Last Update 1:17 PM September 26, 2025 (UTC)

Company Feeds | Identosphere Blogcatcher

Brought to you by Identity Woman and Infominer.
Support this collaboration on Patreon!

Friday, 26. September 2025

Recognito Vision

Face Recognition Software Explained in Simple Words

Imagine walking into an airport and breezing through security just because a camera recognized your face. That’s not science fiction anymore. This is the power of face recognition software, a technology that maps your unique facial features and matches them against stored data. From unlocking smartphones to catching criminals, this software is shaping our everyday...

Imagine walking into an airport and breezing through security just because a camera recognized your face. That’s not science fiction anymore. This is the power of face recognition software, a technology that maps your unique facial features and matches them against stored data.

From unlocking smartphones to catching criminals, this software is shaping our everyday lives. But along with convenience come questions about accuracy, privacy, and trust. Let’s break it down in simple words so you know what’s happening behind the lens.

 

What is Face Recognition Software

Face recognition software is a type of biometric technology that identifies or verifies a person by analyzing facial features. Think of it as a digital fingerprint, but for your face.

The process usually starts with face matching software, which compares a captured image to existing images in a database. This allows systems to confirm if two faces belong to the same individual.

For everyday people, the most relatable example is your smartphone. Every time you unlock it by looking at the screen, the phone uses a form of this software to confirm your identity.

 

How Face Recognition Software Works Behind the Scenes

At first glance, it feels magical. But under the hood, face recognition is powered by math, algorithms, and a whole lot of data crunching.

 

1. Data Capture and Photo Face Detection Software

It starts when a camera captures your face. The photo face detection software identifies the position of your eyes, nose, mouth, and chin. These landmarks form the foundation of your facial “map.”

2. Feature Extraction with Algorithms

Next, the software measures distances between facial features, like the space between your eyes or the curve of your jawline. These measurements are converted into numerical data known as a faceprint.

3. Matching Process with Databases

Finally, the system compares this faceprint against a database of known faces. If there’s a match within the confidence threshold, the system identifies the individual.

Best Face Recognition Software Applications in Real Life

This technology is not limited to spy movies. It’s deeply integrated into industries we interact with daily.

Here are the most common applications:

Smartphones and gadgets – Unlocking phones, securing payments, and managing app access.

Airports and border control – Faster identity checks, reducing wait times for travelers.

Healthcare – Identifying patients and protecting medical records.

Banking – Preventing fraud with stronger security measures.

Retail – Recognizing VIP customers or preventing theft.

Law enforcement – Finding missing persons or identifying suspects in crowds.

A growing use is facial recognition software for photos, where apps automatically tag friends or group images. Social media platforms rely heavily on this feature, which has made photo management much easier for users worldwide.

Comparing the Top Facial Recognition Software Options

With so many tools available, how do you know which one stands out? Independent evaluations, like the NIST Face Recognition Vendor Test, provide objective data on performance. You can also check the FRVT 1:1 performance reports for in-depth benchmarking.

Here’s a simplified comparison table of criteria that matter most:

Criteria Why It Matters What to Look For Accuracy Correctly identifying or verifying faces High true positive rate Speed How quickly results are delivered Real-time or near real-time Scalability Handling millions of faces Cloud or distributed systems Compliance Following laws like GDPR Transparent privacy policies Cost Fits your business budget Flexible pricing models

This breakdown helps businesses pick the top facial recognition software for their specific needs.

 

Privacy and Legal Concerns with Face Recognition

Now comes the elephant in the room. As powerful as this technology is, it raises eyebrows when it comes to personal freedom.

Data storage – Where are your facial scans stored, and for how long?

Consent – Are you being recognized without agreeing to it?

Misuse – Could governments or companies abuse this technology for surveillance?

In Europe, these questions tie directly into GDPR compliance. The rules emphasize transparency, data minimization, and user rights. If an organization mishandles face data, the penalties can be steep.

A 2021 study found that 56 percent of people worry about misuse of facial recognition by authorities. This shows that while the tech is impressive, trust remains fragile.

 

Open Source Face Recognition Options for Developers

Not all solutions are locked behind expensive paywalls. Developers and small businesses often turn to face recognition opensource tools. These options allow for flexibility, customization, and cost savings.

Advantages of open-source tools include:

Free or low-cost access to powerful libraries.

Large communities that support development.

Ability to customize for unique projects.

Faster innovation through collaboration.

One notable resource is the Recognito Vision GitHub, where developers can explore codebases, contribute, and experiment with new applications.

 

Future Trends in Face Recognition Technology

The pace of innovation isn’t slowing down. Researchers are refining algorithms to improve speed and reduce bias.

Future trends to watch:

Ethical AI – Systems that reduce bias across race and gender.

Edge computing – Processing data on devices instead of servers for faster results.

Integration with IoT – Smart cities that use recognition for traffic, safety, and efficiency.

Privacy-first models – More tools will adopt privacy-by-design frameworks.

Experts predict that within the next decade, face recognition will be as common as passwords are today, though hopefully far more secure.

 

Conclusion

Face recognition software is no longer futuristic tech, it’s a reality shaping security, convenience, and even social interactions. From photo face detection software to face matching software, its reach is growing rapidly. Yet, the real challenge is balancing innovation with privacy. Companies that master this balance will win trust in the long run.

And speaking of innovation, Recognito is one brand pushing these boundaries with responsible and practical applications.

 

Frequently Asked Questions

 

What is the difference between face detection and face recognition?

Face detection finds and locates a face in an image, while recognition goes a step further by identifying or verifying who that person is.

Is face recognition software always accurate?

No, accuracy depends on the algorithms, quality of data, and lighting conditions. According to NIST tests, top systems can reach over 99 percent accuracy in controlled settings.

Can face recognition software work with old photos?

Yes, many systems can analyze older images. However, accuracy may decrease if the photo quality is low or the person has aged significantly.

Is open source face recognition safe to use?

Yes, but it depends on how it’s implemented. Open-source tools are flexible, but developers must ensure strong security practices when handling sensitive data.

How does face recognition affect privacy rights?

It raises major concerns about surveillance and consent. Laws like GDPR in Europe require companies to handle facial data transparently and responsibly.


SC Media - Identity and Access

Identity controls may be the best defense against AI-based attacks

Threat actors are beginning to subvert their targets' own AI agents in attacks, making the need for identity-based internal AI controls even more urgent, an Okta expert says.

Threat actors are beginning to subvert their targets' own AI agents in attacks, making the need for identity-based internal AI controls even more urgent, an Okta expert says.


Elliptic

The A7 leaks: The role of crypto in Russian sanctions evasion and election interference

 

 

Thursday, 25. September 2025

SC Media - Identity and Access

Securing AI agents is the key to securing the future

The next decade of technology will be dominated by AI, Okta's Todd McKinnon says, but it may lead to disaster unless we implement clear, common standards for controlling and managing AI agents.

The next decade of technology will be dominated by AI, Okta's Todd McKinnon says, but it may lead to disaster unless we implement clear, common standards for controlling and managing AI agents.


Extrimian

How Extrimian Drives Digital Trust in Healthcare

Why are identity and data critical in healthcare? Healthcare —both public and private— faces a structural challenge: managing massive volumes of sensitive data from patients, professionals, and institutions while ensuring accuracy, security, and transparency. So, how Extrimian Drives Digital Trust in Healthcare? Today’s systems are fragmented. Patient admissions, authorizations, professional valid
Why are identity and data critical in healthcare?

Healthcare —both public and private— faces a structural challenge: managing massive volumes of sensitive data from patients, professionals, and institutions while ensuring accuracy, security, and transparency. So, how Extrimian Drives Digital Trust in Healthcare?

Today’s systems are fragmented. Patient admissions, authorizations, professional validations, or organ transplant waiting lists still rely on manual processes or disconnected databases. The consequences are severe:

Excessive bureaucracy → long delays for authorizations, transplants, or referrals.

Hidden costs → thousands of hours in manual administrative work.

Fraud risks → falsified medical degrees or manipulated patient records.

Social distrust → patients unsure if they are on the correct waiting list; doctors lacking visibility into processes.

In a sector where every minute can make the difference between life and death, the question becomes urgent: How can healthcare systems modernize identity and data management without sacrificing security or trust?

What does Extrimian propose to solve these challenges?

Extrimian provides an ecosystem of Verifiable Credentials (VCs) and digital identity tools enabling hospitals, clinics, insurers, and public agencies to:

Issue and validate credentials in seconds, instead of manual processes taking days.

Guarantee advanced security, with tamper-proof, instantly verifiable records.

Ensure compliance with international standards (W3C, DIF, GDPR, HIPAA).

Optimize costs and resources, cutting bureaucracy and human errors.

Improve patient and professional experience, simplifying access and workflows.

All built on principles of privacy by design, interoperability, and open standards.

How does self-sovereign identity (SSI) apply to healthcare?

Self-Sovereign Identity (SSI) places individuals at the center of control over their personal data.

For patients: medical history, diagnoses, or lab results can be issued as portable, verifiable credentials.

For medical professionals: degrees, licenses, and certifications are turned into tamper-proof VCs that any hospital can instantly verify.

For institutions: each credential is validated without intermediaries and easily integrated into existing hospital systems.

SSI does not replace health systems; it strengthens them with a new layer of trust.

Case Study: How Extrimian helped INCUCAI improve Argentina’s transplant system

The Instituto Nacional Central Único Coordinador de Ablación e Implante (INCUCAI) faced a long-standing challenge: managing the national emergency transplant waiting list.

The problem

Slow processes in organ allocation.

Limited transparency in prioritization.

Patients and families receiving little real-time information.

The Extrimian implementation

Extrimian introduced verifiable credentials to build traceability and trust into the national list:

Every update in the list is issued as a verifiable credential.

Patients and doctors can instantly verify position and status.

All changes are validated securely, without risks of tampering.

The results

Significant time reduction in allocation and updates.

Full transparency for patients, professionals, and regulators.

Improved patient experience through clear communication.

Strengthened trust in one of the most sensitive areas of healthcare.

This pioneering use case demonstrated how Extrimian’s technology can save lives by enhancing transparency and efficiency in public healthcare.

More about this case studie: Extrimian & INCUCAI

What other use cases does Extrimian enable in healthcare? 1. Medical professional identity verification

Problem: manual validation of degrees and licenses.
Solution: verifiable credentials that confirm authenticity instantly, eliminating fraud risks.

2. Verifiable medical records

Problem: fragmented medical histories between hospitals, insurers, and regions.
Solution: interoperable VCs that patients can carry and present anywhere, securely and instantly.

3. Smart access to healthcare services

Secure login for hospital web portals.

QR- and VC-based access control for labs, operating rooms, and medical events.

Automated attendance for in-person and virtual consultations.

4. Patient benefit networks

VCs as digital passes for transportation or pharmacy discounts.

Integration with insurance, pharmacies, and wellness services.

5. Academic and professional certifications

Credentials for courses, residencies, and specializations issued as VCs.

Streamlined hiring and international mobility for healthcare professionals.

What tangible benefits do healthcare institutions gain?

Institutional prestige: issuing VCs with the institution’s brand boosts trust and modernity.

Advanced security: tamper-proof credentials reduce fraud.

Operational efficiency: automated processes cut costs and errors.

Enhanced patient experience: simpler, faster, user-centric interactions.

Strategic partnerships: connection with fintech, insurance, and other key sectors.

Global compliance: alignment with W3C and DIF standards ensures global acceptance.

How is Extrimian implemented in healthcare institutions? Step 1: Personalized demo

Showcasing practical use cases like patient admission or credential verification.

Step 2: Modular implementation

Start with one specific case (e.g., issuing medical certificates) and scale up to a full ecosystem.

Step 3: Continuous support

Training workshops and Extrimian Academy.

Ongoing technical support.

ROI measurement with clear impact metrics.

What is the ROI of verifiable credentials in healthcare?

Administrative savings: up to 60% time reduction in credential verification.

Fraud reduction: fewer legal risks and malpractice cases.

Efficiency gains: processes that once took days now take seconds.

Intangible value: reinforced patient trust and institutional reputation.

For a hospital serving 10,000 patients annually, the potential savings amount to hundreds of thousands of dollars, alongside a substantial boost in credibility.

Conclusion: towards a more trusted, efficient, and human healthcare system

Healthcare needs trust, agility, and security. With Extrimian, identity verification and data management stop being a problem and become a competitive advantage.

The INCUCAI case proves it is possible to reduce delays, increase transparency, and improve patient and professional experiences. And this is just the beginning: from private hospitals to national public networks, verifiable credentials can raise the standard of trust in healthcare worldwide.

👉 Want to explore how these benefits could work in your institution?
Schedule a personalized demo with the Extrimian team today.

The post How Extrimian Drives Digital Trust in Healthcare first appeared on Extrimian.


SC Media - Identity and Access

NHIs: The hidden identity crisis reshaping cyber defenses

Here’s why modern tools are needed to manage the sprawl created by non-human identities.

Here’s why modern tools are needed to manage the sprawl created by non-human identities.


FTC standards for neural data protection sought by Senate bill

The Federal Trade Commission would be required to work with other agencies, industry leaders, researchers, and consumer advocates to identify policy gaps and create a governance framework that would protect neural data from potential exploitation of data brokers and tech firms under new legislation introduced by Sens. Ed Markey, D-Mass., Chuck Schumer, D-N.Y., and Maria Cantwell, D-Wash., reports

The Federal Trade Commission would be required to work with other agencies, industry leaders, researchers, and consumer advocates to identify policy gaps and create a governance framework that would protect neural data from potential exploitation of data brokers and tech firms under new legislation introduced by Sens. Ed Markey, D-Mass., Chuck Schumer, D-N.Y., and Maria Cantwell, D-Wash., reports The Record, a news site by cybersecurity firm Recorded Future.


Holochain

How Does Desirable Social Coherence Evolve?

Blog
Reflections from the DWeb Seminar

In August I had the privilege of participating in the DWeb Seminar 2025, an intimate gathering designed to “map the current DWeb technological landscape, learn from each other, and define the challenges ahead”.  For those unfamiliar with the event, Wendy Hanamura’s excellent recap captures the spirit and outcomes beautifully. As part of the event we were invited to offer a 15 minute “input talk” to the other participants.   I chose to share a fundamental question that has driven Holochain from its inception – and explore how this question shapes not just our technology, but our entire approach to building decentralized systems.

The Core Question: How Does Desirable Social Coherence Evolve?

Everything we do at Holochain (and the projects that I've been nurturing through Lightningrod Labs, like Moss and Acorn) stems from this central inquiry. But what do I mean by “desirable social coherence” and why does it matter? 

You can think of social coherence as a group’s long-term stability. Like most things this property exists along a gradient: some social bodies have more coherence than others, which depends on their capacity to respond and adapt to environmental changes as a result of the patterns, practices and organizing principles that they operate by.  But therein lies the rub.  Some of  these patterns provide lots of coherence, but they may not be desirable or pleasant for the individuals taking part in them!  It’s no fun for almost everybody involved in an authoritarian regime, but it does have a real degree of stability.   My fundamental belief, however,  is that not only is it possible to evolve these patterns and processes in directions that participants will find pleasant and desirable, but that doing so actually yields the most long term stability because they will by that fact not contribute to destabilizing it.

