no solo ha inspirado a más gobiernos y empresas a adoptar SSI, sino que también abre las puertas a una expansión global. 

El reporte de Cybersecurity Ventures estima que, para 2025, los costos del cibercrimen alcanzarán los $10.5 billones anuales, destacando la importancia de sistemas descentralizados como QuarkID para fortalecer la seguridad de los datos personales.

4. Idoneidad y conocimiento como ventaja competitiva

Durante este año, la diferencia clave en SSI estará en el conocimiento profundo y la experiencia. Las empresas con trayectoria en esta tecnología, que lideran su implementación y están a la vanguardia, ofrecerán soluciones más robustas, eficientes e integradas. La idoneidad será un valor diferencial frente a quienes recién comienzan, certificando la capacidad de integrar SSI de manera efectiva y maximizar su impacto en ecosistemas digitales interoperables.

5. SSI: Soluciones prácticas para Latinoamérica

En una región marcada por burocracia, costos elevados y fraude, SSI maximiza el ROI al simplificar procesos críticos como la validación de empleo, acceso seguro a plataformas y verificación de edad. Al reutilizar datos verificables, reduce costos, agiliza trámites y promueve la inclusión digital, fortaleciendo un ecosistema confiable y accesible para todos.

💡 ¿Te interesa saber más sobre lo que hacemos en Extrimian? Conversemos y construyamos juntos este futuro presente tan prometedor.

The post Tendencias en tech para el 2025: IA, SSI y más first appeared on Extrimian.

by Alejandro Leal

Not with a bang but a whimper 

The department said it was alerted to the incident on December 8th by BeyondTrust, an identity security services provider that offers remote technical support to Treasury employees.  

Further investigation revealed that the breach originated within BeyondTrust's systems, where attackers infiltrated some of the company's Remote Support SaaS instances by making use of a compromised Remote Support SaaS API key. As a result, the attackers were able to bypass the service's security and access employee workstations and unclassified documents. 

On January 6th, the Cybersecurity and Infrastructure Security Agency (CISA) announced that there was no indication that the cyberattack had affected other federal agencies. However, this is one of the latest examples of cybersecurity breaches attributed to Chinese state-sponsored groups.  

"Dripping water penetrates the stone, not by force but by persistence." – Chinese proverb  

Last year, agencies from the United States (CISA, NSA, FBI), Australia (ACSC), Canada (CCCS), and New Zealand (NCSC-NZ) warned that Chinese hackers were targeting global telecommunications providers. According to Deputy National Security Advisor Anne Neuberger revealed, the federal government launched an investigation into a major incident, revealing that the Chinese campaign targeted the networks of AT&T, Verizon, T-Mobile, and other telecoms.  

FBI Director Christopher Wray described the telecom breach as China’s “most significant cyber espionage campaign in history.” Officials believe that a large number of Americans (mostly from the Washington-Virginia area) may have had their metadata compromised, including users' calls, text messages, date and time stamps, source and destination IP addresses, and phone numbers. The Chinese government has denied the allegations, and its Ministry of Foreign Affairs said Beijing condemns all forms of hacking and foreign interference. 

Globally, the incident serves as a wake-up call for public and private organizations that manage sensitive or critical data. The increasing frequency of state-sponsored attacks demonstrates the need to adopt advanced cybersecurity architectures, such as Zero Trust, combined with real-time threat intelligence sharing and cross-border incident response capabilities.  

The pragmatic approach 

To improve cybersecurity in key industries, organizations need to be prepared for an increased level of malicious activities. When an incident occurs, business continuity and resilience are essential. The former is about preventing or minimizing the impact of adversity on the normal state of operations, while the latter is about addressing challenges and adapting to changing conditions.  

As analysts, our goal is to provide practical advice.  

Here are some recommendations: 

Network Segmentation: Use network segmentation to limit an attacker's lateral movement. Keep sensitive data and systems isolated.  Implement Zero Trust Architecture: This model treats every user, application, or resource as untrusted and enforces strict security, access control, and comprehensive auditing to ensure visibility and accountability of all user activities.  Leverage ITDR: ITDR is a crucial component of a comprehensive cybersecurity strategy, as identities have become the primary targets of attackers looking to gain unauthorized access to sensitive systems and information. For more on ITDR.   Prioritize Monitoring and Threat Detection: Organizations can use advanced monitoring tools such as EPDR and XDR to detect unusual activity and respond to emerging risks proactively.  Supply Chain Security: Verify that vendors and partners meet stringent cybersecurity requirements. Find more on SSCS here.   Mobile Network Security Frameworks: If you're a telecom, adopt industry-recognized security frameworks and collaborate on shared standards with global organizations.  Engage in Public-Private Partnerships: Work closely with government agencies to access resources and expertise. 

Since we all face the same threats, the private sector must embrace transparency and mutual support. As discussed in this previous KuppingerCole blog post, the culture of silence must be left behind - we must share insights, exchange knowledge and work together to strengthen our collective defenses. Cybersecurity is a shared responsibility. No single organization can predict where the next threat will emerge or how far it will spread. As Horace, the Roman poet, wisely said, "It is your business when your neighbor's wall is on fire."  

In today's interconnected world, to protect one is to protect all. 

More robust identity and access management practices are crucial, especially as remote work environments often lack the security measures found in corporate settings.

TikTok and its parent firm ByteDance have been accused by U.S. Solicitor General Elizabeth Prelogar of gathering exorbitant amounts of data from its 170 million American users, which could be misused for espionage and extortion during a Friday hearing before the Supreme Court.

Ontology Weekly Report: Jan 7th — Jan 13th, 2025 Catch up with all things Ontology and Decentralized Identity Ontology Network 🌐 Latest Updates Thank you to everyone who participated in UQUID’s ONT giveaway poll! Privacy Hour continues to explore critical topics in decentralized identity and privacy! Fireverse joined our community update — welcome aboard! Orange Protocol 🍊 Upcoming Campaigns

We’re preparing for the 4Everland Community Campaign, with winners receiving 4Ever points. Make sure you’re following Orange and 4Everland on X so you don’t miss out!

Are you ready to Enter the Fireverse? There are Fearless Explorer Badges up for grabs in this exciting campaign starting this week. Make sure you’re following along on X!

This Week in Decentralized Identity Advancements in Travel with Self-Sovereign Identity (SSI)

The travel industry is accelerating its adoption of digital identity solutions to enhance passenger experiences. Self-sovereign identity (SSI) systems, which empower individuals with control over their digital identities, are being implemented to streamline processes such as airport check-ins and border crossings. By reducing reliance on physical documents, these innovations are expediting procedures while improving security.

Projections for Digital Identity in 2025

Experts foresee substantial transformations in digital identity by 2025, with decentralized systems playing a pivotal role. These systems promise enhanced security, scalability, and privacy, reshaping how enterprises, consumers, and mobile operators interact in digital ecosystems. The future of digital identity is moving towards more secure, user-centric solutions, driving significant shifts across industries.

These developments underline the growing momentum of decentralized identity technologies and their potential to redefine digital interactions across various sectors.

Community 🌍

Engagement and Growth

Our Ontology Wordle Challenge will feature in this week’s Tuesday community discussion! Join us and test your skills while connecting with others. Regular weekly discussions are back, every Tuesday! Wishing everyone a successful start to the new year as we continue building a more secure and decentralized future together. Stay Connected 📱

Stay engaged and informed by joining these key events this week:

Tuesday 9am UTC: Telegram Community Discussion (featuring the Ontology Wordle Challenge!) Thursday 8pm UTC: X Spaces Privacy Hour Friday 7am UTC: X Spaces Community Catch-up

Follow us: Ontology website / ONTO website / OWallet (GitHub) / Twitter / Reddit / Facebook / LinkedIn / YouTube / NaverBlog / Forklog / Telegram / Announcement / Telegram English / GitHub / Discord

Ontology Weekly Report: Jan 7th — Jan 13th, 2025 was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.

Non-Human Identities (NHIs) are finally making friends and influencing people—or at least they seem to be, given how much people are talking about them! This is great. People need to have a better sense of this brave new world of workloads, bots, and services. But this also means people need to have a better sense of what NHIs are not.

Whether you’re navigating workloads, APIs, or automated systems, the buzz around NHIs reflects their growing significance in everything from cloud computing to academic research. But as with any hot topic, there’s some confusion and waaaaaay too much marketing hype. I’ve written about NHIs before; today’s focus is on some of the main areas NHIs are different from human identities. The distinctions matter.

What NHIs Are Not

NHIs aren’t just API keys or OAuth tokens. Treating them as such would be like calling a password or a passkey a person’s digital identity—it oversimplifies their function and importance. Tokens, keys, and even credentials like X.509 certificates might help manage access, but they’re tools in the more extensive toolkit of workload identity management. (Natoma has published an interesting white paper on machine-to-machine authentication if you’re interested in more detail.)

NHIs represent software entities like batch processes, machine learning training models, or microservices operating independently of human identities. They operate at different speeds and have different selective disclosure requirements (yes, NHI use cases may include the need for selective disclosure). Proving who they are to access other systems or resources goes beyond simple authentication. Unlike human authentication, which often revolves around confirming a single user’s identity via passwords, passkeys, or biometrics, NHIs must establish trust and authorization in highly dynamic, machine-driven environments.

Comparing NHIs and Human Identities

Part of what makes understanding that NHIs are different is that, if you tilt your head just right, their requirements sound very familiar. They need to demonstrate their identity and the purpose and scope of their request. They benefit from cryptographic proofs, such as JSON Web Tokens (JWTs) or X.509 certificates, to securely bind their identity to a specific action. They have a lifecycle that must be managed. And let’s not forget they may need to cross trust boundaries in a federated workflow.

I’ll go into more detail next, but here’s the summary for those who want to get straight to the good stuff.

LayerHuman IdentitiesNon-Human Identities (NHIs)Contextual ValidationRole-based access; occasional risk checksTask-specific; continuous granular checksCryptographic AssurancePasswords, passkeys, MFAJWTs, OAuth tokens, mTLS, certificatesDynamic/Ephemeral IdentitiesPersistent, lifecycle-drivenTransient, task-drivenCross-Boundary TrustSSO, federation (SAML, OIDC)Federated workload identities, SPIFFE Contextual Validation

For Human Identities:

Humans typically authenticate using static credentials like passwords, passkeys, or biometric scans. Access is often role-based, with permissions tied to organizational hierarchies or specific job functions (e.g., an employee accessing their email). Context, like geolocation or time of access, may be used for risk-based decisions (e.g., blocking a login attempt from an unusual location).

For NHIs:

NHIs rely on detailed, task-specific validation. For example, a microservice might only access a database during specific operational windows and for specific query types. Permissions are highly granular and tied to the NHI’s role in a larger process, such as allowing read-only access to one API endpoint while granting full control over another. Unlike humans, NHIs may operate across various environments, requiring continuous validation at scale. Cryptographic Assurance

For Human Identities:

Credentials often include usernames, passwords, or passkeys, validated via a central authentication server. Additional layers like multi-factor authentication (MFA) involve OTPs or hardware tokens, but the process remains human-centric.

For NHIs:

NHIs use cryptographic credentials, such as JWTs, OAuth tokens, or X.509 certificates, to prove their identity and integrity. These credentials are typically short-lived and dynamically issued, ensuring they can’t be reused if intercepted. Cryptographic proofs (e.g., mutual TLS) are used to establish secure, trust-bound connections between services. Unlike humans, NHIs don’t rely on password-based authentication, making credential management more complex and secure when implemented correctly. Dynamic and Ephemeral Identities

For Human Identities:

Human identities are persistent and change only during significant lifecycle events, such as onboarding, promotions, or terminations. Joiner/mover/leaver workflows handle these transitions in directories like Active Directory or IAM systems.

For NHIs:

NHIs are transient and may exist for just seconds or minutes, such as a containerized workload in Kubernetes that spins up to handle a specific task. Unlike human-centric workflows, they require dynamic provisioning and de-provisioning of identities without manual intervention. (It would be nice if human-centric flows did this, too, but that’s not common. Yet.) The absence of a natural lifecycle like “hiring” or “firing” makes traditional directory models ineffective for NHIs. Cross-Boundary Trust

For Human Identities:

Trust boundaries for humans are typically managed within a single organization or via federated identity systems like SAML or OpenID Connect. Federated access is often used to enable single sign-on (SSO) across organizational or application boundaries.

For NHIs:

NHIs frequently operate in multi-cloud or hybrid environments, where they must authenticate across disparate trust domains. Identity federation for NHIs requires advanced mechanisms, such as SPIFFE or OAuth token exchanges, to securely share identity and permissions between services in different ecosystems. Unlike humans, NHIs may not have a single source of truth (like an HR system), necessitating more robust and decentralized trust models. A Better Way to Think About NHIs

If you’re still thinking that NHIs belong in your human identity systems, I’m just not sure what to tell you. I would say we can agree to disagree, but getting this wrong has implications for how everyone interacts online, so I will continue to make a stand on this hill. NHIs require a different approach to identity management, including:

• Workload Identity Federation: To seamlessly authenticate across cloud providers.

• Dynamic Secrets and Token-Based Authentication: To enhance security and minimize exposure risks.

• Standards Efforts Like WIMSE and SPICE: To ensure consistent, secure service interactions.

Final Thoughts

Embracing NHIs means rethinking your identity systems and recognizing that traditional identity paradigms need to evolve. I know it’s hard work and requires even more resources for your IAM programs, but NHIs are not magic. They cannot bring security and efficiency to your organization without investment. There are vendors out there (I am not one of them) who can guide you through designing or redesigning your systems to account for NHIs. You’ve got this.

If you or your organization need support with standards development, let me know. With my experience across various SDOs, I’m here to help guide you through the complexities of Internet standards development.

The post Understanding NHIs: Key Differences Between Human and Non-Human Identities appeared first on Spherical Cow Consulting.

In this exclusive interview, Mirela Ciobanu, Lead Editor at The Paypers, sits down with Andrzej Kawalec, Head of Cybersecurity for Vodafone Business, to explore the evolving landscape of cybersecurity and its critical role in driving innovation.

🌟 Key topics covered:

Why "security is the enabling layer for innovation." Practical advice for small businesses navigating cyber threats. The importance of integrating technology, from AI to digital identity solutions. How to create a human-centered approach to cybersecurity through education and awareness. Industry trends and the future of cybersecurity at scale.

Learn why security is more than just a safeguard - it’s the accelerator for modern businesses, enabling them to adapt and thrive in an increasingly digital world. Whether you’re a CISO or a small business owner, this interview is packed with actionable insights to keep your business secure and innovative.

📈 Marketing Updates

We’ve had an exciting week of community activities, and your participation has been incredible! Here’s a quick recap:

Quizzes: 147 participants 📜 Polls: 199 participants 📊 Puzzles (Time-Based): 19 participants 🧩

Thank you for your continued support and enthusiasm. Your engagement fuels our innovation and growth.

🔧 Product Updates 📱Mobile App Updates: Revamped UI: Our team is working diligently on the revamped user interface to enhance your experience. Stay tuned for a sleeker and more intuitive design. Cross-Chain Swaps: We’ve addressed some bugs and are currently in the QA phase to ensure seamless swaps across different chains. 🔎Safle Lens: Code Restructuring: We’re making minor fixes and restructuring the codebase to improve performance and scalability. 🕹️Gaming Developments: Wallet Attestations: We’re in the planning phase for integrating wallet attestations using SafleID v2, aiming to strengthen security and user trust. Bot Detection: Pre-development has started for our bot detection feature, which will enhance fairness in our gaming ecosystem. 🎮 Safle ID for Web3 Games

We’re re-envisioning Safle ID with a focus on Web3 Games. Know any game that should integrate SafleID? Let us know!

Discover more: SafleID for Web3 Gaming

Thank you for your continued support in shaping the future of Web3 with Safle.

The Safle Team

🚀 More updates coming soon!

by Alexei Balaganski

Oh, how time flies! Can you believe that we’ve been living with ransomware for over a decade already? Sure, a pedantic historian could explain that the first occurrences of malware encrypting files and asking for a ransom to restore access were recorded all the way back in 1989. Yet, it took another couple of decades for IT infrastructures and cryptocurrencies to evolve to a stage when ransomware truly became profitable and turned into a major risk with global impact.

The public probably experienced it for the first time in 2013, when the CryptoLocker ransomware was able to infect over 250,000 systems and netted its creators over $3 million in ransom payments. By 2017, strains like WannaCry and NotPetya became notorious for causing billions in damage around the world, with the latter showing the true weaponization potential of ransomware. In fact, NotPetya’s creators were not even interested in collecting ransom, they just wanted to cause long-lasting damage to their victims.

And ever since, the entire world has been living under the constant fear of a ransomware attack. For many organizations, it has become the existential threat number one, surpassing all other known cybersecurity risks. It’s the combination of immediacy, unpredictability, and the severe consequences of even a single attack that makes it so scary, amplified even further by the lack of a single comprehensive solution to reliably prevent them in the future.

A proper strategy for ransomware prevention must include a broad range of measures, proactive and reactive, technology- and process-based, covering a multitude of attack vectors. These include everything from e-mail and web monitoring to endpoint detection and response to network security and identity governance. And yet, for most victims, the most viable scenario of surviving a ransomware attack is not to prevent it, but to contain the damage, restore their disrupted processes, and recover business-critical data as quickly and painlessly as possible…

With this realization, now is the right time to stop thinking about ransomware as malware that just encrypts or steals your files. In fact, it does much more direct and indirect damage than that – and to start thinking of new tools to augment your existing anti-ransomware toolkit. This is especially relevant for backup and disaster recovery. For example, a lot has been written recently about immutable backups as a crucial factor for ransomware resilience. It is a well-known fact that modern ransomware specifically targets backup locations to make the recovery more difficult, but are you sure that you are even doing your backups properly in the first place?

Recently, I attended a presentation of Zero Data Loss Recovery Appliance, Oracle’s specialized solution for backing up mission-critical databases. While I was familiar with the product already, I was somewhat surprised that the company now positions it as a premier solution for ransomware protection. Wait, what? Do ransomware groups even consider relational databases a viable target? And isn’t Oracle’s own Autonomous Database with all its built-in security control supposed to be 100% resilient against these attacks anyway? However, the more I was thinking about it, the more sense it all started to make.

First, not even the most hardcore Oracle customers have all their data stored in the Autonomous Database, which is, after all, a managed cloud service. For many industries and applications, sensitive data has to stay on premises at all times. Second, even when the database itself is managed by a service provider, their responsibility does not extend to protecting the integrity of the customer’s data. And finally, ransomware attacks specifically targeting databases (relational and NoSQL) are not unheard of, especially when targeting specific high-profile victims! In the end, having a secure, reliable, and high-performant solution for backing up business-critical data from enterprise databases does make a lot of sense, since it can substantially speed up recovering from a ransomware attack.

Zero Data Loss Recovery Appliance (Recovery Appliance) is an engineered system for comprehensive data protection of Oracle databases, ensuring backup immutability, continuous validation, and rapid recovery without data loss, even in the event of a ransomware attack. It integrates natively with Oracle databases to consistently validate backup data, detect anomalies, and enforce retention policies, offering recovery up to the last sub-second before a data loss incident. The appliance supports flexible deployment architectures, including air-gapped Cyber Vaults, to enhance data protection and resilience. By consolidating incremental backups into space-efficient virtual full backups, Recovery Appliance minimizes recovery time while maintaining the highest data integrity and security standards.

Since the appliance is built on Oracle Exadata engineered system that customers leverage today for running the most critical enterprise Oracle databases, it inherits the underlying platform’s performance, scalability, and availability characteristics. And since it natively supports all the internal data structures and protocols of an Oracle Database, it offers unique capabilities that no third-party, especially file-based, backup tool can provide. It can operate in “incremental forever” mode, only capturing small data changes in real time during backup but will reassemble (“materialize”) them into a consistent full copy on the fly when needed for restoration.

Of course, all the backup copies stored by the appliance are immutable, but in addition to that, they are continuously validated for recovery integrity, down to the transaction level. Whenever you need to restore data, you can have peace of mind knowing that it will be free from any tampering or anomalies, whether caused by ransomware or other data compromise, encryption, or corruption scenarios.

To boost the level of security and compliance even further, while still meeting the RTO/RPO requirements, it is possible to deploy the appliance in an “air gap” configuration, further separating backup copies from production data. Whenever a full physical isolation is impossible or impractical, the combination of ZDLRA’s security features (immutable backups, end-to-end encryption, strict access controls, integrity checks) with network segmentation provides a strong level of “logical air-gapping” consistent with NIST best practices.

Recently, Oracle announced Zero Data Loss Autonomous Recovery Service, a cloud-native, Oracle managed counterpart of the on-premises appliance. It offers the same capabilities but in the cloud; in fact, the service is available in all clouds currently partnered with Oracle: Azure, GCP, and AWS. Cloud backups also have a significant advantage of being natively distributed across multiple availability zones, so they remain available even if a zone goes offline. It is even possible to quickly restore a backup to a different region or tenant to deal with catastrophic failures – not just ransomware but natural disasters, like earthquakes or tornadoes.

The company is now working on integrating these two offerings to support hybrid deployments in the future. But even now, according to Oracle, the Recovery Service is projected to become their largest cloud service by total storage volume.

So, will it really protect your organization from ransomware attacks? I’m afraid that asking this kind of question is misleading and even somewhat dangerous. There is simply no single tool or technology that can provide complete protection, given the broad range of vulnerabilities and threat vectors that can be exploited by malicious actors. What it can offer though is a turn-key solution for a specific kind of risk – a risk of losing access or compromising your critical sensitive data.

In a world where ransomware evolves faster than defenses, solutions like Oracle's Recovery Appliance are not just useful tools – they’re lifelines, turning catastrophes into recoverable incidents and keeping your business resilient when it matters most.

If you’re looking for more information about Oracle's solution, check the links below:

Zero Data Loss Recovery Appliance Product Home
Zero Data Loss Autonomous Recovery Service Product Home
Oracle Backup & Recovery Technologies Blog Central
Oracle Backup & Recovery AskTOM Office Hours

Here’s how to more effectively manage a Microsoft Entra ID environment.

Join us Friday, Jan. 10 at 9:45 ET for liveblog coverage of this pivotal Supreme Court hearing. We will provide real-time updates, expert analysis, and key takeaways as the event unfolds.

The suit regarding Google’s “Web App & Activity” tracking options is scheduled for an August trial.

Verifiable credentials are transforming how organizations verify, share, and manage data in new and powerful ways. Discover the top industries where verifiable credentials are reshaping digital interactions and unlocking new possibilities for individuals, businesses, and governments worldwide.

By: Ken Ebert

In the rapidly evolving digital identity landscape, Verifiable Credentials (VCs) are becoming more than just an emerging technology — they are establishing themselves as essential tools for secure, privacy-respecting identity verification. Organizations around the world are deploying this technology to simplify processes, enhance security, and give users control over their data. 

This blog looks at five of the top use cases for Verifiable Credentials that we see for 2025, providing insight into how this technology is driving efficiency, transparency, and trust. Each example highlights how industries are using VCs to meet the increasing demand for secure, interoperable, and user-centric identity solutions. From improving how we manage biometric data to enabling seamless travel and streamlining compliance in finance, VCs are proving their versatility and value.

International Travel

Using digital identities for domestic proof of identity and travel has already seen some adoption, see our recent article on Mobile Driver’s Licenses. But the next step is being able to travel internationally faster and more conveniently. Michael Zureik of SITA recently presented the findings of a proof of concept for flying internationally using a Digital Travel Credential (DTC) and the IATA One ID in collaboration with Indicio, the Government of Aruba, and Delta Airlines. Aruba plans to have their solution operational to all travelers to the island in 2025, but keep an eye out for a quick adoption by other countries and airports.

Biometric Authentication

Biometric authentication solves the problem of passwords and logins for many organizations and users; unfortunately, it still relies on the underlying problem that passwords face: reliance on a centralized database. The solution to removing this reliance on a database is what we call “Bring Your Own Biometrics.” Once a biometric is authenticated, it is issued as a Verifiable Credential. When a person presents for a liveness check, they also present their biometric VC and the relying party compares the liveness check with the biometric in the VC. This solution keeps all of the benefits of biometric authentication, while removing the risk of data breach and reducing liability for the organization. Indicio Deputy CTO Sam Curren recently held an in-depth discussion on this topic with real world examples and implementations if you would like to learn more. As data breaches continue to rise and more systems switch to biometric authentication to combat fraud, we see this use case for eliminating databases for sensitive personal information being critical.

Education

Schools of all levels are currently generating a mountain of paperwork per student per year. They need records of each student’s grades, transcripts, awards won, participation in sports or activities, and the list goes on. The current process to verify a student’s accomplishments requires the student to go back to the school and get the documents, and present them to the verifying party, either an employer or a higher education institution, and then for that part to also check in with the school to ensure they are authentic, resulting in a time consuming, manual process. The use of Verifiable Credentials and Open badges 3.0 will allow everyone to skip the wait and be able to immediately verify the student’s accomplishments without the need to check in with the school or a third party system. Students and faculty would also be able to use Verifiable Credentials for identity and access management, allowing users to access their accounts and documents in a faster, more secure, passwordless way. Indicio is already working on implementing this solution for the United School Administrators of Kansas, but this issue applies to everyone in education, and we see the entire industry being quick to adopt once they see the time and cost savings to be had.

Agriculture 

Farmers have a lot of data to share. From organic growing practices to emissions data or water usage, they have a lot to keep track of and share with a variety of stakeholders, including regulators, governments, suppliers, and consumers. Historically they have relied on third-party identity providers and centralized databases, which have proven complex to integrate and slow to operate, and can share the farmer’s data without their knowledge or permission. With a decentralized identity approach their information can be shared directly, and can also create a more transparent supply chain and prove provenance. Recently, the Trust Alliance New Zealand in partnership with Indicio and Anonyme Labs has showed that all of this information can be securely held locally in a digital wallet and shared in a decentralized way, offering a faster, simpler approach to data management that saves time and money for everyone that relies on farming data. This solution won the Constellation Research 2024 SuperNova Award for “Digital Safety, Governance, Privacy, and Cybersecurity.” Agriculture and farming is a data intensive activity and we see growing interest and applications for digital farm wallets in 2025.

Finance

No one is targeted more by fraudsters than financial institutions. In fact, it’s likely that your bank receives thousands of deepfake scam phone calls per year trying to gain access to customer accounts. Decentralized identity can stop this problem at its source by providing mutual authentication through DIDComm to both banks and the customers they service before every interaction or transaction, removing the ability for any party to be impersonated. Historically banks have had to identify customers through passwords and MFA, while customers had no way to truly identify their bank without extra due diligence on their part. Fraud prevention and faster customer interactions will be a driving force for finance being a big adopter of Verifiable Credentials and decentralized identity in 2025.

Do you see a use case you’d like to discuss further? Curious how Verifiable Credentials can help your organization? Get in touch with our team of technical experts or learn more about Indicio’s complete solution Indicio Proven.

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post Top 5 exciting use cases for Verifiable Credentials to look out for in 2025 appeared first on Indicio.

Predictoor DF123 rewards available. DF124 runs Jan 9 — Jan 16th, 2024 1. Overview

Data Farming (DF) is Ocean’s incentives program. In DF, you can earn OCEAN rewards by making predictions via Ocean Predictoor.

Data Farming Round 123 (DF123) has completed.

DF124 is live today, Jan 9. It concludes on January 16th. For this DF round, Predictoor DF has 37,500 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF124 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF124

Budget. Predictoor DF: 37.5K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and Predictoor

Ocean was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF123 Completes and DF124 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

by Matthias Reinwarth

Identity and Access Management (IAM) remains one of the essential pillars of modern enterprise architecture, addressing the complexities of managing identities and their associated access across diverse environments. As organizations face growing demands for compliance, operational efficiency, and security, the need for adaptable, future-ready IAM frameworks is paramount.

Thales presents successful consecutive firing of LMM to international partners Language English simon.mcsstudio Thu, 01/09/2025 - 10:14

Thales in the UK, in collaboration with the UK Ministry of Defence (MoD), hosted multiple international partners to display the Lightweight Multi-role Missile (LMM) and its capabilities in an air defence and surface attack role.

The demonstration, which took place at Manorbier, successfully delivered a consecutive firing by Thales UK of LMMs at both an air and a sea target. This firing was a first of its kind and demonstrates Thales’ expertise in the air defence and surface attack domain, with LMM pioneering the way in short range defence, providing a seamless back-to-back engagement of incoming threats, proving once again the true versatility and multi-role applications of the missile.

Both the air target (Banshee UAV) and sea target (fast inshore attack craft - FIAC) were successfully destroyed in the engagement which saw two missiles fired within less than 60 seconds, one for each specific target, demonstrating the lethality, agility and technical achievements of the missile. LMM was fired from a vehicle-mounted, lightweight fire control and launching system, produced by Thales in the UK.

The demonstration day was supported by the British Army and Royal Navy, including displays of static equipment such as shoulder and tripod launchers, as well as a Wildcat helicopter that can carry 20 LMM at a time, known as Martlet in the naval domain.

/sites/default/files/database/assets/images/2025-01/RAPIDRanger_Exp-Banner.png 09 Jan 2025 United Kingdom Thales in the UK, in collaboration with the UK Ministry of Defence (MoD), hosted multiple international partners to display the Lightweight Multi-role Missile (LMM) and its capabilities in an air defence and surface attack role. Type News Hide from search engines Off

RADIUS (Remote Authentication Dial-In User Service) authentication is a widely used protocol that plays a key role in many organizations’ security stacks. It ensures that users or devices attempting to connect to a network are properly authenticated, safeguarding access and preventing unauthorized use.

 

This article explains what RADIUS authentication is, how it works, and why it’s an important component of identity management.

Anonyome Labs has the most advanced decentralized identity mobile wallet SDK on the market—and the newly released version 3.0 is packed with features that customers can apply to their own products.  

The new features in the latest version of our DI Mobile Edge Agent SDK represent the bleeding edge of decentralized identity (DI), align with European Union Digital Identity (EUDI) regulations, and maintain the modularity, reliability, and security of Anonyome Labs’ products.

Our DI Mobile Edge Agent SDK currently allows customers to easily integrate DI and verifiable credential (VC, or reusable credential) solutions into their applications and now, with version 3.0, these capabilities go even further. The DI Mobile Edge Agent SDKis a native SDK for both iOS and Android, and does not rely on any third party frameworks such as Javascript frameworks.

In nutshell:

Anonyome Labs Edge Agent SDK 3.0 adds support for OpenID4VC (OpenID4VCI and OpenID4VP), expanding its suite of protocols for receiving and presenting credentials, in addition to the already supported Aries protocols. Anonyome Labs Edge Agent SDK 3.0 builds on its collection of supported credential formats (Anoncreds and W3C) with the addition of IETF SD-JWT VCs, increasing interoperability and supporting new privacy-preserving use cases. Anonyome Labs Edge Agent SDK 3.0 updates its supported Aries protocols, maintaining interoperability with the latest Aries agents in the ecosystem. Anonyome Labs Edge Agent SDK continues to exist in the ecosystem of Anonyome’s DI offerings, such as in the Anonyome Labs Cloud Agent Service and the Anonyome Labs Decentralized Identity Relay. Having accomplished what was on the roadmap we set out in our previous article, we’ve outlined our new enhanced roadmap, including continued investment into OpenID4VC capabilities, and expansion for new DID Methods (such as Cheqd).

Let’s break these down:

Adds support for OpenID4VC protocols

With our DI Mobile Edge Agent SDK already having support for Aries protocols for receiving and presenting VCs (Issue Credential and Present Proof), version 3.0 ventures into the new OpenID4VC protocol suite (OpenID4VCI and OpenID4VP).

This move allows for wider interoperability with the DI ecosystem, including within the EUDI ecosystem where these protocols are being used in technical specifications (such as the Architecture Reference Framework) and pilot deployments.

These new protocols also help achieve new use cases and wallet UX flows alongside the existing Aries protocol’s use cases. A few of the notable differences are:

Being rooted in industry-standard OAuth 2.0 flows, OpenID4VC allows standard OAuth authorization flows to be used in credential issuance flows. Multiple credentials can be offered in the same flow, where the Edge Agent SDK consumer can browse and request the desired credential. The issuer now conveys support for UI display data in the credential exchange, including issuer and credential colors, text, and logos. There’s no prerequisite to establish an existing DIDComm connection. Credential and presentation exchange flows can begin immediately from an initial QR code scan or deep link click.

The possibilities and protocol variations in OpenID4VC are vast. To home in on the variations the Edge Agent SDK will support in this release, we’ve targeted interoperability with the OpenID4VC verifier and issuer capabilities of the popular open-source projects credo-ts and ACA-Py.

Builds on supported VCs formats, with IETF SD-JWT VCs

IETF’s SD-JWT VCs is the latest credential format to enter our Edge Agent’s suite of supported formats, alongside W3C VCs and Anoncreds.

Like the new OpenID4VC features, this new credential format enables new use cases and wider interoperability with the DI ecosystem, since SD-JWT VC is a preferred format in the EUDI ecosystem.

SD-JWT VCs are designed with selective disclosure in mind, allowing for the building of user-centric privacy-preserving use cases. Using SD-JWT VC, the holder can selectively choose to hide certain attributes of their credential (if the issuer permits it), so that when they present their credential in some use cases, they present only the bare minimum to satisfy that use case. By default, our Edge Agent SDK will always disclose as little as possible when presenting SD-JWT VCs, protecting the privacy of our consumers.

Our Edge Agent SDK could already support some of these use cases via Anoncreds and the BBS-variant of W3C VCs, but SD-JWT VCs differ from these formats in that they use NIST FIPS-compliant cryptography—an attractive feat for EUDI regulation.

Updates supported Aries protocols

In addition to our major venture into the new OpenID4VC protocol suite, we continue to maintain and expand our Aries protocol suite. Since 2.0, the Edge Agent SDK has added support for the latest Aries connection protocol, DID Exchange.

This new protocol has new UX optimizations for Edge Agent SDK consumers where DIDComm connections can be re-used if a duplicate connection is detected when receiving a DIDComm invitation. But, just as importantly, this feature ensures the Edge Agent SDK remains aligned with the latest Aries Interoperability Profile (AIP).

Exists in the ecosystem of Anonyome’s DI offerings

As a market leader in innovative decentralized identity (DI) technology offerings, Anonyome Labs continues to advance its DI solutions, supporting a wide range of use cases. Our Edge Agent SDK continues to seamlessly integrate with our highly scalable DI message relay solution, the Sudo DI Relay SDK, allowing the edge agent to reliably receive messages from the DIDComm peers it connects with. What’s more, we continue to thoroughly test our Edge Agent against our Cloud Agent Service offering (in addition to a suite of open source DI agents) to make sure all our features remain interoperable in the DI ecosystem. 

Rich roadmap ahead

With this extensive third release, Anonyome’s DI Mobile Edge Agent SDK has once again exceeded its roadmap, going beyond the plan laid out since the previous release announcement. But we are not slowing down: we plan to keep adding features to every new release of the SDK so our customers’ applications can stay up to date with the latest and greatest in the DI ecosystem.

Going forward for the SDK, we plan to continue updating our OpenID4VC protocol suite. Despite being deployed in many EUDI pilots, OpenID4VC protocols are still in draft status. We plan to stay up to date with these protocols as they approach their official 1.0 release, aligning with the EUDI. We also plan to:

Enhance our OpenID4VC protocol implementations with new capabilities, such as OpenID4VCI’s “Authorization code flow”, enabling use cases where users must perform a standard OAuth login to access a credential Add support for OpenID’s SIOPv2 protocol, allowing for new “login with decentralized identifier” use cases Continue expanding the set of DID methods we support, such as did:cheqd, did:tdw, and did:jwk, again increasing the level of interoperability with more DI agents.

Anonyome Labs’ business solution combines a scalable identity foundation and menu of enterprise-ready APIs and SDKs, so you can quickly build and deploy next-generation privacy, cyber safety, and decentralized identity apps to help your customers communicate privately, navigate online safely, and transact securely in an increasingly connected world. 

Talk to us today 

The post Go Inside Version 3.0 of the Most Advanced Mobile Wallet SDK on the Market appeared first on Anonyome Labs.

Here are five trends that will lead to the increased adoption of digital identity verification this year.

Learn how Auth for GenAI helps secure your GenAI apps. Join the waitlist to be the first to know when Auth for GenAI is available in early access

It’s clear that stationary views of identity security are no longer helpful.

Such figures represent a significant increase in government requests fulfilled by Telegram, which had only provided 108 users' information in response to 14 requests until September, when the messaging platform updated its privacy policy in aid of law enforcement probes for cybercrime and online fraud.

by John Tolbert

Defend against evolving cyber threats with XDR: a unified security solution for ransomware, malware-less attacks, and complete network and cloud observability. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors, criteria to select your vendor, and requirements for successful deployments. This document will help prepare your organization to conduct RFIs and RFPs for XDR solutions.

In 2025, the pace of change in technology can transform industries in weeks, and customer identity management must keep up. The rapid evolution of customer expectations and technological capabilities necessitates a strategic CIAM approach that seamlessly balances robust security, intuitive user experiences, and business enablement.

Luxembourg, 8 January 2025 – Tokeny, a leading provider of onchain finance solutions, has partnered with Ditobanx, a licensed Digital Asset Service Provider (DASP) in El Salvador, to help the country build a standardized framework for tokenized regulated assets and position the nation as a leader in the tokenization era.

By leveraging Tokeny’s proven technology, Ditobanx has successfully overcome the challenges of launching a robust platform to issue, manage, and distribute tokenized assets in a seamless and compliant way, without recreating operational silos. The company plans to issue $300 million in tokenized assets in 2025, with a pipeline of 22 clients ready to onboard.

Ditobanx’s mission goes beyond simplifying investment access through tokenization. The team is committed to building an ecosystem that extends the reach of El Salvador’s securities and enhances liquidity in private markets. This ecosystem vision hinges on collaboration and standardization, ensuring that participants across the financial landscape can connect and operate seamlessly.

Ditobanx, Tokeny, and over 90 industry players are collaborating through the non-profit ERC3643 Association to ensure the adoption of the market standard ERC-3643 (“T-REX”) for compliant tokenization. This standard defines how compliance, permissions, data, and onchain workflows are managed, enabling participants to interact effortlessly within a standardized framework.

However, the lifecycle management of tokenized securities remains complex, involving the integration of both on-chain and off-chain processes and data. Developing an orchestrated platform from scratch is both time-intensive and costly, often taking years to complete. To overcome these challenges, Ditobanx chose Tokeny’s onchain operating system, which enabled them to launch their platform within weeks. This swift deployment allows Ditobanx to focus on their core business while benefiting from a proven and scalable solution.

To ensure that other licensed providers in El Salvador can overcome similar challenges and adopt the market standard, Ditobanx will offer tailored guidance and access to its expertise and tools. By supporting these providers in implementing the ERC-3643 T-REX standard, Ditobanx aims to create a more streamlined and standardized ecosystem across the country, eliminating silos and unlocking the full potential of tokenization through seamless interoperability and open distribution.

Launching tokenized assets is a complex process, but it is essential for the future of our industry. We believe in making this journey easier for others by sharing what we’ve learned and providing access to proven solutions. Standardization is critical for creating a more connected, liquid, and innovative market, and we are committed to making this vision a reality for El Salvador and beyond. Guillermo ContrerasCEO of Ditobanx El Salvador has been a trailblazer in adopting and regulating digital assets, demonstrating an active and forward-thinking approach to innovation. The country is uniquely positioned to take full advantage of the opportunities that tokenization offers. With a visionary partner like Ditobanx, making significant strides toward nationwide standardization, we are proud to support their efforts. By providing the right tools and expertise tailored to local jurisdictions and specific needs, we are enabling institutions across El Salvador to confidently and efficiently embrace tokenization. Luc FalempinCEO of Tokeny

With Tokeny and Ditobanx working together, El Salvador is taking another major step toward making tokenized assets a core part of its economy. This partnership not only creates a clear path for licensed providers to succeed but also builds the foundation for a stronger, more efficient tokenization market that benefits issuers, investors, distributors, and the nation as a whole.

About Ditobanx

Ditobanx is a digital financial solutions company dedicated to transforming the way individuals and businesses interact with their finances. With a strong presence in Latin America and plans for expansion, Ditobanx continues to innovate to provide the best financial tools on the market.

About Tokeny

Tokeny is a leading onchain finance operating system. Tokeny has pioneered compliant tokenization with the open-source ERC-3643 T-REX standard and advanced white-label software solutions. The enterprise-grade platform and APIs unify fragmented onchain and offchain workflows, integrating essential services to eliminate silos. It enables seamless issuance, transfer, and management of tokenized securities. By automating operations, offering innovative onchain services, and connecting with any desired distributors, Tokeny helps financial actors attract more clients and improve liquidity. Trusted globally, Tokeny has successfully executed over 120 use cases across five continents and facilitated 3 billion onchain transactions and operations.

Website | LinkedIn | X/Twitter

The post Tokeny and Ditobanx Partner to Transform El Salvador into a Tokenization Leader appeared first on Tokeny.

The European Union’s Markets in Cryptoasset (MiCA) Regulation has officially come fully online, as requirements for cryptoasset service providers (CASPs) took effect from the end of 2024. 

by Anne Bailey

Organizations face a range of challenges that impact both institutions and their customers, particularly in areas like compliance for Know Your Customer (KYC) and Anti-Money Laundering (AML) regulation, fraud prevention, and customer experience. These challenges don’t exist individually; each impacts and complicates the others. For example, regulatory obligations and rising fraud add requirements to an onboarding experience that customers already have strong opinions about. Balancing the growing threat of fraud with the high customer demand for seamless, secure digital experiences creates a challenging environment for institutions trying to evolve their digital services.

We’re happy to announce Season 9 of the Ocean Zealy Community Campaign, an initiative that has brought together our vibrant community and rewarded the most active and engaged members.

💰 Reward Pool

5,000 ($FET) tokens that will be rewarded to the Top100 users in our leaderboard 🚀

📜Program Structure

Season 9 of the Ocean Zealy Community Campaign will feature more engaging tasks and activities, providing participants with opportunities to earn points. From onboarding tasks to Twitter engagement and content creation, there’s something for everyone to get involved in and earn points and rewards along the way.

⏰Campaign Duration: 8th of January— 7th of February 12:00 PM UTC

🤔How Can You Participate?

Follow this link to join and earn:

https://zealy.io/cw/onceaprotocol/questboard

Season 9 of the Ocean Zealy Community Campaign! was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

We’re excited to announce that OceanDAO [1], Ocean Protocol co-founders Trent McConaghy and Bruce Pon, and Ocean Predictoor team members have invested a combined total of $735,000 USD in Yiedl.ai. OceanDAO is the DAO arm of the Ocean Protocol ecosystem. Yiedl.ai is an emerging AI-driven marketplace pushing the boundaries of DeFi using data-intensive AI.

This partnership underscores our commitment to supporting projects that help level the playing field on data and AI via decentralized infrastructure, towards high-impact verticals like DeFi.

About the Partnership

The Ocean Predictoor team is already using Yiedl’s historical crypto data to improve the accuracy of its crypto price prediction models, which in time will emerge as part of the Predictoor product offering. Furthermore, the Ocean team will leverage its expertise in decentralized data exchanges and time-series prediction to guide features and help catalyze usage in Yiedl’s AI-driven marketplace.

Finally, Yiedl will use Ocean Protocol’s decentralized data platform to securely share and monetize data, and leverage Ocean’s large data science community and the Superintelligence Alliance’s expansive network, gaining a powerful strategic partner on its journey toward transforming DeFi through AI-driven solutions.

About Yiedl

Yiedl is at the forefront of integrating AI with decentralized finance, offering users AI-powered insights and preparing to launch decentralized execution bots, to help users navigate the next frontier of DeFi. The platform originated from a global AI competition that brought together over 1,000 data scientists. It has since become a crypto data provider for AI competitions, including for Ocean Predictoor. This further solidifies Yiedl’s role in supplying advanced crypto data analytics while expanding its reach and AI capabilities.

With Ocean Protocol’s expertise in decentralized data sharing and their large network of data scientists, Yiedl is well-positioned to expand its impact and accelerate innovation in the DeFi space.

Celebrating with the Ocean Protocol Community

To mark this collaboration, Yiedl is hosting an exclusive giveaway for the Ocean Protocol community. A total of 50,000 YIEDL tokens (valued at $0.10 each) is up for grabs:

3 Major Prizes: 5,000 YIEDL tokens each 15 Prizes: 1,000 YIEDL tokens each 200 Prizes: 100 YIEDL tokens each

Join the celebration and enter here: https://gleam.io/kvhaM/yiedl-x-ocean-celebration-airdrop

Looking Ahead

This partnership with Yiedl marks another step forward to level the playing field on AI and data, using the tools of decentralization.

About Ocean Protocol

Ocean was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Ocean Protocol is a founding member of the ASI Alliance, together with Fetch.ai and SingularityNET.

Follow Ocean on Twitter or Telegram to keep up to date, and Predictoor’s Twitter for its news. Chat directly with the Ocean community on Discord. Track Ocean’s tech progress directly on GitHub.

Ocean Partners with Yiedl via $735,000 USD Investment for AI-Driven DeFi was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

Thales and Delta Air Lines partner to deliver next-generation Delta Sync seatback experience powered by FlytEDGE prezly Wed, 01/08/2025 - 03:15 Delta Air Lines and Thales have partnered to deliver the next-generation Delta Sync seatback passenger experience powered by FlytEDGE, the first cloud-native inflight entertainment system Thales’ FlytEDGE utilizes innovative hardware and software technologies that enable unlimited opportunities to create connected and custom journey experiences This announcement follows Delta’s immersive keynote experience at the CES 2025 where it kicked off its centennial anniversary
©Delta

A Century of Exceptional Experiences Meets Cutting-Edge Technology

At CES 2025, Delta unveiled its next-generation Delta Sync seatback experience powered by Thales’ award-winning FlytEDGE solution - the first cloud-native IFE system that elevates the passenger experience to new heights. The system features state-of-the-art hardware and software technologies including:

Stunning cinematic 4K QLED HDR seatback displays to immerse passengers with over 1 billion vibrant colors Bluetooth® capabilities so travellers can pair their wireless devices Thales’ award-winning Onboard Data Center (ODC) with 96TB of storage to enable edge caching, bringing immense volumes of high-quality content and instant streaming experiences to passengers An intelligent recommendation engine that tailors content to passenger preferences so they spend less time scrolling and more time enjoying

For Passengers: creating unique experiences at every seat

FlytEDGE enables Delta to deliver unique features that make the travel journey more enjoyable and accessible for all travelers, including digital functionalities such as:

Onboard Experience Planner

Seatback features like “Do Not Disturb” mode that give travellers more control over their journey and enables Delta to deliver the exceptional service they are known for.

Future enhancements will include features like guided wellness, expanded options for customizing the food and beverage experience and other expert guidance designed to make every trip the best it can be.

Seatback Announcement Translation

Enables customers to understand crucial flight information, no matter their first language, and makes the travel experience more accessible to customers with hearing disabilities. ​ ​

Provides flight attendants with the ability to send messages to seatback displays in the passenger’s preferred language, a step forward in delivering dynamic in-flight communication capabilities.

Arrival Mode

Integrates essential day-of travel information from the Fly Delta app directly into the seatback environment. This enhancement ensures SkyMiles Members have the information they need, across devices, to confidently transition to the next step of their journey – whether it’s making a connecting flight or arranging ground transportation at their final destination.

For Airlines: creating personalized experiences through ground-breaking digital features

FlytEDGE facilitates data-driven decisions to constantly adapt the passenger interface with new features and curated entertainment at every seat. Delta can deploy the latest updates over the air at the click of a button to one aircraft or the entire fleet to deliver the newest and most popular content curated by the Delta Studio Team. FlytEDGE goes beyond the hardware, providing superior performance with real-time system ​ and automated maintenance tasks. Leveraging a connected cloud-architecture, the system is built to enable quick integration of Delta’s digital partners - allowing the airline to seamlessly bring-in services for a personalized touch at an unprecedented speed and efficiency. Features include:

Virtual Aircraft Support: The ability to deploy system and experience updates to a virtual aircraft providing a groundbreaking approach to validate and approve user interface (UI), content and services updates anywhere and anytime. Following deployment and validation to the virtual aircraft, updates can be deployed to partial or full fleet instantly and as desired.

Real-Time Analytics: Enables the curation of experiences and content in real-time based on usage analytics.

Resilience: Exceptional system availability to passengers due to redundant storage, data flows, and computing capabilities.

Future-proof: A continuously evolving set of services that can be selected and deployed by the airline at their convenience.

“At Thales, we believe that the future of inflight entertainment is without limits. We are delighted to be at the forefront of innovation alongside Delta to introduce groundbreaking new experiences. Through our collaborative partnership, we are bringing the industry’s first cloud-native IFE system onboard as part of the Delta Sync experience. FlytEDGE’s advanced capabilities offer the airline endless opportunities to create memorable and engaging passenger journeys, fully integrated into their CRM and ground-based services” said Yannick Assouad, Executive Vice-President Avionics, Thales.

Ranjan Goswami, Delta S.V.P. – Customer Experience Design said, “As technology evolves, our customers expect their travel experience to adapt and evolve with them. They want it to be intuitive, contextual and seamless in a way that supports and guides them so that they can move through life with confidence. To stay ahead of those expectations, Delta is committed to continuously evolving our industry-leading digital experiences across channels to ensure the sky is never the limit – it’s only the beginning.”

/sites/default/files/prezly/images/Design%20sans%20titre%20%2839%29_0.png Documents [Prezly] Thales and Delta Air Lines partner to deliver next-gen Delta Sync experience powered by FlytEDGE.pdf Contacts Cédric Leurquin 08 Jan 2025 Type Press release Structure Aerospace United States A Century of Exceptional Experiences Meets Cutting-Edge Technology prezly_718771_thumbnail.jpg Hide from search engines Off Prezly ID 718771 Prezly UUID 72560b4c-8c66-4fbe-b849-83ce232b76a9 Prezly url https://thales-group.prezly.com/thales-and-delta-air-lines-partner-to-deliver-next-generation-delta-sync-seatback-experience-powered-by-flytedge Wed, 01/08/2025 - 04:15 Don’t overwrite with Prezly data Off

Easily implement dynamic entitlements in SaaS applications with Auth0 and Stigg

The economic benefits from streamlining cross-border transactions are massive — and decentralized identity provides the digitally transformative infrastructure to do so. 

By Trevor Butterworth and Tim Spring

According to the European central bank, global cross-border payments are expected to increase from 190 trillion USD in 2023 to 290 trillion USD by 2030 as global commerce becomes more digitally integrated.

Yet in practice, cross border payments are complex and difficult for businesses to execute and often punishing for individuals. Currency conversion rates, fees, and regulatory compliance all conspire to slow down and increase the cost of payments in real time; and for remittances — people sending money from one country to another (typically a foreign worker sending money to relatives) — these fees are brutal. According to the World Bank, the average cost of sending a remittance is 6.65% of the amount sent, rising to 8.37% for Sub-Saharan Africa.

As a recent World Bank report notes, “In more than 60 countries, remittances account for 3 percent or more of the Gross Domestic Product (GDP), and small/fragile states are more heavily dependent on remittances. As such, it is critical that both remittance senders and receivers have access to a multitude of payment methods and channels in order to deliver and receive remittances in an affordable and fast manner.”

Even a modest 1 percentage point reduction in fees, says the European Central Bank’s Fabio Panetta, “would leave those most in need with USD 6 billion in their pockets every year.”

Everyone’s looking for better solutions, with the goal of making cross border payments cheaper, faster, more flexible, and more secure. Here’s how we believe Decentralized identity and Verifiable Credentials can deliver those solutions, fast.

Validating account ownership and status

Identity fraud is the specter haunting all financial transactions. The key benefit of a Verifiable Credential solution is cryptographic trust: If you trust the source of a Verifiable Credential, you can trust the contents, and immediately act on the data.

Verifiable Credentials enable people or organizations to hold data about themselves, such as the financial account data required to meet “know your customer” and AML requirements. Verifiable Credentials enable people to share and reuse that data in a way that doesn’t require checking in with the original issuer of the information or storing the same data in order to cross check it.

Authentication is seamless because the origin of the credential is instantly verifiable through cryptography. The information in a credential is digitally signed so that any alteration will be instantly detected. And the credential is bound to the person and their device and their digital wallet both by cryptography and biometrics so you can know that it is the rightful owner is presenting their information. The credential can also be programmed to expire or it can be revoked depending on whether its terms of use have been violated.

Verifiable Credentials are capable of delivering “government-grade” digital identities that can be bound to biometrics (see 4 below) and verified using simple software anywhere and at any time.

Know Your Customer’s Biometrics (KYCB). 

Biometrics are increasingly being incorporated into payments so that you can “pay with your face.” But the rapid rise of generative AI-driven biometric fraud threatens to derail confidence in conventional biometric authentication. Biometric theft represents a much higher existential risk to people than account or password theft. Similarly, the need to store personal biometric data in order to verify it represents a much higher privacy and security risk to all parties involved.

This is where Verifiable Credential technology comes to the rescue. By submitting an authenticated biometric template from a trusted credential provider while performing a liveness check, a relying party has a simple, reliable way to cross check that the person really is the face in front the camera — and without the relying party having to store any biometric data or change their biometric infrastructure.

This “bring your own validated biometrics” approach is driving seamless digital travel, enabling people to seamlessly cross borders. This kind of “government-grade” digital identity is ideal for payments, domestic and international.

Cross-border technical interoperability

Decentralized identity both simplifies the architecture and workflows for sharing data. The first is accomplished by eliminating the need for direct integrations. If you trust the issuer of a credential (Bank A), you can trust the information in the credential, and connect the verifying software to internal systems through an API. This makes data portable and immediately actionable.

Second, it is easy to establish governance rules for how information in a credential is processed. This is because a) there’s a global specification for these governance rules, and b) the rules are encoded in machine-readable files propagated to issuers, holders, and verifiers alike.

In other words, a governance authority can publish a list of trusted credential issuers in a file and send it to every organization with verifying software. A merchant in a village with a mobile verifier on their phone is able to immediately authenticate whether a credential presented has come from a trusted organization. The file can be rapidly updated and, as it is cached, it can be configured to handle offline verification.

While the technical complexities of cross border transactions are not to be underestimated, decentralized identity — and specifically, decentralized ecosystem governance — can radically simplify workflows needed to deliver efficient, cost-effective real-time payments.

Seamless, connected experiences

When you combine Verifiable Credentials with a powerful communications protocol such as DIDComm (Decentralized Identifier Communications), you get even more flexibility. DIDComm enables two powerful features.

First, it is the engine that enables parties to mutually authenticate each other before exchanging any data.

The second is that it allows a mobile device to operate as if it had a very powerful API for data exchange, one that is much more secure than any conventional API. This is groundbreaking, as the inability (for a variety of technical reasons) of mobile phones to use APIs has limited their functionality.

When these two features combine, we have a very powerful way to integrate services in a seamless, secure way. For example, a fintech AI could be permissioned to access and analyze account data in real time.

But the point is that it makes it easy to permission and process any kind of complex workflow between parties; it turns digital wallets and their owners into verifiable data platforms.

Platformless infrastructural transformation

Verifiable Credentials are not a platform. They are not stand-alone systems that replace existing infrastructure; they are, rather, a set of tools you drop into existing systems. Just as a catalytic converter renders harmful emissions less harmful, Verifiable Credentials make the digital data you already have verifiable, portable, private, and secure — and they do so without this data being stored or controlled by the tech developer.

This is critical for data privacy compliance, transparency, and trust. It is the key to why decentralized identity can scale to, and interoperate as, cost-effective global digital infrastructure accessible to all.

The challenge

The travel sector is rapidly transitioning to decentralized identity and “government-grade” digital identities in order to deliver streamlined and more secure customer experiences as global air passenger numbers are set to double in the near future. Airlines and airports get it.

For finance, the challenge is first, to understand how powerful this technology is and how easily it can be deployed to manage the complex tangle of regulatory and technical challenges across multiple stakeholders; second, to then make the policy decisions to allow implementation.

In this, the technology is, in many ways, the easy bit; it’s the talking and coordinating that’s hard.

But there is an incentive for everyone to align around: reducing the cost of cross border remittances are a Sustainable Development Goal (SDG10) — and the clock is ticking on 2030. The savings are considerable; the impact of these savings, life transforming. The time to implement Verifiable Credentials has never been better.

We can do it; we can do it quickly. Contact the Indicio team to get started here.

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post How to put billions into people’s pockets by transforming cross-border payments with Verifiable Credentials appeared first on Indicio.

Kubernetes security focuses on preventing unauthorized access, ensuring data privacy, and maintaining the integrity of workloads and clusters.

Cybercriminals are no longer just lone actors looking for technology weaknesses; they're strategists and technicians who take advantage of every opportunity to profit by stealing customer data, taking over accounts, and infiltrating internal business systems to rob and plunder. Today’s fraudsters can break through tough security measures to commit their crimes and disappear before you even realize they were there.

 

If you own or run an ecommerce website, every transaction, every new account, and every click on your website is a potential entry point for the well-armed cybercriminal. Are you prepared to handle this threat?

To gain even greater insight into business and consumer views of open banking, Mastercard and the Harris Poll recently conducted a survey in the U.S., U.K., Nordic and Australian markets.

The survey delves into open banking usage and momentum at large, including drivers and barriers to adoption, top use cases for today and tomorrow and the most important factors to consider when choosing an open banking partner.

Explore some of the highlights or download the full report here.

The post New report: Building trust in the age of open banking appeared first on Finicity.

With the coming of the New Year there’s no better time to look ahead at what’s in store in the ever-changing world of crypto policy and regulation. 

Now that 2024 has come to a close, it’s the perfect time to reflect on the digital identity landscape and evaluate how the year’s trends have shaped the market. In our annual tradition, we look back on our predictions at the start of the year and assess how they measure up against reality. This year, instead of rating each prediction individually, we’ll focus on the major industry trends and discuss how our forecasts align with them.

2024 has been a transformative year for Liminal as well. As a technology company offering market and competitive intelligence through our Link Platform, we’ve empowered businesses with actionable insights to navigate these trends. Let’s explore the major takeaways from 2024 and how our predictions fared.

2024 Reflections in Digital Identity The Big Picture: 2024 Reflections in Digital Identity

The cybersecurity and digital identity space continued to experience rapid growth, innovation, and regulatory scrutiny in 2024. Key trends included:

Trust & Safety Become Core to Platform Integrity: Social media platforms prioritized Trust & Safety initiatives, with age assurance and age verification emerging as critical capabilities to address regulatory pressures, user demands, and platform integrity. Convergence of Identity and Cybersecurity: The increasing sophistication of identity-based threats and deepfakes drove the convergence of cybersecurity and identity solutions, with advancements in frameworks, content provenance, and fraud prevention capabilities leading the way. Evolving Regulatory Landscapes: Global regulations targeting AI privacy, age assurance, and data usage placed organizations under greater scrutiny, requiring them to balance compliance, innovation, and ethical practices to maintain market credibility. Market Consolidation and Innovation: Strategic acquisitions and private equity investments reshaped the identity and fraud markets, with adjacent players like Visa, Experian, and Mastercard driving innovation, while identity-first vendors expanded their market influence. The Continued Struggle for Reusable Identity Adoption. Despite the promise of reusable identity networks, slow consumer uptake and market pivots highlight ongoing challenges in achieving scalability and trust for widespread adoption.

These trends underscored the market’s complexity and opportunity, shaping the decisions of buyers, providers, and investors alike.

“2024 marked a pivotal year in the fight for digital trust. Breakthroughs in age assurance, AI-driven deepfake detection, and passkeys laid the foundation for a safer, more authentic online ecosystem. At Liminal, we turned complexity into clarity—empowering businesses to navigate these shifts with confidence and shape the strategies that protect integrity in the digital age.”
– Jennie Berry, Liminal

Revisiting Our 2024 Predictions

Our 2024 predictions, which drew on the collective expertise of the Liminal team, anticipated many of these developments. Here’s how they aligned with the year’s major trends:

Age Assurance as a Core Pillar for Trust & Safety Convergence of Identity and Cybersecurity Market Consolidation Regulatory Shifts Continued Struggle for Reusable Identity Adoption 1. Age Assurance as a Core Pillar for Trust & Safety

Our prediction that major social media platforms would initiate voluntary age verification has proven mostly correct, as platforms like Meta and Snapchat have taken significant steps to enhance age assurance measures, including testing tools such as biometric-based age estimation and document verification to comply with growing regulatory pressures. According to Liminal’s 2024 B2B survey of age assurance practitioners, in regulated sectors, age verification coverage is expected to grow from 60% to 66%, while unregulated industries are moving faster, with adoption rising from 64% to 73% in the next year. This shift reflects the growing recognition of age assurance as essential for Trust & Safety, even outside traditionally regulated areas. 

While we anticipated a blow to state-level regulations in the U.S., the outcome has been mixed. We use Link’s Market Monitor to anticipate actionable impacts of proposed legislation, and although the Supreme Court has yet to rule on this issue decisively, recent developments—such as Florida’s new HB 3 bill mandating parental consent for minors under 14 to access social media —demonstrate states’ continued attempts to impose online protections. Internationally, Australia introduced the world-first legislation in its Online Safety Act, which bans children younger than 16 from platforms including X, Instagram, Facebook, and TikTok. 

Age Assurance has emerged as a core focus of our coverage and research this year, driven by its critical role in Trust & Safety initiatives across digital platforms. Throughout the year, we’ve closely tracked market sentiment through buyer surveys, which highlight the growing demand for solutions that balance regulatory compliance, user experience, and platform integrity. The gap between understanding and effectively implementing age assurance regulations presents a significant challenge for businesses, with confusion around the scope of specific regulations being a major issue. 46% of practitioners incorrectly identify the Children’s Internet Protection Act (CIPA) – which primarily applies to schools and libraries – as one of the top regulations impacting businesses. Our Link Use Case Explorer includes an analysis of product capabilities and technical features, including a detailed view of how solutions are evolving to meet the stringent requirements of this use case, such as biometric age estimation, data enrichment, and parental consent tools. At the same time, we’ve identified key technology gaps—particularly in accuracy and user experience—that remain opportunities for innovation. By mapping the capabilities of emerging technologies to real-world buyer needs, we’ve gained a clear view of how the market is maturing to address the complexities of age assurance, setting the stage for future advancements that ensure safer digital environments for all users.

2. Convergence of Identity and Cybersecurity

Our predictions regarding the convergence of digital identity and cybersecurity were largely correct, with developments across deepfake mitigation, bot detection, and authentication. 

Deepfakes are more prevalent today than ever before due to a combination of technological advancements and increased accessibility to AI-powered tools. The proliferation of generative AI models, such as GANs (Generative Adversarial Networks) and large language models, has enabled the creation of hyper-realistic audio, video, and image content with minimal expertise or resources. The rapid spread of misinformation on social platforms and the rise of identity-based attacks, such as impersonation fraud and synthetic identities, have made deepfakes an increasingly potent tool for bad actors targeting individuals, organizations, and even nation-states. Solutions that integrate identity verification tools—such as biometric authentication, liveness detection, and digital watermarking—combined with cybersecurity techniques like content provenance, anomaly detection, and cryptographic hashing are essential to detect and authenticate the origin and integrity of digital media. Based on survey data conducted in Liminal’s 2024 Seminar Research Report: The Market for Identity Authorization Networks, 88% of financial services institutions expect GenAI fraud and deepfakes to grow substantially over the next two years. New frameworks and consortiums have emerged to combat deepfakes, and in the Solution Segment for User-Generated Content Moderation within our Liminal Landscape, we are tracking the Content Authenticity Initiative and Coalition for Content Provenance and Authenticity (C2PA), which have made progress in establishing technical standards for identifying manipulated media.

Midjourney Image Generations Over Time – Liminal’s 2024 Seminar Research Report: The Market for Identity Authorization Networks

Our prediction that Chrome’s third-party cookie deprecation would drive demand for bot detection was incorrect, as Google has decided not to phase out third-party cookies. However, as companies shift toward first-party ad strategies, there remains a heightened requirement to ensure that all website impressions are legitimate. The growing reliance on first-party data amplifies the need for identity-centric approaches to cybersecurity, particularly in bot detection. Automated threats like ad fraud, fake traffic, and click bots can severely undermine the accuracy and value of first-party strategies, impacting advertising ROI and business performance. Organizations are adopting advanced solutions such as behavioral analytics, device fingerprinting, and real-time anomaly detection to differentiate between genuine users and malicious bots to combat this. By ensuring the legitimacy of website impressions, businesses protect their advertising investments and reinforce trust and data integrity in an increasingly privacy-driven digital landscape.

Finally, while passkeys have gained traction, particularly with big tech players like Google and Apple, our prediction remains correct that they remain largely secondary authentication methods rather than primary solutions, as adoption faces challenges in user behavior and enterprise readiness. Passkeys are a form of passwordless authentication that leverages public key cryptography to verify a user’s identity without requiring a traditional password. According to Liminal’s 2024 B2B surveys of authentication practitioners, despite nearly 100% of businesses that have yet to adopt passkeys expressing a willingness to transition to them, only about a third are expecting to do so in the next two years. Our ongoing research on a passwordless future highlights the critical role that CISOs and IT leaders can play in promoting the internal adoption of passkeys within the workforce. We hypothesize that workforce adoption can catalyze widespread customer deployments by proving their effectiveness, ease of use, and security benefits in real-world environments. This workforce-first approach enhances identity-centric cybersecurity by removing the vulnerabilities associated with passwords and helps organizations build trust and familiarity with passkey solutions.

Buyer Barriers to Passwordless Implementation – Liminal’s Q2 2024 Investment Trends Report

3. Market Consolidation

Our predictions around market consolidation were partially correct, with significant activity but slightly different dynamics than anticipated. While at least two publicly traded identity companies did choose to go private—such as Proofpoint’s acquisition by Thoma Bravo and ZeroFox’s buyout by Haveli Investments—the broader trend focused on strategic acquisitions.

Key deals like Visa’s acquisition of Featurespace and Experian’s acquisition of NeuroID and ClearSale highlight how financial giants integrate advanced fraud prevention and behavioral analytics capabilities into their platforms. Mastercard’s acquisition of Recorded Future also points to a growing appetite for cybersecurity and identity intelligence convergence. We also saw Entrust’s acquisition of Onfido for up to $600M, despite prior speculation to IPO over $1B. 

However, our expectation that Okta and Ping would aggressively expand into identity verification and fraud prevention—particularly at account opening—was only partially realized. While both expanded capabilities, their focus remained on core IAM/CIAM, leaving traditional identity verification players like Socure, Prove, and others to capture significant market share in fraud prevention and onboarding solutions. The acquisitions and private equity activity seen this year reaffirm that the market is consolidating, but the momentum is being driven by adjacent entrants and strategic investors looking to integrate identity and fraud solutions into larger ecosystems rather than large-scale mergers within the digital identity space.

Market Consolidation – Exit deal volume and size – Liminal’s Q3 2024 Investment Trends Report

4. Regulatory Shifts

Our predictions regarding regulatory shifts were only somewhat correct, particularly in relation to generative AI and its impact on privacy and data advantage. As generative AI adoption surged, organizations faced increasing privacy concerns and regulatory scrutiny. For instance, the EU’s AI Act introduced strict guidelines around data usage, transparency, and accountability in generative AI systems, while jurisdictions like California pushed forward tech regulations to safeguard personal data from misuse in AI training models. 

Simultaneously, companies struggling to articulate their unique data advantage in the generative AI space encountered notable market criticism. This was particularly evident with firms unable to differentiate their AI solutions from competitors or justify the quality of their proprietary datasets, leading to investor skepticism and concerns about overinflated claims. These developments reaffirm that regulatory shifts are driving organizations to strike a balance between AI-driven innovation, privacy protections, and transparency, with a clear data advantage increasingly serving as a competitive differentiator.

5. Continued Struggle for Reusable Identity Adoption

Unfortunately, our prediction that reusable identity networks would not gain consumer adoption in 2024 was correct, as significant hurdles around scalability, trust, and consumer behavior persisted. Notably, Mastercard has lost momentum with its ID Network, reflecting the challenges even well-funded, globally recognized players face in driving the adoption of reusable digital identities. Sovrin, a pioneer in self-sovereign identity, is preparing to deprecate its MainNet ledger by April of this year, signaling technological hurdles and a marked reduction in transaction activity. Trinsic, a startup that sought to enable decentralized identity solutions, shifted its focus away from its original vision, citing slow market readiness and unclear demand. These developments underscore the difficulty of achieving network effects, interoperability, and end-user trust required for reusable identity solutions to thrive. While reusable identity networks continue to show promise, particularly in niche ecosystems or regulated environments, the broader market remains hesitant, and adoption struggles have reinforced the need for clearer value propositions, regulatory support, and incentives to drive consumer engagement.

Liminal’s Role in 2024: Turning Complexity into Clarity with Actionable Market and Competitive Intelligence

2024 marked Liminal’s full transformation into a technology company, with our Link Platform at the center of our offerings. Combining human expertise with AI-driven insights provided actionable market and competitive intelligence to practitioners, solution providers, and investors looking for technologies that identify and protect their customers and businesses. Key highlights of our impact include:

Driving Strategic Decisions: Our platform enabled clients to anticipate market shifts and capitalize on emerging trends. Enabling Growth and Compliance: By leveraging Liminal’s research, businesses implemented scalable solutions that balanced innovation with regulatory adherence. Building Connections: The Link Platform created a centralized place for buyers and providers to connect, fostering collaboration and unlocking new opportunities.

Liminal remains committed to delivering actionable future intelligence as we move forward, helping our clients stay ahead in an ever-evolving market. Watch out for some bold moves we’re about to make to give our customers an unfair competitive advantage. 

As we reflect on the past year, we’re also looking ahead to 2025. Our upcoming blog will explore the predictions shaping the digital identity landscape for the next year, offering a forward-looking perspective grounded in the events and signals we continue to monitor. Together, we can unlock new opportunities and drive meaningful impact in the digital identity space.

Discover how the Link Platform can help you stay ahead of market trends. Learn More or Sign-Up for a Free Account.

Subscribe to our newsletter to stay current on research, events and the latest product updates.

The post 2024 Reflections: Major Trends and How Our Predictions Stood the Test of Time appeared first on Liminal.co.

Dec 30, 2024 — Jan 6, 2025

As we kick off 2025, here’s everything you need to know about Ontology’s latest developments, the growing influence of decentralized identity, and our plans for the future.

Highlights from Ontology Network 🌐 🎤 Exclusive: Geoff’s Chat with Santa

This holiday season, we brought some blockchain magic to the North Pole! In a lighthearted and insightful conversation, Geoff sat down with Santa to talk about decentralization, self-sovereign identity, and how blockchain could streamline gift deliveries.

💸 Get $ONT in ChangeNOW Wallet

Managing your ONT tokens just got easier! Now you can secure $ONT directly in the ChangeNOW wallet, simplifying your transactions and opening new doors to Ontology’s ecosystem.

🏆 Zealy Winners Announced!

Our Zealy winners have been revealed! Check your wallet — you might just find your well-deserved rewards waiting for you. Congratulations to everyone who participated in making this campaign a success!

This Week in Decentralized Identity Redefining Digital Identity in a Decentralized World

A recent report sheds light on the limitations of centralized identity systems. These legacy approaches often struggle with security, scalability, and privacy in today’s digital era. Enter Distributed Identities, which leverage technologies like network segmentation, zero trust principles, and dynamic user access controls to deliver a future-ready identity management framework.

Web3: The Key to Digital Rights and Privacy in 2025

Web3 and blockchain are redefining privacy and data ownership. Edison Chen, CEO of CUDIS, a Web3 health and wellness company, highlights how decentralized identity solutions empower users to take control of their data — and even monetize it. This shift from corporate-owned data to individual autonomy is a cornerstone of the Web3 revolution.

Historically, big companies have controlled user data, often monetizing it without consent. That’s changing. People now want to own their data and decide how it’s shared and monetized.

Updates from the Decentralized Identity Foundation (DIF)

The Decentralized Identity Foundation (DIF) has launched DIF Labs, a forward-looking initiative to advance the development and scalability of decentralized identity solutions. This reinforces DIF’s mission to drive innovation and reshape digital identity on a global scale.

These updates emphasize the rapid progress in the decentralized identity space, pushing boundaries and empowering individuals with privacy-first solutions.

Community Updates 🌍 Engagement and Growth

With the holiday season in full swing, we paused our weekly discussions to let everyone enjoy time with family and friends. Wishing you all a wonderful start to the new year — thank you for making 2024 an unforgettable chapter in our journey!

Stay Connected 📱

Stay engaged and informed by following us on our social media channels. Your participation is essential as we continue to build a more secure and inclusive digital world together.

Follow us: Ontology website / ONTO website / OWallet (GitHub) / Twitter / Reddit / Facebook / LinkedIn / YouTube / NaverBlog / Forklog / Telegram / Announcement / Telegram English / GitHub / Discord

Your participation is essential as we build a more secure, inclusive, and decentralized digital world. Together, let’s continue making strides in Web3 and decentralized identity.

Ontology Network Weekly Update was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.

For many years, traditional passwords were the backbone of online security, but they are now seen as outdated and vulnerable. With data breaches on the rise and the demand for secure logins growing, organizations are turning to advanced authentication methods.

 

This article will explore the differences between multi-factor authentication (MFA) and passwordless authentication, examining how each method enhances security, user experience, costs, and more.

The post Everybody Works in TPRM: The Multi-Billion Dollar Industry Lacking a True Organizational Champion appeared first on Liminal.co.

The post If It Is Broken, Fix It: A Deep-Dive into TPRM Due Diligence appeared first on Liminal.co.

Learn more about IDnow’s latest collaborative project, ACHILLES, which sets out to revolutionize the development and use of AI throughout Europe.

In a world where artificial intelligence is becoming increasingly integrated into our daily lives, the importance of having access to transparent, robust and sustainable AI increases.

Inspired by the legend of the mythological warrior, the ACHILLES project aims to tackle the traditional limitations and weaknesses of AI, which are typically considered to be efficiency and trust.

With funding of over €8 million from Horizon Europe, and collaboration between 16 partners including IDnow, ACHILLES will run for a four year period (2024-2028) and focus on four areas:

People: Promoting ethical, transparent and explainable AI.

Data: Reducing the use of real data through the use of synthetic alternatives.

AI models: Optimizing efficiency and guaranteeing fairness.

Deployment: Ensuring sustainable, regulatory-compliant implementation.

With ACHILLES, we want to put people at the heart of AI innovation. Our aim is to ensure that every technology not only performs well, but is also transparent and ethical, to inspire trust in the long term.

André Carreiro, Project Coordinator and Researcher at Fraunhofer AICOS (Portugal).

The 6 objectives of the ACHILLES project. Identify ethical and legal frameworks in order to design AI systems that are based on human values. Create frameworks to guarantee high quality, diverse and representative data for AI use. Protect consumer privacy when using data and models in machine learning. Optimize AI model training and deployment processes to reduce energy and IT costs. Enable the development of robust and transparent algorithms. Offer researchers and developers an integrated development environment based on machine learning to facilitate efficient, regulatory-compliant and trustworthy AI. What sectors is ACHILLES focused on?

The ACHILLES project will focus on creating multiple use cases across various industries, including healthcare by optimizing models to provide faster and more reliable diagnostics, and identity verification by developing more secure, privacy-friendly solutions. By ensuring compliance with regulations, ACHILLES will also offer use cases as far and wide as content creation and pharmaceutical development.

Plus, by aligning with the ethical standards of the European Union, ACHILLES demonstrates that innovation and responsibility can, in fact, coexist to create trusted AI. The ACHILLES project is split into three major milestones.

Year 1 (2024-2025): Define use cases and specifications, start of technical developments.

Year 2 (2025-2026): Continue technical developments, assessment of project use cases.

Years 3 and 4 (2026-2028): Implement and evaluate the efficacy of ACHILLES solutions on project use cases.

IDnow’s role in the ACHILLES project.

As a leader in the European identity verification market, IDnow’s chief role in the project is to provide identity verification expertise and work to maximize the efficiency of datasets that comply with privacy standards, including GDPR. This includes:  

Creating synthetic data that is representative of real data.   Optimizing data annotation to minimize human resources and guarantee reliable results.   Renewing datasets without affecting model performance.  

Throughout the project IDnow will be evaluating ACHILLES innovations on real-life use cases linked to identity verification. These tests will enable us to improve the robustness of our algorithms and propose more reliable, secure and privacy-friendly solutions.

Thanks to the ACHILLES project, we hope not only to improve the quality and robustness of our algorithms, but also to reduce dependence on real data. This represents a major step toward more sustainable and regulatory-compliant AI.

Montaser Awal, Director of Research at IDnow.

The ACHILLES project marks a decisive step in the development of sustainable, human-centered AI. With its multidisciplinary approach and rigorous framework, it promises to lay the foundations for a more transparent and safer artificial intelligence that meets the needs of tomorrow. Stay tuned: the first results will be available in 2026!  

Find out more about our other research projects, including Soteria, which investigated the feasibility of balancing digital security with user privacy.

By

Mallaury Marie
Content Manager at IDnow
Connect with Mallaury on LinkedIn

The post From Insight to Action: Enhancing Actionable Outcomes in Third-Party Risk Management appeared first on Liminal.co.

As we step into 2025, it’s the perfect time to reflect on the incredible journey we shared in 2024. This year has been a testament to Safle’s commitment to innovation, strategic partnerships, and empowering our community. Thank you for being an integral part of our mission to shape the future of Web3.

💰Funding Milestone

In 2024, SAFLE successfully secured private funding from investors based in the Republic of Ireland through equity sales, achieving a combined valuation of $77 million USD. This financial backing will accelerate SAFLE’s expansion plans for 2025.

👉 Know More!

🏦LBank Listing

We celebrated our debut centralized exchange (CEX) listing on LBank, bringing greater accessibility and liquidity to $SAFLE.

👉Know More!

🌐Safle at India Blockchain Week 2024

Hosted 3 events VC’s Afterhours, Founder’s Afterhours and BTC 100K Afterparty

🤝Safle at Devcon SEA and Token2049 Singapore

Safle had the privilege of attending Devcon SEA and Token49 Singapore, where we connected with global Web3 innovators, showcased our cutting-edge wallet solutions, and explored collaborative opportunities. These events reinforced our commitment to keep building and deliver next-gen solutions for the community.

⚙️Product Updates Safle Wallet Enhancements

⛓️New Chains Integrated: Now supporting Polygon zkEVM, Base, Avalanche, Solana, Rootstock, BEVM, opBNB, Ronin, Sei, Skale (Nebula), and Immutable zkEVM.

🤝WalletConnect Support: Seamlessly link Safle Wallet with any dApp.

☮️Decentralized Onboarding: No emails required! Onboard securely with Safle ID.

🌐In-App dApp Browser: Simplified dApp interactions within the wallet.

🔁Cross-Chain Swaps: Effortlessly swap assets across blockchain networks in one platform.

📱Mobile App Revamp: Light/dark mode toggle and a refreshed UI for a sleek user experience.

Safle Lens v1.0 Launched

Safle Lens, our view-only crypto portfolio tracker, now supports 12+ EVM chains, enabling real-time analytics for tokens, NFTs, and transactions.

👉See Announcement

Key Features:

🔎Comprehensive Insights: Track tokens, NFTs, and transaction history without logging in.

🤖Safle AI Integration: Token-specific queries and blockchain insights powered by AI.

🚨Spam Detection: Automatic filtering of suspicious tokens for enhanced security.

📜NFT Overview: Real-time collection tracking across EVM chains.

📃Detailed Analytics: Portfolio health metrics and transaction history.