The Challenge: Current digital systems scale through centralization and intermediation of critical social functions. Unfortunately, this creates undesirable forms of social coherence – power imbalances that enable both intentional and unintentional abuse. When a few entities control the platforms where billions interact, we may get coherence, but it's often extractive rather than generative. Furthermore our current systems are difficult to evolve because of their very centralization and the interests that want to keep them that way to maintain power.

The Opportunity: Decentralized technology can create substrates for evolvable social coherence – essentially, DNA for social organisms. Instead of rigid, centralized structures, we can build infrastructure that enables new forms of social fabric to emerge and multiple scales, yielding increasing collective intelligence

A key insight here is that there is no single “correct” form of social coherence. What works is contextual, diverse across time, space, and scale. What we need is infrastructure that enables continuous evolution and discovery – balancing stability with emergence. 

How This Shapes Our Work at Holochain

This framework isn’t abstract philosophy - it directly informs every architectural decision we make. When building technology to support evolvable social coherence, several principles become essential:

Engagement Spaces as Building Blocks

Human social fabric is built out of layers of interacting and layered “engagement spaces” – essentially social contracts with defined rules. We need infrastructure that makes it easy to create, use, and compose these spaces. The current web may have “solved for” decentralization of publishing - anyone can create a website or blog without permission. But the places where people actually interact and engage with each other (social media platforms, forums, collaborative tools, even finance and accounting tools) remain under intermediary controlled web-servers. Our approach requires protocols where neither the data nor the rules of the group interaction are held by intermediaries. 

Agency AND Accountability, Mutually Interwoven

Individuals need genuine agency through their technology - the ability to participate in multiple spaces, move between them, and take their data with them. But this autonomy must be paired with accountability within the contexts where they participate. This tension between empowerment and responsibility is productive, not problematic.

Uncapturable/Unenclosable Carriers: The infrastructure itself must be immune to capture - meaning no single entity can gain enough control to dictate rules, extract value, or shut down the system. We’ve seen far too many examples of infrastructure capture” governments shutting down internet services during protests, platform owners changing terms to benefit their shareholders, or cloud providers being pressured to deplatform users. Even when specific engagement spaces have their own defined rules, the underlying “carrier” of those interactions must remain decentralized. This enables autonomous group formation without intermediation - groups can organize however they choose without worrying that their technological foundation can be pulled out from under them.  

Local State, Global Visibility: Rather than forcing artificial global consensus (like blockchains do), we recognize that state is inherently local but can achieve consistent global visibility if nodes share data.  Operating this way eliminates unnecessary coordination bottlenecks while maintaining system coherence. 

Architectural and Design Consequences

The principles stated above have very concrete design and implementation consequences.  For those technically familiar with Holochain you already know how they show up in the design, but here I list some of the key aspects along with pointers to documentation that describe each consequence in more detail.

Start with a capacity to define & create a known “engagement space”.  The “rules of a game”.  This consists of the hash of a set of data-types & relations and deterministic validation rules for creation of that data. In Holochain we call this the DNA Allow agents to be the authoritative source of all data, i.e. agents “make plays” according to the rules of the DNA.  Ensure that when this data is shared, it has intrinsic data integrity, i.e. it’s a cryptographically signed append-only ledger for that source (in Holochain we call this the Source Chain), and ensure that it is identifiable as being part of an engagement space by having the first entry in the chain being an agent’s signing of the space’s hash.  This is also “I consent to play this game”. Share data to an eventually consistent Graphing Distributed Hash Table (DHT), in which other agents validate that all shared data follows the rules of the game. Ensure that agents who don’t follow the rules can be blocked/ignored.  This prevents capture. Allow for “bridge” calls between engagement spaces at the agentic locus (i.e. not at the group level) for composability of spaces.  This ensures composibility, autonomy, and accountability

There are of course more details in the design, but these are some of the key ones that fall out of the principles.

Resonance at the DWeb Seminar

What struck me most about the seminar was how much of our framework resonated with challenges other participants were grappling with, even when they approached them from different angles.  I would even say that the Seminar itself was fundamentally an example of this thinking.  It was a carefully designed set of patterns and processes  for a literal engagement space (this time physical instead of digital) whose purpose was to increase the social coherence of players in the p2p domain.  These patterns not only included the processes of the input-talks, the unconference sessions, and commitment to production of a collaborative write-up, but also the relational parts of cooking together and sharing non-work time together.  All of this together created desirable social coherence.   And it’s this pattern that we are all trying to create powerful affordances for in the digital world.

Some further examples: During the unconference sessions, conversations kept circling back to fundamental questions about coordination, autonomy, and accountability. 

When we discussed "UI Patterns for Peer-to-peer," I saw it as asking: how do we make decentralized engagement spaces feel natural and empowering to users? When we debated collaborative data model requirements, I saw it as exploring: how do we maintain coherence across distributed participants without sacrificing agency?

When Rae McKelvey shared her focus on "purpose-built apps" that solve real social problems to me that aligned perfectly with the engagement space concept—recognizing that different contexts require different rules and structures. 

At the technical level David Thompson's work on object capabilities and Duke Dorje’s work on recryption and identity both live into the same autonomy-with-accountability tension we see as central to social coherence.  The ever-present discussions about how best to implement CRDTs (Conflict-free Replicated Data Types, of which Holochain’s DHT is an example) revealed the shared underlying assumption: that meaningful coordination really is possible without central control, that local autonomy and global coherence can coexist, and most profoundly that the infrastructure we build shapes the social possibilities it enables.

But if everything resonated so well, what’s the big deal?

Why This Matters for the Decentralized Ecosystem

Probably the most common complaint I’ve heard over the years from folks who see the astounding potential of decentralized infrastructure goes something like this:  “There are so many different p2p solutions, and teams that seem to be working in isolation, why can’t you just agree on a single solution and work together?”  On the surface, this sounds like a reasonable complaint, but the lens of coherence helps understand why “working together” is actually such a hard problem to solve.  

Recalling from the start of this article: what creates coherence are the patterns, practices and organizing principles of a group.  Just because groups have the same goals and want the same outcomes, does not mean that they start their patterns, processes and organizing principles are similar and compatible.  In fact, almost always, they aren’t.  But this relates to why the DWeb Seminar was so important.  It successfully operated according to a higher order organization principle that created an engagement space precisely for the purpose of getting at what patterns, practices and organizing principles folks in the broad DWeb community were operating by, and making them visible and .  

So to me this was an example of exactly the underlying principles that we’ve been embedding in Holochain’s architecture from the start.

So, while the decentralized web movement often focuses on technical capabilities – faster consensus, better cryptography, more efficient protocols, we are now seeing the community beginning to seriously see these as means, not ends. The higher level question remains: what kinds of social possibilities can these technologies enable? 

This approach enables us to build towards greater “commons enabling infrastructure” - technology that strengthens shared resources and collective capacity rather than extracting value. The creation of digital, unenclosable fabric of engagement spaces is central to this goal. Instead of platforms that capture value from user interactions, we can build infrastructure that enables communities to create and govern their own spaces, according to their own values. 

When the decentralized ecosystem embraces this approach, many new possibilities emerge:

Interoperability with Purpose: We can more easily build bridges between systems that share compatible social intentions. A climate action network could seamlessly share data and coordinate with a local food co-op using a different protocol, supporting community resilience initiatives that address both environmental and food security challenges, while using mutual-credit currencies backed by the productive capacity of the local farms supplying the co-op. Governance that Evolves: We can build infrastructure that enables continuous governance innovation rather than trying to solve governance once and for all. A neighborhood mutual aid group could start with simple coordination tools, then gradually evolve more sophisticated decision-making processes as their needs change, without having to migrate to entirely new platforms. Network Effects that Serve Users: We can create composable ecosystems where network effects benefit participants rather than extracting from them. As more people join a decentralized social network, the benefits – better content discovery, richer discussions, stronger community bonds - flow to the participants themselves rather than to a platform owner’s advertising revenue.  The Path Forward

The grand challenge of decentralized software is ensuring it actually delivers on evolvable social coherence. This means building infrastructure that serves the flourishing of people and planet rather than extracting from it. 

At Holochain, we’re committed to this path, not just in our technology choices, but in how we organize ourselves, engage with our community, and collaborate with other projects. The conversations at the DWeb Seminar reinforced that we’re not alone in this commitment. 

The adjacent possibility that Wendy described in her recap isn’t just about new technical capabilities – it’s about new forms of social organization that those capabilities make possible. That’s both a tremendous responsibility and an extraordinary opportunity for all who choose to walk to this path. 


SC Media - Identity and Access

Keeping AI under control: What to expect at Oktane 2025

Oktane 2025 is taking place today and tomorrow, and we will provide ongoing coverage. Check in here for live updates!

Oktane 2025 is taking place today and tomorrow, and we will provide ongoing coverage. Check in here for live updates!


Veracity trust Network

Are AI Agents a threat to all industries or just another digital tool?

AI Agents are a growing influence on how we do business online and it pays to be aware of how they work – and the potential risks they expose. Also known as Agentic AI, they are defined as autonomous systems that perceive, make decisions, and take action to achieve specific goals within an environment. The post Are AI Agents a threat to all industries or just another digital tool? appeared f

AI Agents are a growing influence on how we do business online and it pays to be aware of how they work – and the potential risks they expose.

Also known as Agentic AI, they are defined as autonomous systems that perceive, make decisions, and take action to achieve specific goals within an environment.

The post Are AI Agents a threat to all industries or just another digital tool? appeared first on Veracity Trust Network.


Ocean Protocol

DF156 Completes and DF157 Launches

Predictoor DF156 rewards available. DF157 runs September 25th — October 2nd, 2025 1. Overview Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor. Data Farming Round 156 (DF156) has completed. DF157 is live today, September 25th. It concludes on October 2nd. For this DF roun
Predictoor DF156 rewards available. DF157 runs September 25th — October 2nd, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 156 (DF156) has completed.

DF157 is live today, September 25th. It concludes on October 2nd. For this DF round, Predictoor DF has 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF157 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF157

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF156 Completes and DF157 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.


auth0

Announcing Auth0 for AI Agents: Powering the Future of AI, Securely

Worried about trusting AI agents with critical data? Auth0 for AI Agents is a complete auth solution that gives companies the confidence to adopt AI securely.
Worried about trusting AI agents with critical data? Auth0 for AI Agents is a complete auth solution that gives companies the confidence to adopt AI securely.

FastID

4 Tips for Developers for Using Fastly’s Sustainability Dashboard

Track the real-world emissions of your Fastly workloads. This blog shares practical tips on using the Sustainability dashboard for greener, faster code.
Track the real-world emissions of your Fastly workloads. This blog shares practical tips on using the Sustainability dashboard for greener, faster code.

Thursday, 25. September 2025

SC Media - Identity and Access

Phishing campaign targets PyPI users to steal credentials

Python Software Foundation warns PyPI users to reset their credentials.

Python Software Foundation warns PyPI users to reset their credentials.


Freshers, phishing and forgotten accounts: The identity crisis in higher ed 

Universities face AI-driven phishing, bot attacks, and ghost accounts — making IAM and IGA critical defenses.

Universities face AI-driven phishing, bot attacks, and ghost accounts — making IAM and IGA critical defenses.


liminal (was OWI)

The Silent Killer in Third-Party Risk: Why Behavioral Red Flags Matter More Than Checklists

The hidden risks behind vendor relationships It starts innocently enough. A supplier begins missing deadlines. A long-trusted partner suddenly resists contract changes. Payments arrive late, documentation lags, and small deviations creep into everyday interactions. These aren’t just operational hiccups—they’re behavioral red flags. For years, third-party risk management (TPRM) relied on static com
The hidden risks behind vendor relationships

It starts innocently enough. A supplier begins missing deadlines. A long-trusted partner suddenly resists contract changes. Payments arrive late, documentation lags, and small deviations creep into everyday interactions. These aren’t just operational hiccups—they’re behavioral red flags.

For years, third-party risk management (TPRM) relied on static compliance checklists: audits, certifications, and one-off questionnaires. But today’s risk environment has outpaced that model. Subtle engagement shifts often signal vendor instability—or even fraud—well before a failed audit or regulatory breach brings it to light.The stakes are growing. A single vendor misstep can trigger multimillion-dollar losses, regulatory scrutiny, and reputational fallout. In 2025, the risk that matters most isn’t what the audit catches—it’s what it misses.

What Is Third-Party Risk Management?

Third-party risk management (TPRM) is the discipline of identifying, assessing, and mitigating risks that arise from vendors, suppliers, and business partners. It goes beyond contract compliance to cover financial, cybersecurity, operational, and reputational exposures.

Why compliance checklists fall short

Traditional compliance frameworks provide assurance, but they’re backward-looking. By the time an issue surfaces in an audit, the damage may already be done.

Complex risks are growing: According to Liminal’s Market & Buyer’s Guide for TPRM, 33% of organizations cite complexity of risks as the top barrier to effectiveness—outranking resources or legacy systems. Budgets are shifting: The same research shows that two years ago, 77% of businesses devoted 10% or less of their budgets to TPRM. Today, 84% say funding is sufficient—a 42% improvement. Maturity remains low: Despite rising investment, only 9% of organizations have achieved “advanced” TPRM maturity, underscoring how far the market still has to go.

Static compliance isn’t enough when risk signals emerge daily in behavior, process, and relationships.

The market is moving fast

The risk isn’t just theoretical—the market for third-party risk management is expanding quickly. Liminal’s research shows that while sentiment on budget sufficiency has improved by 42% in two years, only 9% of organizations have achieved advanced maturity.

It’s a sign that boards and executives see TPRM as too important to ignore—but most are still playing catch-up. As Gartner notes, organizations that fail to modernize vendor risk programs face increasing exposure across cybersecurity, compliance, and operational resilience.

Market & Buyer’s Guide for Third-Party Risk Management 2025, p.19 From checklists to behavioral red flags

Behavioral red flags—missed SLAs, contract resistance, data delivery delays, unusual communication shifts—are leading indicators of risk. Unlike static compliance, they reveal real-time vulnerabilities and allow earlier intervention. Behavioral risk monitoring is the practice of tracking deviations in how vendors operate and interact that can signal early signs of instability or misconduct.

The most effective programs are:

Embedding continuous monitoring rather than point-in-time reviews. Integrating behavioral insights into enterprise-wide dashboards. Automating alerts when engagement patterns deviate from norms.

This shift mirrors risk management trends across Data Access Control and AI Data Governance—executives no longer want box-checking. They want predictive visibility into the risks that can derail operations, undermine vendor resilience, and erode supplier trust.