🤝Strategic Partnerships The Binary Holdings

Safle is excited to announce a strategic investment from The Binary Holdings, positioning Safle as the default wallet for 169 million users across Southeast Asia. This partnership combines Safle’s multichain wallet with The Binary’s enterprise reach to drive mass Web3 adoption and bridge traditional and digital economies.

Zokyo

Safle partnered with Zokyo.io for robust security audits, ensuring top-notch infrastructure protection.

Moralis

Integration with Moralis.io enables automatic data detection across EVM chains, elevating asset management.

Rootstock

Send, Receive tokens and access dApps on Rootstock natively via SafleID, as safleID now supports Rootstock chain!

Other Partnerships

Coin Liquidity Crypto Oasis BEVM QuickSwap 🎉 Community Engagement & Growth

Our community growth has been phenomenal in 2024:

Telegram: +134% X (formerly Twitter): +49% Discord: +2400% Galxe Campaign

Thanks to our vibrant community for making the Galxe campaign a success! Participants enjoyed rewards by downloading the Safle Wallet and creating a SafleID.

Engagement Activities

We introduced quizzes, polls, and puzzles to foster community interaction, yielding impressive participation rates and bolstering long-term retention.

🎁 Grants Spotlight

We’re excited to support grantees like Innoteg and Tokenscapes with $5,000 worth of SafleID registrations. These grants enable seamless integration of SafleID into their platforms, advancing digital identity solutions within the gaming and Web3 industries.

🎮 Safle ID for Web3 Gaming

We’re reimagining Safle ID with a focus on gaming. SafleID offers seamless digital identity integration for Web3 games, creating new avenues for innovation.

👉Know More!

📚 Documentation & Resources

Explore our newly launched product documentation:

👉 SafleID

👉 Safle Vault

👉 Safle Wallet

Thank you for supporting Safle’s mission to build the future of Web3! Here’s to more innovation and growth in 2025.

Stay Connected

The post Why Are Anti-Money Laundering Services Essential for Your Business Growth? appeared first on uqudo.

Celebrating Emirates’ First A350-900 Flying with Thales’ AVANT Up Inflight Entertainment System Anonymous (not verified) Fri, 01/03/2025 - 12:29 Emirates Airlines first Airbus A350-900 takes flight with the next-generation version of ice inflight entertainment (IFE) system powered by Thales’s AVANT Up, the first in a fleet of 65 new aircraft. The system features the best picture quality on any aircraft with stunning 4K HDR ultra-responsive touchscreens for seamless navigation, along with 60W USB-C fast charging for customer devices, and the ability to simultaneously pair two Bluetooth connections. The Emirates A350 will introduce a next-generation version of the ‘ice’ IFE system with a suite of groundbreaking features enabled by Thales technologies designed to enhance the customer experience.

Together, Thales and Emirates celebrate the entry into service of the Airline’s first A350-900 aircraft with a flight from Dubai to Edinburgh (Scotland) on January 3, 2025. The aircraft is equipped with Thales’s state-of-the-art AVANT Up inflight entertainment system. Ushering in a new era of inflight entertainment, Emirates has introduced on the A350 the next-generation of the ‘ice’ IFE system with a suite of groundbreaking innovations enabled by Thales technologies designed to enhance the flying experience. The system features over 30 new features with many more to come over the coming months.

Thales’ 4K QLED HDR displays offer a cinematic experience, with the best picture quality on any aircraft and ultra-responsive touchscreens for seamless navigation across ‘ice’ vast catalog of entertainment. The display features two Bluetooth connections for passengers to pair multiple devices and built-in Wi-Fi. The system is equipped with Thales’ award-winning power management solution that supports up to 60W of in-screen charging capacity, ensuring passengers arrive at their destination fully charged.

Unique passenger experiences at every seat

AVANT Up provides a wide range of digital services and applications enabling Emirates to uniquely configure and continually elevate services onboard to tailor a personalized experience for every passenger. Passengers will be able to login at the seat, save preferences, and continue watching their favorites. The IFE system will also be able to curate recommendations based on watch history, share personalized connecting gate information, and much more.

Flying first on Emirates A350

Passengers traveling on the new A350 aircraft will enjoy industry-first event-based live TV with “happening now” content such as sports, news and special events. The system also features a unique Digital Video Recording capability that redefines entertainment in the sky. Beyond live TV, passengers will be able to binge on iceMoments, a new way to enjoy content in a short video format. Using Emirates’ ‘ice’ user interface, passengers can access the smart search engine, a navigation bar with play controls and settings, and a unique pictoral user interface (UI) for kids.

Accessible travel for all

Together, Emirates and Thales introduce an award-winning UI for passengers with vision assistance needs. The UI supports audio-cue navigation assistance, voice metadata feedback, touch and swipe gesture controls, and a large selection of audio-descriptive content to create a more inclusive and accessible travel experience for all.

"Thales is honoured to celebrate alongside Emirates the airline’s first A350 taking flight. We are excited for Emirates passengers to experience the next-generation of in-flight entertainment on ice powered by AVANT Up,” said Niels Steenstrup, Chief Executive Officer, Thales InFlyt Experience. “We are proud to partner with Emirates in their mission to fly better. Together, we accelerate the future of IFE to constantly elevate the benchmark of inflight experience.”

/sites/default/files/prezly/images/EmiratesA350_1.png Documents [Prezly] Celebrating Emirates’ First A350-900 Flying with Thales’ AVANT Up Inflight Entertainment System.pdf Contacts Cédric Leurquin 03 Jan 2025 Type Press release Structure Aerospace United Kingdom United Arab Emirates Together, Thales and Emirates celebrate the entry into service of the Airline’s first A350-900 aircraft with a flight from Dubai to Edinburgh (Scotland) on January 3, 2025. The aircraft is equipped with Thales’s state-of-the-art AVANT Up inflight entertainment system. Ushering in a new era of inflight entertainment, Emirates has introduced on the A350 the next-generation of the ‘ice’ IFE system with a suite of groundbreaking innovations enabled by Thales technologies designed to enhance the flying experience. The system features over 30 new features with many more to come over the coming months. prezly_715985_thumbnail.jpg Hide from search engines Off Prezly ID 715985 Prezly UUID 9e4f30e7-d8df-42de-a6f5-1548e77b999d Prezly url https://thales-group.prezly.com/celebrating-emirates-first-a350-900-flying-with-thales-avant-up-inflight-entertainment-system Fri, 01/03/2025 - 13:32 Don’t overwrite with Prezly data Off

Dear Community,

As we conclude the second half of 2024, we want to look back and share Metadium’s journey with you. Metadium has maintained continuous growth and innovation thanks to your unwavering interest and participation. Through this report, we would like to share the major achievements and developments from the year’s second half.

Summary

The fourth quarter of 2024 saw a total of 1,726,792 transactions, and 67,607 DID wallets created. 2025–27 Circulation Disclosure and Distribution Plan has been announced. The Metadium governance Contract has been updated. A year-end event for the community has been hosted.

Technology

Q4 Monthly Transactions

During the fourth quarter of 2024, there were a total of 1,726,792 transactions, and 67,607 DID wallets (as of December 31).

Governance Update

To provide a safer and more reliable blockchain environment, the Metadium Governance Contract has been updated.

For more details, check here.

Supply Plan

We have announced a new circulation plan for 2025–2027. The annual circulation will be appropriately distributed among Miner rewards, maintenance, ecosystem activation, and foundation operating expenses to maintain a balanced ecosystem.

For more details, please check here.

Year-End Quiz Event

We conducted a year-end quiz event to give back to our community for the love we received throughout the year.

For more details, please check here.

As we wrap up the year, we extend our heartfelt gratitude to everyone who has been part of Metadium’s journey. We will continue to build a more robust and reliable blockchain ecosystem based on transparency and innovation. Your opinions and feedback are our greatest driving force; we will continue growing with you.

안녕하세요, 메타디움 팀입니다.

2024년 하반기를 마무리하며, 메타디움의 발자취를 돌아보고 함께 나누고자 합니다. 여러분의 변함없는 관심과 참여 덕분에 메타디움은 지속적인 성장과 혁신을 이어갈 수 있었습니다. 이번 리포트를 통해 하반기의 주요 성과와 발전 사항을 상세히 공유드립니다.

요약

2024년 10월부터 12월 간 총 1,726,792 건의 트랜잭션과 67,607 개의 DID 월렛이 생성되었습니다. 2025년- 2027년 유통량 공시 및 배분 계획을 발표했습니다. 보다 안전하고 신뢰할 수 있는 블록체인 환경을 제공하기 위해 메타디움 거버넌스 컨트랙트의 업데이트를 진행했습니다. 커뮤니티 활성화를 위해 2024년 연말 퀴즈 이벤트를 진행했습니다.

기술 업데이트

Q2 월간 트랜잭션

2024년 10월부터 12월 간 총 1,726,792 건의 트랜잭션과 67,607 개의 DID 월렛이 생성되었습니다.

거버넌스 컨트랙트 업데이트 진행

보다 안전하고 신뢰할 수 있는 블록체인 환경을 제공하기 위해 메타디움 거버넌스 컨트랙트의 업데이트가 진행되었습니다. 이번 업데이트는 거버넌스 투표가 완료된 후 적용되었으며, 주요 내용은 다음과 같습니다.

2025–2027년 유통량 공시 및 배분 계획 발표

2025년부터 2027년까지의 새로운 유통량 계획을 발표했습니다. 각 연도별 유통량은 Miner 보상, 유지보수, 생태계 활성화, 재단 운영비에 적절히 분배될 예정이고 이는 균형 있는 생태계를 유지하기 위한 계획입니다.

자세한 내용은 여기를 확인해보세요.

연말 퀴즈 이벤트 진행

메타디움이 한해동안 받은 사랑을 돌려드리기 위해 연말 퀴즈 이벤트를 진행했습니다.

자세한 내용은 여기를 확인해보세요.

한 해를 마무리하며, 메타디움과 함께해 주신 모든 분들께 진심 어린 감사의 마음을 전합니다. 우리는 앞으로도 투명성과 혁신을 바탕으로, 더욱 견고하고 신뢰할 수 있는 블록체인 생태계를 구축해 나가겠습니다. 여러분의 의견과 피드백은 우리의 가장 큰 원동력이며, 앞으로도 여러분과 함께 성장하는 메타디움이 되도록 하겠습니다.

— 메타디움 팀

Website | https://metadium.com

Discord | https://discord.gg/ZnaCfYbXw2

Telegram(EN) | http://t.me/metadiumofficial

Twitter | https://twitter.com/MetadiumK

Medium | https://medium.com/metadium

Metadium 2024 H2 Activity Report was originally published in Metadium on Medium, where people are continuing the conversation by highlighting and responding to this story.

As technology expands across industries, device IDs have become a key tool in managing security, personalization, and digital interactions. These unique identifiers help distinguish individual devices, allowing businesses to better understand and secure their networks. 

 

In this article, we’ll explore the role of device IDs, why they matter, and how they’re used across various applications.

 

Use Case Exploration is essential for tackling complex market challenges. It requires more than data—it demands actionable insights powered by cutting-edge technology. Link Use Case Explorer equips B2B leaders with the tools to transform uncertainty into clarity. Here’s how to leverage our use case-driven framework and expert-in-the-loop AI to drive smarter decisions:

Here is the Step-by-Step Guide Step 1: Navigate Use Cases with Precision

Browse the Use Case Explorer to research our extensive collection of universes and domains.

Step 2: Select Domain & Use Case

Select your focus area within the Use Case Selector from eight solution domains:

First-party Fraud Third-party Fraud Age Assurance Platform Integrity Anti-money Laundering Identity and Access Management Data Security Third-party Risk Management Step 3: Learn from the experts

This brings you to the Use Case overview, which allows you to explore expert overview,  requirements, solution steps, product capabilities, and technical features to align solutions with buyer needs.

Overview: Why solutions matter as well as current market demand factors. Requirements: What buyers need to solve their challenges. Solution Steps: High-level process flows to address use cases. Product Capabilities: Features that meet buyer needs according to our proprietary buyer survey data. Step 4: Compare products & benchmarks

Click on the Product tab to explore a comprehensive list of products that can help solve core use case requirements.

Explore in-depth descriptions, covered use cases, battle cards, and geographic coverage to help identify the right solution. In the final tab, explore a library of comprehensive Liminal reports that cover the selected use case. Why It Works

Link Proprietary Data ensures comprehensive coverage of products, companies, and capabilities, allowing you to explore every dimension of a use case.

Expert-in-the-loop network ensures use cases evolve with market needs, combining machine-driven analysis with human validation. With Link, you’re not just reacting to change—you’re leading it.

Ready to transform your market strategy?

Explore Link Use Case Explorer today or schedule a demo to see it in action!

The post How to Solve Market Challenges with Use Case Exploration in Link appeared first on Liminal.co.

Predictoor DF122 rewards available. DF123 runs Jan 2— Jan 9th, 2024 1. Overview

Data Farming (DF) is Ocean’s incentives program. In DF, you can earn OCEAN rewards by making predictions via Ocean Predictoor.

Data Farming Round 122 (DF122) has completed.

DF123 is live today, Jan 2. It concludes on January 9th. For this DF round, Predictoor DF has 37,500 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF123 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF123

Budget. Predictoor DF: 37.5K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and Predictoor

Ocean was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF122 Completes and DF123 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

We’re all accustomed to using SMS (short message service) verification when we sign on to our mobile apps and services. This method is used to prove that you possess the device during an MFA (multi-factor authentication) experience. When you attempt to access an app, it texts you a code and asks you to provide that code to prove that you are who you claim to be. After providing the code, you immediately gain access.

 

SMS verification is extremely popular because most people are accustomed to it and know what to expect. However, this verification method can be vulnerable to SMS fraud, which could result in costly losses for your organization if you do not take the appropriate precautions. 

Native login with passkeys is now available, so let’s take a look at how to sign up and log in on Android using Auth0’s Native Login.

The blockchain industry entered 2024 amidst transformative shifts driven by regulatory pressures and technological advancements. Virtual Asset Service Providers (VASPs) faced escalating compliance demands, compelling them to navigate a delicate balance between operational efficiency and the preservation of user privacy. Shyft Network emerged as a leader in this evolving landscape, delivering innovative solutions that address the industry’s most pressing challenges without compromising its foundational values.

A Turning Point in Crypto Compliance

For VASPs worldwide, the Financial Action Task Force (FATF) Travel Rule remained a pressing challenge. Compliance historically demanded cumbersome manual processes, often at the expense of operational efficiency and user trust. These outdated methods left exchanges and their customers exposed to potential breaches while struggling to meet evolving regulatory expectations.

Shyft Network addressed these issues head-on. In January, the company introduced its groundbreaking User Signing feature to the Veriscope Travel Rule solution. This innovation enabled VASPs to cryptographically verify wallet ownership while safeguarding user data. The technical leap bridged the gap between regulatory demands and the crypto community’s core values.

From Vision to Real-World Impact: Strategic Partnerships

The adoption of Shyft’s solutions spread rapidly across the industry. India’s burgeoning crypto market, navigating its own regulatory maze, became an early proving ground.

Giottus, one of the country’s leading exchanges, replaced manual verification processes with Veriscope’s automated system. Similarly, OmniEX, a prominent over-the-counter (OTC) desk, integrated Veriscope and User Signing to streamline operations for institutional clients.

OnMeta further showcased Veriscope’s adaptability by enabling seamless payment services for digital assets, while Mudrex exemplified how emerging platforms could build compliance infrastructure without sacrificing user experience.

Shyft Network’s collaborative efforts in 2024 extended to influential industry players. Chipper Cash, a platform enabling free cross-border payments and financial services for Africans, integrated Shyft’s Veriscope and User Signing solutions to comply with the FATF Travel Rule. This partnership underscored the potential for blockchain-powered compliance tools to support inclusive financial ecosystems.

These collaborations highlight Shyft’s impact in driving both technological and regulatory advancements globally, setting a benchmark for the industry’s future direction.

Advancing Technology for a Private Future

Beyond compliance, 2024 saw Shyft Network’s research arm also become a beacon of industry insight. In addition to the Veriscope Regulation bi-weekly newsletter, the Shyft Perspectives profound analysis of critical issues:

Global Crypto Regulatory Outlook for 2024: A detailed analysis of worldwide trends, including the European Union’s Transfer of Funds Regulation and developments in AML/KYC standards. L2 Solutions and Scalability: Exploring solutions to the blockchain trilemma, with insights into advancements and future prospects in Layer 2 technology. The Role of Zero-Knowledge (ZK) Protocols: Examining why ZK matters for blockchain’s future, emphasizing privacy, scalability, and anticipated innovations.

Guides like the “User Signing Guide,” “EU Transfer of Funds Regulation Overview,” and “Global Crypto Regulatory Outlook 2024” provided actionable insights for VASPs navigating these challenges. Explore these resources and insights at Shyft Publications and Shyft Newsroom.

A Culture of Education and Collaboration

Shyft Network complemented its technological advances with three major educational campaigns. The first focused on the implications of the Transfer of Funds Regulation, fostering dialogue and practical solutions among industry leaders. The second campaign centered around User Signing, exploring its implementation strategies and benefits for VASPs. Lastly, their in-depth report on Zero-Knowledge (ZK) protocols highlighted the critical role of privacy-preserving technology in the blockchain ecosystem.

The Road Ahead

As digital asset markets mature, the balance between regulatory compliance and privacy preservation will remain paramount. Shyft Network’s achievements in 2024 illustrate that these goals are not mutually exclusive. By delivering tools that prioritize privacy without compromising compliance, Shyft has proved that these two are complimenting rather than contradicting.

“It’s about maintaining crypto’s core values while meeting our obligations,” remarked one exchange operator. The sentiment underscores a broader shift: privacy-preserving compliance is no longer a lofty ideal but an attainable reality.

With regulatory landscapes evolving, challenges persist. However, Shyft Network’s 2024 innovations provide a blueprint for how crypto businesses can thrive without abandoning their foundational principles. By combining blockchain as the backbone of technology with cryptocurrency as the transactional fuel, Shyft illuminates a promising path forward.

About Shyft Network

Shyft Network powers trust on the blockchain and economies of trust. It is a public protocol designed to drive data discoverability and compliance into blockchain while preserving privacy and sovereignty. SHFT is its native token and fuel of the network.

Shyft Network facilitates the transfer of verifiable data between centralized and decentralized ecosystems. It sets the highest crypto compliance standard and provides the only frictionless Crypto Travel Rule compliance solution while protecting user data.

Visit our website to read more, and follow us on X (Formerly Twitter), GitHub, LinkedIn, Telegram, Medium, and YouTube. Sign up for our newsletter to keep up-to-date on all things privacy and compliance.

‍

Shyft Network’s 2024 Progress: Enabling Compliance, Protecting Privacy was originally published in Shyft Network on Medium, where people are continuing the conversation by highlighting and responding to this story.

As cyberattacks on the healthcare industry reach unprecedented levels, healthcare data security has become a critical focus for providers, payers, and regulators. Recent developments, such as New York's Healthcare Cybersecurity Mandate and proposed federal legislation, highlight the urgency to bolster defenses against cyber threats and digital security risks with the digitization of patient records and personal data. At the heart of this transformation is digital identity, which serves as a foundational pillar of modern healthcare data protection.

You have an app with SSO capabilities. What else can you do with Okta to transform it into an enterprise-ready powerhouse?

Today’s enterprises face critical identity management challenges that directly impact their operations; this includes:

Rapid business growth outpacing their current user management capabilities Scattered user accounts creating administrative chaos User management that doesn’t scale with company growth (access free-for-all to resources) Bottlenecks in user provisioning slowing down productivity (i.e., manual provisioning)

and more critically,

Security vulnerabilities from inconsistent user deprovisioning

This is where you come in as a partner. By integrating with Okta through SCIM (System for Cross-domain Identity Management), a standard for managing users, you can offer enterprise customers a solution that addresses these pain points.

Why System for Cross-domain Identity Management (SCIM) is your gateway to enterprise success

It facilitates:

Real-time user synchronization, which keeps customer organizations agile with instant updates as employees join, leave, or move within the company Automated lifecycle management, which eliminates manual processes with streamlined provisioning, updates, and de-provisioning Enhanced security controls, which give enterprises precise control over user access and permissions Standards-based integration, which leverages open Internet Engineering Task Force (IETF) protocols for reliable, interoperable, and consistent implementation Reduced operational complexity, which helps customers save on their identity management costs and overhead Accelerate your growth by joining the Okta Integration Network (OIN)

And once you have a SCIM-compliant integration with Okta, we invite you to Okta’s Integration Network (OIN). Here, you can unlock potential growth by tapping into Okta’s massive customer base of 18,000+ organizations, including leading companies and government institutions that rely on Okta as their identity security foundation. Furthermore, fast-track enterprise deals with your pre-built integration and reduces sales friction with verified enterprise-ready status. More importantly, you’ll be able to differentiate your offering with premium security features.

How to submit your SCIM integration to the Okta Integration Network (OIN)

Here is a video walkthrough on creating your SCIM provisioning instance for OIN testing and submission.

Prerequisites

Okta Developer Account Runscope test links (2): CRUD and SPEC tests Manual Okta SCIM integration tests Provisioning-enabled instance and confirmation

Lastly, you must have a publicly accessible SCIM server for Okta to send requests to. I used the SCIM server from this Enterprise Workshop on SCIM to demo the submission process.

Learn more about Secure Identity Integrations

For more resources, check out Okta’s Saas Security page and integrator help hub.

Enterprise workshop series on building a SCIM server and other integrations Posts in the on-demand workshop series 1. How to Get Going with the On-Demand SaaS Apps Workshops 2. Enterprise-Ready Workshop: Authenticate with OpenID Connect 3. Enterprise-Ready Workshop: Manage Users with SCIM 4. Enterprise Maturity Workshop: Terraform 5. Enterprise Maturity Workshop: Automate with no-code Okta Workflows 6. Enterprise-Ready Workshop: How to Instantly Sign a User Out Across All Your Apps Stay in touch!

Follow OktaDev on X and subscribe to our YouTube channel to learn about additional integrator resources as soon as they’re available. We also want to hear from you about topics you want to see and questions you may have. Leave us a comment below!

It’s been a big year for Bluesky! As 2024 draws to a close, I’m excited to take a look back at everything that’s happened in the past year.

Alongside users, creators, and the AT Protocol developer community, Bluesky has grown from an invite-only app with only 3 million people to a public app of over 25.9 million people. In the last month and a half, Bluesky has grown by over 13M people, with organizations reporting a 2-10x increase in the amount of engagement they receive.

Here’s a look back at some key milestones of this past year:

Opening Our Doors

Bluesky officially launched in just February of this year. When we opened the app to the public, we removed invites, which were a tool to help us grow the app sustainably and safely.

At launch, Bluesky had an early community of 3M people. One week later, over a million new users had signed up.

Implementing Federation

Just weeks after our public launch, we achieved a long-standing goal by implementing federation. This milestone represents our commitment to creating an open, interconnected social network that respects user choice. Users can now run their own personal data servers, and thousands have opted to use their own servers instead of Bluesky’s infrastructure.

Stackable Moderation

In March, we launched labelers, the first piece of our stackable moderation system that empowers users to take control of their experience. Additionally, we open-sourced Ozone, a collaborative moderation tool that enables independent organizations and people to more easily run their own moderation service.

More Big Features

In 2024, we also launched:

Hashtags: We added hashtags to make finding content easier. Direct Messages: In May, we launched DMs, creating new avenues for connection. Starter packs: In June, we launched starter packs, helping communities onboard to Bluesky more easily. Video Sharing: In September, we launched videos. Trending topics: In December, right around Christmas, we launched trending topics. Many Small Features

We also launched:

Account deactivation (June), Priority notifications (July), Self-moderation tools like detach quotes and hide reply (August), Pinned posts (October), and The thread composer (November). Looking forward to 2025

Building on this year's achievements, we're excited to introduce more features and improvements. Your feedback continues to shape Bluesky’s evolution, and we deeply appreciate the trust you've placed in Bluesky this year.

Here's an overview of OTP types and how they work

Predictoor DF121 rewards available. DF122 runs Dec 26 — Jan 2nd, 2024 1. Overview

Data Farming (DF) is Ocean’s incentives program. In DF, you can earn OCEAN rewards by making predictions via Ocean Predictoor.

Data Farming Round 121 (DF121) has completed.

DF122 is live today, Dec 26. It concludes on January 2nd. For this DF round, Predictoor DF has 37,500 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF122 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF122

Budget. Predictoor DF: 37.5K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and Predictoor

Ocean was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF121 Completes and DF122 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

Many applications utilize Auth0 in their login procedures. However, how do you deal with that in testing? Let's learn how to cover the default login process in test automation with Cypress.

In 2024, the anticipated collision between regulation and innovation gave way to an unprecedented collaboration. This year marked a turning point, where regulatory frameworks and technological advancements joined forces to prioritize privacy without compromising compliance.

The narrative of “regulation versus innovation” evolved into one of mutual reinforcement, with privacy emerging as the cornerstone of progress.

Privacy Innovation: The Cornerstone of 2024

The transformation began with a bold proposition: privacy technology can enhance regulatory compliance. Financial institutions and digital asset firms recognized that privacy-preserving tools not only safeguarded user data but also addressed regulators’ demands for transparency.

Consider the Travel Rule, once a daunting compliance challenge for exchanges. Innovative solutions redefined it, allowing platforms to share only the essential data required for oversight. This shift, driven by mathematical precision and technological ingenuity, highlighted the potential of privacy-centered compliance.

Unexpected Pioneers in Privacy-First Regulation

Remarkable advancements emerged from surprising quarters. Once-overlooked markets became leaders in regulatory innovation. Experimental regulatory sandboxes transformed into thriving innovation hubs, while central banks integrated privacy features into their digital currency initiatives — reframing them as tools for protecting user rights rather than instruments of surveillance.

Technologies That Redefined Compliance

Privacy-preserving compliance tools reshaped the regulatory landscape in 2024. These advancements bridged the gap between privacy and oversight:

Identity verification without exposing personal data. Transaction monitoring that maintains confidentiality. Regulatory reporting designed to protect user security.

Notably, Shyft Network’s Veriscope became a global solution for Travel Rule compliance, enabling secure identity verification and private transaction validation. Similarly, zero-knowledge proofs (ZKPs) matured from theoretical concepts to practical applications, driving innovation in transaction verification and identity management.

A Global Shift Toward Privacy and Compliance North America

The SEC’s approval of spot Bitcoin ETFs set the stage, but the real breakthroughs lay in privacy-enhanced systems developed by exchanges like Coinbase and Kraken. Canada’s advanced frameworks for private institutional trading raised the global bar.

Europe

MiCA’s implementation propelled European markets to adopt privacy-preserving compliance solutions. French and German exchanges led with tools balancing stringent oversight with robust user privacy. The UK’s emphasis on “privacy by design” influenced global regulatory practices.

Asia Pacific

Japan’s regulatory framework prioritized privacy, while Singapore introduced cutting-edge compliance tools that became benchmarks for the region. South Korea’s strict approach to oversight spurred creative solutions, and Hong Kong integrated privacy into institutional finance practices.

Latin America

Brazil’s privacy-preserving compliance measures in payments and Mexico’s advances in remittance privacy showcased the region’s adaptability. Argentina demonstrated that even in challenging economic conditions, confidentiality could be maintained.

Middle East and Africa

Dubai’s VARA framework enabled groundbreaking cross-border confidentiality tools. Africa’s mobile-first innovations, particularly Nigeria’s, offered solutions that balanced financial inclusion with robust privacy protections.

Australia and Oceania

Australia’s token mapping initiative redefined asset classification with privacy at its core. Smaller markets in the region demonstrated leadership in adopting and advancing privacy-focused technologies.

Key Takeaways 2024 proved that privacy and regulation can complement each other, reshaping financial compliance. Privacy-preserving tools like zero-knowledge proofs and Veriscope transformed oversight processes. Unexpected markets, including Latin America and Africa, emerged as leaders in privacy innovation. Regulatory frameworks like MiCA and the Travel Rule drove technological progress globally. Privacy-focused compliance is becoming a cornerstone for bridging traditional and decentralized finance. The Road Ahead: A Privacy-Driven Future

As the foundation laid in 2024 takes hold, privacy-preserving compliance is becoming a fundamental aspect of financial innovation. Institutional investors, once hesitant, are now embracing these tools to bridge the divide between traditional and decentralized finance.

The lessons of 2024 underscore a vital truth: addressing regulatory challenges can drive meaningful progress. By prioritizing privacy alongside compliance, the financial ecosystem has grown stronger, demonstrating that these objectives are not mutually exclusive.

The next chapter in financial history will focus on leveraging innovation to achieve both oversight and confidentiality, paving the way for a secure, inclusive, and privacy-conscious future.

About Shyft Network

Shyft Network powers trust on the blockchain and economies of trust. It is a public protocol designed to drive data discoverability and compliance into blockchain while preserving privacy and sovereignty. SHFT is its native token and fuel of the network.

Shyft Network facilitates the transfer of verifiable data between centralized and decentralized ecosystems. It sets the highest crypto compliance standard and provides the only frictionless Crypto Travel Rule compliance solution while protecting user data.

Visit our website to read more, and follow us on X (Formerly Twitter), GitHub, LinkedIn, Telegram, Medium, and YouTube. Sign up for our newsletter to keep up-to-date on all things privacy and compliance.

Bridging Privacy and Regulation: 2024’s Defining Moment was originally published in Shyft Network on Medium, where people are continuing the conversation by highlighting and responding to this story.

📈 Marketing Updates

We’re excited to share the latest engagement activity results! Here’s how our community is interacting with the content:

📜Quiz: 265 participants 📊Polls: 269 responses 🧩Puzzle (Time-based Bonus Activity): 16 participants

Stay tuned for more updates, and thank you for your continued participation!

🔧 Product Updates 🔁Cross-Chain Swaps

“Seamlessly perform cross-chain swaps directly within the Safle app. Access 23+ blockchain networks and swap across 3,000+ assets effortlessly, all in one secure and intuitive platform.”

📱Mobile App UI Revamp

Our mobile app is getting a makeover! The revamped UI will include a sleek light/dark mode toggle, ensuring a personalized experience for every user. Stay tuned for the launch!

🔗New Chain Integrations Complete

Integration of the following chains into Safle Vault is now complete:

opBNB Ronin Sei Skale — Nebula Immutable zk-EVM

Additionally, the backend and data pipelines for these chains have also been finalized, making asset management on these networks more efficient than ever.

👛Wallet Attestations with SafleID

We’re in the planning phase for introducing wallet attestations via SafleID. This will bring enhanced security and trust to your Web3 interactions.

🔍Safle Lens Improvements

Minor UI fixes are currently underway for Safle Lens, ensuring a smoother and more polished user experience.

🎮 Safle ID for Web3 Games

We’re re-envisioning Safle ID with a focus on Web3 Games. Know any game that should integrate SafleID? Let us know!

Discover more: SafleID for Web3 Gaming

Thank you for your continued support in shaping the future of Web3 with Safle.

The Safle Team

🚀 More updates coming soon!

The post Digital wallet for farmers developed by Indicio and Anonyome wins SuperNova award appeared first on Indicio.

As we wrap up 2024, our team is filled with gratitude and excitement for all the hard work we've done this year. It’s been a time of meaningful progress, growth, and significant contributions to the future of digital identity.

This year, SpruceID continued to build innovative solutions and strengthen partnerships across industries and at events and initiatives around the globe. Together with our community, we’ve achieved milestones that pave the way for a more privacy-focused and user-controlled digital world.

Let’s take a moment to celebrate some of the defining moments of the last year.

Our Team

This year, we welcomed new talent to our global team, bringing a wealth of expertise across engineering, product development, and design. While staying lean and agile, our team’s dedication and creativity have driven impactful solutions and positioned us to meet the demands of a fast-evolving industry.

As a remote-first company, we understand the value of coming together in person to strengthen our connections and align on our company mission. Twice a year, we host offsite retreats, which are essential for collaboration, strategic alignment, and connecting outside of work projects. In 2024, these gatherings took us to Rio de Janeiro, Brazil, and Montreal, Quebec—creating unforgettable experiences and building the foundation for the year ahead.

Spring Offsite in Rio De Janeiro, Brazil

Interested in joining our awesome team? Check out our open roles here.

Events and Hackathons

This year, SpruceID participated in events and hackathons, showcasing our digital identity solutions and advancing privacy-first verifiable digital credential innovation. A few notable events included:

Facilitating CA DMV Hackathons: This year, we played a key role in facilitating the CA DMV hackathons, fostering collaboration among developers, government, and public sector organizations to promote the adoption of mobile driver's licenses (mDLs) through hands-on tooling, troubleshooting, and building out new use cases. Utah's Outdoor Recreation Day on the Hill: We showcased our verifiable digital credential pilot program in partnership with Utah’s Division of Technology Services and Department of Natural Resources. We demonstrated privacy-first, verifiable credentials for off-highway vehicle certificates while engaging with policymakers, legislators, and the public. Internet Identity Workshop: At IIW (Internet Identity Workshop), SpruceID contributed to discussions on key digital identity topics like personhood credentials and Zero-Knowledge Proofs while engaging in collaborative efforts with global leaders to discuss everything from theoretical frameworks to real-world implementations, and driving privacy-first innovation. Silicon Valley Innovation Program (SVIP) Demo Week: At SVIP Demo Week, we showcased our cutting-edge digital identity solutions, highlighting advancements in privacy-preserving credentials and how we are working with the Department of Homeland Security to bring privacy and security to cross-border credentials. American Association of Motor Vehicle Administrators (AAMVA) Conferences: In 2024, SpruceID sponsored multiple AAMVA conferences, supporting advancements in secure, interoperable, verifiable digital credentials for motor vehicle administrations and law enforcement agencies. Verifiable Digital Credentials in U.S. Government

Our products continue to drive innovation in digital identity for customers like the California DMV, Utah's Division of Technology Services, and the Department of Homeland Security. They offer cutting-edge solutions for verifiable digital credential management and empower organizations and developers to build secure, user-centric systems.

Utah's Division of Technology Services

In partnership with Utah’s Division of Technology Services, SpruceID introduced verifiable digital credentials across the state of Utah to replace paper and plastic permits, such as off-highway vehicle certificates and food handler permits. This initiative has enhanced security, improved user experience, and empowered residents with privacy-preserving digital credentials. Read the full story to learn more about our work with Utah.

California DMV

Throughout this year, we have continued our work with the California DMV, we helped implement and expand the state’s award-winning mobile driver’s license program, which prioritizes privacy, security, and interoperability. This program enables millions of Californians to securely use their credentials online and offline for travel and identity verification, and currently has a 4.8 star rating across 60K app reviews on both the Google Play and App store.

Department of Homeland Security

Through the Silicon Valley Innovation Program, we are collaborating with DHS to develop privacy-preserving digital credentials for cross-border travel and immigration. This initiative enhances security and interoperability while ensuring users maintain control over their personal data.

Standards and Working Groups

A key milestone this year was the release of ISO/IEC18013-7, a standard enabling remote use of mobile driver's licenses (mDLs) for digital identity verification. This standard supports secure online identity proofing and onboarding, ensuring interoperability and flexibility across diverse systems and simplifying digital identity verification for users.

Additionally, SpruceID collaborated with the National Cybersecurity Center of Excellence (NCCoE) at NIST on initiatives to strengthen the adoption of open standards for verifiable credentials. By contributing to frameworks and best practices, we are working to ensure digital identity solutions remain secure, interoperable, and privacy-preserving, aligning with industry needs and advancing the adoption of trustworthy identity systems.

We're looking forward to seeing more innovative use cases using these standards in the upcoming year.

Here’s to Another Year!

This year has been one of incredible growth, innovation, and impact for SpruceID. As we reflect on everything we’ve accomplished, we’re more committed than ever to empowering individuals to take control of their identity and personal data in today’s digital world.

Each milestone we’ve reached has strengthened our ability to create trusted, privacy-first digital experiences. We’re excited to carry this momentum into 2025, shaping the future of digital identity together and seeing what new opportunities will be in store.

About SpruceID: SpruceID is building a future where users control their identity and data across all digital interactions.

In 2024, we launched our much-anticipated Customer Advisory Board (CAB). Here, we reflect on the top 5 learnings and what we hope to take into 2025. 

At IDnow, the CAB is more than just a platform to communicate with our customers. IDnow CABs are valuable opportunities to collaborate toward the shared goals of shaping the future of identity verification, meeting regulatory requirements, and anticipating upcoming technological and industry challenges. 

We organized two CABs in 2024 – one in Munich in June and the other in Paris in October. Both featured strategic discussions, where we covered topics as wide-ranging as eIDAS compliance to fraud prevention and optimal user experience (UX). We also showcased demos of some of our newly launched products like YRIS, Videoident Flex and InstantSign.  

As forums for gathering customer feedback, we also utilize CABs to align our solutions with real market needs and share our strategic vision for the future.  

“Our CABs serve two primary functions,” said Ellie Burns, Head of Product, Customer and Partner Marketing at IDnow.

For our customers, they get to play an active advisory role to influence IDnow’s innovation priorities and product roadmap. While for IDnow, it is an invaluable opportunity to tailor our solutions to specific customer challenges.

Ellie Burns, Head of Product, Customer and Partner Marketing at IDnow.

IDnow’s top 5 key takeaways from 2024 CABs.  1. Client collaboration is essential for innovation. 

The success of our solutions relies on a deep understanding of client needs. IDnow’s CABs provide a collaborative framework where participants get to share their experiences and directly influence innovation priorities. This process ensures our solutions address tangible challenges across various industries while paving the way for new use cases. 

CABs help us stay aligned with real market needs while giving our clients the opportunity to co-create tomorrow’s solutions.

Élodie Poulain, Marketing Director at IDnow. 

2. Regulatory compliance is a shared priority. 

In the face of increasingly complex regulations, such as eIDAS 2.0 and upcoming Anti Money Laundering Authority requirements, CABs can help raise awareness of industry warning signs and important milestones so customers can prepare. Plus, by integrating customer feedback, we can develop solutions that comply with the highest standards while meeting expectations for speed, security and efficiency. 

eIDAS 2.0 – A simple update or fundamental change? Download to discover: What is eIDAS? The birth of eIDAS 2.0 The countries and industries affected by eIDAS 2.0 Read now 3. Fraud prevention requires a collaborative approach. 

With threats like deepfakes and synthetic identity fraud on the rise, CABs can be vital forums for discussing best practices of dealing with fraud. It is these insights that allow us to co-create solutions capable of detecting emerging fraud that also enhance overall security. Innovations such as photoswap detection and video injection prevention are direct outcomes of these strategic discussions. 

4. User experience (UX) is a key differentiator. 

Feedback gathered from CAB participants allows us to regularly refine and optimize our products. For example, customer feedback on InstantSign enabled us to add additional features and advanced functionality and a flawless user experience. 

5. CABs act as accelerators for cross-sector synergies. 

By bringing customers together from a range of industries, including financial services, telecoms, gaming and mobility, the IDnow CABs foster unique synergies. Exchanging opinions on diverse topics leads to unique perspectives and innovative approaches that have applications across multiple sectors. They are valuable opportunities to explore new horizons while strengthening our industry expertise. 

IDnow’s product roadmap for 2025: Solutions for a changing market. 

IDnow is committed to becoming Europe’s leading KYC provider with a comprehensive and innovative product offering. Here are just some of the major milestones we have achieved in the last five years: 

AI QES (2021): Launch of qualified electronic signature solution.  ETSI Certification (2022): Compliance with European security standards for QTSPs.  ISO 27001 (2023): Certification ensuring the security of sensitive data.  PVID Certification (2023): ANSSI approval for identity verification solutions.  InstantSign (2024): Launch of fast, fully compliant electronic signature product.  YRIS Certification (2024): Substantial assurance level for digital identity. 

In 2025, IDnow will focus on: 

Fraud prevention: Introduction of new fraud prevention technology, including Photoswap detection, deepfake identification and IBAN verification.  eIDAS 2.0: Implementing product changes to ensure our products comply with this European regulation.  European connectivity: IDnow is developing a platform that can connect to all European digital wallets and is also creating its own Wallet. The goal: to deliver an optimal UX while adhering to growing regulatory demands. 