Market & Buyer’s Guide for Third-Party Risk Management 2025, p.18 What executives are demanding now

For boards and CISOs, vendor risk has become strategic infrastructure: as vital to credibility as financial reporting or data security. The new priorities are clear:

Continuous monitoring: Liminal’s Regulatory TPRM Link Index shows that 63% of buyers rank this as their top priority. Automation at scale: 42% cite automation of TPRM activities as their top optimization goal. Data quality: Cybersecurity TPRM buyers emphasize accuracy (89%) and monitoring (85%) as table stakes, guided by emerging frameworks such as NIST’s Cybersecurity Framework. Cross-functional orchestration: Operational buyers demand interoperability across compliance, procurement, and security.

These shifts signal the end of siloed vendor risk teams. The winners will be those who connect behavioral risk detection into broader enterprise resilience strategies.

The executive reality check

Boards no longer accept “checklist compliance” as proof of safety. Regulators and investors expect real-time assurance. Yet with only 9% of organizations achieving advanced TPRM maturity, most enterprises remain exposed.

The Wall Street Journal recently reported on how supply chain disruptions and vendor failures are forcing boards to elevate TPRM to a core resilience strategy—not just a compliance function. It’s a signal that the market is moving fast, and expectations are rising. Regulatory frameworks are evolving in parallel. The SEC now requires detailed cyber disclosures, the EU GDPR continues to impose significant fines, and NIST provides baseline guidance for organizations modernizing their risk programs.

By acting on behavioral red flags, enterprises strengthen resilience and trust. Ignoring them leaves blind spots that regulators and investors won’t overlook.

Turning behavioral insight into advantage

Behavioral risk monitoring isn’t just a compliance upgrade. It’s a competitive advantage. By weaving continuous monitoring and behavioral insights into third-party risk management, executives can:

Protect against operational and financial losses. Demonstrate resilience to regulators. Build stronger trust signals with investors, customers, and suppliers.

👉 Dive deeper in the Market & Buyer’s Guide for Third-Party Risk Management and explore the Cybersecurity, Operational, and Regulatory Link Indexes to see how leading enterprises are raising the bar.

👉 Watch our Webinar on TPRM Strategy & Stronger Risk Management to hear how leaders are operationalizing these shifts in real time.

The post The Silent Killer in Third-Party Risk: Why Behavioral Red Flags Matter More Than Checklists appeared first on Liminal.co.


SC Media - Identity and Access

GitHub to update npm authentication, publishing policies

Recent npm supply chain intrusions have prompted GitHub to disclose imminent plans to update publishing and authentication policies aimed at curbing token misuse and self-replicating malware, reports The Hacker News.

Recent npm supply chain intrusions have prompted GitHub to disclose imminent plans to update publishing and authentication policies aimed at curbing token misuse and self-replicating malware, reports The Hacker News.


Canadian probe discovers TikTok child data protection gaps

TikTok was found by Canadian privacy authorities to have implemented inadequate data protections for children accessing its platform, according to Reuters.

TikTok was found by Canadian privacy authorities to have implemented inadequate data protections for children accessing its platform, according to Reuters.


Indicio

How decentralized identity delivers next generation authentication and fraud prevention

The post How decentralized identity delivers next generation authentication and fraud prevention appeared first on Indicio.
Decentralized identity and Verifiable Credentials remove the vulnerabilities driving generative-AI, social engineering, and synthetic identity fraud at a significantly lower cost than legacy or alternative solutions. How? The technology allows you to just bypass these problems. With Indicio Proven, you get authentication and fraud prevention in a single, affordable, globally interoperable platform.

By Trevor Butterworth

The new report by Liminal — The Convergence of Authentication and Fraud Prevention — makes for stark reading.

Fraud losses in the U.S. alone are projected to double in just three years to $63.9 billion, with account takeover fraud accounting for half. Seventy-one percent of respondents to their survey of 200 buyers in retail, ecommerce, financial services and tech believe current methods of authentication may be insufficient to thwart generative-AI social engineering attacks. And almost two-thirds worry that additional security layers will add unacceptable friction to customer and user experience.

One could say the problem is that the technology powering fraud is more powerful than the technology powering authentication and fraud prevention. And the latter’s weakness is compounded by authentication and fraud prevention being two separate processes, often managed by multiple different vendors.

The solution is more of everything — more layers of defense, multi-level signals analysis, more authentication factors, and good AI to battle the bad AI. All of which translates into more complexity, friction, and cost. No surprise, Liminal also reports increasing budgets for authentication, account takeover protection, and social engineering scam prevention, and it projects these budgets will continue increasing year-on-year.

Meanwhile, customers and consumers — many of whom are digital natives — expect seamless, frictionless interaction and not painful multifactor authentication. As a result, organizations face brutal tradeoffs: cater to digital behavior and increase risk, or decrease risk but make customers pay in friction and risk losing them.

Fix the fundamental problem

There’s a reason the technology powering fraud has the upper hand: The legacy systems organizations rely on — username/password,  stored biometrics, centralized databases filled with personal data — are all vulnerabilities easily exploited by brute-force AI attacks, synthetic identity fraud, and deepfakes.

Remove these vulnerabilities and you remove these problems. That’s what decentralized identity does. It removes the need for usernames, passwords, and the centralized storage of personal data needed to manage identity and access.

That’s what Indicio’s customers are doing — sweeping away the digital structures and processes that are the cause of all these problems.

We replace this with Verifiable Credentials. They’re a simple way for each party in a digital interaction — customers, organizations, employees, devices, virtual assistants — to authenticate the other in a way that can’t be phished, hacked, or faked; and we do this authentication before any data is shared.

Verifiable Credentials reduce fraud by enabling digital credentials to be bound to individuals in a way that is cryptographically tamper-proof, and which can incorporate biometrics that have been authenticated. This closes off attack vectors like phishing, synthetic identities, and — with an authenticated biometric in a Verifiable Credential — deepfakes.

A person with an authenticated biometric in a Verifiable Credential has a portable digital proof of themselves that can be instantly corroborated against a liveness check.

A decentralized identity architecture changes everything. It integrates authentication and fraud prevention, creates unified digital identities, and enables data to be fully portable, trusted and acted on immediately — without friction to businesses or customers.

Just as important, it’s significantly less expensive than legacy or alternative solutions; it can be layered into existing systems, meaning that it’s a solution that, depending on the scope, can be implemented in days or weeks.

Don’t take our word, see what our customers are doing

Indicio and its customers — enterprises, financial services,  governments — have had enough of the same old same old. We and they are using Verifiable Credentials to cross borders, onboard customers, and authenticate account access — all seamlessly with the highest level of digital identity assurance.

It might be hard to believe that a solution could be that simple — that you can just remove the core vulnerabilities fueling the surge in identity-related fraud and not have to rip and replace your entire authentication infrastructure.

Contact us to see a demo — and discover how Indicio Proven is being used as a single authentication and fraud prevention system to create seamless and trusted digital interaction.

The post How decentralized identity delivers next generation authentication and fraud prevention appeared first on Indicio.


auth0

Detecting Signup Fraud: 3 Ways to Use Auth0 Logs to Protect Your Business

Discover how to detect and prevent fraudulent signups using Auth0 Logs. Learn about three common fraud indicators like high-volume signups, disposable emails, and unverified accounts.
Discover how to detect and prevent fraudulent signups using Auth0 Logs. Learn about three common fraud indicators like high-volume signups, disposable emails, and unverified accounts.

FastID

Fastly’s Pillars of Resilience: Building a More Robust Internet

Discover Fastly's Pillars of Resilience: unwavering availability, minimized latency, and disruption resistance for a robust internet experience with our global network.
Discover Fastly's Pillars of Resilience: unwavering availability, minimized latency, and disruption resistance for a robust internet experience with our global network.

Monday, 22. September 2025

Radiant Logic

Gartner Recognizes Radiant Logic as Leader in Identity Visibility and Intelligence Platforms

Explore why Gartner sees Identity Visibility and Intelligence Platforms as critical for reducing risk and accelerating digital transformation with real-time observability and unified identity data. The post Gartner Recognizes Radiant Logic as Leader in Identity Visibility and Intelligence Platforms appeared first on Radiant Logic.

SC Media - Identity and Access

LastPass gains IRAP Protected status in Australia

The IRAP framework, overseen by the Australian Cyber Security Centre, evaluates whether cloud providers meet the security standards set out in the Information Security Manual for handling sensitive and classified data.

The IRAP framework, overseen by the Australian Cyber Security Centre, evaluates whether cloud providers meet the security standards set out in the Information Security Manual for handling sensitive and classified data.


The high cost of being visible: How executive data fuels Fortune 500 phishing risks

Executives’ exposed data fuels AI-driven phishing, costing Fortune 500 firms millions in preventable breaches.

Executives’ exposed data fuels AI-driven phishing, costing Fortune 500 firms millions in preventable breaches.


Threat actors turning to MFA bypass, USB malware and supply chain attacks

Researchers also found that 40% of Azure attacks involved layered persistence mechanisms.

Researchers also found that 40% of Azure attacks involved layered persistence mechanisms.


Microsoft patches max severity bug in Entra ID

Teams advised to patch right away or risk letting attackers take control of any Entra ID tenant.

Teams advised to patch right away or risk letting attackers take control of any Entra ID tenant.


IDnow

Why banks need modular KYC solutions to future-proof compliance: Insights from Finologee’s Carlo Maragliano.

We sat down with Carlo Maragliano from digital platform Finologee to explore how financial institutions are getting ready for the evolving regulatory landscape and how they use technology to accelerate their go-to-market while staying audit-ready and resilient.  As new regulations such as eIDAS 2.0, AMLR and DORA reshape the compliance landscape across Europe, financial institutions […]
We sat down with Carlo Maragliano from digital platform Finologee to explore how financial institutions are getting ready for the evolving regulatory landscape and how they use technology to accelerate their go-to-market while staying audit-ready and resilient. 

As new regulations such as eIDAS 2.0, AMLR and DORA reshape the compliance landscape across Europe, financial institutions are under pressure to future-proof their onboarding and KYC processes.

Luxembourg-based Finologee, a leading digital platform operator for the financial industry, is helping banks and payment institutions meet regulatory challenges through its KYC Manager, an orchestration layer that combines flexibility with embedded regulatory readiness. By integrating IDnow’s automated identity verification technology, Finologee enables its clients to accelerate go-to-market, simplify compliance and tailor onboarding journeys across regions. With Carlo Maragliano, Head of Delivery and Customer Success at Finologee, we discussed how technology, automation and orchestration are transforming digital identity at scale.

Navigating the evolving regulatory landscape Regulations such as eIDAS 2.0, AMLD6 and DORA are coming into force soon. How are the changes brought about by these regulations influencing you and your banking clients’ KYC and digital onboarding priorities?

Heightened regulatory complexity is pushing banks to adopt more modular and future-proof KYC solutions. These upcoming regulations are significantly reshaping compliance priorities for financial institutions. For example, eIDAS 2.0 introduces Qualified Electronic Identity (QeID), which makes interoperability and eID support essential. AMLD6 expands criminal liability and due diligence obligations, which increases the need for granular audit trails and automated, risk-based workflows. And with DORA, operational resilience becomes a key focus, requiring stronger vendor oversight, digital continuity and secure third-party integrations. Finologee’s orchestration layer, combined with IDnow’s embedded identity verification, equips institutions to meet these regulatory shifts without having to re-engineer their core systems. 

IDnow’s Automated Identity Verification 

IDnow provides a fully automated identity verification solution that integrates seamlessly with Finologee’s KYC Manager. It supports document authentication from more than 215 international issuing authorities, uses AI-driven checks and biometric liveness detection and helps banks and other regulated industries to reduce onboarding times while ensuring full regulatory compliance. This technology enables companies to verify the identities of their users seamlessly and securely.

Ensuring adaptability in a dynamic regulatory environment How do you ensure that your solutions remain adaptable as regulations and customer expectations continue to evolve?

We’ve built everything on an API-first modular architecture that enables quick adaptation to regulatory shifts. On top of that, Finologee continuously engages with clients to align roadmap priorities with industry changes. The platform is also fully customisable and configurable, so institutions can tailor onboarding flows, verification steps and compliance logic to specific regulatory requirements, customer segments and regional markets without extensive development effort.

Did you know? Over 55% of consumers are more likely to apply for services if the onboarding process is entirely digital, including online identity verification.

The role of automation in scaling operations What role does automation play in helping banks scale their operations without sacrificing security or compliance?

Automation is really important for all businesses. It reduces dependency on manual reviews, thus lowering both cost and error rates. Automated decisioning also helps apply consistent compliance logic. With real-time workflows, customers can be onboarded faster without sacrificing auditability, while compliance teams gain transparency and control through dashboards and exception handling flows. 

What challenges do financial institutions face when trying to scale their compliance and onboarding processes across multiple markets and how does KYC Manager help overcome these hurdles?

Scaling across markets brings several hurdles. Institutions face varying regulatory requirements across countries, different acceptable ID document types and verification standards, and operational silos that slow down onboarding harmonisation. With KYC Manager, we address these challenges through a centralised orchestration layer with localised compliance modules, document coverage across 157 countries enabled by IDnow and a flexible flow builder that allows journeys to be adapted by region or customer type.

Did you know? Banks that increased end-to-end KYC-process automation by 20% saw a triple benefit effect : increased quality-assurance scores by 13%; improved customer experience by reducing the number of customer outreaches per case by 18% and enhanced productivity by increasing the number of cases processed per month by 48%. In what ways does the integration between Finologee’s KYC Manager and IDnow’s automated identity verification technology enable faster go-to-market for banks and other financial institutions? Can you share a concrete example?

Because identity verification is pre-integrated, deployment timelines are shortened considerably. This means clients such as banks or other financial institutions can launch new services or expand to new markets faster thanks to embedded regulatory readiness.  

A concrete example: the IDnow verification flow is especially useful when identifying ultimate beneficial owners (UBOs) and persons with significant control (PSCs), so people who ultimately own or control their company and are legally required to identify during onboarding. If the person responsible for their dossier doesn’t have their IDs, they can trigger an SMS to the phone number of the UBO or PSC to complete the verification directly. 

Scaling across markets and customization How do you support financial institutions in customizing onboarding journeys for different regions or customer segments?

The Finologee KYC platform enables journey segmentation by geography, product line or a risk profile. For instance, workflow logic can automatically route high-risk users to manual review or enhanced due diligence paths.

Looking ahead, what trends do you anticipate will most impact the way banks approach digital identity and compliance at scale?

We see AI and biometrics becoming standard components of fraud prevention. There will also be greater emphasis on accessibility, inclusivity and cross-device onboarding. And more broadly, banks and other financial institutions will be looking to reduce fragmentation through orchestration platforms.

On a personal level, what excites you most about working at the intersection of technology, compliance and financial services? Is there a particular moment or project that made you feel especially proud of the impact you’re making?