With over 900 customers around the globe, we have a busy 2025 coming up with CABs planned in major cities throughout Europe and beyond. 

Read our ‘Fraud in 2024: IDnow customers have their say.’ blog to discover the most common fraud challenges that our customers have been facing in 2024 and how they plan to address them in 2025. 

To keep up to date with the latest happenings from IDnow, follow us on Linkedin. 

By

Mallaury Marie
Content Manager at IDnow
Connect with Mallaury on LinkedIn

Advancing the Future of Autonomous Mine-Hunting Technology Language English simon.mcsstudio Fri, 12/20/2024 - 11:29

RNMB Apollo launches from SD Northern River © Crown Coptright 2024

The Royal Navy has reached a key milestone in autonomous mine-hunting with its first trial of an uncrewed boat from a commercial vessel, showcasing Thales technology.

A recent trial at the Firth of Clyde, Scotland, marked a significant milestone for the Royal Navy’s Mine & Threat Exploration Group. The Royal Navy Motor Boat (RNMB) Apollo, a small uncrewed vessel designed to detect and neutralize mine threats, was successfully launched from SD Northern River, a commercial ship serving as a ‘platform of opportunity.’ This trial showcased the rapid deployment capability of autonomous mine-hunting technology in real-world conditions.

Apollo managed to detect exercise mines, even in notoriously challenging locations, demonstrating its advanced detection capabilities. Conducted in difficult water depths and coastal currents, the trial underscored the potential for Maritime Mine Counter-Measure (MMCM) technology to be swiftly integrated into operational fleets.

A Groundbreaking Collaboration

Andy Lapsley, DE&S Mine-Hunting Capability (MHC) Team Leader, emphasized the importance of the trial: 

This is the result of years of hard work and collaboration by the MHC team, and it demonstrates our commitment to advancing mine counter-measure technology. We’re not just testing equipment; we’re building an innovative, flexible capability that will play a key role in safeguarding the UK’s maritime interests.

The Apollo was manufactured under a contract with Thales, and following the successful trial, it will undergo retrofit and upgrades before being delivered to the Royal Navy in late 2025. The MMCM programme, valued at €430 million, has already created over 200 jobs across the UK, underscoring its impact on both defence and the economy.

A New Era in Naval Operations

This trial represented the first successful integration of MMCM technology onto a commercial vessel, a crucial step that demonstrates the potential of using such platforms as ‘floating bases’ for certain operations. Its success paves the way for future deployments, with Thales playing a key role in evolving maritime operations. 

The Maritime Mine Counter-Measure (MMCM) programme has advanced significantly, bringing advanced autonomous mine-hunting equipment closer to operational readiness for the Royal Navy and French Marine Nationale. Managed by the Organisation for Joint Armament Co-operation (OCCAR), this programme aims to enhance the naval mine warfare capabilities of both nations using cutting-edge technology. 

Commander Daniel Herridge, Commanding Officer of the Royal Navy’s Mine & Threat Exploration Group, commented: 

This milestone reinforces our commitment to modernizing mine counter-measure technology and integrating it into our operations. The Mine & Threat Exploitation Group is proud to continue supporting the enterprise and driving forward these trials, which are critical to advancing our capabilities and safeguarding the UK’s interests.

Philippe Commarmond, Director of Thales’ International Mine Warfare Sector, added: 

The MMCM programme is the result of an ambitious vision set by the UK and France back in 2015 to transform naval mine warfare. We are proud to be part of this journey, which is now positioning both nations at the forefront of autonomous maritime systems.

What’s Next?

This trial marks a significant leap forward in the Royal Navy’s mission to enhance mine counter-measure technology and operational flexibility. As the programme progresses, the integration of these innovative systems will continue to shape the future of naval mine warfare, ensuring the UK remains at the cutting edge of maritime security.

Looking ahead, the MMCM team will continue refining autonomous capabilities, ensuring they are ready for operational deployment in the coming years. With the next phase of trials and retrofitting of Apollo already underway, this breakthrough represents just the beginning of what promises to be a new era in autonomous maritime operations.
 

/sites/default/files/database/assets/images/2024-12/Apollo-Banner_0.png 20 Dec 2024 United Kingdom The Royal Navy has reached a key milestone in autonomous mine-hunting with its first trial of an uncrewed boat from a commercial vessel, showcasing Thales technology. Type News Hide from search engines Off

As financial institutions in the EU work to comply with the Digital Operational Resilience Act (DORA), ensuring robust cybersecurity and operational resilience is paramount. DORA mandates that organizations within the financial sector must implement stringent cybersecurity measures to protect their critical infrastructure, making Privileged Access Management (PAM) a vital component of compliance.

Product Focus

Closing 2024: A Year of Innovation, Growth, and Building Tools For Onchain Finance Economy

This content is taken from the monthly Product Focus newsletter in December 2024.

This year has been a journey of innovation, growth, and achievement. At the beginning of this year, we set out to achieve four objectives: accelerating the standardization phase; digitizing real-world assets and securities at scale; enabling DeFi through a unified data layer for private markets; and building distribution rails to streamline access and adoption.

Let’s look back on the remarkable progress we made together.

ERC-3643 is now the official standard, recognized globally

The ERC-3643 open-source standard has emerged as the cornerstone of the tokenization industry, serving as the motherboard for building diverse use cases. We have actively worked with 92 industry leaders in the ERC3643 Association to advance the standard by contributing to concrete projects.

Moreover, ERC-3643 has gained significant traction from large organizations, being used or referenced in industry reports by ABN AMRO, Citi, JPMorgan Chase, ESMA, BCG, KPMG, and Deloitte. Recently, it was recognized by the Singapore regulator MAS for enforcing compliance for tokenized funds and debt in the Project Guardian.

An Onchain Operating System Ready for Scale 

On the products side, our solutions are now ready to empower asset issuers to tokenize assets at scale. To reach critical mass, asset managers need a tech toolbox that allows them not only to tokenize assets onchain but also to manage and distribute them while working seamlessly with all stakeholders using different tools and systems.

Our products provide exactly that. We’ve redefined our product positioning as an onchain operating system to make our product’s value proposition clear. We provide an orchestrated platform that unifies and automates workflows with all necessary service providers, whether  onchain or offchain.  Our added value lies in the most robust technology, a well-connected ecosystem, and expertise gained from 7 years of real-world practices.

Our product is designed to serve diverse business needs, on any EVM blockchain, for any assets, in any jurisdiction. The T-REX Platform, a no-code tool,  empowers businesses to tokenize, manage, and distribute assets without requiring IT resources, while the T-REX Engine, an APIs solution, is designed for advanced projects integrating onchain operational capabilities directly into their existing workflows.

Our product enhances onchain compliance setup. Controlling tokens requires asset managers to configure token settings through token smart contracts. Our products allow asset managers to configure and customize compliance rules anytime, such as eligibility rules, transfer restrictions, and enablement of distribution.

Enabling DeFi via onchain data management and shared liquidity catalog

Assets issued with ERC-3643 automatically receive an AssetID smart contract. This built-in onchain asset identity enables data enrichment like NAV, ESG proofs, and ratings. ERC-3643 tokens are accessible through a shared onchain catalog with a unified data set, allowing seamless DeFi interaction while adhering to built-in compliance rules.

Step by step, we have started creating a unified Catalog of tokenized assets that includes token data, asset data, stakeholder data, and offering data. This catalog will enable distributors (regulated exchanges, OTC platforms, dApps, neobrokers, etc.) to easily select assets for distribution to their respective audiences.

To maximize transactions and interoperability between distributors, we have also created DINO, a shared liquidity protocol on the blockchain. DINO is a decentralized network enabling the distribution of compliant tokenized assets. The system leverages blockchain technology to revolutionize the publishing and settlement of digital assets, transforming how issuers, their distributors, and  investors conduct transactions.

At its core, the system enables parties to post and browse trading intentions, known as Offers, via token-specific distribution smart contracts. This innovation ensures that all offers are transparent and accessible on the blockchain, creating a continuous live feed of available trading intentions for all participants to see. It is now ready for prime time. 2025 will be epic!

The Foundation is Built: What’s Next for Tokenization?

This year, we’ve built a solid foundation for onchain finance with all the essential building blocks. 2025 will be a year of accelerating institutional adoption as the buy-side begins to fully  benefit from the tokenization format. We will see more and more applications leveraging compliant tokenized assets, and Tokeny is ready to lead this transformation. Thank you for being with us on this journey.

We wish you a great holiday season and a happy new year!

Xavi Aznal Head of Product Subscribe Newsletter

This monthly Product Focus newsletter is designed to give you insider knowledge about the development of our products. Fill out the form below to subscribe to the newsletter.

Other Product Focus Blogs Closing 2024: A Year of Innovation, Growth, and Building Tools For Onchain Finance Economy 20 December 2024 ERC-3643: The Motherboard for Composable Tokenized Assets 8 November 2024 How Tokeny’s Platform Empowers Fund Administrators To Act in Onchain Finance 20 September 2024 56% of Fortune 500 Are Onchain: APIs Are Your Key to Staying Ahead 23 August 2024 The Journey to Becoming the Leading Onchain Finance Operating System 19 July 2024 Streamline On-chain Compliance: Configure and Customize Anytime 3 June 2024 Multi-Chain Tokenization Made Simple 3 May 2024 Introducing Leandexer: Simplifying Blockchain Data Interaction 3 April 2024 Breaking Down Barriers: Integrated Wallets for Tokenized Securities 1 March 2024 Tokeny’s 2024 Products: Building the Distribution Rails of the Tokenized Economy 2 February 2024 Tokenize securities with us

Our experts with decades of experience across capital markets will help you to digitize assets on the decentralized infrastructure. 

Contact us

The post Closing 2024: A Year of Innovation, Growth, and Building Tools For Onchain Finance Economy appeared first on Tokeny.

Understanding how encryption, hashing, and salting work is key to protecting sensitive information. While these methods share similarities, each serves a unique purpose. Combining them can also help organizations meet data security standards. Here’s a clear explanation of their differences and how they contribute to robust data protection.

Back in November 2024, my article “Token Lifetimes and Security in OAuth 2.0: Best Practices and Emerging Trends” was published in the IDPro® Body of Knowledge, and wow—over 1,600 people have already checked it out! If you’re one of those people who clicked on the article but didn’t quite have time to read it (or bookmarked it for “later” but haven’t circled back yet), this post is for you.

I love to read—and I’m lucky enough to have the time to do it when I need to. Not everyone gets that chance, and let’s be honest, some people just aren’t ready, willing, or able to dive into a long article. And that’s okay! You do you, boo; it takes all kinds to make this crazy world come together.

OAuth 2.0 Tokens – the sound version

Because I enjoy messing around with technology, I decided to see if Google’s NotebookLM might produce something that would help people who want a differently-consumable format of the Tokens article. While I personally like the written version better (did I mention I like to read?) this didn’t turn out too badly.

If you’re looking for something in between—like a quick outline to decide if you want to spend 20 minutes listening to the AI-generated podcast or however long it takes to read a 15-page article—here’s a brief summary to help you figure out what works best for you.

Tokens in Summary

The summary was also generated out of the NotebookLM interface. I’d love to hear what you think about making my content come through this way! Enjoy!

Executive Summary

This document analyzes the security implications of short-lived and long-lived tokens within the OAuth 2.0 framework. It highlights the benefits of using short-lived, narrowly scoped tokens to mitigate security risks such as token replay attacks, while acknowledging specific scenarios where long-lived tokens might be considered. The document also explores emerging trends like Continuous Access Evaluation Profile (CAEP), risk-based token lifetimes, and sender-constrained tokens, which aim to enhance security without compromising usability. Overall, the document emphasizes that while there are situations where long lived tokens may make sense, short-lived tokens are generally best practice.

Introduction to Tokens in OAuth 2.0 Tokens as Identity Representation: Tokens are digital objects representing claims or attributes of an entity (user, device, or process) used in authentication and authorization protocols. They enable secure communication without requiring constant re-validation. Quote: “A token is a digital object that can represent a set of claims or attributes about an entity, such as a user, device, or process, typically used in authentication and authorization protocols.” Stateless vs. Stateful Tokens: Tokens can be stateless (containing all necessary information) or stateful (requiring the server to maintain session information). Bearer vs. Client-Bound Tokens: Tokens can be bearer tokens (usable by anyone holding them) or client-bound (tied to a specific client). Quote: “Tokens can be classified as bearer tokens, which are usable by anyone in possession of them, or client-bound tokens (sometimes called sender-constrained tokens…)…” Scope and Minimization: Limiting the scope of a token (permissions for only specific resources or actions) is critical for reducing security risks. The principle of “least privilege” should be applied. Quote: “One of the most effective strategies when issuing tokens is to narrowly scope their permissions. A narrowly scoped token is designed to grant access to only a specific resource or a limited set of actions rather than offering broad, unrestricted access.” Tokens vs Credentials: Tokens and credentials are not the same thing. Credentials are used for authentication, tokens are used for authorization. Short-Lived Tokens: The Security Standard Definition: Short-lived tokens expire quickly (minutes or hours) limiting the window of opportunity for attackers. Quote: “Short-lived tokens are designed to expire after a brief period—usually minutes or hours—thereby minimizing the window of opportunity for attackers to exploit them if they are intercepted or compromised.” Reduced Attack Surface: Short token lifetimes significantly reduce the impact of token compromise. Even if a token is intercepted, it quickly becomes invalid. Quote: “One of the big benefits of short-lived tokens is the reduction of the attack window (i.e., the length of time that an attacker could exploit endpoints).” Enhanced Security through Rotation: Frequent token rotation enforces the need for persistent attackers to repeatedly intercept new tokens, increasing the chance of detection. Quote: “Short-lived tokens play a crucial role in reducing the impact of token compromise by enforcing frequent token rotation.” Stateless Architectures: Short lived tokens fit well in stateless architectures, eliminating the need to maintain session state on the server. Integration with Security Mechanisms: Short-lived tokens should be used with other security practices like token binding and revocation. Quote: “The standards also encourage the combination of short-lived tokens with other security mechanisms, such as client-bound tokens or token binding, which ensures that tokens can only be used by specific clients…” The Role of Refresh Tokens Purpose: Refresh tokens are long-lived credentials used to obtain new access tokens without requiring re-authentication. Security Considerations: Compromised refresh tokens can grant extended access, so they need protection. Security Measures:Refresh Token Rotation: Reissue refresh tokens upon every use Client Binding: Cryptographically bind refresh tokens to specific clients or devices. Reauthentication: Require periodic reauthentication before issuing new refresh tokens. Token Revocation: Revoke both refresh and access tokens upon suspicious activity. Secure Storage: Refresh tokens should be stored securely by the client. Risks of Long-Lived Tokens Definition: Long-lived tokens remain valid for extended periods. API keys and session tokens used in mobile apps are common examples. Prolonged Unauthorized Access: If compromised, attackers gain persistent access, especially if revocation mechanisms are weak or not real time. Quote: “If these long-lived tokens are compromised, attackers can use them to gain persistent unauthorized access to systems or resources without being detected for an extended period.” Token Replay Vulnerabilities: Long-lived tokens are vulnerable to replay attacks where an intercepted token is reused by an attacker. Quote: “In a token replay attack, an attacker intercepts a token…and reuses it to impersonate a legitimate user.” Difficulties with Revocation: Manual revocation or waiting for expiration creates a window for continued exploitation. Increased Attack Surface: Longer validity allows attackers more time to explore and exploit vulnerabilities. Difficulty in Enforcing Least Privilege: Long-lived tokens often grant broader permissions than necessary, making any compromise have greater impact. When Long-Lived Tokens May Be Appropriate Reduced Overhead in Token Renewal: Less frequent requests to the authentication server. Use case: Batch processing or long-running data analytics. Improved Performance in Stateless Systems: Reduces need for constant issuance of new tokens. Use case: High request APIs Service-to-Service Communication: Efficient communication within a highly trusted environment. Use case: Microservice architectures within secure internal networks. Emerging Trends and Future Directions Continuous Access Evaluation Profile (CAEP): Real-time assessment and adjustment of permissions, enabling longer token lifespans with dynamic revocation. Quote: “CAEP enables access tokens to have longer lifespans without compromising security. This is achieved by combining periodic risk assessments with real-time revocation capabilities.” Risk-Based Token Lifetimes: Dynamic adjustment of token expiration times based on real-time risk analysis. Proof of Possession (PoP) and Sender-Constrained Tokens: Cryptographic proof of token ownership. Standards like DPoP and Mutual TLS reduce token replay risks. Enhanced Revocation Mechanisms: Efforts to develop real-time token revocation standards. Conclusion Short-Lived Tokens as Best Practice: Short-lived, narrowly scoped tokens combined with client binding and strong cryptographic standards are the best practice for mitigating security risks. Zero Trust: If your organization uses Zero Trust principles, then there is no concept of a trusted environment. Balancing Security and Usability: Aim for a balance between security, usability, and performance. Evolving Landscape: Token management frameworks are evolving, with emerging standards allowing for longer lived tokens under strict monitoring and policy enforcement Organization Risk Posture: An organization’s risk posture should guide the definition of “short” and “long”. However, regardless of the definition, strict scoping, token binding, and robust revocation must be in place. Actionable Items Review and Update Token Lifetimes: Evaluate current token expiration policies and transition to shorter lifetimes where possible. Implement Client-Bound Tokens: Employ client-bound or sender-constrained tokens where appropriate. Implement Refresh Token Rotation: Ensure that refresh tokens are rotated on every use. Enhance Revocation Mechanisms: Implement robust revocation processes and monitor token usage. Stay Informed: Follow emerging standards like CAEP and adapt strategies based on advancements.

This briefing document provides a detailed overview of token management within the OAuth 2.0 framework, emphasizing the importance of short-lived tokens and the need for a comprehensive security approach. By adopting the recommendations provided, your organization can significantly improve its security posture and protect against various token-based attacks.

If you or your organization need support with standards development, let me know. With my experience across various SDOs, I’m here to help guide you through the complexities of Internet standards development.

The post Unlock the Secrets of OAuth 2.0 Tokens (and Have Fun Doing It!) appeared first on Spherical Cow Consulting.

A Beginner’s Guide to Understanding Password Authentication Protocol (PAP)

The US Treasury's Office of Foreign Assets Control (OFAC) has today added several crypto addresses to the Specially Designated National (SDN) list, associated with Sa’id Ahmad Muhammad al-Jamal.

by Paul Fisher

Identity-driven attacks are escalating, driven by the dissolution of traditional network perimeters due to cloud adoption, remote work, and the increasingly sophisticated tactics of adversaries. Over 80% of breaches involve compromised identities, as attackers leverage methods like Kerberoasting, password spraying, and the exploitation of misconfigurations in identity systems such as Active Directory. Traditional security measures are proving inadequate in differentiating between legitimate and malicious use of identities, leaving significant vulnerabilities.

SEACURE : a major European defence project led by Thales to prepare European navies for underwater warfare prezly Thu, 12/19/2024 - 14:00 Within the framework of the European Defence Fund (EDF), Thales is leading the SEACURE project to achieve a sovereign European capability in future Anti-Submarine and Seabed Warfare. The SEACURE programme began in November 2024 for a duration of 45 months, and involves 35 European partners from 13 EU member states. Building on the successful completion of the EDIDP (European Defence Industrial Development Programme) SEANICE project at the end of 2023, the aim of SEACURE is to achieve a sovereign European capability in future autonomous Anti-Submarine and Seabed Warfare.

The world is facing rising tensions in many regions, with asymmetric threats and the resurgence of high-intensity operations, particularly at sea. It is the case near the borders of the European Union, in the Middle East, and the Far East. This highlights how critical it is for nations to control safety at sea and to protect their maritime infrastructures. Moreover, the exploitation of marine resources, including offshore wind farms, demands continuous monitoring to prevent malicious actions by state and non-state adversaries.

Recent events are accelerating plans throughout NATO and European countries to protect maritime infrastructure of national interest. Such plans embrace new operational theatres, and require new capabilities and new methods of operation. 

The main objective of SEACURE is to develop and demonstrate at sea, by 2028, an integrated system of systems aimed at successfully performing autonomous joint Anti-Submarine Warfare and Seabed Warfare operations and protecting critical maritime infrastructure. It focuses on the detection, classification, identification and tracking of underwater threats in challenging conditions, using air, surface and underwater drones. SEACURE will offer a versatile defence system for such operations, increasing the level of autonomy, based on open, agile, modular and scalable system-of-systems architecture. In addition, it will be interoperable and ready for collaborative combat.

SEACURE not only strengthens maritime security today, but also lays the groundwork for a more resilient and cooperative global maritime future.

About SEACURE

SEACURE is proposed as a continuation of the EDIDP SEANICE research project that ended in November 2023. It offers a new way of protecting our critical maritime infrastructures, and guarantees the freedom to operate in our own waters, detecting and protecting against any external threats.

The partners are :

THALES DMS FRANCE SAS

ALSEAMAR

ATLAS ELEKTRONIK GMBH

CEIIA - CENTRO DE ENGENHARIA E DESENVOLVIMENTO (ASSOCIACAO)

DRASS GALEAZZI SRL

THALES EDISOFT PORTUGAL S.A

ESG ELEKTRONIKSYSTEM- UND LOGISTIK GMBH

ETME PEPPAS & ASSOCIATES SOCIETE ANONYME

EXAIL ROBOTICS

FEAC ENGINEERING PRIVATE COMPANY

FORSVARETS FORSKNINGINSTITUTT (FFI)

FINCANTIERI SPA

FINCANTIERI NEXTECH SPA

I.D.S. INGEGNERIA DEI SISTEMI SPA

GMVIS SKYSOFT SA

INNOVATION IN RESEARCH & ENGINEERING SOLUTIONS

KONGSBERG DISCOVERY AS

KUNGLIGA TEKNISKA HÖGSKOLAN

LEONARDO - SOCIETA PER AZIONI

NAVAL GROUP

NAVANTIA S.A.

NAXYS TECHNOLOGIES AS

PATRIA AVIATION OY

RTSYS

SAAB KOCKUMS AKTIEBOLAG

SAAB DYNAMICS AKTIEBOLAG

SAAB AKTIEBOLAG

SAIPEM S.P.A

SCHIEBEL

SIEL SRL

SOTIRIA Technology Private Company

THALES ITALIA SPA

THALES ROMANIA SRL

NEDERLANDSE ORGANISATIE VOOR TOEGEPAST NATUURWETENSCHAPPELIJK ONDERZOEK TNO

WSENSE SRL

About Thales

Thales (Euronext Paris: HO) is a global leader in advanced technologies specialising in three business domains: Defence & Security, Aeronautics & Space and Cyber & Digital.

It develops products and solutions that help make the world safer, greener and more inclusive.

The Group invests close to €4 billion a year in Research & Development, particularly in key innovation areas such as AI, cybersecurity, quantum technologies, cloud technologies and 6G.

Thales has close to 81,000 employees in 68 countries. In 2023, the Group generated sales of €18.4 billion.

 

 

/sites/default/files/prezly/images/Generic%20banner%20option%202%20%282%29_15.png Contacts Cédric Leurquin 19 Dec 2024 Type Press release Structure Defence and Security Defence The world is facing rising tensions in many regions, with asymmetric threats and the resurgence of high-intensity operations, particularly at sea. It is the case near the borders of the European Union, in the Middle East, and the Far East. This highlights how critical it is for nations to control safety at sea and to protect their maritime infrastructures. Moreover, the exploitation of marine resources, including offshore wind farms, demands continuous monitoring to prevent malicious actions by state and non-state adversaries. prezly_715316_thumbnail.jpg Hide from search engines Off Prezly ID 715316 Prezly UUID cd3c9d73-d60b-4cdb-8feb-820c068dc086 Prezly url https://thales-group.prezly.com/seacure--a-major-european-defence-project-led-by-thales-to-prepare-european-navies-for-underwater-warfare Thu, 12/19/2024 - 15:00 Don’t overwrite with Prezly data Off

In the first part of this Cosmic-X blogpost series, we evaluated various blockchain platforms for their suitability in Industry 4.0 and explained why we chose the Secret Network with its confidential computing capabilities. Today, we’ll explore how we use the Secret Network to secure machine data integrity from its origin to its consumption.

Need for Data Integrity

Securing data integrity in Industry 4.0 is crucial because systems and devices rely on accurate data to function effectively. Tampered or incorrect data can lead to poor decisions, operational failures, and vulnerabilities in key sectors like manufacturing and logistics. With IoT and AI driving Industry 4.0, maintaining data accuracy ensures reliable operations, protects sensitive information, and prevents cyber threats that disrupt businesses and critical infrastructure.

Anchoring data close to its source is essential for securing integrity across the entire data processing chain, which often involves multiple distributed systems. For machines, this means securing the data before it leaves the device. At the same time, the system must protect the anchored data from tampering after export. Blockchain’s immutable nature aligns perfectly with this paradigm. That’s why we built a Wallet Service on top of the Secret Network. This service integrates seamlessly into any machine to secure its data integrity in a decentralized and privacy-preserving manner.

Wallet Service

The Wallet Service acts as a gateway for communication with the Secret Network. It deploys onto any machine infrastructure that supports Docker. By using the Wallet Service, machines interact directly with the blockchain and its smart contracts. The service assigns each machine a unique identity through a public-private key pair. With its private key, the machine signs and broadcasts transactions to anchor its data on the Secret Network. The blockchain’s encryption ensures that no unauthorized third party can access the data. For details on how the network reaches consensus despite encryption, refer to our previous post.

Integration

To simplify integration, the Wallet Service offers a straightforward REST API with two endpoints. The ingress endpoint accepts a batch of data in a defined structure for anchoring. After receiving the data, the Wallet Service hashes it and stores the resulting hash in the service’s smart contract through a transaction on the Secret Network. This process creates an immutable fingerprint, allowing anyone to verify the integrity of a data batch through the Wallet Service’s verification endpoint. Since data verification typically occurs in systems other than the one that supplied the data, the Wallet Service supports deployment anywhere. In distributed data processing scenarios like Cosmic-X, entities that consume data instantiate a Wallet Service to verify data integrity before making decisions. For example, an AI service provider might deploy a Wallet Service in its cloud environment to verify data before using it for training or inference.

Requirements

Two conditions must be met for this workflow to function: first, the verifying Wallet Service must have the appropriate viewing key from the machine that supplied the data. Otherwise, it cannot decrypt and query the fingerprints stored in the smart contract. Second, the format and schema of the data batch must remain standardized across the processing chain. To achieve this, we developed a Data Integrity Protocol as the foundation of the Wallet Service.

Data Integrity Protocol

To anchor and verify data batches reliably, the Wallet Service requires a standardized protocol. Both the data anchoring and verification processes must adhere to a common data format, schema, and canonicalization standard. For Cosmic-X, we chose JSON as the data format and RFC 8785 as the canonicalization algorithm. Canonicalization ensures reliable cryptographic operations on JSON data by defining methods for handling whitespace, data types, and objects.

Batch Structure

Considering use case requirements and the limitations of edge and cloud environments in Cosmic-X, we define a data batch as one hour’s worth of sensor data collected from a machine. The figure below shows an extract of a data batch collected from one of the use cases. The batch includes a metadata object used only for the Wallet Service’s business logic. This metadata contains key-value pairs such as the batchId and placeholders for the payload hash and the transaction hash on the Secret Network blockchain. The payload, which the system hashes during anchoring, consists of discrete sensor measurements. Each measurement uses a composite key created by concatenating the variable name with the Unix timestamp of its recording. The measurements include key-value pairs for variable name, timestamp, absolute value, and data type.

The batchId is the most critical part of a data batch. Since the Wallet Service uses it to anchor and later locate the data batch for verification, the batchId must be unique. In this setup, the batchId combines a machine ID with a Unix timestamp representing the time range of measurements in the batch, rounded to the nearest hour. For example, if machine 2080839 collects measurements from 11:01:23 to 11:59:43 on May 16, 2024, the batchId becomes 2080839_1715853600.

In the next post, we’ll showcase how we integrated the Wallet Service with three live machines and an AI service to enable secure and accurate anomaly detection in machine components.

The post Securing Data Integrity in Industry 4.0 appeared first on DATARELLA.

Join us for an insightful webinar exploring the KuppingerCole Leadership Compass on XDR, where we delve into the dynamic world of Extended Detection and Response solutions. As cyber threats continue to evolve, organizations are increasingly turning to XDR as a comprehensive approach to enhance their security posture. This webinar will cover key findings from the latest Leadership Compass report, offering participants an in-depth look at the leading XDR vendors and the critical capabilities that distinguish them in this rapidly changing landscape.

Thales to enhance vehicle access with reliable and secure contactless solutions prezly Thu, 12/19/2024 - 09:00 Car industry players can rely on Thales to provide digital and physical solutions that improve car access experiences, while ensuring data security. Thales’s offer encompasses a digital car key solution, whose implementation follows the Car Connectivity Consortium1 (CCC) standard. It is now completed by a brand-new contactless card, the Thales NFC CARd Key. The solutions enable car drivers to lock/unlock and start their vehicles using their smartphone or their card. Drawing on its 15+ years of experience in the automotive industry, Thales delivers proven on-board car solutions leveraging its connectivity and cybersecurity expertise.

Thales, a global leader in advanced technologies, provides car manufacturers with safe and hassle-free solutions to expand their customers’ vehicle access experiences. The offer leverages the digital car key solution and the smart NFC CARd Key, a new cutting-edge and customisable solution. Designed to complement the digital key, this innovative NFC-based card offers a reliable alternative in the event of disruptions on users’ smartphones, and allows drivers to unlock and start their cars with a simple ‘tap’. ​

The automotive industry is rapidly shifting from traditional to digital solutions, and the digital car key market is expected to grow at an impressive annual rate of over 21% from 2023 to 20312. Thales is addressing this growing demand, leveraging the CCC digital key functionality, demonstrating strong cybersecurity expertise into digital car key solution and securely creating and storing credentials in a vehicle, in a mobile device and/or in a contactless card.

After digitally enrolling drivers’ credentials upon the purchase of a car, Thales’s digital car key system securely allows drivers to enter and start the vehicle using their smartphone, while the mobile device is still in the pocket or in the bag. Such flexible solutions enable a wide range of automotive use cases, making car access and sharing significantly easier. Private car owners can digitally share their access with family members or friends, while car rental firms can do the same with customers, physically removing the need to pick up car keys at a rental desk. Meanwhile, the introduction of Thales’s NFC CARd Key perfectly supports scenarios when a smartphone might not be available.

Functioning like a contactless payment card, the NFC CARd Key establishes secure, encrypted communication with the vehicle, allowing instant access and engine start, just like the mobile app. With over 10 years of durability in the field, and a strong resistance to high temperatures, it ensures robust protection, while enabling a smooth and simple ‘tap-enter-and-go’ experience. Beyond its technical features, the NFC CARd Key presents a valuable branding opportunity for automotive manufacturers, as its design can be customised, creating a unique and singular card thanks to Thales's wide range of printing options (3D effect, tactile varnish, etc.).

“Thales brings over 15 years of experience in delivering connectivity and cybersecurity solutions to the automotive industry, with a deep understanding of customer requirements, from daily usage conditions to compliance with stringent standards. This extends to data security expertise in vehicles and mobile devices, providing peace of mind through a robust and resilient approach to cybersecurity,” stated Christine Caviglioli, VP Automotive at Thales. “With the launch of the NFC CARd Key, Thales complements its vehicle access offer with a singular innovation. Our ambition is to empower automakers and drivers alike with a flexible approach to secure mobility.”

1 The Car Connectivity Consortium (CCC), an organisation that promotes seamless smartphone-to-car connectivity, has set the standard for digital car keys, enabling drivers to unlock and start their vehicles using smartphones or smartwatches. ​

2 According to Transparency Market Research.

/sites/default/files/prezly/images/Design%20sans%20titre%20%2832%29.png Contacts Cédric Leurquin 19 Dec 2024 Digital Identity and Security IoT Type Press release Structure Digital Identity and Security Thales, a global leader in advanced technologies, provides car manufacturers with safe and hassle-free solutions to expand their customers’ vehicle access experiences. The offer leverages the digital car key solution and the smart NFC CARd Key, a new cutting-edge and customisable solution. Designed to complement the digital key, this innovative NFC-based card offers a reliable alternative in the event of disruptions on users’ smartphones, and allows drivers to unlock and start their cars with a simple ‘tap’. prezly_715029_thumbnail.jpg Hide from search engines Off Prezly ID 715029 Prezly UUID 9160f960-e54e-4f4f-b546-ca9bd9f74443 Prezly url https://thales-group.prezly.com/thales-to-enhance-vehicle-access-with-reliable-and-secure-contactless-solutions Thu, 12/19/2024 - 10:00 Don’t overwrite with Prezly data Off

Predictoor DF120 rewards available. DF121 runs Dec 19 — Dec 26th, 2024 1. Overview

Data Farming (DF) is Ocean’s incentives program. In DF, you can earn OCEAN rewards by making predictions via Ocean Predictoor.

Data Farming Round 120 (DF120) has completed.

DF121 is live today, Dec 19. It concludes on December 26th. For this DF round, Predictoor DF has 37,500 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF121 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF121

Budget. Predictoor DF: 37.5K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and Predictoor

Ocean was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF120 Completes and DF121 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

As we close another year, join us in reflecting on KuppingerCole’s journey from a niche identity management focus to becoming a leader in the intersection of identity and cybersecurity. Discover exciting new initiatives like our Rising Stars Program and explore the challenges and opportunities shaping the future of the industry. Watch now and hear how we’re empowering the community with insights, innovation, and tools to thrive in a rapidly evolving digital landscape. Wishing you a safe and secure holiday season and a successful 2025!

The Need for Advanced Security in Healthcare

In the wake of substantial data breaches, such as the significant ransomware attack in Costa Rica’s healthcare system, the need for fortified data security has never been more apparent. Extrimian’s cutting-edge solutions, including ID Connect and SSI API, leverage the power of decentralized identity to safeguard sensitive health data against emerging cyber threats.

Source:
The HIPAA Journal

Decentralized Identity: A Shield Against Data Breaches

Decentralized identity technology serves as the cornerstone of Extrimian’s approach, employing DIDs (Decentralized Identifiers) and VCs (Verifiable Credentials) to create a robust framework resistant to unauthorized access and data breaches.

Streamlining Healthcare Processes

Extrimian’s technology not only enhances security but also streamlines administrative procedures, reducing costs and saving time. This efficiency is crucial for healthcare providers aiming to improve service delivery and patient care quality.

Improving Patient Experience with Self-Sovereign Identity

By integrating self-sovereign identity models, Extrimian places control directly in the hands of patients, allowing for a transparent and user-friendly way to manage personal health data. This shift enhances patient trust and satisfaction by providing a more personalized healthcare experience.

Privacy and Compliance: Securing Patient Data

Extrimian’s use of the QuarkID protocol ensures that all data transactions meet global standards for data protection, such as the GDPR (General Data Protection Regulation). This protocol is essential for maintaining privacy and securing sensitive information within the health sector.

Now what? A Proactive Approach to Secure Healthcare

Extrimian’s decentralized identity solutions represent a proactive approach to secure healthcare data management. By adopting these technologies, healthcare providers can protect sensitive information, comply with stringent regulations, and improve overall patient care.

For more detailed insights into how Extrimian is revolutionizing healthcare data security with decentralized technologies, visit our website.

The post Health Data Security with Decentralized Identity first appeared on Extrimian.

Learn how to prevent CSRF attacks from compromising your users when implementing Google OAuth for user registration and user login.

DBS Taiwan Partners Thales to bring bio-sourced payment cards to Asia solange.balencie Wed, 12/18/2024 - 10:39 Thales will reissue over two million cards to DBS Taiwan to support the bank’s largest credit card renewal operation following its merger with Citibank.  Out of these, more than one million sustainable credit and debit cards are made from Polylactic Acid (PLA), a bio-sourced, more eco-friendly alternative to traditional plastic, making DBS Taiwan the largest issuer of PLA cards in Asia.

In 2020, supported by Thales, DBS Taiwan issued Asia’s first bio-sourced credit card in their aim to promote customer awareness and use of environmentally friendly payment products. Fast forward to 2024, and Thales is now helping DBS Taiwan become the largest issuer of sustainable payment cards in Asia.

Through this project, Thales is helping DBS Taiwan revamp its Eco Card as well as supporting the re-issuance of over 2 million cards following DBS Taiwan’s acquisition of Citi’s consumer banking business in Taiwan.  Working within a tight timeline set by Taiwan’s financial authorities, Thales is helping produce up to 30 card body artworks to support DBS Taiwan’s ambition to become the largest and most environmentally friendly international commercial bank in Taiwan. More than a million of these cards are crafted from bio-sourced Polylactic Acid (PLA), aligning with DBS' ambitions to prioritise more eco-friendly products. The remaining selection showcases DBS commitment to innovation with Thales' range of premium metal cards and LED Artlight cards.

Derived from renewable resources such as non-edible corn, the Thales Bio-sourced PLA card is one of the most eco-friendly products in the market. The card is the world’s first UL Environmental Claim Validation (ECV)* certified eco-friendly payment card, and its bio-based component has been lab tested and accredited by worldwide science safety leader UL. Thales is a worldwide leader in modern and responsible payment solutions; the PLA cards are part of a comprehensive eco-friendly product portfolio, with over 50 million PLA cards already delivered globally. 

In addition, there is a forecast of 235 tons of carbon offset from the cooperation with Thales Carbon-Neutral Program. DBS Taiwan has also embedded the concept of green consumption into card value proposition such as rebate in low-carbon transportation, and cooperated with DBS Foundation to encourage cardholders to enjoy a more sustainable life with the goods and services through championing social entrepreneurship.

 “Thales is honoured to collaborate with DBS Taiwan in their initiatives to offer environmentally and socially impactful solutions to its customers and to be Asia’s sustainable payment solutions leader. As a global pioneer in advanced technology, Thales is also at the forefront of modern card issuance, with an extensive range of solutions that includes cards produced from bio-sourced PLA, ocean-recycled plastic, recycled PVC, and even sustainable wood. We look forward to deepening our partnership with DBS as we build towards a safer, greener and more inclusive future for all.”

Nassir GHROUS, Vice President, Thales Banking and Payment Services, Asia Pacific, Middle East and Africa.
 

Contacts Jamie CHOW - Communications, Asia 04 Jun 2024 Digital Identity and Security Banking & Payment Eco-friendly bank cards Type Press release Structure Bank & Payment In 2020, supported by Thales, DBS Taiwan issued Asia’s first bio-sourced credit card in their aim to promote customer awareness and use of environmentally friendly payment products. Fast forward to 2024, and Thales is now helping DBS Taiwan become the largest issuer of sustainable payment cards in Asia. dbs-card.png Hide from search engines Off Don’t overwrite with Prezly data Off

Ping Identity’s annual user conference has concluded and we had an incredible time connecting with you and speaking about the future of identity around the globe! Ping YOUniverse demonstrated the power of collaboration, innovation, and forward-thinking in digital identity. Our team and partners came together to showcase how Ping is shaping the future of secure, user-friendly identity solutions. Here’s a look at the key moments and highlights from the event.

 

🎯Marketing Updates

Weekly Engagement Snapshot:

189 Quizzes: Driving ongoing user interaction. 239 Polls: Strong participation and valuable insights. 5 Exclusive Puzzles: Special Time based bonus event boosting user excitement and retention.

These activities highlight growing engagement, reinforcing the platform’s potential for user retention and long-term growth.

🔧 Product Updates 🌟 New Chain Integrations

We’re excited to announce that our development team is hard at work integrating new chains into Safle! The upcoming additions include:

🪙 opBNB

🪙 Ronin

🪙 Sei

🪙 Skale Nebula

🪙 Immutable zkEVM

Stay tuned as we continue making progress in backend development to ensure seamless functionality across these chains!