For me, it’s seeing how all the pieces come together in practice. One moment that really stood out was supporting a client launch in Luxembourg under tight regulatory deadlines they needed to comply with. It was a great example of how the platform can unlock speed, compliance, and user experience all at once – we successfully implemented KYC Manager within just three months, enabling a fully digital account opening process with no paper or printing requirements. On average, our clients see the submission process reduced to under 10 minutes and conversion rates doubled compared to traditional KYC remediation processes, while substantially lowering human error and workload.

Interested in more from our customer interviews? Check out: Docusign’s Managing Director DACH, Kai Stuebane, sat down with us to discuss how secure digital identity verification is transforming digital signing amid Germany’s evolving regulatory landscape. DGGS’s CEO, Florian Werner, talked to us about how strict regulatory requirements are shaping online gaming in Germany and what it’s like to be the first brand to receive a national slot licence.

By

Nikita Rybová
Customer and Product Marketing Manager at IDnow
Connect with Nikita on LinkedIn


Ockto

Column: AI is een briljante puber

Voor de HypoVak-special van InFinance schreef Gert Vasse de volgende column: AI lijkt al snel een BFF © (best friends forever) te worden. Het duikt in rap tempo op in allerlei handige toepassingen. Sindskort geeft bijvoorbeeld Google bij veel zoekopdrachten een handig AI-overzicht. Die functie bespaart je veel zoekwerk en geeft een goede samenvatting inclusief bronvermeldingen.

Voor de HypoVak-special van InFinance schreef Gert Vasse de volgende column:
AI lijkt al snel een BFF © (best friends forever) te worden. Het duikt in rap tempo op in allerlei handige toepassingen. Sindskort geeft bijvoorbeeld Google bij veel zoekopdrachten een handig AI-overzicht. Die functie bespaart je veel zoekwerk en geeft een goede samenvatting inclusief bronvermeldingen.


Duitse en Franse cybersecurity autoriteiten: let op AI-fraude bij digitale identificatie

Betrouwbare en veilige klantidentificatie is binnen de financiële sector een kernvoorwaarde om te voldoen aan wet- en regelgeving (Wwft, AML5, eIDAS, AVG). Met de introductie van ID-Wallets en eIDAS2.0 in 2028/2029 zal vanuit de overheid een structurele oplossing voor veilige digitale identificatie worden geboden.

Betrouwbare en veilige klantidentificatie is binnen de financiële sector een kernvoorwaarde om te voldoen aan wet- en regelgeving (Wwft, AML5, eIDAS, AVG). Met de introductie van ID-Wallets en eIDAS2.0 in 2028/2029 zal vanuit de overheid een structurele oplossing voor veilige digitale identificatie worden geboden.


Geverifieerde brondata: betere risico-inschatting met minder handwerk

Incomplete dossiers, ontbrekende documenten, langdurige doorlooptijden. Het verzamelen van klantdata is in veel kredietprocessen nog een tijdrovende stap. Er zijn meerdere contactmomenten nodig, aangeleverde gegevens zijn onduidelijke en er is het risico op fouten of fraude.

Incomplete dossiers, ontbrekende documenten, langdurige doorlooptijden. Het verzamelen van klantdata is in veel kredietprocessen nog een tijdrovende stap. Er zijn meerdere contactmomenten nodig, aangeleverde gegevens zijn onduidelijke en er is het risico op fouten of fraude.


Spherical Cow Consulting

Pirates, Librarians, and Standards Development

With the right motivation, even I will write a blog post on a dare. And the dare I got was to write a post about what librarians and pirate captains have in common, and why it matters for standards development. (If you can’t have fun when writing, what’s the point?) The post Pirates, Librarians, and Standards Development appeared first on Spherical Cow Consulting.

“With the right motivation, even I will write a blog post on a dare. And the dare I got today was to write a post about what librarians and pirate captains have in common, and why it matters for standards development.”

(If you can’t have fun when writing, what’s the point?)

I’m sure you all want to know what on earth THAT conversation was about. It started with the desire to assign vanity titles to friends. One friend was assigned “Intrepid bass-playing sailor cyber warrior” (though that one is possibly still a work in progress). So, of course, I had to ask what my title would be.

She thought something pirate-based. I thought maybe mob boss was more appropriate. But, no: “Nah, you don’t rule through fear. You set rules, and then people come to learn that obeying the rules brings progress while disobeying the rules brings a walk down the plank. Very impersonal, no bloodshed, just terminal disapproval.” Which I read not so much as Pirate as Librarian, and in either case, reminds both of us of what the standards development process is like.

In a way, this builds on a post I wrote a few weeks ago about needing all kinds of people and skills to develop good standards.

A Digital Identity Digest Pirates, Librarians, and Standards Development Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:07:50 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

Librarians and pirates: unlikely comparisons

On the surface, librarians and pirates couldn’t be more different. One rules a quiet, organized room full of catalogues and classification systems. The other shouts orders across a storm-tossed deck, treasure map in hand.

But scratch at the stereotypes, and the similarities pop up:

Both guard treasure — knowledge or gold. Both rely on codes that aren’t strictly laws, but that everyone learns to respect. Both lead crews (or patrons) who don’t always agree but who need to move in the same direction. And both know that without discipline, the whole ship — or library — quickly sinks.

Standards development, in its own way, needs a bit of both. Librarians bring order, taxonomies, metadata, and interoperability. Pirates bring the consequences: if you won’t play along with the standard, good luck finding allies or charting your course without a map.

Leadership characteristics

So what’s actually useful, whether you’re wrangling sailors, cataloguing a collection, or chairing a standards meeting?

Ability to engage people so they pay attention. Whether it’s a weary deckhand, a confused student, or a standards group at the two-hour mark, keeping attention is half the battle. Ability to raise one eyebrow sternly. Every ship, library, or working group needs That Person. The person who has one eyebrow that says: “Are you sure you want to keep going down that path?” Sometimes it’s more effective than three paragraphs of meeting minutes. Ability to lead people to their own conclusions. Neither pirate captains nor librarians hand you the final answer. The captain points at the map and lets you realize the treasure’s yours to dig up. The librarian nudges you toward the right catalogue entry. In standards, this is the art of facilitation — nudging until consensus emerges. What doesn’t work Leading purely through fear. Fear doesn’t build commitment — it drives people away. Pirates who rule by terror end up facing mutiny, and librarians who inspire only dread will find books mysteriously mis-shelved out of spite (I hate it when that happens). In standards, disengagement is fatal: if people only show up to avoid backlash, the work stalls and the draft sinks. Letting others set the tone of fear. A crew ruled by grudges goes nowhere, and a library ruled by petty turf wars becomes unusable. The same is true in standards: if flame wars and side agendas become scarier than the actual process, people stop showing up; without participation, no standard survives. Romance, intrigue, and life

Obviously, this is a very romanticized version of a pirate (and of a librarian, for that matter). Real librarians don’t spend their time swashbuckling, and real pirates were often violent criminals (also without the swashbuckling). But when I’m not writing, editing, researching, or running meetings, I’m reading trashy romance novels. Romanticized life in my spare time is my idea of entertainment.

And maybe that’s the point: we bring our own metaphors and stories to how we think about leadership and collaboration. Whether you fancy yourself the stern-eyebrowed librarian or the captain with a plank, the truth is that standards need both. Someone to keep the ship steady, someone to keep the records straight, and all of us learning when to raise an eyebrow at just the right time.

Hopefully, this post made you smile. And if it didn’t, I have a Very Stern Look at the ready for you.

If you’d rather track the blog than the podcast, I have an option for you! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here

Transcript Introduction

00:00:31 Hello and welcome back to A Digital Identity Digest.

00:00:35 Today’s episode comes from a dare. And honestly, if you know me, you’ll understand that’s a very dangerous way to start anything.

The dare was simple: write a post about what librarians and pirate captains have in common and why that matters to standards.

How could I say no to that?

00:00:52 Because let’s be honest—if you can’t have fun with your writing, what’s the point?

Pirates and Librarians: Not So Different

00:00:57 At first glance, pirates and librarians couldn’t be more different.

Pirates live on the high seas, sword in hand, shouting orders across storm-tossed decks. Librarians work in hushed halls, surrounded by catalogs and metadata, raising an eyebrow when needed.

And yet, if you look closely, there’s surprising overlap.

00:01:25 This all started with a conversation about vanity titles—those fun, unofficial roles we give each other.

A friend was dubbed the Intrepid Bass-Playing Cyber Sailor Warrior. Mine was harder: pirate? mob boss? librarian?

00:02:06 The final suggestion landed: I don’t rule through fear—I set rules. And when followed, they bring progress. Ignore them, and… well, it’s a walk down the plank.

That sounded far less like a pirate and far more like a librarian—which is fitting, since I have a degree in library science.

Shared Treasures and Shared Codes

00:02:24 So, what do pirates and librarians actually do?

Pirates guard treasure: gold, jewels, captured loot. Librarians guard knowledge: books, archives, collections, and digital resources.

00:02:42 Both operate according to a code.

Pirates had their Pirate Code—rules about dividing loot, settling disputes, and running the ship. Librarians have cataloging standards, metadata schemas, and classification systems.

00:03:08 Neither set of rules carries the weight of law, but ignoring them leads to chaos.

00:03:19 And both depend on their crews. Pirates don’t sail alone; librarians don’t run libraries without staff, volunteers, and community support.

This is the essence of standards development:

Gathering crews Establishing codes Protecting shared treasure (protocols, specifications, best practices)

Ignore the structure, and everything sinks fast.

The Keys to Leadership

00:03:39 So, what makes leadership work—whether on a ship, in a library, or in a standards group?

00:03:53 First: the ability to engage people.

Pirates had to keep their crews motivated. Librarians help people navigate information overload. Standards leaders cut through noise and keep focus.

00:04:02 Second: the power of the raised eyebrow.
Every community has that one look that says: “Are you sure you want to go down that path?” Subtle signals can be powerful leadership tools.

00:04:22 Third: leading people to their own conclusions.

Pirates pointed to treasure maps. Librarians point to catalogs and shelves. Standards leaders facilitate consensus rather than forcing agreement. What Doesn’t Work

00:04:41 Now, let’s talk about what doesn’t work.

Leading through fear. Fear breeds disengagement. Pirates who ruled by terror faced mutiny. Librarians who ruled by dread found books deliberately mis-shelved. In standards, disengagement kills progress. Letting others set the tone of fear. If grudges rule the ship, it goes nowhere. If turf wars rule a library, the whole community suffers. If flame wars dominate standards groups, the work halts.

Leaders must set the tone. If fear takes over, participation drops—and without participation, nothing survives.

Romanticizing the Metaphor

00:05:43 If you’ve stayed with me this long, you’re probably either giggling or dismayed.

Yes, this is a romanticized version of pirates and librarians.

Real pirates were often violent criminals. Real librarians are not criminals—and do far more than raise their eyebrows.

00:06:13 But that’s exactly what makes the metaphor fun. We all bring our own stories into how we think about leadership and collaboration.

The Balance We Need

00:06:24 Whether you see yourself as a pirate captain, a librarian, or something in between, the truth is: standards need both.

Someone to keep the ship steady. Someone to keep the record straight. And all of us knowing when to raise that well-timed eyebrow.

00:06:41 This episode was short—part reflection, part fun—but with a reminder: standards are made by people. People with quirks, with stories, and sometimes with pirate hats or card catalogs.

Closing Thoughts

00:06:56 Thanks for listening to A Digital Identity Digest.

If you enjoyed this episode:

Subscribe and share it with someone who needs to know that standards don’t have to be boring. Connect with me on LinkedIn at @hlflanagan. Leave a rating or review on Apple Podcasts or wherever you listen.

00:07:14 You can also find the written post at sphericalcowconsulting.com.

Stay curious, stay engaged, and let’s keep these conversations going.

The post Pirates, Librarians, and Standards Development appeared first on Spherical Cow Consulting.


Herond Browser

The Ultimate List of Best Board Games of All Time You Must Play

Discover the best board games of all time! Our ultimate list features timeless classics and modern hits you must play, with tips on how to choose and where to buy them. The post The Ultimate List of Best Board Games of All Time You Must Play appeared first on Herond Blog. The post The Ultimate List of Best Board Games of All Time You Must Play appeared first on Herond Blog.

Looking for the perfect game night? Whether you’re a seasoned tabletop veteran or just getting started, the world of board games offers endless fun and strategy. But with thousands of games to choose from, how do you find the true classics that stand the test of time? This comprehensive guide cuts through the noise to bring you The Ultimate List of Best Board Games of All Time You Must Play. We’ve curated a list of essential games – from timeless classics to modern masterpieces – that are guaranteed to deliver unforgettable experiences with friends and family.

The Ultimate List of Best Board Games of All Time

Catan

A classic strategy game where players trade resources and build settlements to expand their empire.

Pandemic

A cooperative game where players team up to stop global disease outbreaks and save the world.

Ticket to Ride

A strategic game for all ages, focusing on planning and connecting train routes across a map.

Settlers of Catan

A negotiation-driven game where players develop settlements and trade in a shared world.

Carcassonne

A tile-laying game where players build medieval villages and score points strategically.

Ticket to Ride – Europe

An enhanced version with tunnels and stations, adding complexity to train route planning.

Azul

An artistic tile-placement game with stunning design, challenging players to create beautiful patterns.

7 Wonders

A card-based strategy game where players build civilizations through ages of development.

Wingspan

A relaxing engine-building game themed around collecting and managing bird species.

Twilight Imperium

An epic space conquest game designed for advanced players seeking deep strategy.

When diving into a new board game, understanding the rules is half the battle. You can use Herond Browser to explore game rules online effortlessly and securely. With its built-in ad and tracker blocker, Herond provides a clean, distraction-free environment, so you can focus on complex rulebooks or video tutorials without annoying pop-ups. Its seamless design makes it easy to switch between game guides and other resources, ensuring you can quickly master any game and get straight to the fun.

How to Choose the Best Board Game

Player Count & Age Range

Think about who you’re playing with. Some games are designed for two, while others need a larger group. Check the recommended age to ensure it’s a good fit for everyone.

Game Length & Complexity

Consider how much time you have and how much effort you want to put in. Choose a light, fast-paced game for a quick session or a complex, long-form strategy game for an all-day event.

Genre & Theme

What kind of experience are you looking for? Pick a genre that appeals to your group, whether it’s cooperative, competitive, party-style, or a deep, story-driven adventure.

Tips for an Enjoyable Board Game Experience

Here are some tips to help you and your group have the best board game night possible.

Understand the Rules Before You Start

Nothing slows down a game more than trying to learn the rules as you go. Before game night, have one person read the rulebook and watch a video tutorial. They can then teach others, making the setup much smoother.

Create the Right Atmosphere

Set the mood for your game. If it’s a long, strategic game, make sure everyone has comfortable seating and good lighting. For a party game, put on some background music and have snacks and drinks ready.

Manage Expectations

Be upfront with your group about what kind of game you’re playing. If it’s a competitive game, remind everyone to keep it friendly. If it’s a long one, let people know how long it might take so they can plan accordingly.

Put Away Distractions

Encourage everyone to put their phones away. This helps players stay focused on the game, makes for better conversation, and ensures everyone is engaged in the experience.

Where to Buy or Play These Board Games Online

You have a couple of great options for getting your hands on these games, whether you prefer the physical version or want to play digitally.

Where to Buy Physical Board Games

Specialty Board Game Stores

For the best selection and expert advice, visit local or online hobby stores. These shops often have knowledgeable staff and a curated collection of both classic and new games.

Large Online Retailers

Major online marketplaces like Amazon offer a huge variety of games, often with competitive prices and fast shipping. Just be sure to check the seller’s reviews to ensure you’re getting a genuine product.

Where to Play Board Games Online

Board Game Arena

This is one of the most popular platforms for playing a wide range of board games in your browser. It’s user-friendly, automates the rules for you, and offers a large community for real-time and turn-based play.

Tabletop Simulator

If you prefer a more realistic, sandbox-style experience, this is a great choice. Available on Steam, it’s a digital physics sandbox where you can move pieces and interact with games just like you would on a real table.

Dedicated Game Apps

Many popular board games, like Catan or Wingspan, have their own official digital apps available on platforms like Steam, iOS, or Android. These apps often feature polished graphics and a streamlined interface.

Conclusion

No matter if you’re a seasoned gamer or just starting out, the perfect board game is waiting for you. This list represents the best of the best, with games that have stood the test of time and created countless unforgettable memories. From quick, competitive rounds to deep, cooperative adventures, there’s a game here for every group and occasion. So, gather your friends and family, choose a game from this ultimate list, and get ready to roll the dice on your next great game night.

About Herond

Herond Browser is a Web browser that prioritizes users’ privacy by blocking ads and cookie trackers, while offering fast browsing speed and low bandwidth consumption. Herond Browser features two built-in key products:

Herond Shield: an adblock and privacy protection tool; Herond Wallet: a multi-chain, non-custodial social wallet.

Herond aims at becoming the ultimate Web 2.5 solution that sets the ground to further accelerate the growth of Web 3.0, heading towards the future of mass adoption.

Join our Community!

The post The Ultimate List of Best Board Games of All Time You Must Play appeared first on Herond Blog.

The post The Ultimate List of Best Board Games of All Time You Must Play appeared first on Herond Blog.


auth0

Shopify + Auth0: A New Era for Retail Customer Identity

From sign-in to checkout, Auth0 and Shopify team up to create a more secure, effortless login experience for shoppers.
From sign-in to checkout, Auth0 and Shopify team up to create a more secure, effortless login experience for shoppers.

FastID

The Tools Gap: Why Developers Struggle to Code Green

77% of developers want to code sustainably, but most lack the tools to measure impact. Fastly’s survey reveals the barriers and opportunities in green coding.
77% of developers want to code sustainably, but most lack the tools to measure impact. Fastly’s survey reveals the barriers and opportunities in green coding.

Monday, 22. September 2025

Anonym

How to use MySudo phone numbers for free international calls

If you love travelling, you know the value of unlimited possibilities. That’s why you’re going to want to travel with MySudo app. MySudo is the original all-in-one privacy app that lets you protect your identity and your information with second phone numbers, secure email, private browsers, and virtual cards – all wrapped into secure digital […] The post How to use MySudo phone numbers for free

If you love travelling, you know the value of unlimited possibilities. That’s why you’re going to want to travel with MySudo app.

MySudo is the original all-in-one privacy app that lets you protect your identity and your information with second phone numbers, secure email, private browsers, and virtual cards – all wrapped into secure digital profiles called Sudos.

Every MySudo feature is handy for international travel, but it’s using the phone numbers for free international calls that will really save you money while you’re away.

But even if you’re not about to hop on a plane, MySudo is still your go-to for free international calls to family and friends.

Here’s how to use MySudo for free international calls whether you’re travelling overseas or calling loved ones from home:

Overseas traveller

If you’re travelling overseas, MySudo gives you free international calling in a choice of regions and area codes. That means no fees and no need for an international roaming plan. Here’s how to set it up:

Download MySudo for iOS or Android. Choose Sudo Max plan for unlimited minutes and messages for up to 9 separate Sudo phone numbers. (Read: What do I get with SudoMax?) Choose a phone number and area code in the region you want to travel. MySudo numbers are currently available in the US, UK*, and Canada. Call and message anyone for free within the region under your SudoMax plan. Give your Sudo number to locals and they can call you as if it’s a local call (and you can avoid high inbound charges).

So long as you’ve got access to hotel or public wi-fi you can use MySudo for free calls. If you think you’ll be out of WiFi range sometimes, you can get an e-sim or international data roaming plan to use local data and MySudo will also work with those.

Calling loved ones from home

MySudo lets you call anyone anywhere in the world for free so long as the person you’re calling is using MySudo. Calls between users are end-to-end encrypted, so you can talk privately and securely. Here’s how to Invite your friends to MySudo:

Tap the menu in the top left corner. Tap Invite your friends. Choose to invite your friends from your device via another app or from your MySudo account.  Select the Sudo you want to invite from (if you have more than one Sudo). Follow the prompts.

After you’ve invited a friend, they will receive a link with your MySudo contact information (email, handle and phone number if you have one), which will prompt them to install MySudo. Once they have the app installed, they can instantly start communicating with you. Remember, all video and voice calls, texts and email between MySudo users are end-to-end encrypted.

But wait, there’s more …

7 more facts about MySudo phone numbers MySudo numbers are real, unique, working phone numbers. Each phone number has customizable voicemail, ringtones, and contacts list. You can also mute notifications and block unwanted callers. MySudo numbers are fully functional for messaging, and voice, video and group calling.  Calls and messages with other MySudo users are end-to-end encrypted. Calls and messages out of network are standard. MySudo phone numbers don’t expire. Your phone numbers will auto-renew so long as you maintain your paid plan. Calling with MySudo works like WhatsApp or Signal, but with the privacy advantage that you’re not handing over your real number to sign up. You can manage multiple numbers all in one app (read: How to Get 9 “Second Phone Numbers” on One Device). Under SudoGo plan, you get 1 included phone number; under SudoPro plan, you get 3 included phone numbers; and under SudoMax plan, you get 9 included phone numbers. If you need additional phone number resets, you can purchase them within the app for a small fee. You can always check your plans screen to see how many phone numbers you have remaining before you’ll be prompted to purchase one.

So, to recap how to use MySudo for free international calls:

To make free calls while travelling overseas, choose a Sudo number and area code in your region of travel and get unlimited minutes and messages under SudoMax plan. Available regions are the United States, United Kingdom*, and Canada. To make free, end-to-end encrypted calls anywhere in the world, invite your friends to the app. To call or message regular numbers abroad, use a Sudo number in their region, but sign up to SudoMax so there’s no limit on minutes or messages.

*In order to comply with government and service provider regulations to limit the risk of fraud, users are required to provide their accurate and up-to-date legal identity information before they can obtain UK phone numbers. 
Read: Why are you asking for my personal information when creating a phone number?

Take control and simplify your communication today. Download MySudo.

Before you go, explore the full MySudo suite.

The post How to use MySudo phone numbers for free international calls appeared first on Anonyome Labs.


Ocean Protocol

DF154, DF155 Complete and DF156 Launches

Predictoor DF154 & DF155 rewards are available. DF156 runs September 18th — September 25th, 2025 1. Overview Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor. Data Farming Round 154 (DF154) completed on September 11th, and DF Round 155 completed on September 18th, both
Predictoor DF154 & DF155 rewards are available. DF156 runs September 18th — September 25th, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 154 (DF154) completed on September 11th, and DF Round 155 completed on September 18th, both without issues following the restoration of Predictoor. During these rounds, we carefully monitored the Predictoor system and community feedback to ensure users could access Predictoor feeds and claim rewards distributions without any interruption in service.

DF156 is live as of September 18th. It concludes on September 25th. For this DF round, Predictoor DF has 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF156 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF156

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

DF154, DF155 Complete and DF156 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.


Radiant Logic

Radiant Logic’s SCIM Support Recognized in 2025 Gartner® Hype Cycle™ for Digital Identity

Discover how Radiant Logic’s SCIMv2 support simplifies identity management, enabling seamless automation, governance, and Zero Trust alignment across hybrid environments. The post Radiant Logic’s SCIM Support Recognized in 2025 Gartner® Hype Cycle™ for Digital Identity appeared first on Radiant Logic.

SC Media - Identity and Access

Massive China-based counterfeit ID selling operation unmasked

HackRead reports that more than 6,500 counterfeit U.S. and Canadian Social Security cards and driver's licenses have already been peddled by the China-based ForgeCraft operation across North America, yielding revenues exceeding $785,000.

HackRead reports that more than 6,500 counterfeit U.S. and Canadian Social Security cards and driver's licenses have already been peddled by the China-based ForgeCraft operation across North America, yielding revenues exceeding $785,000.


MCP deployments face access control blindspot

The rapid adoption of Model Context Protocol is giving enterprises powerful new ways to connect AI systems with data sources and tools, but it is also exposing serious security gaps, according to TechRadar Pro.

The rapid adoption of Model Context Protocol is giving enterprises powerful new ways to connect AI systems with data sources and tools, but it is also exposing serious security gaps, according to TechRadar Pro.


Continuum Identity debuts with IAM platform

Biometric Update reports that France-based startup Continuum Identity has exited stealth with a suite of digital identity solutions designed to integrate seamlessly into daily life.

Biometric Update reports that France-based startup Continuum Identity has exited stealth with a suite of digital identity solutions designed to integrate seamlessly into daily life.


Cohesity, Semperis team up on identity resilience

Cohesity and Semperis have unveiled Cohesity Identity Resilience, a jointly developed solution aimed at strengthening enterprise defenses around Microsoft Active Directory and Microsoft Entra ID, reports Channel Insider.

Cohesity and Semperis have unveiled Cohesity Identity Resilience, a jointly developed solution aimed at strengthening enterprise defenses around Microsoft Active Directory and Microsoft Entra ID, reports Channel Insider.


How AI accelerated identity as the new security battleground

Here’s why companies have to move to an identity-centric security approach.

Here’s why companies have to move to an identity-centric security approach.


OpenID finalizes three security sharing standards

The OpenID Foundation has finalized three key standards designed to enable real-time digital identity security event sharing, marking what its leaders call a major milestone for enterprise cybersecurity, reports Biometric Update.

The OpenID Foundation has finalized three key standards designed to enable real-time digital identity security event sharing, marking what its leaders call a major milestone for enterprise cybersecurity, reports Biometric Update.


SonicWall customers told to reset passwords after cloud backup service breach

Brute-force attack aimed to access preference files stored in backup for future use by bad actors.

Brute-force attack aimed to access preference files stored in backup for future use by bad actors.


ComplyCube

ComplyCube Named as an AML Industry Leader in the G2 Fall 2025 Report

ComplyCube has reinforced its Leader status in G2's 2025 Fall Grid Report. The company has achieved recognition for its ease of implementation and ROI in categories including AML, customer onboarding, and biometric authentication. The post ComplyCube Named as an AML Industry Leader in the G2 Fall 2025 Report first appeared on ComplyCube.

ComplyCube has reinforced its Leader status in G2's 2025 Fall Grid Report. The company has achieved recognition for its ease of implementation and ROI in categories including AML, customer onboarding, and biometric authentication.

The post ComplyCube Named as an AML Industry Leader in the G2 Fall 2025 Report first appeared on ComplyCube.


SC Media - Identity and Access

How managing NHIs can help teams secure AI agents

Most IAM systems remain people-centric – here’s why that has to change.

Most IAM systems remain people-centric – here’s why that has to change.


Why legacy tools with bolt-on AI leave us at risk

Here’s three ways to ensure the company deploys AI-native tools – and why it’s important.

Here’s three ways to ensure the company deploys AI-native tools – and why it’s important.


uquodo

UAE’s Move Beyond OTPs: Biometric Authorization for Seamless Transactions

The post UAE’s Move Beyond OTPs: Biometric Authorization for Seamless Transactions appeared first on uqudo.

Kin AI

Kinside Scoop 👀 #14

Better customisation, better memory, better Kin

Hey folks 👋

We’ve kept busy working on Kin - it’s been two weeks already!

Read on to hear what we’ve been up to, and reach the end for this edition’s super prompt.

What’s new with Kin 🚀 Smarter characters, easier flow ✏

We’ve cleaned up the home screen, and made it possible to edit advisor characters right from the homepage selector.

This way, you can make sure all the sides of Kin are exactly who you need them to be - not just your own custom prompt.

Advisors that advise 🧙‍♂️

Your advisors are no longer passive chat partners - when they’ve got something to say (like wondering whether you’ve remembered that meeting you usually forget), they’ll reach out to you personally with a push notification.

You’re in control of this: feel it’s too much? You can turn down the frequency in the app. But if you like it? You can turn it up too.

Memory that remembers who matters 🫂

Our next memory update means Kin now does a better job of extracting people from your messages into your Kin’s private database.

Conversations about important folks should feel more accurate and natural now, as Kin remembers more of the important stuff about them.

Help getting what you need 💡

We’ve also added advisor interaction reminders and frequency tracking. Now you can see how often you’ve chatted with each advisor, and set up reminders to make sure you’re talking with each advisor as often as you’d like.

Voice mode 🎙

We’ve heard your thoughts loud and clear: voice mode is a favorite, but more stability and longer usage times are needed.

There was also an issue for Android users with headsets - we’ve dealt with that, so now Kin’s voice mode shouldn’t get so confused by wires.

For everything else, we’re working on improvements to make it feel seamless. More soon.

Other fixes & polish 🛠

Removed emojis from filter types for better readability

Tweaked chat font design for smoother legibility

Fixed the journal voice button floating mid-screen (no more runaway buttons)

Cleaned up chat formatting in general

Further fixes for Android keyboard issues (hopefully the last!)

Fixed Journal title generation, so auto-generated titles should work much better now

Resolved the double user issue, for those that had it!

Your turn 💭

Kin is moving fast. We have big plans to reach by the end of the year - and we want to make sure we arrive at a place you love as much as us.

So, like we say every time, there are multiple ways to tell us your thoughts about Kin. Good, bad, strange… we want them all!

You can reach out to the KIN team at hello@mykin.ai with anything, from feature feedback to a bit of AI discussion (though support queries will be better helped over at support@mykin.ai).

For something more interactive, the official Kin Discord is still the best place to talk to the Kin development team (as well as other users) about anything AI.

We have dedicated channels discussing the tech behind Kin, networking users, sharing support tips, and for hanging out.

We also regularly run three casual calls every week, and you’re invited:

Monday Accountability Calls - 5pm GMT/BST
Share your plans and goals for the week, and learn tips about how Kin can help keep you on track.

Wednesday Hangout Calls - 5pm GMT/BST
No agenda, just good conversation and a chance to connect with other Kin users.

Friday Kin Q&A - 1pm GMT/BST
Drop in with any questions about Kin (the app or the company) and get live answers in real time.

You’re the centre of this conversation - make sure you take your place. Kin’s for you, not for us.