📱 Mobile App Updates

Our mobile app is undergoing exciting changes to improve user experience and functionality. Here’s what’s in progress:

Performance Optimization Build: Currently in QA for a smoother and faster app experience. SafleID Decoupling: Moving towards a modular approach, this feature is in QA for enhanced flexibility and user convenience. Cross-Chain Swaps with Li.Fi: Work in progress to enable seamless asset swaps across multiple chains. Simplified Designs: User-centric, clean, and intuitive interface updates are underway.

Get ready for a more powerful and user-friendly Safle app! 📱

🤖Safle Lens

Have you tried Safle Lens? Try it here 👉 Safle Lens 🔍

🎮 Safle ID for Web3 Games

We’re re-envisioning Safle ID with a focus on Web3 Games. Know any game that should integrate SafleID? Let us know!

Discover more: SafleID for Web3 Gaming 🕹️ 🪪

Thank you for being an integral part of our journey! Together, we’re reaching for the stars! 🌟

Stay stellar,

The Safle Team 🚀

🚧 More updates coming soon! 🚧

In the post-COVID era, higher education institutions face unprecedented challenges in managing student matriculation and access governance. With IT departments stretched thin and an influx of in-person students, the risk of over-provisioning and compliance violations has skyrocketed. Balancing efficiency with data security and privacy concerns with FERPA, HIPAA, and other regulations has become a critical issue for HigherEd CIOs and IT professionals.

Modern technology offers a solution through automation of student enrollment processes and access reviews. By implementing "touchless" matriculation systems and streamlined user access controls, institutions can significantly reduce the burden on IT resources while enhancing security and compliance. This approach allows for efficient management of student identities across multiple systems, from initial enrollment to graduation or departure.

Martin Kuppinger, Principal Analyst at KuppingerCole Analysts, will discuss why student identity management presents an "IAM on steroids" challenge. He will explore how the high turnover of student identities surpasses typical workforce IAM issues, and explain why integrating IAM, GRC, and Line of Business systems is crucial for addressing these unique challenges in higher education.

Greg Wendt, Executive Director Security Solutions at Pathlock, will present practical strategies for achieving automated student matriculation and streamlined access reviews. He will demonstrate how Pathlock's solutions can help higher education institutions reduce security and compliance risks, alleviate IT burdens, and optimize operations in the face of evolving educational landscapes.

Making reliable and scalable decisions in Identity and Access Management using Auth0

We’ve rebranded our platform.

✅ What’s Changing: Just the name!

✅ What’s Staying the Same: Our functionalities, features and mission to enable trustworthy connections between organizations and individuals.

‍

Here’s why:

When our platform first launched as "Dock Certs," it was designed to address the needs of the educational and workforce sectors, offering a secure way to issue and verify digital certificates. 

But as our work expanded, a much larger challenge emerged in the identity industry—one that demanded our focus and innovation.

In the identity verification sector we saw organizations often operating in fragmented, siloed ways with no standardized approach to collecting and verifying customer identity information. 

Each IDV provider relies on different data sources, data-matching logic, and entity resolution techniques, leading to varying—and sometimes conflicting—views of the identities they are trying to resolve.

This inconsistency burdens businesses, which must reconcile these conflicting views, and frustrates customers who are forced to repeat the same verification steps with each onboarding process.

The impact is substantial: €5 billion in annual losses for businesses.

In the IAM space, we saw organizations operating multiple siloed IAM systems, forcing users to re-onboard for each one and endure the resulting friction repeatedly.

We realized that the impact of verifiable credential technology could go far beyond academic and workforce certificates—it had the power to revolutionize the identity industry.

Verifiable credentials can help IDV providers and IAM systems verify the same person across multiple businesses or siloed systems. These credentials enable them to confirm that a user has been verified before, create a consistent view of that user's identity, and significantly reduce onboarding friction.

To reflect this shift and our commitment to solving these challenges, we're evolving our platform's name from “Dock Certs” to "Truvera."

Derived from "trust" and "verification," Truvera is designed to support ID companies with digital verifiable credentials that solve complex data-matching issues and create frictionless, trusted interactions for organizations and individuals alike.

With Truvera, we're committed to meeting this industry-wide demand for a more trusted, streamlined approach to identity verification.

‍

by Anne Bailey

Non-Human Identity Management: Tailoring IAM for AI Agents

The rise of AI agents as active participants in organizational workflows introduces unique identity and access management (IAM) challenges. Unlike human identities, AI agents often operate autonomously and may refer to sensitive data or interact with secure systems in order to achieve their assigned goals. Managing their access effectively requires a paradigm shift, as human-oriented IAM methods can leave AI agents over-provisioned and create security risks. 

The paradigm shift we’re talking about is AIdentity: the crossover of IAM with AI. AI needs identities and built-to-purpose identity management. IAM also can massively benefit from AI for automation, predictive analysis, and decision-making for governance and risk assessment. To learn more about KuppingerCole’s take on AIdentity, listen to this podcast. This post’s focus is on IAM for AI agents, and the complex identity relationships that emerge when using AI bots. 

What is an AI Agent? 

AI agents are software entities designed to autonomously carry out tasks in pursuit of specific goals set by humans. Backed by large language models (LLMs) and connected to tools via APIs, these agents break down high-level objectives into actionable tasks. For example, an AI agent deployed in customer support might independently analyze user queries, craft responses, and escalate complex cases. 

With the AI agents market projected to grow from $5.1 billion in 2024 to $47.1 billion by 2030 with a compound annual growth rate of 44.8%, their adoption is set to redefine operational workflows. Research and Markets forecasts this rapid expansion, driven by tailored AI solutions addressing specialized industry needs. 

While AI agents bring transformative potential, their autonomous nature demands robust security frameworks to safeguard actions and ensure accountability. 

Challenges in IAM for AI Agents 

AI agents have complex identity relationships by default. Imagine the scenario where an AI agent replaces an executive assistant, which among other tasks works on behalf of an employee to make travel bookings or arrange meetings. The decisions and actions taken by that AI agent must be transparently documented as completed by the agent, not the employee. The agent must have access to the necessary data to make useful decisions (such as access to the employee’s calendar), but only for the strict time that the agent is performing its task. To have the appropriate level auditability and explainability the AI agent must have a distinct identity.  

This is one of many scenarios, and a basic one at that. An AI agent that directly fills a human role that is typically well defined is easier to understand and anticipate than the cross-cutting, interdepartmental roles that AI agents can fill. Treating AI agents like human users in IAM systems leads to significant risks. Traditional identity frameworks may provision roles and permissions based on static attributes and far over-provision the agents causing risk of lateral movement in the case of a security breach.  

As a place to start, consider these four concepts about AIdentity of AI agents: 

AI Agents Handle Dynamic Contexts 

Tasks often span across departments. For example, an AI agent may access classified files for one task and send sensitive emails for another. Individually, these actions are permissible, but together, they could violate organizational policies. 

AI Agents Must Have Just Enough Access, not Persistent Access 

More so than humans, AI agents must not have persistent access to resources because it creates vulnerabilities and increases the attack surface. However, human IAM solutions appropriated for AI Agents may use hardcoded credentials, service accounts, or API keys, which can provide continuous access to underlying resources and unnecessarily increase risk. 

Rather, AI Agents should have just-in-time (JIT) and just-enough-access (JEA) provisioning. Each access request should be dynamically evaluated against policy frameworks, with ephemeral tokens replacing static credentials. 

AI Agents Must Have a Different Take on Authentication 

Multifactor authentication (MFA) may give AI agents more access than they need, since MFA can include non-static credentials. For AI agents, authentication and authorization should be non-persistent and contextual. Authentication for AI agents ideally uses ephemeral credentials to secure communications between agents, APIs, and tools.  

AI Agents Require Governance and Auditability: 

Beyond access control, organizations must establish clear policies for AI agent actions, ensuring they align with business rules, legal requirements, and ethical guidelines. Audit trails must document every decision for accountability and compliance. 

Identity Fabric for AI Agents 

The KuppingerCole Identity Fabric provides a flexible and modular approach to identity management, making it well-suited to address non-human IAM needs. By integrating capabilities like dynamic access management, policy-based authorization, and governance, Identity Fabrics enable organizations to build secure, scalable, and adaptable IAM systems for AI agents. 

Learn more about how the Identity Fabric enables robust IAM for both human and non-human entities in the Identity Fabrics Leadership Compass. 

Building a Secure Future 

Managing AI agent identities effectively is a cornerstone of ensuring trust, accountability, and security in a rapidly digitizing world. Non-human IAM must prioritize dynamic, policy-driven approaches tailored to the unique needs of AI agents. By integrating solutions such as non-human authentication, authorization, and audit capabilities, organizations can securely harness the potential of AI agents while minimizing risks. 

Explore our comprehensive resources, including the Identity Fabric 2025 vision here to see how modern IAM architectures are evolving. 

Indicio Proven® has been named the winner of the 2024 Global Tech Award for Data Technology, in a recognition of its groundbreaking innovation in how people and organizations authenticate, manage, and share identity data.

By Tim Spring

Indicio Proven makes it possible for individuals and organizations to securely hold, share, and verify identity data without reliance on third-party providers or centralized databases. Instead, data is stored locally on someone’s mobile device as tamper-proof Verifiable Credentials. This new digital authentication method uses cryptographic proofs to verify identity or attributes without exposing unnecessary personal information or requiring the verifier to check in with the original source of the information or a third-party identity provider. This means that data can be shared instantly and trusted as authentic—no complex integrations or backend checks required. 

Whether it is traveler identification, identity access management, or streamlining education records, Proven is a versatile solution that eliminates friction, enhances privacy, and drives efficiency. It ensures that data remains trusted, verifiable, and under the control of the user—offering a digital experience that is as easy as presenting a physical document but with far greater speed, security, and reliability.

“Being recognized with the Global Tech Award for Data Technology is a powerful validation of the work we’re doing at Indicio,” said Heather Dahl, CEO of Indicio. “Indicio Proven isn’t just solving today’s identity challenges—it’s redefining what’s possible in digital trust. By putting control back into the hands of users and delivering a solution that’s secure, scalable, and adaptable, we’ve set a new standard for data validation. This award underscores what our partners and customers already know: Indicio Proven is the future of verifiable, user-centric identity, and we’re leading that future.”

The awards were judged by representatives from Amazon, Capital One, Google Cloud, Microsoft, Oracle, and other companies.

Recently recognized in the Gartner Market Guide for Decentralized Identity and the Biometric Digital Identity Prism Project report for its “masterful” implementation of authenticated biometrics), Indicio is at the forefront of a global shift toward user-controlled digital identity, a market poised for explosive growth as organizations and governments seek solutions to enhance privacy, security, and trust. Indicio has designed Proven to work with current and emerging digital identity protocols and standards in Europe and around the world, and to give customers an easy way to combine credential formats in a single workflow to maximize features and benefits.

Indicio Proven has demonstrated its transformative power in several key industries. In travel, Proven was used in collaboration with SITA, Delta Airlines, and the Government of Aruba to enable seamless, secure international travel experiences using IATA One ID standards. For identity and access management, Proven Auth simplifies and strengthens login and verification processes, improving user experience while enhancing security. In financial services, Proven enables faster, more secure access to bank accounts and financial platforms by allowing users to share trusted, verified identity credentials directly from their mobile devices.

With a proven track record of partners and collaborations, Indicio has a clear vision for a more user-friendly future for data and identity verification and is setting the foundation for a more secure, interconnected digital economy.

Contact us to learn how you can simplify your data verification processes and bring Indicio’s award-winning solution to your organization. Or learn more at Indicio.tech

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post Indicio Proven® wins 2024 Global Tech Award for Data Technology Excellence appeared first on Indicio.

This provocation is part of an ongoing conversation between Martin Lorenz and Emily Harris, centred on the role of design (and specifically Designers) in the context of an extractive economic system. A system that we are all complicit in yet which is systematically incompatible with life. These topics are not easy. In fact they are deeply uncomfortable. Why then do we, or might you, wish to engage with them? Perhaps because continuing to bury these inconvenient thoughts with busyness and self-justification is starting to feel slippery and insubstantial. A sickness we can’t quite identify but yearn to recover from.

Just because something is trending, it isn’t better

If you are a designer in your 20's or 30's you probably grew up with the term Branding. Growing up with something makes it hard to question it. It seems to be the normality you have to accept and adjust to. But the term Branding, as inoffensive as it seems, deserves a hard second look.

I (Martin Lorenz) am not in my 20’s or 30’s, I am in my late 40’s. When I studied design, Branding was called Corporate Design or Visual Identity Design or Corporate Visual Identity Design. Then came digital design (and the internet) and with a little delay, a wave of new terms popped up to respond to this new reality. Design studios known for being innovative invented a myriad of new terms to describe the new kind of Visual Identity Design: Liquid Identities, Fluid Identities, Evolving Identities, Generative Identities, Living Identities and Dynamic Identities.

When the new comes with force, and you are young, it is exciting. You feel born into a movement that will change the world. There are comprehensible arguments why the old must go and the new has to be fought for. I am no exception. Focusing on a more flexible and systemic approach to design corresponded to a feeling of that time. I knew very little about the new design terms, but as they came from my design heroes and sounded intriguing I did not question them. Authority and the promise of the new was sufficient to make me a devoted follower, until it was not.

I went back to University and started researching the flexible, systemic approach to design. Surprise, systems were always a part of design. Yes, it became more flexible through digital design, the internet and the devices we use, but what has been hyped as a completely new kind of design, has been, in its essence, around for centuries.

Selling something old by making it apparently new, is an old marketing trick. Invent a new term, and you are the only expert in this new market. Make it plausible, and you will find young followers to help you in your fight for your unique selling position (USP). Using an old term, that makes more sense, but makes you look outdated is bad for business.

While this reasoning is completely plausible in the economic environment that design currently serves, it does not mean it is a healthy way to think, act and relate to others. It shifts design’s focus away from a profession in service of society and towards an economic tool that firmly places profits before people, ego before ecosystem. As designers we have a choice: do we want design to be a culture or an industry?¹

Inspired by Mason, Walter George, Slave-Branding, 1853, Engraving

Why Branding is not just a term

You could argue that we are just talking about words and words are just words. They do no harm. In contrast, our work at Dark Matter Labs frequently highlights that words both constitute and express worldviews and that worldviews define how we see (or not see) and act (or not act). Words are not neutral; they can and often DO harm.

The Branding worldview comes from a gruesome etymology. The term has its origins in the branding of livestock or slaves. A logo was branded on the skin of animals² and humans³ to claim their ownership. The intrinsic value of these living beings was reduced to the singular value that could be extracted for private gain.

I (Emily Harris) would argue that the ability to collapse diverse values into singular measures of utility is the beating heart of our extractive economy. If we take a moment to think about this, it was an extraordinary shift in human philosophy and behaviour. Something only made possible by an emotional dissociation from all forms of life (including other humans). This separation, sometimes described as Othering⁴ is paradoxically the foundational rock of our modern economy.

‘Enclosure and colonisation were necessary preconditions for the rise of European capitalism…..Something else was needed — something far subtler but nonetheless equally violent. Early capitalists not only had to find ways to compel people to work for them, they also had to change people’s beliefs. They had to change how people regarded the living world. Ultimately, capitalism required a new story about nature’. — Jason Hickel⁵

Capitalism still needs that story for its own survival — my question to designers is whether this is a story that they are proud to uplift?

In accounting for economic activity we actively exclude aspects of the living world from our measures of success. There is even a term for it: externalities⁶, which basically means ‘something out there that we don’t need to deal with’. Following this logic, we do not have to deal with the value of life beyond its immediate (financial) value to us. An animal is food or clothing. A tree is lumbar. A human is useful labour. Nature is fodder for the foaming crucible of shareholder returns. Even culture and tradition delicately woven over centuries ends up being extracted. Property owners benefit from the culture of a neighbourhood, even though they did not contribute in any way.

Inspired by the book “What is post-branding? How to Counter Fundamentalist Marketplace Semiotics” by Oliver Vodeb, Jason Grant ​​https://www.setmargins.press/books/what-is-post-branding/

Branding has consequences

Branding is superficial, but has deep consequences. Designers tend to focus on this thin layer between company and consumer, declaring it our entire world. A beautiful little world which revolves around aesthetics and craft. We (including I — Martin Lorenz) do not want to see the first or second order effects of our doing and the doing of the ones we support with our talent. Maybe it is time to measure the success of our work differently? Maybe we should focus on outcome and not output? Maybe the judges shouldn’t be our fellow designers, but all stakeholders involved in the before and after? Perhaps we should proactively ask those who currently have no voice?

Branding has colonized all aspects of life. We are supposed to love brands and define ourselves through them. It has become easier for us to remember and distinguish brands than animals or plants. We live in a colonized world of consumption. In the book Post-Branding Jason Grant and Oliver Vodeb draw a link between today’s Branding and the Branding of Nazi Germany: ‘This Nazi history is particularly interesting because although these are antecedents, and what we now call branding is very much a contemporary neoliberal phenomenon, the parallels are striking. For example, counter to what we might think, Nazis actually wanted to abolish the state — for them it was just a means to an end. Does this sound familiar in today’s neoliberal context?’⁷⁸ Comparing today’s brands to the abhorrence of the Nazi regime might seem extreme, but given the fracturing geopolitical context can we afford to squirm away from this kind of friction? We would firmly argue that the answer is no.

Unlearning Branding

Where and how can we question what design does for whom and how?⁹ If design schools are becoming companies, students become customers and design degrees get branded like products, we will remain ‘prisoners’ in an unlocked global cell, passively compliant in a violent economic system. If we stay in our little design world, discussing output instead of outcome, how can we participate in this huge conversation called culture?¹⁰ If we want to change how design is used, which ultimately also changes how design is made, we need to ask the big questions together with all stakeholders of life:

What does living well mean? How do we design into this future? How do we do this together?

The answers will most likely play out as an infinite conversation. A dance born out of reciprocity, alive with curiosity and bound by aesthetic wisdom. In 2025 we invite you to join us as we continue to explore the culture and praxis of design.

LEE, LED and CD Dynamics, Emily Harris and Martin Lorenz, https://lee.darkmatterlabs.org/ https://cds.darkmatterlabs.org/

Endnote about Conversational Design

An essential aspect of Conversational Design, as we understand it, is transparency. Design lives on an intangible layer and can be persuasive, which undermines the freedom of the reader. By disclosing our intention we want to enable the reader to question our decisions. In this text there were two main points we want to highlight:

1. Initially this text was written by one person. But is a text really ever written by one person? Isn’t everything we think and write based on the thoughts of others? Giving a voice to the hidden voices, by adding sources and footnotes, letting them speak, avoids a linear narrative, pretending to be the only truth. Multiple voices allow for a more nuanced and even better, contradictory conversation. We need opposition to spark the conversation in us. As the great atomic physicist Niels Bohr said — ‘it is the hallmark of any deep truth that its negation is also a deep truth’.¹¹

2. We were discussing if we should show the original image material or design custom illustrations for this text. In our opinion the text deserves the love of a custom illustration, but it might also contradict our intentions. We reject the idea of branding because it creates a surface that does not let us see beneath the persuasion. On the other hand we also see writing and drawing as part of culture. Not communicating with visual language would reduce the bandwidth of our conversations. Where would you draw the line?

This article was written by Martin Lorenz (martin@darkmatterlabs.org) and Emily Harris (emily@darkmatterlabs.org) as a collaboration between Dark Matter’s Next Economics LAB and Conversational Design Studio. The images were custom drawn by Martin Lorenz to add his visual voice to the conversation.

In 2025 we will be experimenting at the intersection of Life-Ennobling Economics and Conversational Design. Drawing on the multidisciplinary expertise of Dm’s Next Economics Lab and Conversational Design Studio we will explore the anchoring role that we believe designers can play in reconfiguring our economic systems. Perhaps you are a designer interested in how you might use your craft in service of life. A professional who feels stuck in a system that no longer aligns to your personal values. Or perhaps you already work in the broad field of systems but yearn for a more grounded practice. All voices and disciplines are warmly welcomed to the conversation: we look forward to exploring who, collectively, we are capable of interbecoming.

References:

https://cityofsound.medium.com/read-culture-is-not-an-industry-by-justin-o-connor-86f7eb56601d https://en.wikipedia.org/wiki/Livestock_branding https://en.wikipedia.org/wiki/Human_branding https://en.wikipedia.org/wiki/Other_(philosophy) Hickel, J. (2020). P.20. Less is more: how degrowth will save the world. UK: Penguin Random House. https://en.wikipedia.org/wiki/Externality https://www.printmag.com/daily-heller/the-daily-heller-is-post-branding-a-thing/ When designing the visual identity of the 1972 Olympic Games in Munich, the first Olympic Games in Germany after the Nazi Regime, Otl Aicher addressed the problem of flags. He suggested that national flags should no longer dominate the sports venues and the opening ceremony. Instead, neutral flag groups in the Olympic colors would denationalize the games. However, the participating countries protested against this suggestion, not wanting to miss the opportunity to present their own national colors. Therefore, the flags of the individual nations continued to be displayed along the Olympic Stadium. In the Munich city area, however, Aicher’s colorful flag groups prevailed. We did some research where we looked at the shift in how design studios have promoted themselves and self-identified. In Australia, for example, there were virtually no graphic design practices that called themselves “branding agencies” or offered “branding” as their key service prior to the year 2000. Only two decades later, in 2022, around 85% were doing it. Also consider branding guru Wally Olins’ bibliography. All his books prior to 2000 have “identity” or “corporate identity” in the title, but from 2003 (with On Brand) they all feature “Brand” instead. Universities design programs used to teach “visual identity design”; now they teach “branding.” This isn’t just the adoption of new terminology, it’s the emergence of a new industry.” https://www.printmag.com/daily-heller/the-daily-heller-is-post-branding-a-thing/ “You know, I think that the problem, as I said earlier, about the GNP argument is that, okay it’s nice to know that we’ve all contributed £28 billion, I think it was last year, to the Gross National Product. But it isn’t the most important thing. The most important thing is that we have been altogether — that doesn’t mean just ‘the artists’, so called, it means everyone, it means all the people actually in the community, everybody — has been generating this huge, fantastic conversation which we call culture. And which somehow keeps us coherent, keeps us together. If you will accept that that might be correct, then you might also think well, it sounds pretty important, that job.” Brian Eno https://www.bbc.co.uk/programmes/p033smwp Niels Bohr was a Danish physicist and Nobel Prize winner. Known for being the first scientist to apply the quantum concept he is widely regarded as one of the most notable physicists of the 20th century. As quoted in The Matter With Things by Iain McGilchrist, Chapter 20, p.813.

Is Branding just a term? A worldview? A one way conversation? A creative excuse for violence? was originally published in Dark Matter Laboratories on Medium, where people are continuing the conversation by highlighting and responding to this story.

by Martin Kuppinger

Push Security specializes in identity threat detection using unique browser telemetry, providing a seamless integration with existing cybersecurity tools. Backed by Series A funding, including Google Ventures (GV), Push Security serves organizations of all sizes, enhancing their identity security.

Using Your Digital Me Across Multiple Services with ShareRing, Hedera and FCSO

Imagine you want to apply for a loan (like a personal loan for a car or house) and you need to prove your identity, your financial standing, and your credit score. But here’s the challenge, you don’t want to hand over all your personal details to every service (like banks, loan agencies, or even insurance companies). You just want to prove who you are, show you’re trustworthy, and verify your financial reliability without disclosing everything.

Here’s how FSCO, ShareRing, and Hedera work together to solve this:

Step 1: Creating a Digital Identity (Digital Me) with ShareRing

First, you create your self-sovereign digital identity with ShareRing. This ‘Digital Me’ contains your basic credentials (like your name, age, credit score), but keeps your sensitive information private. With ShareRing, you maintain full control over your identity, deciding what data to share and when to share it.

ShareRing creates a verifiable credential for you, which is a secure, cryptographic proof that validates your identity without revealing everything about you. This is like a digital identity card that can be used for verification across different platforms.

Step 2: Connecting and Verifying with Hedera

Let’s say you now want to apply for a loan at a bank, but the bank uses a different platform (Hedera’s blockchain) to manage its operations. Instead of filling out lengthy forms or submitting piles of documents, the bank can instantly verify your identity and credentials through Hedera’s blockchain, using the data stored in ShareRing.

Hedera is a high-performance public ledger, meaning identity verification happens fast and securely, without delays. The bank can instantly check your digital identity, your credit score, and other necessary credentials, without accessing your private information. It’s a much quicker and safer way to confirm your financial standing.

Step 3: FSCO Ensures Everything Syncs Securely

This is where FSCO plays a critical role. FSCO acts as the “connector,” ensuring that your digital identity flows seamlessly and securely between ShareRing and Hedera. Think of FSCO as the bridge that links ShareRing’s Digital Me to Hedera’s verification system.

With FSCO’s infrastructure:

• Banks can access up-to-date, verified data instantly.

• The process remains private and trustworthy for users.

• The data synchronization happens securely and reliably, no matter the platform.

Step 4: Applying for the Loan

With all these pieces in place, applying for a loan becomes simple and stress-free:

• The bank verifies your identity and credit score through your Digital Me.

• You don’t share unnecessary details like your full address or history—just proof of eligibility.

The result? A faster, safer, and more private loan approval process for both individuals and financial institutions.

The Real-World Benefit:

In this scenario:

This collaboration represents a breakthrough for the Hedera ecosystem by introducing self-sovereign digital identities for real-world use cases:

• ShareRing provides the secure, user-controlled Digital Me.

• Hedera offers a fast and trusted blockchain verification layer.

• FSCO enables these systems to work together seamlessly, unlocking innovative solutions for identity verification.

Why is this important?

• Privacy-Preserving Verification: Users share only what’s necessary—no oversharing of personal data.

• Speed and Efficiency: Services like loan approvals happen almost instantly.

• Scalable and Secure: This solution lays the foundation for broader applications, including Web3 wallets, cross-border finance, and decentralized services.

By pioneering this solution on Hedera, FSCO and ShareRing are setting a new standard for trust, privacy, and efficiency in industries like finance, healthcare, and digital services.

The post Using Your Digital Me Across Multiple Services with ShareRing, Hedera and FSCO appeared first on ShareRing.

 

The post Building Trust in Facial Age Estimation: Addressing Bias, Security, and Compliance in a Digital World appeared first on Liminal.co.

by Anne Bailey

Ver.iD is a platform provider that integrates digital wallets with organizational onboarding processes. The company operates with a team of 18 employees dedicated to simplifying digital identity verification for businesses and users alike.

With years of hands-on experience in the commodity industry, we know the intricate, multi-layered nature of supply chains across various sectors such as cocoa, coffee, rubber, and beyond. We have developed a highly automated solution to help facilitate EUDR compliance.

Building a Universal EUDR Solution 

We've worked with stakeholders at various levels—from cooperatives to traders to global brands— and we’ve seen firsthand the complexities involved in managing data from across the supply chain. Even more so, we know how complicated it can get when compiling all this data together, from multiple sources. This story has a tendency of getting even more complex when we add regulatory compliance to the mix. 

That’s why for farmer connect, whether you’re importing/exporting cocoa, coffee, rubber, or any other EUDR impacted commodity, our goal remains the same: facilitate your EUDR compliance journey with an automated and fully streamlined solution that integrates effortlessly into your existing operations, ensuring you get your valuable time back to focus on what really matters. 

Streamlined Compliance

Our solution mirrors our clients' framework, providing a lean and flexible EUDR compliance journey and seamlessly integrating all necessary ESG data from internal and external systems and stakeholders. Adapting to your preferred data sources and documentation, our platform streamlines every step of the due diligence process

We give you your freedom: Bring your own partners or leverage our standard EUDR setup. We’re saying no lock-ins, just an uninterrupted compliance experience. We’ll automate where it makes most sense, andleave manual control where it’s needed. 

With a focus on empowering you, our platform ensures that you remain in control while navigating the complexities of regulatory requirements. 

How Do We Do This?

Following industry-standard data protocols and ensuring full interoperability across various platforms, our solution streamlines the entire compliance process from start to finish. Through standard APIs available for integration, our platform compiles, into one place, all the relevant EUDR data from your systems, enabling automated compliance checks and reporting. By leveraging existing IT and ERP data and automating processes, we reduce the need for manual data entry and ensure greater oversight and control over compliance activities. Thus, giving you time back to focus on what matters, maintaining your business as usual. 

 

ConnectHub: Our EUDR Compliance Solution

ConnectHub is where EUDR data, such as geolocation information, date of production, legality info, business references, previous DDS numbers, gets consolidated. By leveraging APIs from ERP/IT systems or Supplier Portals, the platform ensures streamlined workflows.

Integrate with our third-party satellite analysis provider or bring in your own partners, and we’ll make sure the processes get linked to a seamless workflow that connects between systems.

1. Regulatory Compliance

To meet EUDR requirements, businesses must collect information on their commodities origins, conduct a risk assessment and submit a due diligence statement to the EU Information System. This data will need to be retained for 5 years and requires timely interactions with Competent Authorities whenever subject to audit. 

Our solution aggregates relevant data from available sources, such as Supplier Portals or ERP systems, and enables automation where it brings most benefits. For added flexibility, data can also be uploaded manually, in bulk or in an intuitive drag and drop fashion. All data is structured into the GS1 format, ensuring compatibility with EU Information System requirements, for example GeoJSON file formats.

 

 

2. Automated Due Diligence Statement Generation and Submission to EU Traces 

When generating the due diligence statement, our solution automatically populates required fields with the necessary EUDR data. Directly within our platform, our clients can edit the DDSs right up until they get submitted to the EU Information System, EU Traces. This happens once all required data fields have been completed and validated. Once the submission is complete, DDS# can be obtained for cascading down the supply chain. 

  3. Automated Deforestation Assessments

As an optional add-on, our solution, through our partnership with Trade in Space (TiS), offers real-time deforestation assessments using uploaded geolocation data. TiS integrates multiple high-frequency, high-resolution data sources, giving regular updates on whether deforestation is occurring in the areas where commodities are sourced. This data is automatically integrated into our platform, providing a streamlined reporting mechanism that keeps you informed and compliant. 

However, our flexible approach allows integration with alternative deforestation assessment systems, making sure our solution aligns with your specific needs.  

Supply Chains are Complex Enough, Why Not Facilitate Where We Can ?

We recognize the complexities of the EU Deforestation Regulation and have developed a scalable, fully interoperable solution designed to meet the compliance needs of businesses. Our approach is centred on three core principles: simplicity, automation, and compliance. 

For more information on how we can support your EUDR compliance journey, visit Farmer Connect.

Join us as we explore the major cybersecurity and IAM trends to keep an eye on in 2025. We’ll discuss the emergence of non-human identities, the hurdles of quantum-safe encryption, and the practical applications of AI and decentralized identity. Get ready to learn how these trends will influence the industry and how you can stay ahead of the curve.

Mike Engle:
Hi, everybody. My name is Mike Engle, co-founder and head of strategy here at 1Kosmos. I’m joined today by Jens Hinrichsen. Say hello, Jens.

Jens Hinrichsen:
Hello, everybody.

Mike Engle:
Jens is our head of sales here at 1Kosmos, spends a lot of time in the trenches. And today we’re here to talk about remote caller verification. We have an acronym for that, RCV. But Jens, would you mind giving your quick pitch on what RCV is for the folks out there?

Jens Hinrichsen:
Yeah, I would love to. And I think certainly also, Mike, with all the conversations that we’re both fortunate to have with a variety of organizations globally, please chime in with some of your own perspective as well. But I think remote caller verification, whether it is IT service desk for employees, contractors, other third parties that are interacting with an organization and have access to the inner sanctum, if you will, of an organization versus, say, contact center or call center. Where for years the industry has been working on solutions to mitigate fraud from a customer or outside facing standpoint, this is really about these emerging threat actor groups. Not even so much emerging, but Scattered Spider certainly has taken the cake recently in terms of being in the press most from MGM, Caesers, a host of other organizations where they have as a group socially engineered their way through the IT service desk of an organization.

So in the case of 1Kosmos, hi, I’m Mike Engle, I’m a co-founder. Service desk agent’s like, “Oh, my gosh, I got a co-founder on the call.” And if it’s not Mike and it’s a threat actor group, very charming, you name it, they can socially engineer their way in, get the credential reset, and then have Mike’s access to the company. So it is a big area of threat. It’s a big area of inefficiency also that organizations are trying to get better shored up. Mike, any other thoughts you have on that?

Mike Engle:
Yeah, so a lot of friends in the industry, I talk to them about this and they don’t have the right tools typically. So they’re using old, tired methods or no methods. They just turn it off because they can’t trust it. And an example would be secrets. What’s your employee ID? What was your date of hire? What was the amount of your last payroll deposits? Which I wouldn’t know that. So sometimes those are too hard and don’t work or they’re too easy to guess and anybody can use them. So social engineering has been around forever, but they’ve gotten really good at finding the information, the legacy ways that people have been using over time. What are some of the ways that they’re using now to get into help desks?

Jens Hinrichsen:
Well, it’s interesting, too. I think back to the point we made earlier from a fraud standpoint, I mean, there’s been social engineering going on for ages. Whatever that chain looks like, phishing, malware, getting information, and then pretending to be a customer of an organization, malicious actors are looking for economic gain and other impact for a variety of reasons. But where you can have big impact is when you’re able to infiltrate an organization. It’s one thing to steal $50,000 from a customer of an organization. It’s a big deal. You want to mitigate that, but as far as being able to get into the inner bowels of an organization’s IT stack moving laterally, whatever the case is, that is a huge area of focus these days.

So a lot of the, call it, the social engineering talent, the charms, I mean, Mike, you and I have even through different circles heard some of these calls and they’re … Wow, if I’m the service desk agent, yeah, I’m believing this person. You don’t have an ID for what reason or you don’t know this for whatever reason? Sure, of course. So I think it’s really been the same playbook focused on this avenue now. And again, it is really, really easy for these sophisticated threat actors to sound very believable, have core information that’s needed that would get a service desk agent to say, “Mr. Engle, co-founder of 1Kosmos, that’s fine that you don’t have this and this, but I’m going to issue a new credential to you right away. I want to make sure you’re happy.”

Mike Engle:
Right, and they may create a sense of urgency. I’m a doctor, I got a patient here at a table and I can’t unlock my stethoscope, whatever it is. So yeah, that’s a common tactic as well that we’ve seen them use. And then once they get that initial credential, they’re typically 50% of the way of getting into the core network and things go downhill from there. And so yeah, the traditional KBA, which you would think stands for knowledge based authentication.

Jens Hinrichsen:
Knowledge based authentication. Right.

Mike Engle:
We actually refer to it as known by anybody, KBA. So it really is close to useless. And whenever I opened a new financial services account and they pop up those five questions, what was the type of car you had when you were five years old or whatever, I run for the hills if I can. So what can we do about it? How does 1Kosmos, for example, mitigate this threat?

Jens Hinrichsen:
Yeah. And even, Mike, before we go there, and I think one of the examples, what’s one of the KBA examples you’ve used before? It’s like your grandmother’s shoe size when she was nine or something. Well, whatever the iteration is, before we even get into solution, I think some of the really interesting parts that we’ve gotten more intimate with is even the other ways that organizations are trying to address this. So KBA, sure, that’s one. Known by anybody, as you said. OTP. Hey, I’m going to push you an OTP. Well, we still don’t know it’s Mike. And then we’re also seeing a lot of organizations, not even necessarily just at the highest level of privilege, but even more broadly where it’s an escalation to the manager. And you do the math on that in terms of just sheer productivity loss and in some cases you might not still be actually verifying it’s that genuine user.

So there’s these kind of clunky ways and tools that we as an industry have been trying to address this. And so to your question, Mike, it’s like, well, gosh, what is a way that an organization can do this where it’s effectively automated? So somebody is still calling into the service desk, but you’re removing the onus of verification from the service desk agent because the reality is service desk agents are being asked to do so many things already and they’re always do it in this amount of time, get it faster, faster. So you don’t want to forsake quality, but how do you have a very easy process for both agent and user, whether genuine or a malicious actor, to undertake that then gives the credence that, yes, this is actually Mr. Engle calling in? And so there are a few ways to do it. One that really gives, I’ll say, the minimum viable baseline would be a one-time identity verification or identity proofing event where I call into the service desk and I’m pretending to be you.

And the service desk agent says, “Okay, Mr. Engle, I’m going to send you a link either to your phone, to your email address.” There are a variety of things that you have to take into consideration obviously in terms of companies that might not have employees be able to have phones or are they company owned, et cetera. Those are all things that you see and we navigate accordingly, but the very simple process of opening up a link, scanning the front and back of a driver’s license, a passport, some other government issued document, and then doing a matching selfie against the image that’s on that document. And what we can do with very high assurance is give a thumbs up or thumbs down. And all we would do is simply say the agent, “Yep, this is Mr. Engle,” or in my case, pretending to be you, “No, this is not.” And so that’s a really simple initial way to do it. The really exciting part, and this is what permeates the next generation, which is actually here now and gaining steam, is the user control.

That reusable identity of, hey, once I have verified myself, once I essentially have an identity wallet that I can then present wherever it’s needed that proves that I am like Engle and I don’t have to go back through the whole process of scanning something, selfie, et cetera. So the elegance is there. You get high assurance, quick and easy, reduces call center times. And then again, you’re removing that, again, onus on the service desk agent of having to be the one. And there are other companies, too, Mike, where it’s, “Hey, can you hold your ID up to the camera?” It’s hard enough to tell that they’re real when you’re holding them, much less over a camera.

Mike Engle:
Yeah. And when I hold my license up to a camera, now what’s the other person doing with that information? First of all, they can’t verify it. It’s too hard. You can’t see the little security features and then now I’ve just showed you my driver’s license number. That’s something you don’t want floating out there on a video call. So yeah, the privacy preserving aspects are really key. If you can assure the help desk and your remote callers, your remote employees, or customers that it’s safe, then they’ll trust it and feel good about using it as well. That’s a great point. Yeah, so I think we’ve about done it. I guess one last thing is how hard is it to implement a tool like identity-based biometric verification for a service desk?

Jens Hinrichsen:
Yeah. What’s the usual answer? Well, we could have had it in yesterday, so you got a couple of flavors. And I think the great thing for us as an industry is you can literally start as fast as you can start with, call it, a touchless integration where you’re simply calling out to an API. That link that we talked about earlier that gets sent to the user, that’s essentially a service. It’s a hosted service and you’re not having to replumb or do anything on day one within your organization. You can address the threat, make it a simpler process literally within a couple of weeks. And then the subsequent steps that I know we’ve observed with our customers is there are things that you can do to tighten some of the workflows, whether it’s ServiceNow or whatever the service desk system or backend might be.

But then that next step, and it can come pretty quickly, is the organization’s adoption and use of that reusable identity. And it’s a pretty powerful thing when we think about especially at the point of, say, onboarding. Whether it’s say HR onboarding, contract, or third-party onboarding, you’re doing that verification once. The user now owns it. You made a great point about privacy preservation. I mean, that’s what we’re all in the space for, right? It’s one thing to have a point in time, but you have to make sure it’s privacy preserving. But then also, let’s make it efficient for everybody. Do the verification once and then all you’re doing is you’re essentially authenticating into systems or doing high-risk transactions or whatever the case is after that.

Mike Engle:
Right, right. And you can’t implement something like this without uttering the words ROI, right?

Jens Hinrichsen:
Yeah.

Mike Engle:
You have the obvious security benefits, stop bad guys, but the user experience is actually better. And then an organization can have 100,000 calls into a help desk a year. It’s an average of 30% to 50% are password reset or identity related, so why not remove that and save those calls from even coming in? You can automate this, you can do it in a self-service password reset manner as well, SSPR. So yeah, a lot of reasons to do it.

Jens Hinrichsen:
Yeah. Well, no, and you’re right. And it’s fun to build these business cases alongside organizations because it’s not just a security risk mitigation. There are very direct, like you said, Mike, very direct savings, overall operating efficiencies. Even to the point where as an organization lifts its security posture, they’re getting better policy. Their cyber insurance policies are coming down or at least not going up as quickly as they might go, depending on what most of us are feeling in the industry. So that’s a great point, that this is a really a multi-pronged business case. And I think we’ve observed 10, 20, 30X return on an investment in even just the first year.