Finally, you can also share your feedback in-app. Just screenshot to trigger the feedback form!

Our current reads 📚

Article: How people really use AI (Claude vs ChatGPT)
READ - thedeepview.co

Report: Mobile app trends in Denmark
READ - franma.co

Article: Apple launch the iPhone 17 pro, featuring the new A19 chipset built with running LLMs in mind (making a truly-local Kin instance more possible)
READ - Apple

Report: a16z’s app affinity scores for AI users (what other AI apps are users of particular AI most likely to have?)
READ: Olivia Moore via x

This edition’s super prompt 🤖

This time, we’re asking your Kin:

What kind of support do I best respond to?”

If you have Kin installed and up to date, you can tap the link below (on mobile!) to explore how you think about pressure, and how you can keep cool under it.

As a reminder, you can do this on both iOS and Android.

Try prompt in Kin

This is your journey 🚢

Kin always has been and always be for you as users. We want to build the most useful and supportive AI assistant we can.

So, please: email us, chat in our Discord, or even just shake the app to reach out to us with your thoughts and ideas.

Kin is only what our users make of us.

With love,

The KIN Team


Veracity trust Network

2025 bot trends see rise of Gen-AI continuing

One of the 2025 bot trends which will continue into the future is the use of GenAI-powered technology to spearhead attacks on both private business and critical infrastructure. This rising trend has been growing at a pace since 2023 and shows no sign of slowing down and, according to many reports, is likely to become an even greater threat. The post 2025 bot trends see rise of Gen-AI continu

One of the 2025 bot trends which will continue into the future is the use of GenAI-powered technology to spearhead attacks on both private business and critical infrastructure.

This rising trend has been growing at a pace since 2023 and shows no sign of slowing down and, according to many reports, is likely to become an even greater threat.

The post 2025 bot trends see rise of Gen-AI continuing appeared first on Veracity Trust Network.


Okta

Introducing the Okta MCP Server

As AI agents and AI threats proliferate at an unprecedented rate, it becomes imperative to enable them to communicate safely with the backend systems that matter the most. A Model Context Protocol (MCP) server acts as the bridge between an LLM and an external system. It translates natural language intent into structured API calls, enabling agents to perform tasks like provisioning users, managi

As AI agents and AI threats proliferate at an unprecedented rate, it becomes imperative to enable them to communicate safely with the backend systems that matter the most.

A Model Context Protocol (MCP) server acts as the bridge between an LLM and an external system. It translates natural language intent into structured API calls, enabling agents to perform tasks like provisioning users, managing groups, or pulling reports, all while respecting the system’s security model. Establishing a universal protocol eliminates the need to build custom integrations. Enterprises can now easily connect their AI agents with Okta’s backend systems to achieve automation of complex chains of activities, quick resolution of issues, and increased performance throughput.

Table of Contents

What the Okta MCP Server brings Tools and capabilities Highlights at a glance Getting started with the Okta MCP Server Initializing the project Authentication and authorization Configuring your client Using the Okta MCP Server with VS Code Enable agent mode in GitHub Copilot Update your VS Code settings Start the server Examples in action Read more about Cross App Access, OAuth 2.0, and securing your applications What the Okta MCP Server brings

The Okta MCP Server brings this capability to your identity and access management workflows. It connects directly to Okta’s Admin Management APIs, giving your LLM agents the ability to safely automate organization management.

Think of it as unlocking a new interface for Okta, one where you can ask an agent:

“Add this new employee to the engineering group.” “Generate a report of inactive users in the last 90 days.” “Deactivate all users who tried to log in within the last 30 minutes.” Tools and capabilities

In its current form, the server allows the following actions:

User Management: Create, list, retrieve, update, and deactivate users. Group Management: Create, list, retrieve, update, and delete groups. Group Operations: View assigned members, view assigned applications, add, and remove users. System Information: Retrieve Okta system logs.

And many more actions with application and policies APIs as well.

Using the above operations as a base, complex real-life actions can also be performed. For example, you can ask the MCP server to generate a security audit report for the last 30 days and highlight all changes to user and group memberships according to your desired report template.

Highlights at a glance Flexible Authentication: The server supports both interactive login (via Device Authorization Grant) and fully automated, browserless login (via Private Key JWT). Whether you’re experimenting in development or running a headless agent in production, you can authenticate in the way that fits your workflow. More Secure Credential Handling: Your authentication details are managed through scoped API access and environment variables, keeping secrets out of code. Tokens are issued only with the permissions you explicitly grant, following least-privilege best practices. Seamless Integration with Okta APIs: Built on Okta’s official SDK, the server is tightly integrated with Okta’s Admin Management APIs. That means reliable performance, support for a wide range of identity management tasks, and an extensible foundation for adding more endpoints over time. Getting started with the Okta MCP Server

Now that you know what the Okta MCP server is and why it’s useful, let’s dive into how to set it up and run it. Before you proceed, you will need VS Code, Python environment (Python 3.9 or above), and uv.

Initializing the project

The Okta MCP server comes packaged for quick setup so you can clone and run it. We use uv (a fast Python package manager) to help ensure your environment is reproducible and lightweight.

Install uv

Clone the repository: git clone https://github.com/okta/okta-mcp-server.git Install dependencies and set up the project: cd okta-mcp-server && uv sync

At this point, you have a working copy of the server. Next, we’ll connect it to your Okta org.

Authentication and authorization

Every MCP server needs a way to prove its identity and access your Okta APIs more securely. We support two authentication modes, and your choice depends on your use case.

Option A: Device authorization grant (recommended for interactive use)

This flow is best if you’re running the MCP server locally and want a quick, user-friendly login. After you start the server, it triggers a prompt to log in via your browser. Here, the server exchanges your browser login for a secure token that it can use to communicate with Okta APIs.

Use this if you’re experimenting, developing, or want the simplest way to authenticate.

Before you begin, you’ll need an Okta Integrator Free Plan account. To get one, sign up for an Integrator account. Once you have an account, sign in to your Integrator account. Next, in the Admin Console:

Go to Applications > Applications Click Create App Integration Select OIDC - OpenID Connect as the sign-in method Select Native Application as the application type, then click Next

Enter an app integration name

Configure the redirect URIs: Redirect URI: com.oktapreview.java-oie-sdk:/callback Post Logout Redirect URI: http://com.oktapreview.java-oie-sdk/ In the Controlled access section, select the appropriate access level Click Save Where are my new app's credentials?

Creating an OIDC Native App manually in the Admin Console configures your Okta Org with the application settings.

After creating the app, you can find the configuration details on the app’s General tab:

Client ID: Found in the Client Credentials section Issuer: Found in the Issuer URI field for the authorization server that appears by selecting Security > API from the navigation pane. Issuer: https://dev-133337.okta.com/oauth2/default Client ID: 0oab8eb55Kb9jdMIr5d6

NOTE: You can also use the Okta CLI Client or Okta PowerShell Module to automate this process. See this guide for more information about setting up your app.

Note: While creating the app integration, make sure to select the Device Authorization in the Grant type.

Once the app is created, follow these steps:

Grant API scopes (for example: okta.users.read, okta.groups.manage).


Copy the Client ID for later use.

Note: Why “Native App” and not “Service”?
Device Auth is designed for user-driven flows, so it assumes someone is present to open the browser.

Option B: Private key JWT (best for automation, CI/CD, and “headless” environments)

This flow is perfect if your MCP server needs to run without human intervention, for example, inside a CI/CD pipeline or as part of a backend service. Instead of prompting a person to log in, the server authenticates using a cryptographic key pair.

Here’s how it works:

You generate or upload a public/private key pair to Okta. The server uses the private key locally to sign authentication requests. Okta validates the signature against the public key you registered, ensuring that only your authorized server can act on behalf of that client.

Use this if you’re automating, scheduling jobs, or integrating into infrastructure.

In your Okta org, create a new API Services App Integration.


Under Client Authentication, select Public Key / Private Key.


Add a public key: either generate it in Okta (recommended) and copy it in PEM format, or upload your own keys.


Copy the Client ID and Key ID (KID).


Grant the necessary API scopes (e.g., okta.users.read, okta.groups.manage) and provide Super Administrator access.

Configuring your client

You can use Okta’s MCP server with any MCP-compatible client. Whether running a lightweight desktop agent, experimenting in a local environment, or wiring it into a production workflow, the setup pattern is the same.

For this guide, we’ll walk through the setup in Visual Studio Code with GitHub Copilot - one of the most popular environments for developers. The steps will be similar if you use another client like Claude Desktop or AWS Bedrock.

Using the Okta MCP Server with VS Code Enable agent mode in GitHub Copilot

The Okta MCP server integrates with VS Code through Copilot’s agent mode.

Install the GitHub Copilot extension Open the Copilot Chat view in VS Code.

To enable the Agent mode, checkout the steps mentioned in the VS Code docs.

Update your VS Code settings

Next, you’ll tell VS Code how to start and communicate with the Okta MCP server. This is done in your settings.json. You can also create your own mcp.json and set this up.

{ "mcp": { "inputs": [ { "type": "promptString", "description": "Okta Organization URL (e.g., https://trial-123456.okta.com)", "id": "OKTA_ORG_URL" }, { "type": "promptString", "description": "Okta Client ID", "id": "OKTA_CLIENT_ID", "password": true }, { "type": "promptString", "description": "Okta Scopes (separated by whitespace, e.g., 'okta.users.read okta.groups.manage')", "id": "OKTA_SCOPES" }, { "type": "promptString", "description": "Okta Private Key. Required for 'browserless' auth.", "id": "OKTA_PRIVATE_KEY", "password": true }, { "type": "promptString", "description": "Okta Key ID (KID) for the private key. Required for 'browserless' auth.", "id": "OKTA_KEY_ID", "password": true } ], "servers": { "okta-mcp-server": { "command": "uv", "args": [ "run", "--directory", "/path/to/the/okta-mcp-server", "okta-mcp-server" ], "env": { "OKTA_ORG_URL": "${input:OKTA_ORG_URL}", "OKTA_CLIENT_ID": "${input:OKTA_CLIENT_ID}", "OKTA_SCOPES": "${input:OKTA_SCOPES}", "OKTA_PRIVATE_KEY": "${input:OKTA_PRIVATE_KEY}", "OKTA_KEY_ID": "${input:OKTA_KEY_ID}" } } } } }

Running the server for the first time prompts you to enter the following information:

Okta Organization URL: Your Okta tenant URL. Okta Client ID: The client ID of the application you created in your Okta organization. Okta Scopes: The scopes you want to grant to the application, separated by spaces. For example: "OKTA_SCOPES": "${input:OKTA_SCOPES = okta.users.read okta.users.manage okta.groups.read okta.groups.manage okta.logs.read okta.policies.read okta.policies.manage okta.apps.read okta.apps.manage}"

Note: Add scopes only for the APIs that you will be using.

Okta Private Key and Key ID: You only need to enter this key when using browserless authentication. If you’re not using that method, just press Enter to skip this step and use the Device Authorization flow instead. Start the server

When you open VS Code, you’ll now see okta-mcp-server as an option to start.

Click Start to launch the server in your mcp.json file.

The server will check your authentication method:

If using Device Authorization, it triggers a prompt to log in via your browser.

If using Private Key JWT, it will authenticate silently using your key.

Once connected, Copilot will automatically recognize the Okta commands you can use.

At this point, the MCP server has established a connection between VS Code and your Okta organization.You can now manage your organization using natural language commands directly in your editor.

Examples in action

1. Listing Users

2. Creating Users

3. Group Assignment

4. Creating an Audit Report

We invite you to try out our MCP server and experience the future of identity and access management. Meet us at Oktane, and if you run into issues, please open an issue in our GitHub repository.

Read more about Cross App Access, OAuth 2.0, and securing your applications Integrate Your Enterprise AI Tools with Cross App Access Build Secure Agent-to-App Connections with Cross App Access (XAA) OAuth 2.0 and OpenID Connect overview Why You Should Migrate to OAuth 2.0 From Static API Tokens How to Secure the SaaS Apps of the Future

Follow us on LinkedIn, Twitter, and subscribe to our YouTube channel for more developer content. If you have any questions, please leave a comment below!


auth0

Introducing Transaction Metadata for Auth0 Actions

Discover how Auth0's Actions Transaction Metadata simplifies authentication flows by providing a dedicated, efficient way to store and pass variables between Actions, reducing API usage and improving performance.
Discover how Auth0's Actions Transaction Metadata simplifies authentication flows by providing a dedicated, efficient way to store and pass variables between Actions, reducing API usage and improving performance.

Sunday, 21. September 2025

Rohingya Project

Rohingya Project Launches R-Coin Presale on PinkSale, Powering Blockchain Ecosystem for Stateless Rohingya

The Rohingya Project today announced the launch of its R-Coin token presale on the PinkSale launchpad, inviting impact-driven and crypto-savvy investors to support an innovative social-impact initiative. R-Coin (RCO) is the native token of the project’s SYNU Platform, a blockchain-based network designed to empower over 3.5 million stateless Rohingya refugees worldwide. By participating in the […]
The Rohingya Project today announced the launch of its R-Coin token presale on the PinkSale launchpad, inviting impact-driven and crypto-savvy investors to support an innovative social-impact initiative. R-Coin (RCO) is the native token of the project’s SYNU Platform, a blockchain-based network designed to empower over 3.5 million stateless Rohingya refugees worldwide. By participating in the […]

Saturday, 20. September 2025

Recognito Vision

Everything You Need to Know About Face Recognition Systems

Facial recognition is no longer just a sci-fi plot twist. It is now a part of daily life, from unlocking smartphones to airport security checks. A face recognition system uses advanced algorithms to scan, analyze, and verify identities in seconds. Businesses, schools, and governments are rapidly adopting it, but it’s worth digging deeper into how...

Facial recognition is no longer just a sci-fi plot twist. It is now a part of daily life, from unlocking smartphones to airport security checks. A face recognition system uses advanced algorithms to scan, analyze, and verify identities in seconds. Businesses, schools, and governments are rapidly adopting it, but it’s worth digging deeper into how it works, its benefits, and what challenges still exist.

 

Facial Recognition System

At its core, a facial recognition system relies on biometric technology. It captures a person’s facial features, converts them into a digital template, and compares that data with stored profiles to confirm identity. Unlike fingerprints or ID cards, you don’t need to touch anything. Just look at the camera, and the system does the rest.

This technology uses complex neural networks trained on thousands of images. The system maps out key points like the distance between eyes, nose shape, and jawline. The result is a unique faceprint that is nearly impossible to duplicate. Accuracy levels are improving quickly thanks to evaluations like the NIST Face Recognition Vendor Test, which tracks the performance of leading algorithms worldwide.

 

How Face Recognition Technology Works

Understanding the process makes it clear why it is so widely trusted. Here’s a simple breakdown:

Image Capture – A camera captures a person’s face in real time.

Face Detection – The system locates the face in the image and isolates it from the background.

Feature Extraction – Algorithms analyze facial features such as cheekbones, chin curves, and lip contours.

Template Creation – The extracted data is turned into a digital faceprint.

Comparison and Match – The faceprint is compared with existing records to confirm identity.

Accuracy rates are consistently improving. According to NIST FRVT 1:1 testing, leading systems now achieve over 99% verification success under ideal conditions.

 

Face Anti-Spoofing and Its Role in Security

Every great lock needs a strong defense. This is where face anti spoofing comes in. Without it, someone could trick the system using a photo, video, or even a 3D mask. Spoofing attempts are surprisingly common in fraud-heavy industries like finance.

Modern systems fight this using liveness detection. The camera checks for natural movements such as blinking, skin texture changes, and depth. Some solutions even shine light on the face and measure reflections to confirm the presence of a real person. These layers of defense ensure that recognition remains both fast and secure.

 

Face Recognition Attendance System

Schools, offices, and even factories are adopting a face recognition attendance system. No more long queues at biometric scanners or manual sign-in sheets. Employees just walk in, glance at a camera, and their presence is automatically logged.

The benefits are clear:

No contact required which keeps it hygienic.

Faster processing compared to manual punching.

Reduced buddy punching where one employee marks attendance for another.

Accurate reporting that syncs directly with payroll systems.

Organizations save time and prevent fraud while employees enjoy a hassle-free experience.

 

Face Scanning Attendance System in Education

Schools and universities are also experimenting with a face scanning attendance system. Teachers can focus on teaching instead of wasting class time marking attendance. Parents get real-time updates if their child is present, while administrators gain detailed records for compliance.

Though promising, it does raise questions about student privacy. Educational institutes must handle such systems responsibly and align with global data protection standards like GDPR.

 

Benefits of Face Recognition in Real-World Applications

Let’s talk numbers and impact. The global facial recognition market is projected to reach over $16 billion by 2030. Here’s why it’s growing so fast:

Security – Airports use it to screen passengers quickly.

Fraud Prevention – Banks use it to stop identity theft.

Convenience – Smartphones unlock instantly with a glance.

Efficiency – Attendance and access control become effortless.

Quick Fact Table:

Application Benefit Example Use Case Banking Stops account fraud Mobile banking logins Airports Speeds up security checks Passport verification Education Saves teaching time Student attendance Workplace Prevents time theft Employee attendance tracking

 

Privacy and Ethical Concerns

As powerful as the technology is, it sparks serious debates. Who owns the face data? How securely is it stored? What if it gets misused? Regulations are starting to catch up. In Europe, GDPR rules require companies to get clear consent before storing or using biometric data.

Transparency and user control are key. People need to know how their face data is being used and have the right to opt out. Striking a balance between security and privacy remains one of the biggest challenges for the industry.

 

Case Studies: Where It Works Best Airports – The U.S. Customs and Border Protection agency reported that facial recognition has caught thousands of identity fraud attempts since its rollout.

Corporate Offices – Large firms in Asia have reduced payroll fraud by adopting face-based attendance.

Healthcare – Hospitals use it to secure patient data and restrict access to sensitive areas.

These case studies highlight how versatile and impactful the technology can be when used responsibly.

 

The Future of Face Recognition

Imagine walking into a store, picking items, and leaving without waiting in line. Payment is automatically processed after the system confirms your face. This futuristic scenario is closer than you think. Retailers are already piloting systems where face recognition replaces credit cards.

At the same time, research is focusing on reducing bias. Early systems struggled with accuracy across different ethnicities. Today, continuous improvements are making recognition fairer and more reliable. Open-source contributions on platforms like GitHub are accelerating innovation by giving developers direct access to tools and data.

 

Conclusion

A face recognition system is more than just a tech buzzword. It is reshaping industries by offering speed, security, and convenience. From attendance tracking to fraud prevention, its applications are only expanding. But with great power comes great responsibility, and balancing innovation with privacy will decide how widely it gets adopted in the future. For organizations exploring the technology, brands like Recognito are paving the way with practical, secure, and developer-friendly solutions.

Friday, 19. September 2025

Shyft Network

Middle East Crypto in 2025: From Wild Experiments to Ironclad Rules

The Middle East’s crypto scene is no longer a playground for bold experiments. By September 2025, the region is laying down the law, transforming from a sandbox of ideas into a powerhouse of regulated innovation. Dubai’s regulators are cracking the whip, Bahrain’s rolling out bold new laws, and the UAE’s dirham is staking its claim as the backbone of digital payments. This isn’t just a shift — it’

The Middle East’s crypto scene is no longer a playground for bold experiments. By September 2025, the region is laying down the law, transforming from a sandbox of ideas into a powerhouse of regulated innovation. Dubai’s regulators are cracking the whip, Bahrain’s rolling out bold new laws, and the UAE’s dirham is staking its claim as the backbone of digital payments. This isn’t just a shift — it’s a seismic leap toward a future where compliance fuels growth. Let’s dive into the forces reshaping the region’s crypto landscape.

Dubai: Where Stablecoins Meet Serious Oversight

Dubai’s Virtual Assets Regulatory Authority (VARA) isn’t messing around. Gone are the days of loose guidelines and “let’s see what sticks.” VARA’s 2025 rulebook is a masterclass in clarity, dictating how stablecoins (Fiat-Referenced Virtual Assets) and tokenized real-world assets (RWAs) must be issued, backed, and disclosed. Want to launch a stablecoin or tokenize a skyscraper? You’d better have your paperwork in order.The real game-changer? Enforcement. VARA recently slapped a fine on a licensed firm, sending a crystal-clear message: licenses aren’t just badges of honor — they’re contracts with accountability. Dubai’s saying loud and clear: innovate, but play by our rules. This isn’t just regulation; it’s a blueprint for trust in a digital age.

Abu Dhabi: The Institutional Crypto Haven

While Dubai swings the regulatory hammer, Abu Dhabi Global Market (ADGM) is crafting a different narrative. Its Financial Services Regulatory Authority (FSRA) has fine-tuned its crypto framework to welcome institutional heavyweights. From custody to payment services, ADGM’s rules for fiat-referenced tokens are a magnet for serious players. Yet, privacy tokens and algorithmic stablecoins? Still persona non grata.

ADGM’s approach is a tightrope walk: embrace cutting-edge innovation while ensuring every move can withstand the scrutiny of global finance. It’s less about flashy pilots and more about building a crypto hub that lasts.

UAE’s Central Bank: Dirham Takes the Digital Crown

The Central Bank of the UAE (CBUAE) is drawing a line in the sand. As of September 2025, only dirham-pegged stablecoins can power onshore payments. Foreign tokens? Relegated to niche corners. This isn’t just policy — it’s a bold bet on the dirham as the anchor of the UAE’s digital economy. By prioritizing local currency, the CBUAE is ensuring the UAE doesn’t just participate in the crypto revolution — it leads it.

Dubai’s Real Estate Revolution: Tokenization Goes Big

Remember when Dubai’s tokenized real estate pilots were just a cool idea? Those days are gone. Recent sales, run with the Dubai Land Department, vanished in minutes, pulling in investors from every corner of the globe. The DIFC PropTech Hub is doubling down, turning these pilots into a full-blown movement. Tokenized property isn’t a gimmick anymore — it’s a market poised to redefine how we invest in real estate.

Bahrain and Beyond: The GCC’s Crypto Patchwork

Bahrain’s not sitting on the sidelines. Its new laws for Bitcoin and stablecoins are designed to make trading safer and more attractive to institutions. Meanwhile, Kuwait and Qatar are playing it cautious, keeping their crypto gates tightly shut. The GCC isn’t moving in unison, but the UAE and Bahrain are sprinting ahead, setting the pace for a region-wide crypto renaissance.

The Privacy Puzzle: Navigating the FATF Travel Rule

Behind the headlines lies a thornier challenge: the FATF Travel Rule. Virtual Asset Service Providers (VASPs) now have to share user data across borders, stirring up privacy and operational headaches. Enter Shyft Veriscope, a peer-to-peer platform that lets firms comply without exposing sensitive customer data to centralized risks. In a region obsessed with trust and growth, tools like these are the unsung heroes of crypto’s next chapter.

Why 2025 Is the Year to Watch

The Middle East isn’t just dabbling in crypto anymore — it’s rewriting the rules of the game. From dirham-backed stablecoins to tokenized skyscrapers, the region is building a digital asset economy where compliance isn’t a burden but a springboard. For founders, investors, and innovators, the message is clear: get on board, align with the rules, and seize the opportunity to shape a future where crypto isn’t just a buzzword — it’s a legacy.

About Veriscope

‍Veriscope, the compliance infrastructure on Shyft Network, empowers Virtual Asset Service Providers (VASPs) with the only frictionless solution for complying with the FATF Travel Rule. Enhanced by User Signing, it enables VASPs to directly request cryptographic proof from users’ non-custodial wallets, streamlining the compliance process.

For more information, visit our website and contact our team for a discussion. To keep up-to-date on all things crypto regulations, sign up for our newsletter and follow us on X (Formerly Twitter), LinkedIn, Telegram, and Medium.

Book your consultation: https://calendly.com/tomas-shyft or email: bd@shyft.network


Elliptic

New York banks get clarity on blockchain analytics requirements for digital assets

The New York State Department of Financial Services (NYDFS) has provided welcome clarity for banking organizations entering the digital asset industry. On September 17, 2025, NYDFS updated its regulatory guidance to bring New York banks and licensed foreign bank branches under the same blockchain analytics guidance previously applied only to virtual currency businesses.

The New York State Department of Financial Services (NYDFS) has provided welcome clarity for banking organizations entering the digital asset industry. On September 17, 2025, NYDFS updated its regulatory guidance to bring New York banks and licensed foreign bank branches under the same blockchain analytics guidance previously applied only to virtual currency businesses.


iComply Investor Services Inc.

KYB Compliance Software for Regulated Entities: Navigating Global AML Shifts

KYB requirements are tightening worldwide. This guide helps regulated firms navigate evolving AML expectations and shows how iComply streamlines compliance with secure, scalable software.

Regulated entities – including PSPs, VASPs, investment platforms, and trust companies – must meet rising KYB and AML expectations. This article highlights emerging requirements across the UAE, UK, EU, Singapore, and U.S.

Regulated entities operate in complex environments where KYB and AML compliance are non-negotiable. Whether your firm is a payment service provider (PSP), virtual asset service provider (VASP), investment platform, corporate services provider, a real estate agent, a mortgage broker, regulators are tightening standards.

In 2025 and beyond, firms must demonstrate robust KYB controls, real-time screening, and jurisdictional audit readiness – especially as rules evolve in key markets like the UK, UAE, and EU.

Emerging Global AML Requirements for Regulated Entities United Kingdom Regulators: Companies House, FCA Shifts: Mandatory KYB and identity verification for directors and PSCs; AML registration and sanctions screening under MLR 2017 United Arab Emirates Regulators: CBUAE, DFSA, VARA, ADGM Requirements: Risk-based onboarding, KYB for corporate clients, Travel Rule compliance, UBO discovery, and localized data handling European Union Regulators: AMLA (in development), national competent authorities Shifts: 6AMLD mandates KYB, UBO transparency, risk scoring, and centralized reporting; MiCA introduces crypto-specific controls Singapore Regulator: MAS Requirements: CDD/EDD obligations, sanctions list monitoring, transaction screening, and UBO tracking for regulated businesses United States Regulators: FinCEN, SEC, CFTC, state agencies Shifts: BOI reporting under the Corporate Transparency Act; mandatory KYB and AML controls for regulated financial service providers Compliance Challenges for Regulated Entities

1. Overlapping Regulatory Bodies
Firms often face scrutiny from sector-specific and national agencies.

2. Diverging Standards
KYB requirements vary across regions, and privacy rules complicate data handling.

3. High-Risk Clients and Transactions
Cross-border payments and digital assets raise red flags.

4. Legacy Compliance Systems
Siloed tools delay onboarding and lack real-time visibility.

iComply: Leading KYB Compliance Software for Global Entities

iComply enables regulated firms to standardize and scale AML workflows across jurisdictions with modular tools and built-in localization.

1. KYB + KYC Automation Verify entities and individuals using real-time registry, document, and biometric checks Visualize UBO networks and flag nominee ownership Encrypted edge processing for global data privacy compliance 2. KYT + Risk Monitoring Monitor transactions for suspicious patterns or volume anomalies Score risk based on client type, geography, and transaction behaviour Trigger escalations and audit-logged alerts automatically 3. Centralized Case Management Unify screening, onboarding, and regulatory review workflows Track every decision, flag, and escalation in one dashboard Export formatted reports for FinCEN, FCA, AMLA, and MAS 4. Deployment + Localization Deploy on-prem, in private cloud, or across multiple regions Jurisdiction-specific policies, thresholds, and audit trails Seamless integration with banking, CRM, and identity tools Case Insight: DIFC-Based Corporate Services Firm

A UAE-regulated corporate services firm implemented iComply’s KYB software to unify compliance across business clients:

Cut onboarding time by 70% Automated UBO and sanctions monitoring Passed DFSA audit with zero deficiencies

As KYB expectations evolve globally, regulated entities must modernize fast. iComply’s compliance software simplifies onboarding, standardizes audit preparation, and supports confident cross-border operations.

Talk to iComply to see how our KYB compliance software helps PSPs, VASPs, and financial institutions stay compliant—no matter where they operate.


BlueSky

Building Healthier Social Media: Updated Guidelines and New Features

Public discourse on social media has grown toxic and divisive, but unlike other platforms, Bluesky is building a social web that empowers people instead of exploiting them.

Public discourse on social media has grown toxic and divisive. Traditional social platforms drive polarization and outrage because they feed users content through a single, centralized algorithm that is optimized for ad revenue and engagement. Unlike those platforms, Bluesky is building a social web that empowers people instead of exploiting them.

Bluesky started as a project within Twitter in 2019 to reimagine social from the ground up — to be an example of “bluesky” thinking that could reinvent how social worked. With the goal of building a healthier, less toxic social media ecosystem, we spun out as a public benefit corporation in 2022 to develop technologies for open and decentralized conversation. We built Authenticated Transfer so Twitter could interoperate with other social platforms, but when Twitter decided not to use it, we built an app to showcase the protocol.

When we built the app, we first gave users control over their feed: In the Bluesky app, users have algorithmic choice — you can choose from a marketplace of over 100k algorithms, built by other users, giving you full control over what you see. There is also stackable moderation, allowing people to spin up independent moderation services, and giving users a choice in what moderation middleware they subscribe to. And of course there is the open protocol, which lets you migrate between apps with your data and identity, creating a social ecosystem with full data portability. Just today, we announced that we are taking the next step in decentralization.

Although we focused on building these solutions to empower users, we still inherited many of the problems of traditional social platforms. We’ve seen how harassment, vitriol, and bad-faith behavior can degrade overall conversation quality. But innovating on how social works is in our DNA. We’ve been continuously working towards creating healthier conversations. The quote-post used to let harassers take a post out of context, so we gave users the ability to disable them. The reply section often filled up with unwanted replies, so we gave users the ability to control their interaction settings.