Mike Engle:
Yeah. Yeah, it’s a no brainer. So hopefully we’ll get the phone calls before the bad guys get in and not after, but either way …

Jens Hinrichsen:
Mike’s personal number is…

Mike Engle:
That’s right. Well, cool. Thanks so much for joining. It’s been fun chatting with you about this. Hopefully somebody out there will see it and will spark some ideas to make a difference in the world of cybersecurity.

Jens Hinrichsen:
Brilliant. Great chat, Mike.

Mike Engle:
Thank you.

The post Vlog: How Can Remote Caller Verification Protect Your Organization From Social Engineering? appeared first on 1Kosmos.

by Martin Kuppinger

Versasec, established in 2007, is headquartered in Stockholm, Sweden. Versasec’s flagship product, vSEC:CMS, underscores its expertise in Public Key Infrastructure (PKI) and digital identity lifecycle management, serving clients across government, healthcare, finance, and technology sectors.

by Martin Kuppinger

IAMONES is an innovative startup established in 2024, headquartered in Italy. Founded by a team combining long-term IAM expertise with cutting-edge AI knowledge, IAMONES focuses on modernizing the IGA landscape using Large Language Models (LLMs).

by Anne Bailey

Dock Labs was founded in 2020 in Switzerland. It provides a decentralized identity platform - Truvera - that empowers businesses to launch ID ecosystems where their partners can create, share, and monetize verifiable digital credentials. By creating an ID ecosystem, companies accelerate customer onboarding, boost transaction speeds, and enhance overall business efficiency.

by Anne Bailey

Trinsic’s core product is an identity acceptance network that allows organizations to verify and accept digital IDs alongside physical ones. By solving integration challenges in a fragmented digital identity ecosystem, Trinsic provides a critical bridge to scalable and reusable identity verification solutions.

Generative AI is everywhere, and since not every user has access to all data, learn how to use retrieval-augmented generation with fine-grained authorization to ensure that private information stays private.

The post How Transaction Monitoring Enhances Compliance and Risk Management appeared first on uqudo.

by Anne Bailey

ProofSpace, founded in 2019 and headquartered in London, UK, provides an identity hub that supports digital wallets and credentials for trusted identity ecosystems (TIDEs). With a lean and capital-efficient approach, ProofSpace enables organizations to streamline credential issuance and verification processes, ensuring seamless participation in reusable identity ecosystems.

We sit today with André Reichow-Prehn, Managing Partner Unit 42 EMEA (CEUR and SEUR) and LATAM from Palo Alto Networks as he covers the rapidly changing landscape of cyber threats and points out some key trends in 2025, from increasing sophistication in cyberattacks to state actors gaining a greater upper hand. He provides insight into how organizations can prepare and defend against emerging risks. In this session, learn about the latest challenges and strategies for building cyber resilience in an increasingly complex global environment.

2024 goes down in history as the year with the largest and most destructive data breaches.

The non-profit Identity Theft Resource Centre says in the first half of 2024, the number of data breach victims surpassed 1 billion—a 490 per cent increase from the same time last year.

In 2024, masses of personal information from tens of millions of people—and sensitive medical data from roughly one-third of all Americans—was stolen and posted online. Other countries had similar large-scale breaches, such as the UK military data breach and Australia’s MediSecure data breach which affected around 12.9 million people or roughly half of the country’s population.

Here’s a recap of the largest data breaches in the U.S. in 2024:

“Mother of all data breaches”

The year kicked off early as a record-breaking year for data breaches, with the “mother of all data breaches”—a 12-terabyte database containing 26 billion leaked data records—discovered in January.

The data came from users of Chinese messaging giant Tencent; social media platform Weibo; platforms and services such as Twitter, Dropbox, LinkedIn, Adobe, Canva and Telegram; and various U.S. and other government organizations. In the hands of threat actors, the data could be used for a vast variety of attacks, including identity theft, sophisticated phishing schemes, targeted cyberattacks, and unauthorized access to personal and sensitive accounts.

Authorities say some of the data isn’t new and is probably more likely compiled records from thousands of previous breaches and data leaks, but combinations of passwords and usernames in the data still present significant risk for credential stuffing attacks.

National Public Data data breach

More shocking because it is newly breached data is the National Public Data data breach in August 2024, which exposed 2.9 billion records (full names, social security numbers, mailing addresses, email addresses, and phone numbers) of up to 170 million people in the U.S., Canada and the UK.

The breach occurred because the NPD, an online background check and fraud prevention service (data broker), website had inadvertently published a zip file with the back-end passwords for the database. The stolen data included American social security numbers, and experts say it’s pretty likely that all social security numbers have been compromised.

If you haven’t already done so, follow the advice to freeze your credit file at each of the major consumer reporting bureaus, and closely monitor your accounts for suspicious activity.  

In October, National Public Data filed for bankruptcy.

Change Healthcare

Considered “the largest healthcare data exposure in U.S. history”, the Change Healthcare data breach exposed the personal, medical and billing information of 100 million customers, or roughly one-third of all Americans¾a number that is likely to rise.

In February 2024 the ALPHV/BlackCat ransomware group breached UnitedHealth’s Change Healthcare platform, a widely used payment processing system in the healthcare industry, stealing the data, disrupting billing and payment processing, and delaying patient care. And since the payment processing system is integral to healthcare infrastructure in the US, the impact went well beyond UnitedHealth to also impact innumerable hospitals, clinics, and medical practices.

For more, see this support page.

AT&T (two data breaches)

In July the telecomms giant announcedcybercriminals had stolen the phone numbers and call records of “nearly all” of its customers, or around 110 million people. TechCrunch says while the records don’t contain contents of texts and phone calls, the “metadata” still reveals who called who and when, and in some cases the data can be used to infer approximate locations.

This breach followed a data breach of 73 million AT&T customer records in March.

Ticketmaster (Snowflake)

Ticketmaster was caught up in the much larger series of data thefts from cloud data giant Snowflake’s corporate customers this year, losing an alleged 560 million records. Read the hackers’ account of how they breached Ticketmaster, as told to WIRED.

How to stay safe in 2025

The year 2024 was clearly a bad year for data breaches, but experts say there’s no end in sight.

As a consumer, there’s never been a better time to proactively protect your personal information. If you discover your personal information was exposed in a data breach, quickly change your passwords, add a fraud alert to your credit reports, and place a freeze on your credit reports. More helpful advice is available at the non-profit Identity Theft Resource Centre.

You can also move quickly today to download MySudo all-in-one privacy app and RECLAIM personal data removal service, powered by MySudo.

MySudo protects your personal information by giving you secure alternative phone numbers, email addresses, and payment cards.

MySudo is the original all-in-one privacy app that lets you protect your information, secure your chat, and organize your life:

PROTECT YOUR INFORMATIONwith secure digital identities called Sudos, each with its own phone, email, handle, private browser, and virtual card*. Anywhere you’d normally use your personal phone number, email or credit card, use your Sudo ones instead. Sign up for deals and discounts, book rental cars and hotel rooms, pay for concerts or a coffee—all without giving away your personal information. 
SECURE YOUR CHAT with end-to-end encrypted calls, texts and emails between MySudo users via your Sudo handle—or communicate standard outside the app with everyone else. Your Sudo phone and email work just like your personal ones AND they protect you from spam and scams. 
ORGANIZE YOUR LIFE with multiple Sudo digital identities, each with a different purpose. Depending on your plan, you can have up to 9 Sudos, so you can shop with a Sudo, date with a Sudo, order food with a Sudo, sell secondhand stuff with a Sudo, live with a Sudo. What happens in a Sudo stays in the Sudo, so your information is safe and organized.

What’s in a Sudo?

1 email address – for end-to-end encrypted emails between app users, and standard email with everyone else 1 handle – for end-to-end encrypted messages and video, voice and group calls between app users 1 private browser – for searching the internet without ads and tracking 1 phone number (optional)* – for end-to-end encrypted messaging and video, voice and group calls between app users, and standard connections with everyone else; customizable and mutable 1 virtual card (optional)* – for protecting your personal info and your money, like a proxy for your credit or debit card or bank account

*Phone numbers and virtual cards only available on a paid plan. Phone numbers available for US, CA and UK only. Virtual cards for US only.

RECLAIM tells you where your information has been caught in a data breach and helps you manage your next move.

RECLAIM, powered by MySudo, is a new personal data removal service that helps you reclaim control of your personal information from the companies that store and might sell it. 

RECLAIM tells you which companies hold your personal information and—better yet—where your information might have been caught in a data breach. It then gives you step-by-step instructions for protecting your information going forward, either by using Sudos in MySudo or asking the company to delete your personal information altogether. 

Last thoughts

Data breaches aren’t going away. They’re getting more sophisticated and the increase in ransomware attacks means even criminals with little computer skill can pull them off. If you consider that the number of data breaches in the U.S. was 447 in 2012 and more than 3,200 in 2023, and that the cost of cybercrime is increasing 15 per cent year over year, the future for data privacy will likely be bleaker not better—unless you take steps to protect yourself.

Download MySudo.
Download RECLAIM.
Discover other MySudo apps.

Also from our blog:What is a Data Breach?
What Should I Do if I’ve Been Caught in a Data Breach?

The post 2024 was the Biggest Year for Data Breaches: Here’s How to Stay Safe in 2025 appeared first on Anonyome Labs.

Hey, Gamers! Web3 gaming is rewriting the rulebook! 📔
Are you ready to level up? 💫🎮

Turning you from a player into an owner. 👑

No more grinding for in game items that vanish when the game does. With NFTs, your skins, weapons, and collectibles are YOURS!! 🦾🤘🏽

Why grind for virtual gold when you can PLAY, EARN AND OWN for real?

Imagine playing games where the rewards don’t just sit in your inventory they show up in real life! 💎 These games are breaking the mold, turning in-game wins into real-world value. From earning crypto you can actually spend to unlocking NFTs that hold tangible worth, it’s about more than just bragging rights. It’s gaming with purpose, where every victory counts both on-screen and IRL. 🎯

Tradable, Sellable, and Transferable across games. 🔁

That’s right, hours spent gaming now mean tangible rewards, breaking free from old-school developer economies.

Web3 gaming isn’t just about playing; it’s about Legacy, ownership, and joining a thriving digital economy. 🦾

So, what’s it gonna be? Stick with Web2, or step into the Web3 world and game for glory?

In this episode of the Future of Identity podcast, I’m joined by Jeffrey Schwartz, Founder and CEO of Dentity, to discuss the recent acquisition of Trinsic’s SSI platform assets, their ongoing partnership with Trinsic, and the innovations driving decentralized identity adoption. They explore the journey behind Dentity’s success in achieving market traction, building trust, and scaling decentralized identity solutions in the face of market challenges.

In this episode we dive into:

The strategy behind Dentity’s success and rapid adoption in the decentralized identity market The Trinsic Ecosystem, interoperability challenges, and creating user-friendly identity solutions The role of interoperability and strategic partnerships in scaling decentralized identity systems The future of decentralized identity and the Trinsic Acceptance Network — connecting users, platforms, and networks globally

Whether you're an enterprise, developer, or identity enthusiast, this conversation is packed with insights into the future of identity ecosystems and their transformative potential.

You can learn more about Dentity at dentity.com.

Subscribe to our weekly newsletter for more announcements related to the future of identity at trinsic.id/podcast

Reach out to Riley (@rileyphughes) and Trinsic (@trinsic_id) on Twitter. We’d love to hear from you.

We're excited to announce that Dock is partnering with Moon Lab to develop a cutting-edge digital ID solution tailored for banking institutions in Asia.

Moon Lab is a pioneering Blockchain-as-a-Service solutions provider based in Hong Kong, bridging the gap between Web 2.0 and Web 3.0. With a mission to make Web 3.0 accessible, they empower businesses to harness the transformative potential of blockchain technology.

Through this collaboration, Moon Lab will leverage Dock’s advanced Decentralized Identity infrastructures to enhance data ownership for users and offer seamless and faster verification across various financial platforms.

Together, we’re focused on transforming ID verification processes in the banking sector, reducing friction for users, and enhancing security standards. 

By combining Dock’s expertise in verifiable credentials with Moon Lab’s tailored enterprise-grade blockchain solutions, we’re working to deliver a seamless, secure, and efficient digital ID experience.

A special shoutout to Jack Chen, a true forward-thinker, and his exceptional team at Moon Lab. It has been a pleasure collaborating with them on this groundbreaking initiative.

This strategic partnership also marks an exciting milestone for Dock as we continue to grow our presence in Asia. 

Stay tuned for more updates as we build the future of digital identity together!

What is a VPN (Virtual Private Network) and what is it for?

In recent years, increasing focus on online privacy and security has led many people to discover tools such as VPNs. With the increase in cyber threats and risks associated with surfing online, protecting one’s personal data has become a priority for many users.

 

One of the most effective solutions to guarantee security and privacy when accessing the Internet is to use a VPN, a service that protects data transmission on public networks and preserves one’s identity by detecting and rejecting malware, phishing and fraud attempts.

 

This tool allows you to surf the Internet anonymously, protecting your information from eavesdropping and malicious attacks. But what is a VPN and what makes it so useful?

What is a VPN and why is it important?

VPN stands for Virtual Private Network. It is a technology that creates a private connection between your own device and the Internet. In practice, a VPN connection allows you to surf online more securely by masking your IP address and encrypting your data in transit. This means that your information is more difficult to intercept by third parties, such as hackers or individuals trying to monitor your online activity.

 

Using this type of connection is essential to ensure security and privacy, especially in situations where the risk of personal data exposure is high. For instance, when you connect to public Wi-Fi networks, such as those in bars, restaurants or airports, your data can easily be intercepted by malicious attackers who could connect to your device. By encrypting your connection, a Virtual Private Network prevents information from being stolen or monitored even on these public networks.

 

In addition, many organisations, including marketing agencies, try to monitor your behaviour as you browse in order to collect personal information, such as history and sensitive data. To protect your privacy and prevent your data from being used without your consent, it is essential to use a private network. In fact, using a VPN makes it almost impossible for anyone to monitor your online activities, ensuring that your information remains protected and out of reach of prying eyes.

Are VPNs legal?

One of the most frequently asked questions concerns the legality of this tool: are VPNs legal? The answer depends on the country you are in. In general, the use of a VPN is legal in most countries, including the UK and Italy, but there are some exceptions. The key lies in the way the technology is used.

 

While using this type of connection to protect privacy and surf safely is perfectly legal, in some countries the use of a private network to circumvent certain government controls or to access prohibited content may be restricted.

What is a VPN for? As mentioned above, a Virtual Private Network is an indispensable tool for protecting data and privacy online. By using it, you can surf more safely and defend yourself against potential threats.   Here are the main functions of a VPN connection:   Personal Data protection. A private network encrypts your Internet connection, making data, such as passwords and banking information, invisible to anyone trying to intercept them, especially on public or unsecured Wi-Fi networks. Online anonymity. By hiding your IP address, it allows you to surf without being tracked. This means that websites cannot collect information on your location or surfing habits, guaranteeing completely private surfing. Increased security. A VPN service protects online traffic from external attacks, such as hackers, and reduces the risk of unauthorised access. In addition, some private networks offer advanced features to protect against web threats, such as blocking suspicious applications in case of abnormal activity, malware and intrusive advertisements. How does a VPN work?

A virtual private network protects your Internet connection by creating a channel through which data travels encrypted, preventing anyone from intercepting or monitoring it.

Here is how a VPN works in greater detail:

User and server authentication. When you connect to a Virtual Private Network, your device is first authenticated by the server. This ensures that only authorised users can access the private network. Data encryption. Once authenticated, the server applies an encryption protocol to the data you send and receive. Encryption makes your data unintelligible to anyone attempting to intercept it, protecting your personal information during transmission. This creates a secure data exchange ‘tunnel’ that makes it impossible for third parties, hackers and even your service provider (ISP), to view the content passing over your connection. Encapsulation of data packets. Data is wrapped in an external packet, which is also encrypted. This encapsulation process makes it even more difficult for anyone to access the data, keeping it safe during transfer. Data decryption. Once data arrives at the destination server, the external packet is removed via a decryption process, allowing the data to be read securely.

 

Thus, a VPN works by creating a private and confidential connection between your device and the destination server, ensuring that your data can be transmitted encrypted and protected. Using an encrypted tunnel prevents data from being intercepted or used without your consent.

Protect your privacy with NordVPN Plus

With NordVPN Plus from InfoCert, you can surf safely by encrypting data, masking your IP address and blocking malicious content. In addition to advanced protection of your sensitive information, the service also has a Password Manager that stores and protects your credit card and login credentials for all your online accounts. It also defends you in real time against viruses, malware and ransomware, automatically blocking all malicious content.

Protect your privacy online with one of the most comprehensive solutions.

Discover More

The post VPN – Virtual Private Network – What it is and How it Works appeared first on infocert.digital.

 

Deze aflevering van de Data Sharing Podcast gaat over data-ethiek, vertrouwen in data en AI en toegankelijkheid in een steeds digitalere samenleving. 

A potential breakthrough on personal data … and productivity

As far as Government announcements go, this one hardly seems the most exciting: there’s not many people who will see this title — “Digital Identity and Attributes Trust Framework Gamma (0.4) Pre-release” — and think “Oh wow! I must stop everything and read that!”

Yet, amidst a welter of other announcements and initiatives coming from the new Government, this could be the most important thing it does in its entire term of office. We’ll come to why in a minute. But first, what’s it all about?

Why identity matters

In a digital world, identity verification matters. If you are transacting online you need to be confident that the person at the other end of that transaction is who they say they are. If they’re not, all sorts of horrible things could happen, including damaging errors and fraud. Without some way of building this confidence, online commerce and service provision either grinds to a halt or entails all sorts of potential risks and associated costs.

Not surprisingly the potential benefits of cracking this identity problem could be huge. According to McKinsey for example, getting digital identity right “could unlock economic value equivalent to 3 to 13 percent of GDP in 2030”. One example: it could reduce organisations’ costs of onboarding new staff and customers by up to 90%.

But that’s just organisations. McKinsey also estimated that “just over half of the potential economic value of digital ID could accrue to individuals, making it a powerful key to inclusive growth”.

“Beyond quantifiable economic benefits,” their research continued, “digital ID can offer noneconomic value to individuals through social and political inclusion, rights protection, and transparency. For example, robust identity programs could help guard against child marriage, slavery, and human trafficking.”

So, as we said, it matters.

Yet finding a way to verify these identities has proved to be a very difficult task. We know because we’ve been involved in trying to find a workable solution for many years. For example, we were one of just five companies chosen by the UK Government to pioneer its first big attempt to crack this problem way back in 2011 with its Gov.UK Verify programme.

Three hard won lessons

Verify didn’t work and the lessons from its failure are extremely important.

When the UK Government first tackled the identity problem with its Verify programme, its underlying assumption was that ‘digital identity’ would become a new ‘market’ like another, where specialist producers called ‘identity service providers’ would produce a specialist product called ‘an identity’ which they would sell to buyers in a competitive marketplace.

There were three things wrong with this assumption and the lessons learned about them are key to where we are today.

First, there is (and never can be) one, single ‘thing’ called an ‘identity’. People often think of ‘identities’ in terms of a single document like a passport or driving licence. But while these documents are very useful in many cases, they don’t always work. What happens if a person doesn’t have a driving licence or passport, for example? For an identity system to work, it needs to work for everybody, all the time, and ‘identity’ is too fluid and complex a concept to be nailed down by a single identity ‘product’.

Second, identity verification is first and foremost a process, not a product. Driving licences and passports are not official identity documents, for example. They are documents that provide people with certain entitlements. But the information they contain is widely trusted because of the stringent processes that went into creating them.

Crucially, these so-called identity documents are examples of ‘composite’ data points: one piece of data — entitlement to a driving licence — made up of a series of other, separate data points — such as name, date of birth, address and so on — each of which have been separately checked. Each one of these data points being a separate attribute.

That’s what really goes into verifying someone’s identity — the ability to verify different details about them, with these details varying according to the situation. For example, if a person does not have a driving licence or passport, or happens to be homeless, then other ‘verified attributes’ will be needed to verify them. Ultimately, it’s the attributes and the processes for verifying these attributes that matter.

Recognising this is a crucial step forward. For a system of identity assurance and verification to work it needs to be based on the ability to share and access a wide range of ‘verified attributes’ which may vary from one person and situation to another. Identity verification is a by-product of the ability to assemble enough such verified attributes for a person to be confident enough in their reliability for them to act on the information provided. This is why it was hugely important that the Government’s programme was renamed to say ‘Digital Identity and Attributes Trust Framework’.

The third key lesson has been to realise that ‘digital identity’ isn’t a single-purpose product. It covers many different purposes each of which may require different bits of information — different verified attributes. For example, being able to prove you are over 18 so that you can buy an alcoholic drink is very different to being able to prove you are a qualified pilot and really able to fly an aeroplane or that you are not a sex offender seeking to work with children (which is one of the functions of the Disclosure and Barring Service).

For an identity and attributes verification system to really work well, in other words, it needs to be flexible enough to share and assemble a very wide range of different verified attributes for a wide range of different use-cases.

This is what that exciting sounding document called “Digital Identity and Attributes Trust Framework Gamma (0.4) Pre-release” represents: the fact that these lessons have been learned and that, for the first time, after decades of trying, the UK Government has actually worked its way through to creating an approach that can actually work, efficiently and effectively, at scale.

Lifting the productivity logjam

“Yes,” you might say, “That’s great. But does that really make this the most important announcement that a Government could make in its entire time in office?”

Well, here’s why it could be.

Our entire economy — and society — is in the midst of a gut-wrenching, disconcerting and often bewildering economic shift. For hundreds of years it was organised around one, single basic model of wealth creation: deploying energy derived from fossil fuels to drive machines that turbocharged the transformation and movement of physical things. That is what ‘industry’ was about: the production of ever more physical items at ever lower cost.

It was an incredible driver of wealth creation, but now that model is reaching its sell-by date and our entire economy is in transition. It is beginning to pivot around the deployment of an entirely different type of resource — data — that enables us to do a different set of things that provide new value along different dimensions: make new discoveries; make better, more informed decisions; organise and coordinate the detailed actions needed to implement these decisions.

In other words, we are moving from a ‘thing’ driven economy to become a data driven economy and with that, we are opening up opportunities for improved productivity (and quality, and innovation) that the industrial age couldn’t reach.

Here is the point most people miss: Data in the form of verified attributes lies at the epicentre of every step of every service that deals with an identified individual. As well as identity assurance, these activities include onboarding and recognising service users when they return, deciding on eligibilities, configuring service details according to the specific needs and requirements of the individual and the circumstances in which the service is being provided, planning coordinating and executing the many necessary details of service delivery, and undertaking associated record keeping and customer services. Data is how services are provided.

If at any point, the data needed to drive these activities is wrong or unreliable the whole process either grinds to a halt or starts producing the wrong outcomes. In this sense, verified attributes are the new oil of an efficient, productive economy - not the ‘new oil’ that people talk about, as in Big Money and Big Power struggles, but the easily overlooked but ABSOLUTELY ESSENTIAL oil that lubricates the machinery of the entire economy. This is true of every citizen-facing service you may think of, from central and local government services, through health and care to education, financial services, retailing, travel and so on — across every sector (public, private and third).

It is precisely because we do not have reliable operational processes for the sharing of verified attributes that productivity in this country is flatlining. By opening the door to these reliable, trustworthy processes the new Digital Identity AND ATTRIBUTES Trust Framework is opening the door to a new, economy wide productivity revolution.

As part of this, the new Framework has identified the core functions that lie at the heart of this new data-driven economy. They are:

‘Attribute Providers’ that collect, create, check or share pieces of information that describe something about a person, ‘Relying Parties’ that use this information to undertake a service, and ‘Holder Services’ which provide individuals with the ability to securely “collect, store, view, manage or share identity and/or attribute information”, and which enable these individuals to “control what information their holder service stores, when it can be shared, and who it is shared with”. (A personal data store is one form of Holder Service.)

The Trust Framework identifies other categories and functions too. They include identity service providers which “verify a user’s identity for one-off use at a single point in time”; orchestration service providers that “make sure data can be securely shared between participants through the provision of their technology infrastructure” but are not user-facing; and component service providers who provide specialist information (such as biometric data) that can be used in an identity verification process.

But it is the first three that really count in terms of understanding how the emerging data-driven economy will work. It will be driven by organisations which produce information (particularly verified attributes), organisations that use this information to provide specific services, and Holder Services that connect the two, including and embedding individuals as active parties in the collection and sharing of their own information.

This is the logical structure and architecture of a data sharing economy that has grown up inside an industrial age. Modern service providers don’t only produce services. They also produce and use data (e.g. verified attributes). Holder Services provide the glue that brings them together safely and efficiently — as the hub and clearing house for data sharing.

This is what makes the Trust Framework so important. The concepts and processes it is laying out have the potential to last long into the future, becoming embedded into how our economy works in 20 years time and beyond, with transformational impact on how this economy works. Remember McKinsey talking about 90% reductions in the costs of onboarding new staff and customers? With the approach identified by DIATF, similar productivity breakthroughs become possible with every step of every service that needs verified information about people in order to serve them.

Ensuring trust

But the Trust Framework does a lot more than just identify the shape of things to come. It is also helping to ensure that these things happen on the ground, and that they happen safely. It doesn’t allow any old chancer to come along and say “I am an attribute provider” or ‘Holder Service”. It creates processes for their independent certification, so that people can trust their operations.

It also creates room for supplementary schemes that apply the Framework’s core principles and processes to specific situations where more detail is required. It is creating what it says — a framework — by which this system can actually work.

One key question remains. Will the public ‘buy’ it?

Here, research undertaken as part of the development of the new Framework is crucial. Below we include some quotes from this research. We quote them in detail because they speak so strongly to the work we at Mydex CIC have been doing all these years on this front.

Please note: in what follows we are quoting from the research report. These are not our own words.

A human rights issue

“Participants’ attitudes towards identification and digital identity services shifted during the course of the dialogue. Many participants began the dialogue believing that having identity documents is purely practical. As participants’ discussions developed, many began to think of identity documentation as a basic human right.

“Participants perceive it to be an articulation of being human and a demonstration that they have a recognised role in society. Participants believe the importance of identity data is not simply practical but also instrumental in people having control over their lives and life chances.

“This has ethical implications. It means participants want to know that service providers will look after them and their data and protect and support the vulnerable and disadvantaged in society. This is important so that everyone can accrue benefits from digital identity services.

Human centred

“This human-centred approach is requested throughout the system…

“This points to a broader, more philosophical point that is a thread throughout the dialogue. Participants are concerned that digital identity service providers will be more focused on the technical aspects of the service than they are with developing a service that will take care of users and provide them with the support they need to use the service, and to ensure their data is safe and secure. Participants believe their confidence and trust in services will develop and increase if they see evidence, through the trust framework and in the actions of service providers, that they support people and put user needs and experiences at the centre of service design and delivery.

A public service & trustworthiness

“Participants want to know that digital identity service providers are motivated by more than generating income. They call for the trust framework to make it clear that public benefit is a core value for those being certified to deliver digital identity services, and the government and OfDIA [Office for Digital Identity and Attributes] as overseers of the programme.

“Participants articulated a ‘trust tension’: whilst they do not trust the government, they feel that a public sector organisation, a non-profit organisation or a research consortium might be more trustworthy than private sector organisations. This is seen as more trustworthy as it would operate without vested interests or the need to satisfy company shareholders … whilst trust in government is low, trust in government sponsored bodies is higher and perceived as more trustworthy than private sector organisations.

Benefits to society

“This leads to the second key factor. Participants want to know that digital identity service providers are motivated by more than generating income. They call for the trust framework to make it clear that public benefit is a core value for those being certified to deliver digital identity services, and the government and OfDIA as overseers of the programme. In this context, convenience on its own is not seen as a strong enough benefit. Delivering services which provide a trusted resource which can be used interchangeably across services and in a range of contexts is more powerful.

Inclusion

“Participants do not see convenience on its own as a compelling enough reason for increased use of digital identities. They want to know how digital identity services are going to benefit society by making proving identity more inclusive. “Participants want to know that these services are accessible to those that want and need to use them. Having options that work for everyone is seen as part of an inclusive system, one which enables people to verify their identity or attributes in the way which works for them, whatever their background, level of skills and experience. “They want to know that service providers will look after them and their data; protect and support the vulnerable and disadvantaged in society so that they too can accrue benefits from digital identity services.

Control

“Participants believe the trust framework should provide a clear statement on how users ‘own’ and ‘control’ their data.

“Having control over their data is important to participants. They want assurances within the digital identity services trust framework that they have choice about who they share data with and why.

“Participants believe the trust framework should provide a clear statement on how users ‘own’ and ‘control’ their data, including being able to update it and protect personal data they do not wish to share.

Personal utility and agency

“Participants see identification for consequential transactions such as renting or buying a property; proving you have the right to work in the UK or to get or renew a passport or driving license as more complex. It moves identification beyond the practical to instrumental in achieving life shifts such as demonstrating something significant and personal to them, including gender transition.

“The more participants thought about identification, the more they considered it a route to demonstrating that they are part of and contribute to society. Many participants feel that not being able to demonstrate something about themselves could have a significant impact on their lives, including having a meaningful role in society.

Conclusion

In trying to find an answer to the pressing question of digital identity, the UK Government has been on a long and steep learning curve. It might have taken nearly a decade and a half, but it has now arrived at a way forward that works — a way forward that could prove transformational for our economy and society as a whole.

A key part of this is recognising the role of individuals and their Holder Services: the right and need for individuals to participate in an identity and attribute data sharing ecosystem with all the qualities identified by the programme’s public engagement research: human rights, human centredness, public service and trustworthiness, benefits to society, inclusion, control, personal utility and agency. That is what we are about as a Community Interest Company.

DIATF encapsulates a formula for the treatment of personal data in a data-driven age. It transcends the limitations of the organisation-centric database by enabling data sharing via Holder Services. By embedding human rights into how it works operationally, it also transcends the trade-offs between data protection and innovative uses of data. This trade-off has bedevilled the growth of this economy in its early years. In doing these things, it enables the data sharing that is needed to unleash personal data’s full social and economic potential.

Of course there is many a slip between cup and lip. Everything depends on how this Framework is interpreted and implemented. But for now it represents a strategically crucial beginning.

At Mydex, we have been involved in this journey from its beginnings with the Verify programme of 2011. We look forward to contributing further as it unfolds.

A potential breakthrough on personal data … and productivity was originally published in Mydex on Medium, where people are continuing the conversation by highlighting and responding to this story.

Predictoor DF119 rewards available. DF120 runs Dec 12 — Dec 19th, 2024 1. Overview

Data Farming (DF) is Ocean’s incentives program. In DF, you can earn OCEAN rewards by making predictions via Ocean Predictoor.

Data Farming Round 119 (DF119) has completed.

DF120 is live today, Dec 12. It concludes on December 19th. For this DF round, Predictoor DF has 37,500 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF120 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF120

Budget. Predictoor DF: 37.5K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and Predictoor

Ocean was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF119 Completes and DF120 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

We recently proposed the Personal Data License (PDL): a system that leverages Verifiable Digital Credentials to give individuals control over the sharing of their sensitive data, including the ability to enforceably limit, revoke, or receive disclosures about that access. As part of this system, the person sharing data will issue a PDL using their digital wallet, establishing a clear record of the terms for data sharing. The PDL will then be countersigned by the recipient, signifying their acceptance of the user's conditions and creating a mutual agreement that protects both parties.

Combined with legislative enforcement, a Personal Data License system would allow individuals to share data for a limited time, requiring recipients to delete it after the agreed period or report its continued existence as required. This enhanced level of control greatly increases the power that individuals have over their data. The ability to revoke data, ensure its removal, or receive notifications about its existence would have a profound impact in a landscape where personal data is increasingly used for commercial purposes and massive repositories of outdated data remain vulnerable to a growing number of security breaches.

Personal Data Licensing (PDL) would also have a third important benefit: increasing user trust in the digital systems handling their data. The public is increasingly confused and worried about how their data are used, by both private companies and governments. That anxiety could be a serious obstacle to the adoption of digital identity systems like the mobile driver’s licenses (mDL), which offer significant improvements to the current privacy and security status quo.

But how exactly would Personal Data Licensing work? Let’s dive in.

Forget Me Now

Enforceable data control is important, both practically and for public perception because the public has come to associate digital tools with sacrificing their privacy. There’s the ambient experience of surveillance-driven advertising, but also much more scary examples, such as when Target’s algorithm detected and exposed a customer’s pregnancy or the current uncertainty about what 23andMe will do with all the individual genetic information it owns. 

The 23andMe situation illustrates how trackable data licensing would improve on the current status quo. In retrospect, 23andMe’s customers would probably have preferred to let the company handle their genetic data temporarily, not store it in perpetuity. Personal data licensing makes data more like a digital book out for a temporary loan. Notably, the goal is not to create a more nuanced commercial license to let users monetize data, a concept many experts believe would be exploitative and bad for privacy. Instead, PDL is intended as a privacy tool for particularly sensitive data, such as medical records, allowing users to automatically and auditably request the deletion of their data from their smartphones. If a user revoked their PDL and then published this action to a public blockchain, there would be solid evidence that they requested their data deletion at a certain point in history, accessible to anyone with shared data records and an internet connection.

Personal Data Licensing would use the same mix of digital wallets and secure signatures that verify digital IDs like California’s mobile driver’s license. When data are shared from a document or record in a digital wallet, a PDL system could require the recipient to digitally countersign a data license indicating acceptance of terms. This is aligned with building blocks like Katara’s verifiable “receipt” for the data, which is based on standards outlined by groups, including ISO. 

These licenses would be readable by both humans and machines, outline the purpose of the sharing, and have clear expiration dates. They might also define any rights for third-party sharing or provisions for the sharer’s right to revoke data access. They may also encapsulate reporting requirements, such as how to notify the user if further data sharing is needed. Data wallets would automatically retain copies of these licenses, with verifiable signatures from the data recipients. With legislation backing, such as an updated version of Europe’s GDPR, this paper trail would make data deletion auditable and enforceable.

These capabilities and interactions are not currently part of dominant digital ID standards, such as the ISO’s Mobile Driver’s License (mDL) or the W3C’s Verifiable Credentials standard. We believe the system can be designed externally to such standards in the “white space” left open—though ideally, data licensing would eventually be integrated with base standards.

Data Control and a Fairer Digital Economy

A system of digitally signed receipts for data sharing would create a verifiable record of what data we share, with which counterparties, and under which conditions. However, legislation would be needed to ensure compliance by imposing penalties on data recipients who didn’t comply with the conditions of a license. Analogs to such legislation already exist, such as the California Consumer Privacy Act (CCPA), Utah Consumer Privacy Act (UCPA), and the  European GDPR’s “Right to Be Forgotten.” Governments worldwide have been implementing policies to give people more control over their data.

Notably, Utah enacted the Government Data Privacy Act (GDPA) in May 2024, which gives Utahns discretion over how their own government should manage their personal data. At SpruceID, we are generally aligned with actions that increase individual autonomy while avoiding the centralization of power.

However, the current enforcement state for these laws tends to favor large-scale data collectors, such as Google and Facebook, who can afford the staff and other overhead to comply. Compliance costs have even led some smaller digital businesses to leave the EU or even shut down entirely.

A standardized and open system of Personal Data Licensing, including verifiable “receipts,” would make both enforcement and compliance simpler, reducing the unfair burden that data policies have tended to have on smaller digital businesses. 

Public policy would need to support PDL systems with enforcement. Imagine, for instance, that months after releasing your blood test data to a medical provider, you start receiving health marketing messages that seem guided by that data. This evidence of data misuse could be directly correlated with a digitally signed receipt showing exactly who received the data, and when, and submitted to a data enforcement body. 

From “Papers, Please” to “Why—and for How Long?”

Making the Personal Data License a reality will take work and time, but we believe it’s a compelling path forward. One very practical upside of personal data licensing is that it will make privacy frameworks such as GDPR and CCPA much more implementable. A record-keeping standard simplifying policy enforcement gives individuals more control over their data while also reducing the compliance burden on firms that collect data for valid purposes.

More fundamentally, Personal Data Licensing would be a major step forward in digital identity’s overarching mission to improve privacy, security, and user control of data. Personal Data Licenses, paired with monitoring and enforcement, can reverse the power dynamic in data sharing. Instead of a presumption that users must hand over data on request, government agencies and data-hungry enterprises will be required to convincingly justify their data collection and how long it will be stored.

The data hoards built up by unrestricted data collection have become huge risks to global privacy, security, and democracy. They have been used for surveillance and mass manipulation. It’s time for a change in control.

About SpruceID: SpruceID is building a future where users control their identity and data across all digital interactions.

With a focused, achievable goal, you can quickly deploy your Verifiable Credential ecosystem and gain an edge over your competitors

By Helen Garneau

If you’re looking to transform costly, inefficient, or user-unfriendly authentication and data sharing systems, our motto at Indicio is: “Start today, start small, scale smart.” This means beginning with a focused, manageable use case to build understanding of the technology, achieve results, and let these results create momentum. 

We’ve helped customers implement Verifiable Credentials to solve a myriad of business issues: interoperability between partners and governments when privacy is a concern or when direct integration is too complicated and expensive; inefficient, error-prone, and repetitive processes based on manual, paper-based form-filling verification, and simplifying, securing, and speeding up access to systems and software. 

But, rather than aiming to solve every challenge at once, we encourage customers to start with a small deployment that fixes one problem. This approach builds understanding and trust, drives stakeholder buy-in, and sets the foundation for long-term success. 

Verifiable Credentials are a new digital authentication method that uses cryptographic proofs to verify identity or attributes without exposing unnecessary personal information or requiring the verifier to check in with the original source of the information or a third-party identity provider.

Here’s how they work:

Issuer: A trusted entity (e.g., a bank, government agency, or employer) issues a credential to a user (e.g., proof of identity, business license). Holder: The user stores this credential securely in a digital wallet on their mobile device. Verifier: When logging in or accessing a service, the user presents a cryptographically verifiable proof of the credential and, depending on the use case, information in the credential to the verifier. Importantly, only the necessary data is shared, and the verifier can confirm its authenticity without contacting the issuer.

This decentralized model for data ecosystems means that users hold their own data and that the data issued in a credential is completely under the user’s control. This decentralization eliminates the need to store personal data in a centralized database in order to cross check and verify it. It also removes the privacy concerns over how third-parties can use personal data. 

Let’s look at the simplest decentralized identity ecosystem we can create, one where the issuer and verifier is the same entity — for example, an employer issuing an employee credential for seamless login to company systems and applications. This structure, often referred to as a closed ecosystem, provides a simple, controlled environment for implementing, testing, and understanding the solution. 

Once a team experiences how easy it is to implement such a system, the path is much easier to adding outside verifiers (say a company’s benefits partners) or other issuers (say, government-issued credentials) to create new ecosystems for sharing verifiable data. 

Starting in this way allows for iterative development and continuous improvement, ensuring smoother rollouts and minimizing risks. 

Our CTO, Ken Ebert calls this stage of development, a three-legged stool. While decentralized identity often seems like a purely technological solution, success relies on making important choices to balance the needs of three critical elements: 

Business: What problem are you trying to solve with decentralized identity and Verifiable Credentials? Who are the users, and how will they benefit? What funding model supports the initiative? We’ve seen the customers who are quick to answer these questions get the budget and speed to deployment the fastest.

Governance: Governance defines how users obtain the credentials, who uses them, who the other parties in the ecosystem are, as well as how the deployment adheres to emerging global data regulations. Ensuring compliance and clarity builds trust among stakeholders. 

Technology: This involves the foundational tools: the software for issuing credentials, holding credentials (in a digital wallet) and verifying credentials; the ability to write to and retrieve cryptographic material; and decisions over protocols and standards.

Our team at Indicio is active and lead many different communities where technologies and standards are being developed. From OpenID to DIDComm, W3C and IETF, chances are if you are interested in a specific protocol, credential type, or specification– we’ve got you covered.

An example of how these three elements work together: A company call center could issue credentials to customers, enabling quicker authentication. If this reduces verification time from 30 seconds to 5, with data to prove efficiency and customer satisfaction, the team can now ask for further funding for adoption. Here, the technology solves a business problem, and the governance is rooted in the trusted relationship between the company and its customers. 

As new applications and improvements emerge during an initial rollout, the temptation to scale quickly can be strong. However, the key to sustainable growth is incremental expansion. Using the call center example, this might mean gradually adding new verifiers, issuers, or credential holders to improve routine transactions while maintaining a stable and secure system. 

Decentralized identity is transformative. A key factor in the success of any decentralized identity project is effective communication of this — both internally and externally. Teams must articulate the value proposition to users, addressing the pain points that decentralized identity alleviates. This requires a combination of education, documentation, and messaging that engages stakeholders at every level. 

At Indicio, we help organizations take their first steps with decentralized identity and support their success as they grow into larger deployments. By providing enterprise-grade tools built on open-source technologies, a variety of hosting options, and customizable training programs, we provide businesses the flexibility to create a variety of scalable solutions to fit their needs. 

Whether you’re just starting out in testing or ready to deploy, our expertise helps you confidently navigate the path to a successful decentralized identity ecosystem.

Reach out to Indicio to get started.

###

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post With decentralized identity – start today, start small, scale smart appeared first on Indicio.

The latest QuarkID update, implemented using the SSI API and ID Connect by Extrimian, introduces a critical feature for decentralized information management: VC Attachments. This functionality allows the inclusion of files, such as PDFs, images, and other formats, in verifiable credentials, providing additional context or evidence to support the information contained within the credentials.

What Are VC Attachments?

VC Attachments enhance the handling, storage, and linking of attachments to verifiable credentials. Issued under the Verifiable Credentials (VC) standard, these are cryptographically signed digital documents containing verifiable data.

The inclusion of attachments ensures that any relevant supplementary information is securely available and managed, preserving the integrity and reliability of shared or stored documents.

Birth Certificate in QuarkID wallet thanks to integration with miBA app Integration with miBA application to attach original scanned birth certificate to QuarkID wallet

Rapid Implementation What is the @quarkid/vc-attachments-agent-plugin?

The @quarkid/vc-attachments-agent-plugin is a plugin designed to expand the functionality of SSI agents, enabling secure management of file attachments in verifiable credentials. This plugin is essential for users who need to attach additional documents to their credentials, broadening their utility across various contexts.

Installation

The plugin can be installed using npm as the package manager:

npm install @quarkid/vc-attachments-agent-plugin

Usage in Mobile Agents

To integrate the plugin into a mobile agent:

Import the plugin into your project. Configure appropriate storage for file attachments. Add the plugin to the agent’s list of plugins to streamline the attachment management process during credential interactions.

For detailed instructions, refer to the step-by-step guide in the documentation.

Interaction with ID Connect SSI API API Integration Service

The SSI API provides two main endpoints for managing attachments:

PUT /attachment/filepath
Returns the file storage URL, allowing access to previously saved files. POST /attachment/upload
Facilitates the upload of new files to the API, offering a secure and direct method for storing additional information related to a credential.

Use Cases Retrieving Attachments

To retrieve attachments linked to a specific credential, use the getFileAttachments method, which fetches associated files.

Uploading Attachments

Uploading involves sending the file via a multipart form, along with detailed metadata, including a hash to ensure authenticity.

Learn More Documentation on VC attachments: Explore advanced configurations and capabilities. VC Wiki: Deepen your understanding of verifiable credentials and their applications. VC Issuance and usage guide: Master the creation and management of VCs. Visit the Extrimian Academy for courses and resources to help optimize your projects with verifiable information.

Start building, managing, and verifying digital information with Extrimian today to enhance the efficiency and security of your business operations.

The post Verifiable Credentials with attachments docs first appeared on Extrimian.

The post Market and Buyer’s Guide for Third-Party Risk Management appeared first on Liminal.co.

Today, we’re excited to announce our newest feature, Credential Recovery—a significant upgrade to our Digital ID Wallet, powered by Dock’s innovative Cloud Wallet technology, that makes credential recovery quick, secure, and convenient.

‍

Why Credential Recovery Matters

Traditionally, Verifiable Credentials are stored solely on the user’s mobile device. 

If the device is lost or replaced, users can lose access to their credentials—a major inconvenience, and often a critical barrier in ID verification.

As organizations increasingly adopt hybrid and multi-cloud environments, they face significant challenges in securing their systems. The rise of sophisticated domain-based attacks, including zero-day DNS vulnerabilities and phishing schemes using newly registered domains, complicates the security landscape and exposes organizations to potential breaches.

Organizations today grapple with the complexities of identity and access management (IAM) as they navigate increasingly dynamic digital environments. Traditional IAM solutions often rely on static workflows that fail to adapt to changing user behaviors and security threats, leading to inefficiencies and heightened security risks. EmpowerNow AI, a cutting-edge Agentic Workflow System (AWS), addresses these challenges by utilizing artificial intelligence and large language models (LLMs) to modernize identity workflows. This platform enables organizations to automate routine tasks, analyze contextual data for real-time decision-making, and create adaptive workflows that enhance both security and user experience.

Compliance management helps your business stay aligned with industry regulations, thus minimizing risks and maintaining efficient operations. In regulated industries, such as finance and healthcare (more on this below), following compliance standards is necessary to avoid legal penalties and reputational damage.

 

A strong compliance framework reduces risks related to data security, legal obligations, and your organization’s integrity. 

 

By managing compliance effectively, you protect your business from fines and safeguard its long-term success.

 

In an era where cyber threats are constant, organizations must prepare not for if a breach will happen but when. The urgency to identify, address, and bounce back from security incidents has never been greater. Privileged Access Management (PAM) plays a vital role in bolstering defenses and streamlining responses to these incidents. However, many organizations still struggle to unlock its full benefits, leaving critical vulnerabilities exposed.

Modern PAM solutions offer a range of capabilities that extend far beyond traditional access control. By integrating PAM into incident response strategies, organizations can significantly improve their ability to identify threats, contain breaches, and streamline recovery processes. Join us as we explore how PAM can be leveraged to transform human risk into human assets, providing full visibility and control over internal risks.

Paul Fisher, Senior Analyst at KuppingerCole Analysts, will look at the state of PAM and compare common versus emerging capability areas. He will discuss to which extent these capabilities can support not only protective requirements but support in the analysis of incidents and thus streamline incident reporting.

Aleksandr Dymov, Product Manager at Syteca, will showcase the Syteca platform, a comprehensive cybersecurity solution designed to meet the diverse needs of modern organizations. He will present a case study and provide a live demo, illustrating how Syteca's customizable security toolkit enables granular PAM and advanced user activity monitoring to secure organizations against insider threats.

In this videocast, Tom Bruggeman from DPG Media shares how his team tackled the challenges of user authentication in a fast-changing media landscape. He highlights the role of open standards like OAuth and OIDC and explains how Authlete helped create a seamless and secure user experience. Tom also offers insights into future plans, including efforts to enhance user privacy and explore data wallet solutions.

Our success in developing OpenID for Verifiable Credentials is paving the way for new use cases and quicker adoption.

By Helen Gareau

Our mission at Indicio is to make decentralized identity accessible and practical for real-world adoption. A key to this is our active involvement in developing and supporting OpenID for Verifiable Credentials (OID4VC) and OpenID for Verifiable Presentations (OID4VP). Part of the emerging European eIDAS 2.0 identity standards, these protocols specify how Verifiable Credentials can be used, building on OpenID Connect (OIDC), a widely used framework for authenticating user access to applications and websites. 

OID4VC: Streamlines the issuance of Verifiable Credentials using familiar web technologies.

OID4VP: Facilitates the presentation of these credentials, ensuring interoperability with existing OpenID-based systems.

These protocols make the transition to decentralized identity and Verifiable Credentials easy for many organizations, as they are familiar with the underlying authentication technology and don’t have to replace their identity and access management systems. This means companies and organizations can quickly implement seamless operations and services that deliver immediate value. 

As Gartner Research notes in its 2024 Market Guide to Decentralized Identity, the technology “represents magnitudes of improvement in terms of efficiency, cost and assurance” for authentication, account security, fraud, privacy, and security. 

Indicio’s OID4VC in action

An example of Indicio’s work with these protocols is the IATA One ID Proof of Concept (POC). This was developed with our strategic partner SITA, along with Delta Airlines and the Government of Aruba, and showcased at the joint IATA World Financial Symposium (WFS) and IATA World Passenger Symposium (WPS) in October 2024.

The POC showed how two different Verifiable Credentials, a Digital Travel Credential using the DIDComm protocol and a One ID credential using OID4VC, can work seamlessly together to facilitate seamless check in, baggage management, lounge access, and international border crossing. 

The POC showed just how easy it is for a person to enroll in both at the same time with a passport and mobile phone, and then use them for instant, seamless authentication through each step of the passenger journey from home to destination. This was the first ever One ID implementation. 

You can see a demonstration from a recent meeting of the Indicio Identity Community Meetup.

At Indicio, we see the future as a multi-credential, protocol, and standard world, and our goal is to provide the best implementation of each to meet our customer needs and to ensure that all work together so that our customers can seize every opportunity.

Our success in implementing  OID4VC and in combining and bridging different credentials and protocols has made Indicio a trusted partner for global organizations looking to implement cutting-edge identity solutions.

If you’re ready to explore how OID4VC can revolutionize your identity ecosystem, or to explore our solutions in education, finance, health, agriculture, the public sector, and travel and tourism, we’re here to help you every step of the way. Reach out to Indicio today!

###

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post Indicio’s commitment to OpenID for Verifiable Credentials: leading the way in compatibility for global digital identity standards appeared first on Indicio.

by Mike Small

A Game-Changer in Data Backup and Cyber Resilience 

On December 10th, 2024, Cohesity and Veritas announced that they have finalized their union. This is a major development as it will create the largest player in the rapidly growing market for cyber resilience and data protection. Data is not only fundamental to all organizations’ business processes but now also defines the very infrastructure upon which these processes depend.  Cyber-attacks and ransomware are an existential threat to this data and data protection solutions are essential for cyber resilience.  This union represents a pivotal moment in the worldwide marketplace for these solutions. 

Why This Merger is Important 

Digitalization of business processes has increased the potential impact of cyber threats.  This, taken together with increased regulation on cyber resilience, makes the market for these solutions strong. Based on our current research the Cloud Backup market size was last estimated at over $5.75B with an annual growth rate of 18.7%. 

The merger of Cohesity and Veritas underscores the importance of dependable, scalable, and innovative data protection solutions for cyber resilience. Both these vendors are recognized as leaders in our recent Leadership Compass report Cloud Backup for AI Enabled Cyber Resilience with each bringing their own complementary strengths.  

Complementary Strengths 

Cohesity brings its modern, cloud-native approach to data management and Veritas brings its long-standing expertise in enterprise-grade data protection. By combining their strengths, the new entity is well placed to address the full spectrum of data protection and cyber resilience needs. 

Cohesity offers the Cohesity Data Cloud (CDC), built on SpanFS, an immutable filesystem ensuring data integrity and security plus instant file serving of backed-up NAS data, and using SnapTree chain-free metadata such that essentially each point-in-time backup can be accessed as rapidly and efficiently as if it had been originally made via a full backup.  Veritas products include Veritas Alta™ Data Protection, NetBackup – an enterprise backup and recovery solution, and Backup Exec - designed for backup and recovery for small to mid-sized businesses. Together these combine modern architecture with a wide range of capabilities and coverage. 

The Importance of ML and GenAI 

An important market trend is the evolution of machine learning (ML) and artificial intelligence (AI) in particular generative AI (GenAI).  ML and GenAI provide capabilities that can be helpful to enhance cyber resilience, and we expect cyber resilience solutions to exploit these technologies where appropriate.   

Both vendors have recognized the importance of ML and GenAI both in terms of the opportunities they provide as well as the data protection needs, they introduce.  

Veritas uses GenAI/ML with the AI-powered Operational Assistant, Veritas Alta™ Copilot. Alta Copilot brings the power of GenAI to Alta View, making it more intuitive and accessible for all users to detect suspicious activities. 

Cohesity’s AI framework, including the patent-pending Cohesity Gaia, leverages GenAI throughout the platform to offer operational insights, anomaly detection, information insights, and predictive analytics. Gaia enables users to search based on meaning rather than search based on characters, and converse with their data using natural language. The platform also includes AI-driven data classification and threat detection, utilizing machine learning to enhance security and compliance. 

In our view, in future an organization should be able to give a GenAI based backup and disaster recovery solution a set of resilience objectives, compliance requirements and cost constraints for the system to build, evaluate, and implement the technology elements and support the manual processes needed to meet these.  

Impact on Customers 

Not all marriages last and customers may be anxious about what this union may mean for them.  Both companies recognized that it is easier to lose customers than to gain them. In February 2024, when they announced their intention to combine, the announcement included a “no customer left behind” product roadmap in which “...all products will be supported for many years. Customers can migrate when and if they want, on their own schedule.”  

Here is what we expect the new entity to provide: 

Transitional Arrangements – to ensure that all capabilities from the existing products remain available with the opportunity to mix and match between the two product ranges.  No enforced customer migration. 

Enhanced Capabilities: a unified portfolio that combines the best of both companies' technologies. These will likely be based around the Cohesity Data Cloud (CDC), to provide a unified interface and exploit the wide range of data connectors from Veritas. 

Global Reach and Support: With their combined resources, the new entity will be better positioned to provide support and expertise across regions and industries. This is particularly important for enterprises operating in highly regulated sectors such as healthcare, finance, and government. 

Technology Advances to Watch For 

The Cohesity-Veritas merger is not just a consolidation of market share but a bold move to accelerate technological advancements in data backup and recovery. Key innovations we anticipate include: 

AI and Machine Learning for Data Resilience: Leveraging Cohesity’s AI-driven analytics and Veritas’s deep integration capabilities, the new entity is likely to push the boundaries of predictive and autonomous data recovery. This could minimize downtime and enhance ransomware recovery strategies. 

Seamless Multi-Cloud Integration: As businesses increasingly adopt hybrid and multi-cloud environments, the combined expertise of Cohesity and Veritas will result in more robust and seamless cloud-native solutions, protecting data and data defined infrastructure in a common way across diverse environments. 

Comprehensive Data Governance and Compliance: With increasing regulations on data protection and cyber resilience worldwide, the union offers an opportunity to deliver solutions to help organizations to meet and exceed their regulatory obligations. 

Our Opinion 

The union of Cohesity and Veritas is a transformative moment for the data protection and cyber resilience market. As the largest player in the market, the combined company has the power to set new standards, influence industry trends, and drive the next wave of innovation. For customers, this means access to unparalleled technology and expertise, though the path forward may ultimately require customers to adapt and align with new offerings. 

As dust settles on this announcement, one thing is clear: the data protection and cyber resilience market has forever changed, and we are just beginning to understand the full impact of this historic combination.  Stay tuned and book now for EIC in May 2025 to hear the latest news. 

🎯 Marketing Updates

🎉 Last week’s quizzes and puzzles were a massive hit, igniting excitement across the community! The overwhelming response has inspired us to introduce a time-bonus activity this week. Stay tuned for more details

It’s going to be epic!🎉

🔧 Product Updates 📱Mobile App Enhancements Mobile App is undergoing a redesign, this will be a new outlook for tomorrow’s crypto landscape. Performance optimisations are in progress to ensure a smoother and faster experience. 🤖Safle Lens

Have you tried Safle Lens?

Try it here 👉 SAFLE LENS

🎮 Safle ID for Web3 Games

We’re re-envisioning Safle ID with a focus on Web3 Games. Know any game that should integrate SafleID? Let us know!

Discover more: SafleID for Web3 Gaming

Thank you for being an integral part of our journey. Together, we’re reaching for the stars! 🌟

Stay stellar,

The Safle Team

🚀 Stay tuned for more exciting updates!

🚀 Safle’s Community Explorer Carnival is Live! 🚀

Hello, Safle Fam! 🌟

We’re thrilled to announce the launch of the Safle Community Explorer Carnival . A major initiative to boost user growth and acquisition in association with Rootstock. Explore the core features of Safle Wallet and Safle Lens through interactive challenges, rewards, and hands-on experiences for both new and experienced Web3 users.

🚀 Accelerating Adoption

This carnival is designed to simplify onboarding and drive engagement, positioning Safle to scale rapidly while enhancing long-term user retention.

🔗 Check out the Safle Community Explorer Carnival

🤝 Grants Highlight Highlight: Innoteg x Safle

We are excited to announce that Innoteg has signed an MoU for a grant of SafleID identity registrations worth USD 5,000 at no cost. This grant will support the integration of SafleIDs into the Grantee’s gaming platform, enhancing digital identity solutions in gaming.

🔧 Product Updates 🚀 Safle Lens: Your Crypto Portfolio, All in One Place

We’re excited to announce that Safle Lens v1.0 is here!

Experience it now 👉 Safle Lens

Safle Lens is your go-to, view-only crypto portfolio viewer, supporting 10 EVM chains for seamless tracking of tokens and NFTs. It offers complete security by enabling asset management without private key access or transactions. With Safle Lens, you can effortlessly monitor your crypto holdings and gain full visibility without compromising safety.

Key Features:

Effortless Portfolio Viewing: Enter your SafleID, ENS, or wallet address to instantly view tokens, NFTs, and transaction history — no login required. Safle AI: Leverage Safle AI for effortless insights, whether you’re exploring token details or discovering NFT information. Auto Detection: Instantly detect tokens and NFTs across EVM chains for seamless tracking. Spam Detection: Automatically filter out spam/suspicious tokens, keeping your portfolio focused and protected. NFT Collection Overview: Real-time detection and display of NFT collections across all EVM chains. Comprehensive Token Analytics: Track and analyze your portfolio’s health with real-time updates and straightforward metrics. Transaction History: Easily monitor transactions across multiple blockchains with detailed insights into addresses, amounts, fees, and current values.

What’s Next?

Rootstock and BEVM integration 🎮 Safle ID for Web3 Games

We’re re-envisioning Safle ID with a focus on Web3 Games. Know any game that should integrate SafleID? Let us know!

Discover more: SafleID for Web3 Gaming

Thanks for being part of the Safle journey! Together, we’re shaping the future of Web3. 🌠

Stay Stellar,

The Safle Team

Thank you for your continued support in shaping the future of Web3 with Safle.

🚀 More updates coming soon!

🚀 Safle Weekly: The Inside Scoop 🚀

Hello, Safle Fam! 🌟

We’re back with the latest updates from the Safle team, giving you insights into what’s been cooking across Marketing and Product this week.

🎯 Marketing Highlights Engagement Activities

Last week, we initiated our first round of quizzes and puzzles to drive community engagement. Here’s how we did:

Quiz Participants: 80 Poll Responses: 364 Puzzle Solvers: 550

Three winners will soon be announced in our community, so stay tuned!

What’s Next? Research on media outlets for our potential blockchain partnership in South Asia article is in full swing. Planning improvements to future engagement activities is underway. 📱 Product Updates

The product team has been diligently working on:

Enhanced Gaming Capabilities

Integration with Innoteg, a gaming aggregator for Telegram and WeChat users.

Market Expansion Plans

Potential blockchain partnership in South Asia, opening doors to 169 million users.

🎮 Safle ID for Web3 Games

We’re re-envisioning Safle ID with a focus on Web3 Games. Know any game that should integrate SafleID? Let us know!

Discover more: SafleID for Web3 Gaming

Thanks for being part of the Safle journey! Together, we’re shaping the future of Web3. 🌠

Stay Stellar,

The Safle Team

Thank you for your continued support in shaping the future of Web3 with Safle.

🚀 More updates coming soon!

🚀 Safle’s Community Explorer Carnival is Live! 🚀

Hello, Safle Fam! 🌟

We’re thrilled to announce the launch of the Safle Community Explorer Carnival — a major initiative to boost user growth and acquisition. Explore the core features of Safle Wallet and Safle Lens through interactive challenges, rewards, and hands-on experiences for both new and experienced Web3 users.

🚀 Accelerating Adoption

This carnival is designed to simplify onboarding and drive engagement, positioning Safle to scale rapidly while enhancing long-term user retention.

🔗 Check out the Safle Community Explorer Carnival

🤝 Partnership Highlight: Rootstock Integration

We’re excited to announce our integration with Rootstock is live on the mainnet!

Get the full details here: Safle ID Rootstock Docs

🔧 Product Updates 🚀 Safle Wallet v1.6.2 Is here!

The re-envisioned Safle Wallet is now live on both App Store and Play Store! 📱💥

No more email IDs — Sign up with your unique Safle ID. Wallet Connect — Easily link to any dApp across Safle-supported chains. Now integrated with Polygon zkEVM, Avalanche, Rootstock and Base!

Download Now:

🔗 Google Play

🔗 Apple App Store

🌐 In-App dApp Browser Coming Soon!

We’re in the final testing stages of our in-app dApp browser — interact seamlessly with decentralized apps directly from your Safle Wallet. Stay tuned! 🏄‍♂️

🎮 Safle ID for Web3 Games

We’re re-envisioning Safle ID with a focus on Web3 Games. Know any game that should integrate SafleID? Let us know!

Discover more: SafleID for Web3 Gaming

🔍 Safle Lens: Almost There!

We’re almost at the finish line with Safle Lens. Recent updates will include:

Bug fixes for better device responsiveness and smoother user experience. Dark Mode Toggle for a personalized view. 🌑💡 👩‍💻 We’re Hiring!

Know any DevOps Ninjas? Safle is expanding, and we need top talent! 🌟

Thanks for being part of the Safle journey! Together, we’re shaping the future of Web3. 🌠

Stay Stellar,

The Safle Team

Thank you for your continued support in shaping the future of Web3 with Safle.

🚀 More updates coming soon!

🔧 Product Updates 🚀 New Release Coming Soon! Our latest release, designed to elevate your user experience, is almost here! The team has been busy squashing bugs and optimizing performance for a smoother and more secure journey on Safle. ⚒️ 📱 Safle Mobile App

In-App dApp Browser 🌐

Launch Alert! We’re wrapping up the integration of our brand-new in-app dApp browser. Frontend and backend development is complete — enjoy a seamless browsing experience launching by the end of this week! 🏄🏻‍♂️ 🔍 Safle Lens:

🎨 UI/UX Enhancements

Your Feedback Matters! We’re implementing exciting UI/UX improvements in Safle Lens. Look forward to a more intuitive and engaging experience! 🤖 Safle AI Integration: Smart Insights at Your Fingertips AI Just Got Better! Our AI integration in Safle Lens is now more powerful than ever. Click the AI icon on any token for tailored insights or ask general questions about all chains. Stay informed and make savvy crypto decisions with ease! 🪙✨ 📢 Marketing 🎮 Community Explorer Carnival Exciting Announcement! 🎉

We’re thrilled to introduce the Safle Community Explorer Carnival, an engaging event that invites users to dive into the full potential of Safle Wallet and Safle Lens. Eager to know what and how, read more 👉🏻 Here

Looking Ahead 🌟

As our community grows, this carnival positions Safle as a key player in the Web3 space, driving both user adoption and innovation. Join us on this exciting journey!

👩🏻‍💻 Talent Search

Safle is always on the lookout for new talent! If you know any DevOps Ninjas, Experts, or send them our way!

🚀 Explore our openings: Here.

Thank you for being an integral part of our journey. Together, we’re reaching for the stars! 🌟

Stay stellar,

The Safle Team

🚀 Stay tuned for more exciting updates!

December 2024 Bitcoin Hits $100K: The Tokenization Tipping Point?

Last week, Bitcoin hits $100k!

This milestone, fueled by institutional adoption and a promising regulatory shift under new SEC Chair Paul Atkins, sets the stage for a transformative 2025 in onchain finance and tokenization. It is clear that institutional capital is going onchain, it is crucial to start bringing assets onchain now. The tokenization trend is inevitable.

But to reach that tipping point, we must overcome a few critical challenges.

Challenge 1: Lack of Actionable Data

The Problem:
Private assets often lack actionable data that allow all ecosystems to easily read the data of the tokens, such as Net Asset Value (NAV). Without this, other applications like data aggregators, distributors, and other service providers, can not provide accurate data to their audience.

The Solution:
ERC-3643 is designed to solve this. With its built-in AssetID smart contracts, tokenized assets gain a unique onchain identity. Asset data (Asset type, NAV, ISIN, LEI, ESG ratings…) can be verified and directly linked to AssetID. This allows the ecosystem service providers to access verified asset information.

Challenge 2: Limited Accessibility

The Problem:
Despite the promise of tokenized RWAs, they remain out of reach for most investors. Take BlackRock’s tokenized money market fund, BUIDL, as an example. Its $454 million market cap in Ethereum is held by just 23 investors, with 40% owned by a single Web3 company. High minimum investments exclude smaller investors from participating. Many institutions are still hesitating to open their onchain products to retail investors. They are afraid of losing control and fail to enforce compliance.

The Solution:
The ERC-3643 token standard enables issuers to tokenize more accessible financial products while maintaining full control and automated compliance. ERC-3643 tokens are permissioned tokens. They ensure issuers decide who can participate, and under what conditions, and even allow for token freezing or recovery. Issuers can scale by using this token standard and open onchain assets to smaller investors. The protocol has already been used many times to tokenize securities available to retail investors, such as open-ended public funds, or even with prospectus exemptions in Europe.

Challenge 3: Fragmented Liquidity

The Problem:
Secondary markets for RWAs remain siloed. Distributors can only offer assets within their isolated order books, leaving unmatched trades, inactive markets, and frustrated investors.

The Solution:
Shared liquidity. Imagine all distributors leveraging a shared order book while retaining full control of their platforms and investor relationships. In the new era of tokenized assets, trading offers are universal. Investors publish a trading offer on one platform, and it is instantly visible across all others. Smart contracts ensure compliance by design: Onchain identity checks confirm the buyer’s eligibility, enforce transfer restrictions, and verify wallet balances. Unauthorized transactions are denied instantly. The best part is delivery vs payment enabling instant settlements. Trades are completed in seconds without counterparty risk or intermediaries, creating a seamless and risk-free experience.

This vision is no longer theoretical. ERC-3643 tokens, combined with the open liquidity protocol DINO, make it a reality. By sharing an onchain catalog of offers, blockchain has been turned into a giant marketplace.

But unlocking this potential requires collective action.

For asset issuers: Adopting the open source ERC-3643 standard ensures compliance and future interoperability. For asset administrators: Defining their operating models to support seamless onchain operations. For distributors: Connecting to the ERC-3643 catalog of tokens and starting managing onchain transactions.

At Tokeny, our mission is to provide the best in class tokenized assets orchestration platform and expertise for all stakeholders to thrive in this financial revolution, empowering institutions to upgrade finance, onchain.

Change is no longer optional, it’s an opportunity, let’s make 2025 a bull market for RWAs!

Tokeny Spotlight

EVENT

DAW Panel with Apex Group on: How will mass customization shape the future of asset management?

Read More

EVENT

Attended Applied Blockchain with one clear message: Without standardization, onchain finance will be in silos.

Read More

INTERVIEW

 Our CEO Luc Falempin interview by NASDAQ to discuss the need for breaking down industry silos.

Read More

PODCAST

CCO, Daniel Coheur spoke on the Digital Pound Foundation podcast about: Tokenized MMF.

Read More

PRODUCT NEWSLETTER

ERC-3643 standard is the motherboard, you can add any block you need.

Read More

NEW TEAM MEMBER

Meet Christian Stricker our Digital Marketing Intern. Welcome to the team!

Read More Tokeny Events

Abu Dhabi Finance Week
December 9th – 12th, 2024 | 🇦🇪 UAE

Register Now

Luxembourg Blockchain Week
December 9th – 13th, 2024 | 🇱🇺 Luxembourg

Register Now ERC3643 Association Recap

Recognition by MAS

ERC-3643 is recognized as the official standard in the Project Guardian of the Monetary Authority of Singapore (MAS).

Learn more here

Subscribe Newsletter

A monthly newsletter designed to give you an overview of the key developments across the asset tokenization industry.

Previous Newsletter  Dec9 Bitcoin Hits $100K: The Tokenization Tipping Point? December 2024 Bitcoin Hits $100K: The Tokenization Tipping Point? Last week, Bitcoin hits $100k! This milestone, fueled by institutional adoption and a promising regulatory shift… Oct21 Institutional Tokenization 3.0: Break Silos October 2024 Institutional Tokenization 3.0: Break Silos Since Tokeny started building tokenization solutions in 2017, we have seen financial institutions exploring tokenization of assets in… Sep6 Amsterdam Teambuilding Fuels Our Mission for Open Finance May 2024 Amsterdam Teambuilding Fuels Our Mission for Open Finance Greetings from Amsterdam! We hope you had a wonderful summer holiday. Recently, our global team… Aug1 Transaction Privacy: The Last Blocker for Massive Open Finance Adoption July 2024 Transaction Privacy: The Last Blocker for Massive Open Finance Adoption Open finance is a new approach to financial services, characterized by decentralization, open…

The post Bitcoin Hits $100K: The Tokenization Tipping Point? appeared first on Tokeny.

The Identity Fabric paradigm has established as the guiding principle for building modern Identity & Access Management (IAM) infrastructures. Since the introduction by KuppingerCole Analysts more than five years ago, many organizations have adopted this concept to streamline their IAM architecture, portfolio, and investments. With the newest release of the Identity Fabric, KuppingerCole Analysts provides an updated framework that not only reflects the evolution of IAM with respect to supported identity types and technologies, but also provides additional perspectives and layers to help organizations shape their own Identity Fabric for human and non-human identities. The Reference Architecture as second major framework of KuppingerCole Analysts adds more detail to the Identity fabric by going more into detail on IAM.

by Matthias Reinwarth

Identity and Access Management (IAM) has long been the backbone of enterprise security. As digital transformation accelerates and compliance requirements grow more stringent, the need for a flexible, scalable, and future-proof IAM framework has never been more critical. This is where the [new KuppingerCole Identity Fabric](https://www.kuppingercole.com/research/an80978/the-2025-identity-fabric-and-iam-reference-architecture) comes into play - a holistic framework expertly designed to tackle these challenges head-on.

But why is a comprehensive IAM blueprint so important? According to recent data, only 40% of companies currently have a complete IAM blueprint in place, while 26.8% are in the process of developing one, and a concerning 33.1% have no blueprint at all. This gap highlights a significant vulnerability for many organizations, leaving them exposed to risks that could be mitigated with a well-defined IAM strategy. The Identity Fabric addresses this very issue by providing a structured, adaptable approach to IAM, ensuring that organizations not only close this gap but also stay ahead of future challenges.

Building on its successful design and widespread adoption, KuppingerCole analysts and advisors have recently finalized the [updated revision of the Identity Fabric for 2025](https://www.kuppingercole.com/research/an80978/the-2025-identity-fabric-and-iam-reference-architecture). This new version is not just a routine update; it is a carefully crafted evolution that leverages valuable feedback from the industry, incorporates insights and experiences from end-user organizations, and integrates the latest market and technology trends.

**Understanding the basics: What is the Identity Fabric?**

At its core, the Identity Fabric is a comprehensive framework for architecting, evolving, and modernizing IAM systems. It is essential for organizations looking to keep pace with the demands of their future challenges, ensure compliance with pertinent regulations and corporate security policies, and address changing business requirements. Identities are the cornerstone of cybersecurity frameworks, and the Identity Fabric offers a structured approach to managing them effectively.

The benefits of the Identity Fabric are multifaceted. It not only provides a robust high-level model for IAM but also ensures that systems are adaptable to future challenges. This adaptability is imperative as the digital landscape itself continues to evolve, bringing with it new threats and opportunities. The business value of the Identity Fabric lies in its ability to streamline IAM processes, reduce operational costs, and enhance the overall user experience.

**Applying the Identity Fabric: Why is it so useful?**

The Identity Fabric is not just a theoretical framework; it is a practical tool that can be applied across various IAM scenarios. Whether you are designing a new IAM platform or evolving an existing one, the Identity Fabric provides the entry point for a clear roadmap. Areas of application include:

1. **Strategy Definition for New IAM Platforms**: Implementing new IAM platforms requires more than just technical know-how, it demands a strategic vision. The Identity Fabric helps define long-term goals and ensures that the platform is built with future scalability in mind.
2. **Strategy Definition for Evolving IAM Platforms**: Just as new platforms need a strategic direction, so do existing systems undergoing transformation. The Identity Fabric guides the modernization process, ensuring that legacy platforms meet both current and future business requirements.
3. **Architecture Design for New IAM Platforms**: When building new IAM platforms, the Identity Fabric framework ensures a robust, scalable, and flexible architecture. This architecture can adapt to changing business needs and technological advancements, making it future proof.
4. **Architecture Design for Evolving IAM Platforms**: For organizations with legacy IAM systems, the Identity Fabric offers a pathway to modernization. By aligning older systems with the framework, businesses can enhance functionality and improve scalability without the need for a complete overhaul.
5. **Review and Analysis of Existing IAM Service Platforms**: To fully leverage the Identity Fabric, organizations must first understand their current state. Thorough reviews and analyses help identify gaps, inefficiencies, and areas for improvement, allowing the Identity Fabric to guide the necessary changes.
6. **Portfolio Management**: Effective IAM is not just about managing individual systems - it’s about managing a portfolio of services and solutions. The Identity Fabric ensures that all elements are aligned with business objectives and that resources are allocated efficiently.

**Evolving the Identity Fabric for 2025: A Sneak Peek**

The upcoming 2025 update to the Identity Fabric brings several exciting enhancements, each aimed at ensuring that the framework remains relevant in the face of both technological and business changes.

- **A Revision of the Conceptual Design**: The new Identity Fabric features a slightly updated conceptual design that encapsulates all relevant themes. The structure of the Fabric is more refined, looking at all types of identities, with all relevant IAM capabilities consolidated into IAM services and mapped to tools and market segments.
- **Integration with the IAM Reference Architecture**: One of the key enhancements in the 2025 update is the integration of the Identity Fabric with the existing IAM Reference Architecture. This ensures that the Reference Architecture is aligned within the Fabric context.
- **Development of Detailed Blueprints**: The 2025 update enables new applications of the Identity Fabric through deriving detailed, bespoke, and individualized detail identity fabrics. It is a two-tiered model, which aims to provide a structured framework for managing identity and access within different organizational contexts.

The Identity Fabric can be adjusted two levels of abstraction:

1. **Level 1: Master Identity Fabric (IF)** - This is the core framework designed to manage functions and services across various identity and access management (IAM) requirements. It acts as the central IAM blueprint applicable to a broad range of organizations.
2. **Level 2: Tailored Identity Fabrics per Business Model and/or Maturity Level** - At this level, the Master Identity Fabric is refined into more specific models to serve different organizational needs and maturity levels. These refined models serve as role models for other organizations and are designed to meet the distinct challenges and requirements of various industries.

This hierarchical approach allows for greater flexibility, ensuring that the Identity Fabric can be adapted to fit specific organizational contexts while maintaining a standard core framework.

**Looking Ahead: The Future of IAM**

The KuppingerCole Identity Fabric 2025 is more than just an update - it’s a significant development that prepares organizations for the future of IAM. By adopting this enhanced framework, businesses can ensure that their IAM systems are not only capable of meeting today’s challenges but are also ready for those of tomorrow. As identities continue to be at the core of cybersecurity, the Identity Fabric offers a clear path to resilience, adaptability, and long-term success.

Stay tuned for further information on the KuppingerCole Identity Fabric 2025, where these enhancements and more will be fully detailed, providing a cutting-edge framework for the next generation of IAM. For reference, see the [previous edition of our Leadership Compass on Identity Fabrics](https://www.kuppingercole.com/research/lc81426/identity-fabrics).

In this episode of the KuppingerCole Analyst Chat, Matthias Reinwarth is joined by cybersecurity expert John Tolbert to talk about essential tips for personal cyber hygiene. Together, they discuss practical advice for keeping your devices secure, avoiding common threats, and implementing best practices for online safety. Whether you're a tech-savvy professional or just starting to think about your digital security, this episode offers actionable insights to protect yourself and your loved ones in an increasingly connected world.

After three years, IDnow’s research project, Soteria has come to an end. Here, we share the findings and what it could mean for the future of personal data management.

Soteria, named after the goddess of safety and harm prevention, was a joint research project funded by the Horizon 2020 research and innovation program. Carried out in collaboration with 12 other European partners, the main aim of the project was to explore digital security and user privacy.  

Where does our personal data go? 

Nowadays, many carry out the majority of their daily tasks online; managing bank accounts, accessing insurance details and even attending medical consultations to name but a few. Accessing these services requires the authentication of the user, which is facilitated by the transfer of personal data. 

As personal data invariably needs to be entered to access personal online services, this can be a frustrating experience for the user. How this personal data is collected, stored and used is often not clear to the user, nor the organization that requests the data. 

According to the Fundamental Rights Survey, which asked people about their views on sharing personal data, 55% said they feared that criminals or fraudsters could access their personal data, while 30% said they worried that advertisers, businesses and governments could access their information without them knowing. Unfortunately, there are currently no solutions on the market to enable users to take control and manage their data. 

These personal data have to be repeatedly completed to access to each service, which can be time-consuming for the citizens. In addition, the use of the personal data collected is most of the time not transparent for the citizen, as well as the organisations which have access to them.

For these reasons, more than 70% of the EU citizens have concerns about the online use of their personal data. Currently, there is no solution to allow users to take control and manage their data as they see fit.

Enter SOTERIA: a secure, privacy-friendly digital wallet.

In an attempt to address this issue, the SOTERIA project proposed the creation of a digital wallet that combined a digital identity, secured by high-level remote identity verification, with a data storage platform.   

Over the course of three years, IDnow and its partners carried out the following:

Extensive consultation: 3,600 members of the public were surveyed to understand their expectations of data protection and digital wallets.  Development of a digital wallet prototype: The SOTERIA wallet includes advanced identity verification at account creation, limiting potential fraud and enabling users to authenticate themselves to access various online services and store certified information in the form of ‘verifiable credentials.’ Users can easily share this information with online service providers while retaining full control over the shared data, with the option of revoking access at any time.  Experimental security solutions: Several new tools to guarantee data security and protect users’ privacy were explored.  Integration with online voting and examination platforms: The wallet was integrated with online voting and examination platforms, demonstrating its effectiveness in connecting to services and storing documents like examination certificates, online voting receipts and health documents.  Large-scale pilots: We conducted tests with 1,200 members of the public in Austria, Romania and Spain, using the wallet for online exams and e-health services.  Feedback analysis: Feedback from users has shown that using the digital wallet enhances their sense of security and privacy when transacting online. 

The SOTERIA wallet is user-centric, accessible to all, and requires no specific IT skills. It protects the privacy of European citizens and gives them full control over their data, ensuring that only the data needed to access a service is shared with the service provider.

The results of this project will enable IDnow to adapt its solutions to offer an eIDAS 2.0 compliant digital wallet.

Noémi Thomazo, Research Project Manager at IDnow.

eIDAS 2.0 – A simple update or fundamental change? Download to discover: What is eIDAS? The birth of eIDAS 2.0 The countries and industries affected by eIDAS 2.0 Download now

Innovation and research have been at the heart of IDnow’s activities since the company was founded. Our team of experts are constantly seeking to push the boundaries of identity verification and fraud detection to offer even more effective solutions.

Interested in IDnow’s other research projects? 

In a bid to break down the barriers of AI bias, IDnow participated in the MAMMOth project. Funded by the European Research Executive Agency, the goal of the project was to study existing biases and offer a toolkit for AI engineers, developers and data scientists so that they may better identify and mitigate biases in datasets and algorithm outputs.

Or, to discover how we’e attempting to address AI’s Achilles heel, read our blog ‘Is efficiency and trust AI’s Achilles heel?’

Our Senior Architect, Sebastian Elfors recently participated in a panel discussion on the challenges of balancing privacy with usability when developing the EUDI Wallet. Check out our ‘EUDI Wallets: Balancing privacy with usability’ blog to discover his thoughts and concerns.

By

Jody Houton
Senior Content Manager at IDnow
Connect with Jody on LinkedIn

🎥 Watch this Episode on YouTube 🎥
🎧   Listen to this Episode On Spotify   🎧
🎧   Listen to this Episode On Apple Podcasts   🎧

About Podcast Episode

Are you confident in the environmental and social claims about your products?

In this episode of The SSI Orbit Podcast, host Mathieu Glaude sits down with Steve Capell, Vice Chair of UN/CEFACT and Project Lead of the United Nations Transparency Protocol (UNTP), to explore how transparency and traceability are being revolutionized in global value chains. Together, they unpack the challenges of greenwashing, the urgency of compliance with new regulations, and the transformative potential of a global transparency protocol.

Steve shares real-world examples, such as the impact of carbon border adjustments and digital product passports, highlighting how regulatory frameworks and technological innovation intersect. The conversation also addresses the role of decentralized identifiers and verifiable credentials in ensuring the integrity of sustainability claims.

Key Insights:

Greenwashing is widespread, with over 50% of product claims being misleading or false. The UNTP offers a standards-based approach to ensure transparency and interoperability in value chains. Verifiable credentials are essential for decentralized trust, linking data to trusted sources while ensuring integrity. Regulations like carbon border adjustments and product passports are reshaping trade by enforcing sustainability disclosures. The UN’s role as a neutral body provides a trusted space for creating global standards and recommendations.

Tune in to this episode to learn how the UNTP is driving a shift from marketing-led sustainability claims to evidence-backed transparency and why this transformation is critical for regulatory compliance and strategic business differentiation. Don’t miss this deep dive into the future of transparent global trade!

 

Strategies: Utilize the UNTP’s toolkit to develop industry-specific extensions for transparency. Implement digital product passports to provide traceable, evidence-backed sustainability claims. Leverage verifiable credentials for identity assurance and data integrity across decentralized systems. Align with emerging global regulations to stay ahead in compliance and strategic differentiation. Chapters: 00:00 – Why is the UN pursuing the development of a new protocol to help solve transparency in sustainability disclosures? 09:17 – How to ensure integrity of claims being made is the defacto standard? 16:32 – How did the UNTP think through the proper technical and governance architecture to support all transparency use cases? 32:36 – What will become the catalyst for the mass uptake of the UNTP? 40:32 – What makes the UN a good home for the definition of a transparency protocol? 51:03 – Does all data that interacts with the UNTP need to be public? 58:40 – Is there an opportunity for registrars to create value using the UNTP?  Additional resources: Episode Transcript UNTP Overview: A detailed introduction to the United Nations Transparency Protocol (UNTP). UN/CEFACT: Learn more about the United Nations Centre for Trade Facilitation and Electronic Business (UN/CEFACT).  The digital product passport and its technical implementation Green claims – European Commission – Environment: New criteria to stop companies from making misleading claims about environmental merits of their products and services. Carbon Border Adjustment Mechanism (CBAM): EU regulation on carbon emissions and global trade. About Guests

Steve Capell is the Vice Chair of UN/CEFACT and the Project Lead of the United Nations Transparency Protocol (UNTP), bringing over 20 years of experience across industry and government. His expertise bridges organizational goals with the right blend of people, processes, and technology to deliver impactful outcomes.

With a diverse career spanning oilfield engineering, business management, software development, and strategic consulting, Steve is uniquely positioned to connect technical solutions with business needs. As a seasoned Solution and Enterprise Architect, he deeply understands architectural frameworks and standards, ensuring they are applied effectively to achieve practical and sustainable results.

Steve’s leadership in transparency initiatives, particularly through his work on the UNTP, reflects his commitment to fostering trust and traceability in global value chains. His ability to empathize with stakeholders and navigate the intersection of business and technology makes him a driving force in creating solutions that address today’s most pressing challenges. LinkedIn

  The post The United Nations Transparency Protocol (with Steve Capell) appeared first on Northern Block | Self Sovereign Identity Solution Provider.

The post <strong>The United Nations Transparency Protocol</strong> (with Steve Capell) appeared first on Northern Block | Self Sovereign Identity Solution Provider.

by Paul Fisher

Privileged Access Management (PAM) is a critical pillar in cybersecurity frameworks, safeguarding sensitive systems and data from increasingly sophisticated cyber threats. Privileged credentials—such as those used by administrators, developers, or automation scripts—are often the target of cyberattacks due to the expansive access they provide. As such, organizations require robust PAM solutions that go beyond traditional boundaries to address emerging challenges such as shadow IT, insider threats, and secure remote access.

The demand for PAM solutions is driven by the growing complexity of IT environments, which now encompass hybrid infrastructures, multi-cloud ecosystems, and remote work arrangements. However, deploying and managing PAM solutions comes with its own set of operational challenges. Organizations must navigate the integration of these tools into existing systems, ensuring seamless functionality while managing privileged identities across distributed environments.

Effective PAM solutions today are more than just vaults for storing passwords—they enable organizations to enforce dynamic, time-limited access controls, continuously monitor user activity, and generate comprehensive audit trails. These capabilities are not only essential for security but also for meeting regulatory requirements. Syteca, formerly Ekran System, has redefined its offerings to meet these evolving demands, placing functionality, usability, and real-world applicability at the core of its approach.

The Growing Competition in the PAM Market

The PAM market has evolved rapidly over the past decade, with established players and new entrants competing for a share of this critical space. This growth reflects a broader trend in cybersecurity, as organizations increasingly prioritize the protection of privileged credentials. However, the shift toward hybrid and multi-cloud environments has added new dimensions to the challenge.

Organizations are no longer looking solely for tools that secure credentials; they need PAM solutions that provide agility, scalability, and ease of use without compromising security. Features like Just-in-Time (JIT) access, seamless integration with Zero Trust architectures, and compliance with ever-changing regulatory landscapes have become standard expectations.

Vendors are responding to this demand with diverse offerings, from feature-rich enterprise solutions to specialized tools tailored to specific industries. In this crowded market, differentiation is key. Solutions that adapt to unique business needs while addressing broader challenges, such as securing remote access and monitoring insider activities, are more likely to succeed. Syteca’s recent transformation and expanded capabilities position it as a strong contender in this competitive landscape.

Why Ekran System Became Syteca

In May 2024, Ekran System rebranded as Syteca, a strategic decision that signifies the company’s evolution and commitment to addressing the challenges of modern cybersecurity. The new name reflects Syteca’s expanded focus on delivering innovative system security and technology management solutions.

This transformation is more than a rebranding exercise; it marks a shift in how the company approaches Privileged Access Management. Syteca aims to align its tools with the practical needs of organizations, emphasizing usability and efficiency. Enhanced features, such as real-time threat detection, advanced session recording, and streamlined workflows, underline the company’s goal to offer comprehensive yet intuitive solutions.

By rebranding, Syteca positions itself as a forward-thinking player in the PAM market. The company is not only addressing the challenges organizations face today but also anticipating the needs of tomorrow, ensuring its solutions remain relevant in an ever-changing landscape.

Key Use Cases Highlighting Syteca’s Capabilities

Syteca’s approach to PAM is best understood through its real-world applications. These use cases demonstrate how the solution addresses critical security challenges across various industries and scenarios.

1. Detecting and Securing Shadow Accounts

Shadow IT accounts—those created without authorization or outside central control—pose significant security risks. These accounts are often overlooked, leaving them vulnerable to exploitation by attackers. Syteca automates the discovery of shadow accounts across Windows servers and Active Directory, onboarding them securely into its secrets management system. Once onboarded, passwords are rotated, preventing unauthorized access and ensuring compliance. Security teams can then evaluate and either disable or remove unauthorized accounts, reducing exposure to potential threats.

2. Mitigating Insider Threats with Privileged Account Monitoring

Insider threats remain a major concern for organizations, particularly when dealing with privileged accounts. Syteca addresses this challenge by continuously monitoring Active Directory for new privileged accounts. Discovered accounts are secured with two-factor authentication (2FA), session recording, and role-based access control (RBAC). These measures ensure that only authorized users can access sensitive systems, with all activities logged and auditable. This proactive approach helps organizations detect suspicious behaviour early and mitigate risks effectively.

3. Securing Sleeping Accounts

Inactive or dormant accounts often go unnoticed, becoming an attractive target for attackers. For example, the account of a former employee may still be active and exploitable. Syteca’s automated discovery tools identify these sleeping accounts, onboard them into the secrets management system, and rotate credentials to cut off unauthorized access. In real-world scenarios, this capability has helped organizations close security gaps caused by oversight, ensuring that no dormant accounts remain vulnerable.

4. Managing Third-Party Database Administrators (DBAs)

Organizations often rely on external contractors, such as third-party DBAs, to maintain critical systems. These contractors require temporary yet secure access to isolated networks. Syteca facilitates this through a combination of Jump servers, ticketing system integrations, and controlled access mechanisms. Contractors can only access specific resources via pre-approved workflows, with passwords rotated after each use. Session recording ensures that all activities are logged, providing full accountability.

5. Enhancing Security in Healthcare

In healthcare settings, securing access to electronic health records (EHRs) is paramount. Hospitals and clinics use Syteca to enforce strict access controls, such as 2FA and time-based restrictions, ensuring that only authorized personnel can access patient data during working hours. Additionally, audit capabilities allow administrators to monitor and review all activities involving sensitive data, helping organizations maintain compliance with industry regulations like HIPAA.

6. Enabling Secure File Transfers for Marketing Agencies

Collaborating with external vendors often requires temporary access to sensitive systems. For a marketing agency, Syteca facilitates secure file transfers via an FTP server. Access is granted only through secrets management, with manual approval workflows ensuring that each request is vetted. Passwords are rotated after use, and sessions are recorded for auditing. This approach allows agencies to collaborate confidently without exposing sensitive client data to unnecessary risk.

The Future of PAM

The cybersecurity landscape is evolving rapidly, and Privileged Access Management is at the forefront of this change. Organizations face mounting pressure to secure their privileged credentials while navigating complex IT ecosystems and regulatory requirements. Syteca’s transformation and its ability to address diverse use cases illustrate its commitment to meeting these challenges.

By focusing on usability, scalability, and real-world applicability, Syteca provides organizations with tools to address critical security gaps. Whether detecting shadow IT accounts, mitigating insider threats, or securing third-party access, Syteca demonstrates how PAM solutions can evolve to meet the needs of today’s security-conscious organizations.

As competition in the PAM market intensifies, solutions like Syteca will be instrumental in helping organizations achieve their security goals. With its comprehensive feature set and forward-thinking approach, Syteca is well-positioned to redefine what it means to manage privileged access effectively in the 21st century.

by Mike Small

The responsibility for security of cloud services is shared between the Cloud Service Provider (CSP) and the cloud customer. While the CSP must take steps to secure the service it provides, it is up to the cloud customer to secure the way they use the service. The customer must implement what are known as Complementary User Entity Controls (CUECs) to achieve this. Cloud Security Posture Management (CSPM) tools are intended to help organizations using cloud services to identify and manage the risks under their control.

The post The Role of Reusable Identity and Public-Private Partnerships in Age Assurance appeared first on Liminal.co.

by John Tolbert

eXtended Detection and Response (XDR) represents a platform-based approach to modern cybersecurity, integrating and correlating data from multiple security layers to deliver a holistic view of threats and to streamline response actions. By unifying telemetry from endpoints, networks, servers, email, cloud environments, and other security domains, XDR enhances visibility, simplifies incident management, and accelerates threat mitigation. This report presents an overview of XDR technology, exploring its foundational capabilities, key differentiators, and its evolving role in the cybersecurity landscape. Drawing on insights from our latest research, it examines how XDR aligns with organizational security strategies, addresses emerging threats, and compares to traditional solutions like SOAR and EPDR, offering a forward-looking perspective on its impact and adoption trends.

by Warwick Ashford

In today’s rapidly evolving threat landscape, Managed Detection and Response (MDR) has become indispensable for organizations of all sizes. Cybercriminals and state-sponsored attackers relentlessly target businesses, making 24/7 threat detection and response essential. Yet, many organizations face budget constraints and a shortage of skilled security staff, leaving them overwhelmed by alerts from fragmented systems. MDR fills this gap by offering expert monitoring, advanced threat analysis, and real-time response.

What the electronic seal is and what it is for What the electronic seal is and how it works

The electronic seal is a digital technology that guarantees the authenticity, integrity and origin of the digital documents to which it is applied. It was introduced by EU Regulation 910/2014 (eIDAS), which defines it as a set of data in electronic form “which is attached to or logically associated with other data in electronic form” with the aim of guaranteeing the origin and integrity of the document.

 

This tool can be considered as a kind of digital stamp, used predominantly by legal entities (companies, organisations) to certify the origin and integrity of digital documents. Unlike an electronic signature, which identifies a natural person, an electronic seal associates the document with an organisational entity, protecting it from unauthorised modification and guaranteeing its authenticity.

The qualified electronic seal (QeSeal)

The qualified electronic seal is created using a device that contains a qualified certificate, which guarantees the highest level of security and reliability for the authentication of digital documents. This is an advanced version of the electronic seal, which offers additional legal guarantees thanks to its compliance with strict European standards. 

 

Unlike the advanced electronic seal (AdESeal), a qualified electronic seal is created by means of a device containing a certificate issued in compliance with the requirements laid down by EU legislation. It can, therefore, be defined as the equivalent of a qualified electronic signature, the only difference being that it does not refer to a natural person, but to a legal entity. 

 

So while, through a digital signature, the data of the natural person who applied it can be traced, a qualified electronic seal makes it possible to trace the name of the legal entity. For this reason, it can be used for myriad activities, even by numerous parties belonging to the same company or organisation. It can, for example, be used to prove ownership of business documents, to protect intellectual works, for certificates of incorporation, for the management of medical records and medical reports as well as for many other purposes.

How to Obtain It

To obtain it, a legal entity must go through an even more stringent verification process, conducted by a Certification Authority authorised by a government agency.

 

InfoCert was among the first Qualified Trust Service Providers to be certified for the Qualified Electronic Seal, gaining recognition for its qualified validation services. This allows InfoCert to issue electronic seals for multiple uses, such as the eSeal for EPREL, the European Product Registry for Energy Labelling, with which companies wishing to apply for the energy classification of their products must register. 

 

Find out more about the Electronic Seal.

The post Electronic Seal: What it is and How it Works appeared first on infocert.digital.

Bringing its robust Mediator to the DIDComm DIF Interop-a-thon, Indicio supports interoperability efforts with expert insights and essential infrastructure for seamless testing.

By Helen Gareau

Interoperability is the cornerstone of decentralized identity, ensuring that diverse ecosystems can seamlessly interact  with each other. At Indicio, we are constantly working to advance  interoperability so that customer solutions will be able to work with all the emerging standards and protocols and effortlessly scale to meet opportunities. This is why we are excited to participate in the upcoming DIDComm Interop-a-thon, organized by the Decentralized Identity Foundation (DIF).   

DIDComm is short for Decentralized Identifier Communication, an open standard for secure, private, peer-to-peer communication between Decentralized Identifiers (DIDs). It’s one of the least-well understood aspects of decentralized identity and one of the most powerful — especially for business. DIDComm enables each party in a decentralized identity ecosystem to seamlessly authenticate the other over a secure channel before sharing data. But it also enables a mobile device to function with the capacity of an API, enabling anyone with a mobile phone and digital wallet to become their own, highly available, easily permissioned, data platform. 

While many people think about decentralized identity as an “identity verification” solution — not surprising given the scale of current identity fraud — DIDComm enables decentralized identity to go beyond that and create trust networks for much richer digital relationships and data sharing.

For the upcoming Interop-a-thon, Indicio is providing our robust mediator. Mediators play a critical role in the DIDComm protocol, enabling message routing between mobile devices, ensuring smooth and secure communication. Developers will be able to access the Indicio Mediator to test routing and communication scenarios in a secure, reliable environment.  

At Indicio, we are committed to supporting the decentralized identity community. By supporting events like the DIDComm DIF Interop-a-thon, we’re not only contributing infrastructure but also championing the values of collaboration and innovation that drive this space forward.  

We can’t wait to see the incredible advancements that emerge from this event. If you’re attending, be sure to test with our mediator and share your experiences with us. Together, we’ll continue to build a decentralized future that works for everyone.  

Want to learn more about the DIDComm DIF Interop-a-thon or our work with mediators? Contact us. Let’s build the future of interoperability together!

###

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community

The post Indicio drives decentralized identity interoperability in the upcoming DIDComm DIF Interop-a-thon appeared first on Indicio.

Name: Juliano C. C. Tavares
Team: Engineering
Based in: Paraná, Brazil About Juliano

I always knew I wanted to work in computing, and my journey began with university projects. My focus then was distributed systems and wireless networks, so I started specializing in those. I worked for a few years with wireless networks and embedded systems, completing a master's degree in IoT during that time. After a few years of working in the field, I realized that I liked working with web development much more and started to follow that path.

SpruceID came into my life years later as a professional challenge. It is very exciting to develop ambitious projects and open-source libraries that contribute to the digital future.

Can you tell us about your role at SpruceID?

I'm currently a senior software engineer at SpruceID, working mainly with front-ends and occasionally touching some wild Rust code. I believe my biggest contributions here were in the SSX project, which is a wrapper for our other library SIWE (Sign-In With Ethereum), and also this year in the project with Utah. I had the opportunity to work here on some things I was very interested in learning about (e.g., WebAssembly and mobile development) and things I had never imagined working with (Rust front-end). We definitely have a lot of challenges and opportunities to learn and apply new tools and technologies.

What do you find most rewarding about your role?

I am very happy when we finish a project, and it starts to be used by customers. At SpruceID, in addition to the projects that the end user will use, we also have libraries that other developers can build with. There is a huge potential for people who will be reached by our work.

What are some of the most important qualities for someone in your role to have, in your opinion?

Curiosity and persistence. We work with technologies that are still evolving, and our decisions will shape many of the paths forward. With no established playbook to guide us, we rely on our own exploration and determination to define the way.

What are you currently learning, or what do you hope to learn?

I have a web development background and am venturing into mobile. I'm still trying to improve my skills and knowledge in this area.

What has been the most memorable moment for you at SpruceID so far?

In addition to what I said earlier about the projects, I couldn't leave out our team meetings. We had many incredible moments in Japan, Ireland, and Portugal, and I can't forget to mention everyone's visit to Brazil, where I was able to show a little more about my culture.

What's the best piece of advice you've received since starting here?

Have confidence in your work—it’s genuinely excellent, and we all recognize and appreciate that.

What is some advice that you’d give to someone in your role who is early in their career?

Challenge yourself to solve problems that you look at and say, "I have no idea where to start."

How do you define success in your role, and how do you measure it?

Deliver on time, few without bugs, and with good code.

Fun Facts

What do you enjoy doing in your free time?: cooking, watching movies, playing volleyball and camping with friends.

What is your favorite coding language (and why?): JavaScript/TypeScript, because it's what I've used the most and feel most comfortable coding with.

If you could be any tree, what tree would you be and why?: I would be a Trumpet Tree. It is a Brazilian tree, and here we call it Ipê, which is a name originating from Tupi and means "rough-barked tree." This tree is very common here and always colors our springs.

Interested in joining our team? Check out our open roles and apply online!

Apply to Join Us

About SpruceID: SpruceID is building a future where users control their identity and data across all digital interactions.

Predictoor DF118 rewards available. DF119 runs Dec 5— Dec 12th, 2024 1. Overview

Data Farming (DF) is Ocean’s incentives program. In DF, you can earn OCEAN rewards by making predictions via Ocean Predictoor.

Data Farming Round 118 (DF118) has completed.

DF119 is live today, Dec 5. It concludes on December 12th. For this DF round, Predictoor DF has 37,500 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF119 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF119

Budget. Predictoor DF: 37.5K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and Predictoor

Ocean was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF118 Completes and DF119 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

Join us as we explore the parallels between traditional and modern ransom schemes. Using the infamous 1971 kidnapping of the Aldi CEO as a starting point, this session dives into how the tactics of ransom have evolved in the digital age. Discover how ransomware has become a powerful tool for cybercriminals, targeting everything from individuals to global corporations, and learn about the legal, economic, and ethical implications of these high-stakes attacks.

Cybersecurity is still a fragmented market that vendors tend to have low market shares. M&A activity has gained momentum in 2024 with private equity investment soaring. A key factor driving dealmaking is the accelerating trends towards building truly comprehensive platforms. Today, the bulk of the cybersecurity unicorns are in North America. Can Europe build a new generation of global cybersecurity champions?

In an era where cyber threats grow increasingly sophisticated, traditional security measures are no longer sufficient. This presentation introduces the Cyberfantastic paradigm, a transformative approach to cybersecurity that emphasizes adaptability, proactive evolution, and resilience beyond conventional defenses. Cyberfantastic challenges the reactive mindset by proposing a model where systems leverage disruptions as catalysts for continuous improvement and growth. Drawing from the principles of cyber antifragility and innovative system design, this approach prioritizes distributed, immutable, and ephemeral structures. Attendees will gain insights into the strategic evolution of cybersecurity, exploring the shift from rigid risk management to dynamic systems that not only withstand but thrive in the face of adversity. Join us to envision a future where digital ecosystems transform challenges into opportunities, setting a new benchmark in cyber resilience.

Disruptions are a constant in the world of cybersecurity. Deliberate disruption is becoming more prevalent as attackers find ways to maximize profit by undermining the confidentiality, integrity, and availability (CIA) of our data. As attackers refine and mature their techniques to drive greater disruption, we must explore how we can become more resilient. But is securing everything by design the best approach? This session will suggest a different path, called the DIE Triad, which enables us to become truly resilient and even stronger in the face of today's disruptions.

In today's interconnected global marketplace, supply chain security has become paramount. This panel explores the critical role of smart sourcing in safeguarding organizations against risks and vulnerabilities. We'll dive into cutting-edge strategies for vetting suppliers, implementing blockchain technology for enhanced traceability, and leveraging AI-driven analytics to identify potential threats. Our expert panelists will share real-world case studies, demonstrating how intelligent procurement practices can mitigate risks, ensure compliance, and build resilience. Attendees will gain valuable insights into creating a robust framework for secure sourcing, empowering them to make informed decisions that protect their supply chains from evolving threats while maintaining operational efficiency and competitive advantage.

As organizations face increasing regulatory demands and evolving cyber threats, effective Ecosystem Partner security risk management has become a critical priority. This session will explore a successful transformation journey in Ecosystem Partner security risk management, highlighting the strategic steps, operational challenges, and solutions that drove measurable improvements in resilience and compliance.

Special focus will be given to how these experiences inform the implementation of the new Digital Operational Resilience Act (DORA), with actionable recommendations for aligning Ecosystem Partner risk practices with its requirements.

This presentation details BASF's rationale for adopting Zero Trust, driven by an evolving threat landscape and the need for enhanced security. It covers the journey to secure board approval, define seven key domains, and implement a top-down, multi-layered security strategy. The presentation showcases the challenges, tailored approach, and real-world insights that shaped the multi-year long Zero Trust program and its benefits.

In this episode of The Future of Identity Podcast, I’m joined by Ajay Gupta, Chief Digital Transformation Officer of the California Department of Motor Vehicles, to discuss California’s groundbreaking mobile driver’s license (mDL) program. From its launch to current adoption trends and future ambitions, this episode provides a comprehensive look at how California is shaping the future of mDLs.

In this episode we explore:

The adoption and growth rates of California’s mDL program, including demographic insights and usage trends. Where mDLs are being used today and the balance between Android and iOS wallet downloads. The promising potential of remote verification (online use of mDLs) and why Ajay sees it as the fastest-growing channel for adoption. Key lessons for other states, DMVs, and government agencies on engaging stakeholders and demonstrating ROI for mDL programs. Practical advice for driving adoption among businesses and other relying parties.

This episode is a must-listen for those interested in the future of digital identity, especially professionals working in government, transportation, or identity ecosystems. Whether you’re curious about the technical, policy, or adoption aspects of mDLs, there’s something here for everyone.

Enjoy the episode, and don’t forget to share it with others who would find value in this discussion!

Learn more about the CA DMV’s mDL hackathon outcomes in a free public briefing webinar on Januaty 10th. Register here.

Subscribe to our weekly newsletter for more announcements related to the future of identity at trinsic.id/podcast

Reach out to Riley (@rileyphughes) and Trinsic (@trinsic_id) on Twitter. We’d love to hear from you.

The US Treasury’s Office of Foreign Assets Control (OFAC) has today issued sanctions against a number of individuals and entities connected to Russian sanctions evasion, money laundering and the funding of espionage operations. The entities targeted by today’s action are believed to be connected to a money laundering network called TGR Group. OFAC has identified crypto addresses connected to two of these individuals, Elena Chirkinyan and Khadzi Murat Dalgatovich Magomedov. 

This article is the sixth and final article in a series about our probabilistic 360° supply chain tracking product, Track & Trust. Our previous articles described how the system works. Now, we dive into the results of our pilot operations. TLDR – We successfully tracked all the goods to their final delivery locations despite serious challenges!

The Track & Trust Mission in Southern Lebanon

We chose to track shipments of solar equipment for the Track & Trust Pilot. Destined for clinics and schools serving refugees in Beqaa Valley, Lebanon, these shipments were critical to the region. The area is home to over 300,000 Syrian refugees, according to UNHCR, and they all need medical care. Our partners, Aid Pioneers, Multi Aid Programs, and Al-Manhaj, collaborate to provide logistics, education, and medical care on the ground.

The clinics and schools require continuous a continuous electrical power supply. Due to Lebanon’s severe energy crisis, the public grid provides only about two hours of electricity per day, making the delivery of efficient healthcare services an immense challenge. In absence of a stable grid, most of the region’s essential services rely on generators, leaving the financial stability of operations at the whim of the ever-increasing price of diesel. Typical health clinics have thousands of dollars in monthly operating costs due to the need to purchase this fuel. To address this, Aid Pioneers is replacing diesel power systems with clean, abundant solar energy, one clinic at a time. By reliably shipping the equipment from Tripoli to Beqaa Valley, they achieve this goal with our help. Specifically the shipments we’ve tracked during the pilot contained all the equipment needed to outfit two clinics with enough solar power to cover all their needs. Aid Pioneers partner, Multi Aid Programs runs the clinics which received the solar and medical equipment we tracked.

Tracking Impact

Using Track & Trust, Aid Pioneers and their partners gained a clear view of what was happening to the parts in their shipment. As a result, they avoided extra trips, saving work and potential exposure to danger. Our team planned this deployment long before the recent conflict broke out, and our system performed well in the midst of a very difficult situation. Effective management of the challenges that arose was crucial to the success of the project.

During the shipments, ground personnel encountered outages of critical infrastructure, losing power and 4G connectivity several times. Fortunately, our Track & Trust mesh node infrastructure filled the gap, and our battery backup system enabled the system to run despite the power grid being down. The system’s design allowed it to handle such outages.

When 4G connectivity was lost, our mesh nodes cached delivery data until it could be passed between nodes. Utilizing technologies developed with our partner, Weaver Labs, we ensured the data was secure. Next, we used a satellite-enabled mesh node to post data that would have otherwise been lost via Iridium satellite uplink, developed by our partner Ororatech.

Aid Pioneers received hundreds of updates about the status of the goods from us. To ensure the integrity of the data, we cryptographically signed and anchored these updates to the ASI Alliance blockchain, making them highly trustworthy. This extra step was crucial to the project’s success. Together the result is highly trustable probabilistic 360° supply chain tracking.

Energy Independence One Clinic at a Time

Two major sets of shipments were completed under the watchful eye of Track & Trust, and a third set is currently being shipped to Lebanon. With 110 kWp of power, the solar systems make two entire clinics energy independent for the next twenty years. Additionally, we tracked a container of medical goods, which Al-Manhaj and Multi Aid Programs are using to save lives and provide medical treatment in Tripoli and the Beqaa Valley.

Track & Trust Proof of Resilience

The design of Track & Trust allows it to work in various contexts, providing resilience and probabilistic 360° supply chain tracking. Adaptable to different scenarios, our system is highly versatile. As we continue to develop and refine our system, we will meet the changing needs of our partners.

Next Steps

Following this piloting success, we will examine plans to make the system more user-friendly. Logistics organizations that could use more resilience in their field operations are also being contacted. If this series of blog posts has piqued your interest, please reach out, and we will schedule a call or demo.

<<< Previous Post

The post Track & Trust Pilot Success appeared first on DATARELLA.

Digitalization ‘for all’? An Update on Germany’s Public Sector from the 2024 Smart Country Convention

As governments around the world step up to regulate artificial intelligence and biometrics, a different class of technology aims to disrupt digital identity: digital wallets. Caribou is leading a research project that aims to advance migrants’ identification needs in digital identity wallet policy and technology design. Explore the project.

Since 2018, the Smart Country Convention has set out to bring together Germany’s digital economy and political decision-makers, as well as other stakeholders in the ever-growing field of public sector digital transformation.

The event is hosted by Messe Berlin, the Berlin Expo Center, and bitkom e.V., one of Germany’s largest industry associations for the digital economy. According to its website, the Smart Country Convention — or SCCON for short — has become “the biggest event for smart cities, smart regions and e-government” in Germany. Indeed, with more than 18,000 attendees, over 17,000 square meters of exhibition space and a conference program featuring more than 650 speakers on 7 stages, the event is a large-scale, upbeat demonstration of what the future of the German public sector might look like — or at least what technology vendors, policymakers and other professionals in this field imagine it will.

In between ping-pong matches, live podcast recordings, and free frozen yoghurt, keynote speakers and panelists discussed the current state of digital transformation in the German public sector. They shed light on challenges, best practices and how to work towards Germany’s policy priorities for digital transformation, as outlined in the 2022 Digital Strategy of the now defunct Traffic Light Coalition. These insights also revealed the stark discrepancy between the image projected by SCCON and where the country actually stands. Take the opening keynote by Kai Wegner, the governing mayor of Berlin, on the second day of SCCON. He announced that Berliners can now register/change their address online — if they have downloaded the AusweisApp, opened a BundID account, have an NFC-enabled smartphone or special card reader, and either the German national ID card, the eID card for citizens of the European Union and the European Economic Area, or an electronic residence card with an active eID function (and remember the PIN code they need for all of this to work).

October 16, 2024, Day 2 Opening Keynote.

The excitement and sense of digital awakening evoked by Wegner’s keynote, set against a backdrop of flashing lights and cinema-size screens, illustrates the immense undertaking Germany has ahead of it. So far, the country has fallen far short of its stated goal of digitizing access to nearly 600 public services by 2022. On the day of the deadline, only 19% of these services were available online. By the beginning of 2024, only 153 services had gone online nationwide. In terms of the overall target, this represents an implementation rate of just 26.6% — a full year after the original deadline. Germany’s sluggish pace makes the city-state of Hamburg, where 284 public services are available online, the (literal) North Star of this ongoing restructuring process.

At the heart of this public administration overhaul is the issue of digital identity management and how governments, whether at the federal, regional or local level, enable access to services. It’s against this backdrop that another name has emerged in the competition for the most innovative city: Wiesbaden. Maral Koohestanian, Deputy Mayor of Wiesbaden, was one of four panelists who discussed the state of digital identity in Germany at this year’s SCCON, moderated by Clemens Schleupner of bitkom. Koohestanian, who is now leading the Bundestag election campaign for Volt, emphasized Wiesbaden’s pragmatic approach. Working with WebID and ekom, the city has adopted VideoID to provide access to public services.

According to Koohestanian, Wiesbaden’s approach is unique in Germany. Many people have already been introduced to VideoID, for example when opening a bank account. So the process is known and accepted. In comparison, the identity verification approach taken by Berlin and other cities is based on the national eID infrastructure, as mentioned above. While Germany’s national eID infrastructure covers three types of documents (i.e. the national identity card [Personalausweis], the eID card for EU/EAA citizens, the electronic residence permit), VideoID can be used to verify around 200 international identity documents. VideoID therefore is open to more users, also because it requires less specific equipment.

During the panel discussion, Koohestanian underlined the advantage that VideoID offers in terms of the inclusiveness of the approach and its overall user acceptance. The numbers she presented seem to speak for themselves: When registering a wedding date at the Wiesbaden registry office, 98% opted to do so online, compared to 2% of people who preferred to register in person (in all cases, the ceremony itself takes place in person). Of the online users, 92.5% chose VideoID, compared to 7.5% who preferred the eID option. If people want to register/change their address online, in Wiesbaden this service is for now carried out exclusively via VideoID.

Koohestanian’s emphasis foreshadowed the theme of the next day’s opening keynote by Federal Minister Lisa Paus (Family Affairs, Senior Citizens, Women and Youth). “Some people today are afraid that the digitalization train could leave without them,” Paus said in her speech, stressing the need to strengthen inclusion, participation and accessibility of the digital transformation in Germany. While focusing on the inclusion of the elderly, Paus raised the question of how to ensure that digitalization is for all. As important as this question is, it however first requires a definition of what ‘for all’ means.

Looking at the emerging digital identity ecosystem in Germany, ‘all’ currently seems to include only those who have access to the country’s existing eID infrastructure, i.e. people with German citizenship, EU citizens living in Germany, and non-EU citizens who have successfully applied for a residence permit. This may sound like Germany has all its citizens and residents covered. But the situation is more complicated than it might seem at first glance. Take, for example, non-EU citizens who come to Germany to take up a job offer. If they enter on a work visa, this title is usually valid for up to 12 months. During this time, they will have to deal with the German bureaucracy, especially the immigration authorities at their place of residence to apply for and receive their electronic residence permit.

At present, this interaction can be a largely paper-based, face-to-face process, depending on the local authority, a topic that was the subject of another panel discussion at SCCON. During this panel discussion, Engelhard Mazanke, head of the Berlin Landesamt für Einwanderung, the city-state’s immigration authority, explained that practices vary widely across Germany. Not every immigration authority allows things to be sent to them as PDFs. Often documents have to be submitted in the original, perhaps even with an apostille. Mazanke criticized the fact that migration-related procedures are always dealt with on the assumption of potential misuse, even when processing applications for what he described as the ‘Rolls-Royce’ category of all residence permits, the EU Blue Card. Opportunities for digitizing processes and simplifying bureaucracy are limited if this is the default attitude towards non-Germans, he explained.

Concerns about misuse are also a reason for criticism of the use of VideoID in Wiesbaden. The German eID infrastructure, on the other hand, is regarded as highly secure. In the context of eIDAS 2.0, it provides the only means of identification suitable for verifying the identity of Germany-based EUDI wallet users in accordance with LoA high requirements. At the SCCON panel on digital identity, the representative of the German Federal Ministry of the Interior raised the issue of the reliability of identity systems outside Europe when asked how people in Germany who are outside the national eID infrastructure could be integrated into the country’s emerging wallet ecosystem. About an hour later, on another stage, Tobias Lindner, Minister of State at the Federal Foreign Office, emphasized the need for attractive migration processes and for Germany to present itself as welcoming and service-oriented to new residents and citizens.

As such, SCCON brought to the fore another challenge for Germany’s digital transformation efforts. Not only is there a tension between inclusion and security concerns. The messages from government officials and policymakers tell different stories, illustrating the fragmentation of political decision-making and implementation processes. Given the centrality of digital identity to Germany’s vision of modern statehood, it would certainly be a good topic for the country to start speaking with one voice.

Digitalization ‘for all’? was originally published in Caribou Digital on Medium, where people are continuing the conversation by highlighting and responding to this story.

We’re happy to announce Season 8 of the Ocean Zealy Community Campaign, an initiative that has brought together our vibrant community and rewarded the most active and engaged members.

💰 Reward Pool

5,000 ($FET) tokens that will be rewarded to the Top100 users in our leaderboard 🚀

📜Program Structure

Season 8 of the Ocean Zealy Community Campaign will feature more engaging tasks and activities, providing participants with opportunities to earn points. From onboarding tasks to Twitter engagement and content creation, there’s something for everyone to get involved in and earn points and rewards along the way.

⏰Campaign Duration: 4th of December — 30th of December 12:00 PM UTC

🤔How Can You Participate?

Follow this link to join and earn:

https://zealy.io/cw/onceaprotocol/questboard

Season 8 of the Ocean Zealy Community Campaign! was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.

How can we ensure that the person presenting a credential is truly the same person who received the credential? This is a crucial question, especially when dealing with sensitive information. Our approach is to have the biometric provider issue a short-lived credential attesting to a recent biometric check whenever the issuer or verifier needs to confirm the physical presence of a credential holder. This biometric check credential can be used by the issuer to embed biometric-binding attributes into the primary credential of interest (the credential issued by a standard issuer, such as a bank or government authority), and then it can be used by the verifier to check that it is the same person presenting the primary credential. Let's break down the process:

Enrollment: The first step involves the user providing a biometric sample, such as a thumbprint or face scan, which the biometric provider can use to generate a biometric enrollment credential. The key advantage here is that the biometric data remains on the user's device—there's no need for the biometric provider to maintain a large, potentially vulnerable database. This credential, signed by the biometric provider, is secure and tamper-proof. Issuance: The biometric provider can use the enrollment credential from the previous step to derive a separate biometric check credential that is shared with the issuer of the primary credential. The biometric check credential does not contain the biometric data, but is evidence that the biometric provider was able to successfully check a biometric that matches a specific privacy-preserving biometric ID. The issuer embeds into the primary credential some attributes identifying the issuer of the biometric check credential and the biometric ID that was used. These are known as biometric-binding attributes. Verification: When verifying the primary credential, relying parties will also request a fresh biometric check credential. The user’s wallet will enable the biometric provider to perform a new biometric check and issue the associated credential containing the same biometric ID that was recorded in the enrollment credential. The verifier can then confirm that the biometric ID in the primary credential matches the biometric ID in the biometric check credential, proving that it is the same physical person who was issued the primary credential.

As an example, let’s look at how a bank can tie a customer identity credential to an individual’s biometric. Before issuing the credential, the bank would request that the customer shares a fresh biometric check credential. This will trigger the wallet to enroll the customer’s biometric as part of issuing the biometric check credential. The bank can then embed the biometric-binding attributes into the customer identity credential that they issue. When the customer wants to prove their identity to a verifier, the verifier can require a recent biometric check credential along with the bank-issued identity credential. This will trigger the wallet to have the biometric provider run a biometric check and issue a new biometric check credential which will then be used to confirm that the person presenting the bank identity credential is indeed the same person who originally received it.

By making the biometric provider a recognized issuer within the credentialing ecosystem, we streamline the process. All necessary integrations happen on the user's device, ensuring data security while allowing for robust biometric proofing and credential binding. This method eliminates the need for each participant in the ecosystem to integrate directly with the biometric provider, reducing complexity and cost. Additionally, the biometric provider can monetize their services as these credentials are utilized throughout the ecosystem.

You can learn more by reading our documentation on biometric-bound credentials and the biometric service provider plugin for wallets.

Tips for Metadium Year-end Event !

메타디움 연말 이벤트 참가 팁입니다.
퀴즈 정답을 맞추고 상금을 타기위해서는 어떻게 해야 할까요?

Website | https://metadium.com Discord | https://discord.gg/ZnaCfYbXw2 Telegram(EN) | http://t.me/metadiumofficial Twitter | https://twitter.com/MetadiumK Medium | https://medium.com/metadium

Metadium Year-end Event Tip was originally published in Metadium on Medium, where people are continuing the conversation by highlighting and responding to this story.

Cyberattacks relentlessly target organizations of all sizes, making continuous threat detection and response essential. However, budget constraints and a shortage of skilled security professionals often leave businesses overwhelmed by alerts from disparate systems. Managed Detection and Response (MDR) solutions address this challenge by providing expert monitoring, advanced threat analysis, and real-time response, effectively bridging the gap and enhancing organizational cybersecurity.

This presentation examines real-world examples of how API security is handled in the production APIs of Siemens software services. Important elements like authentication, access control, and validation will be discussed, along with other key aspects of API design.