Our upcoming product changes are designed to strengthen the quality of discourse on the network, give communities more customized spaces for conversation, and improve the average user’s experience. One of the features we are workshopping is a “zen mode” that sets new defaults for how you experience the network and interact with people. Another is including prompts for how to engage in more constructive conversations. We see this as part of our goal to make social more authentic, informative, and human again.

We’ve also been working on a new version of our Community Guidelines for over six months, and in the process of updating them, we’ve asked for community feedback. We looked at all of the feedback you gave and incorporated some of your suggestions into the new version. Most significantly, we added details so everyone understands what we do and do not allow. We also better organized the rules by putting them into categories. We chose an approach that respects the human rights and fundamental freedoms outlined in the UN Guiding Principles on Business and Human Rights. The new Guidelines take effect on October 15.

In the meantime, we’re going to adjust how we enforce our moderation policies to better cultivate a space for healthy conversations. Posts that degrade the quality of conversations and violate our guidelines are a small percentage of the network, but they draw a lot of attention and negatively impact the community. Going forward, we will more quickly escalate enforcement actions towards account restrictions. We will also be making product changes that clarify when content is likely to violate our community guidelines.

We were built to reimagine social from the ground up by opening up the freedom to experiment and letting users choose. Social media has been dominated by a few platforms that have closed off their social graph and squashed competition, leaving users few alternatives. Bluesky is the first platform in a decade to challenge these incumbents. Every day, more people set up small businesses and create new apps and feeds on the protocol. We are continuing to invest in the broader protocol ecosystem, laying a foundation for the next generation of social media developers to build upon.

Today’s Community Guidelines Updates

In January, we started down the path of updating our rules. Part of that process was to ask for your thoughts on our updated Community Guidelines. More than 14,000 of you shared feedback, suggestions, and examples of how these rules might affect your communities. We especially heard from community members who shared concerns about how the guidelines could impact creative expression and traditionally marginalized voices.

After considering this feedback, and in a return to our experimental roots, we are going to bring a greater focus to encouraging constructive dialogue and enforcing our rules against harassment and toxic content. For starters, we are going to increase our enforcement efforts. Here is more information about our updated Community Guidelines.

What Changed Based on Your Feedback

Better Structure: We organized individual policies according to our four principles – Safety First, Respect Others, Be Authentic, and Follow the Rules. Each section now better explains what's not allowed and consolidated related policies that were previously scattered across different sections. More Specific Language: Where you told us terms were too vague or confusing, we added more detail about what these policies cover. Protected Expression: We added a new section for journalism, education, advocacy, and mental health content that aims to reduce uncertainty about enforcement in those areas.

Our Approach: Foundation and Choice

We maintain baseline protections against serious harms like violence, exploitation, and fraud. These foundational Community Guidelines are designed to keep Bluesky safe for everyone.

Within these protections, our architecture lets communities layer on different labeling services and moderation tools that reflect their specific values. This gives users choice and control while maintaining essential safety standards.

People will always disagree about whether baseline policies should be tighter or more flexible. Our goal is to provide more detail about where we draw these boundaries. Our approach respects human rights and fundamental freedoms as outlined in the UN Guiding Principles on Business and Human Rights, while recognizing we must follow laws in different jurisdictions.

Looking Forward

Adding clarity to our Guidelines and improving our enforcement efforts is just the beginning. We also plan to experiment with changes to the app that will improve the quality of your experience by reducing rage bait and toxicity. We may not get it right with every experiment but we will continue to stay true to our purpose and to listen to our community as we go.

These updated guidelines take effect on October 15, and will continue to evolve as we learn from implementation and feedback. Thank you for sharing your perspectives and helping us build better policies for our community.

Thursday, 18. September 2025

SC Media - Identity and Access

Nearly half of mobile apps contain hardcoded secrets

Zimperium found that 1 in 3 Android apps and more than half of iOS apps leak sensitive data.

Zimperium found that 1 in 3 Android apps and more than half of iOS apps leak sensitive data.


Deepfake tool could defeat biometric authentication with jailbroken iPhone

The tool bypasses the physical camera to present AI-generated video as though it were live.

The tool bypasses the physical camera to present AI-generated video as though it were live.


Scattered Spider group targets financial sector despite claims

Ransomware group observed targeting financial sector after affiliates claimed it ceased operations.

Ransomware group observed targeting financial sector after affiliates claimed it ceased operations.


LISNR

How Mobility Leaders Turn Idle Ride Time into Opportunity

How Mobility Leaders Turn Idle Ride Time into Opportunity Mobility leaders across the globe are searching for a constant communication channel with their end customers. For transit leaders, there are three main touchpoints with their end consumers: Ticketing (Boarding), In-Transit, and Exit (Disembarkation). Most mobility leaders perfect one of the three, leaving possible revenue channels […] Th
How Mobility Leaders Turn Idle Ride Time into Opportunity

Mobility leaders across the globe are searching for a constant communication channel with their end customers. For transit leaders, there are three main touchpoints with their end consumers: Ticketing (Boarding), In-Transit, and Exit (Disembarkation). Most mobility leaders perfect one of the three, leaving possible revenue channels and ideal rider experiences on the table.

What communication channel can be capitalized across all three consumer journey touchpoints within mobility?

The Problem: Current proximity modalities are limited by one of the following: distance, throughput, hardware limitations, and interoperability.

The Solution: LISNR Radius offers a unique proximity modality that changes the way consumers interact throughout the rider journey. Our Radius SDK relies on ultrasonic communication between standard speakers (already installed in transit vehicles and stations) and microphones found in everyday devices like smartphones. By establishing a communication channel directly between the consumer device and the vehicle or station, transit operators can reduce wait times, improve accessibility, capitalize on idle time in transit, and segment their riders for variable pricing. 

Furthermore, LISNR offers Quest, our loyalty and gamification portal, which allows mobility leaders to keep a unified record of key customer interactions. With Quest, mobility leaders can incentivize off-peak rides and partner with nearby shops to offer advertisements directly to a rider in transit.

Talk with Our Team about Mobility Solutions The Proliferation of LISNR-Enabled Digital Touchpoints in Mobility

LISNR empowers businesses to capitalize on the digital touchpoints found in everyday transit experiences. By enabling the delivery of speedy ticketing and personalized offers directly to consumers’ devices, transit operators can engage their riders during all three stages of transit.

Ticketing

Legacy ticketing infrastructure creates long queues, is easy to bypass, and simply doesn’t work without a stable internet connection. Radius redefines this process with our ultrasonic SDK by working at longer ranges than NFC, with more pinpoint precision than BLE, and without a network connection at the time of transaction. Radius is already gaining major traction as a ticketing alternative in the mobility space. With our recent partnership with S-Cube, LISNR has expanded to provide a mass ticketing solution to the busiest transit stations in India.

S-Cube needed a faster and more secure way to enable ticketing for millions of riders. Moreover, S-Cube needed ticketing technology that could perform without a reliable network connection. Radius was able to achieve all of these and more. In testing, S-Cube saw a dramatic increase in rider throughput by switching from QR codes to Radius for ticketed gate access. They moved from processing 35 riders per minute to 60 riders per minute, representing an over 70% improvement.

 

S-Cube uses a Zone 66 broadcast at entry allowing consumers to identify themselves and validate their ticket as they approach the turnstile. Once at the turnstile, consumers can broadcast their account-based ticket information to the ticketing machine (Point1000 on Channel 0 from their device’s speaker). Since they have already been identified and validated, their passengers can breeze through the ticketing process.

See More Product Demos In-Transit Promotion

In-transit promotions are not a new concept, with buses and trains already filled with billboard-like advertising. More recently, rideshare applications have started showing ad space on the home page and key active pages. Unfortunately, these advertisements often go unnoticed, are rarely relevant to the end customer, and for rideshares, are only presented to the paying device. LISNR solves these problems with Radius and Quest.

Using Radius, transit operators can capitalize on idle time in transit by sending promotional offerings directly to all consumers’ devices that are present in the vehicle. For example, businesses at certain stops can target specific riders based on their commute patterns. Furthermore, food/grocery delivery platforms can focus on a tired passenger coming home from work.

By establishing this additional communication channel to their riders, the transit operator can send promotional messages from their partners directly to the most important audiences. By communicating at the device level, promotional offerings can be sent with the preferences of the end customer. Radius’s ultrasonic SDK operates above audible frequencies, meaning that even in noisy conditions, riders are still able to receive their promotions.

By incorporating Quest, transit operators (or their marketing partners) can keep a unified record of customers and the promotions they interact with. Over time, this leads to more relevant promotions and a better experience for marketers and riders alike. With Quest and Radius, transit operators can capitalize on riders’ idle time in transit while establishing a positive connection with them.

Radius tone being broadcast at a frequency higher than human hearing Example of Quest, gamified loyalty for a mobility ecosystem leader Identify the Exit Point

In some modes of transit it’s easy to identify when the consumer exits the vehicle (planes, rideshares), however, most modes of public transit are left in the dark. This lack of visibility into rider disembarkation makes certain variable pricing nearly impossible. With Radius, transit operators can leverage the rider’s microphone when in-app to detect and confirm the presence of the device. With Radius enabled, mobility operators can begin to charge based on a “Be-In-Be-Out” pricing model. These seamless transit experiences are gaining traction with the global contactless transit market projected to grow to $33.5B by 2030 (CAGR ~15%). This major shift is driven by account-based ticketing and distance/usage-based fares (Source: Allied Market Research, 2023). 

LISNR is here to enable transit ecosystem leaders with the technology to support a near-frictionless be-in/be-out user flow for consumers. Our long-range (Zone) ultrasonic tones can broadcast in-vehicle to detect the presence of devices. As riders exit the vehicle, the tones will no longer be detected and the app backend will end the variable pricing model for their trip.

Conclusion

LISNR’s contactless solutions help support the mobility and transit ecosystems across all major digital touchpoints in the consumer journey, from ticketing to exit. With these contactless touchpoints optimized for speed and security, ecosystem leaders can capitalize on variable pricing and answer the growing demand for frictionless experiences; all while establishing new revenue streams with in-transit promotions. 

Our customer loyalty and gamification portal, Quest, can support and optimize consumer touchpoints across the journey. Riders can be incentivized to travel in off-peak hours, receive bonuses for promotions that they convert on, and be rewarded for their achievements such as lifetime rides.

We’ve put together a comprehensive PDF that outlines where LISNR outperforms other contactless technologies commonly found in mobility. If you’re interested in learning more or sharing with a colleague, please feel free to download a copy below.

We’ve created an easily digestible overview of this process, highlighting the digital touchpoints for your passengers. Fill out your contact information below to download a digital copy.

The post How Mobility Leaders Turn Idle Ride Time into Opportunity appeared first on LISNR.


Thales Group

Thales Celebrates 30 Years of Sonar 2076 and Unveils Next-Generation Sonar 2176

Thales Celebrates 30 Years of Sonar 2076 and Unveils Next-Generation Sonar 2176 Language English simon.mcsstudio Thu, 09/18/2025 - 15:34 London, DSEI 2025 Thales has marked three decades of undersea dominance with a celebration of Sonar 2076 - from initial production in the mid-1990s, this is the Royal Navy’s sovereign sonar system that un
Thales Celebrates 30 Years of Sonar 2076 and Unveils Next-Generation Sonar 2176 Language English simon.mcsstudio Thu, 09/18/2025 - 15:34 London, DSEI 2025

Thales has marked three decades of undersea dominance with a celebration of Sonar 2076 - from initial production in the mid-1990s, this is the Royal Navy’s sovereign sonar system that underpins the silent strength of the UK’s submarine fleet.

Held during DSEI 2025, the anniversary event also served as the debut of its successor: Sonar 2176 - a next-generation sonar suite engineered for the future battlespace and the next generation of attack submarines.

Bringing together key figures from across the submarine domain, including the Defence Nuclear Organisation (DNO), Submarine Delivery Agency (SDA), Royal Navy, BAE Systems, DSTL, and Thales’ supply chain partners, the evening reflected on a proud heritage and marked a future-facing commitment to delivering sovereign advantage below the waves for decades to come.

“Through 30 years of development, production and operation, Sonar 2076 provides the warfighting edge for the Royal Navy’s submarine fleet, enabling stealth, intelligence, and lethality in the most contested domains,” said Paul Armstrong, Managing Director, Underwater Systems, Thales UK. 

“The transition to Sonar 2176 signals a new era of undersea operational readiness - designed to outpace threats and enable dominance in the underwater battlespace, building on technologies and capabilities already being built into current and future submarine classes”.

Proven Legacy, Future-Ready Technology

Sonar 2076 has evolved through decades of continuous enhancement, intelligence integration, and real-world operational feedback. It now demonstrates a major milestone as a modular, upgradeable system architecture, aligned to all current and future submarine platforms.

The newly revealed Sonar 2176 sonar suite introduces a generational leap in performance, modularity, and adaptability. Designed for spiral development through-life and to fully integrate with the SSN-AUKUS class, it ensures UK submarines maintain decision superiority in high-threat environments.

Key Highlights: Silent service across three decades: Operational excellence and trusted sovereign delivery through Sonar 2076. Unveiling of Sonar 2176: A step-change in acoustic warfare for the Royal Navy’s next-generation attack submarines. Strategic contribution: Supporting UK Defence priorities through high-value skills, Subject Matter Expert growth, and innovation via the Sonar Academy. Fleet alignment: Directly supporting the UK’s ambition to build up to 12 attack submarines as part of SSN-AUKUS programme in response to the rapidly increasing threats. 

Thales remains committed to delivering world-class mission-critical underwater systems that give UK and allied forces the decisive edge.
 

/sites/default/files/database/assets/images/2025-07/Thales-CortAIx-1920x640-visuel_0.jpg 18 Sep 2025 United Kingdom Thales has marked three decades of undersea dominance with a celebration of Sonar 2076 - from initial production in the mid-1990s, this is the Royal Navy’s sovereign sonar system that underpins the silent strength of the UK’s submarine fleet. Type News Hide from search engines Off

IDnow

Why compliance and player protection define iGaming in Germany – DGGS’s CEO Florian Werner on leading the way.

We spoke with Florian Werner, CEO of Deutsche Gesellschaft für Glücksspiel (DGGS), the operator behind the JackpotPiraten and BingBong brands, to understand how strict regulatory requirements under the Interstate Treaty on Gambling (GlüStV 2021) are shaping iGaming in Germany. From the country’s strong focus on player protection to navigating compliance challenges Werner explains how DGGS […]
We spoke with Florian Werner, CEO of Deutsche Gesellschaft für Glücksspiel (DGGS), the operator behind the JackpotPiraten and BingBong brands, to understand how strict regulatory requirements under the Interstate Treaty on Gambling (GlüStV 2021) are shaping iGaming in Germany.

From the country’s strong focus on player protection to navigating compliance challenges Werner explains how DGGS balances regulation with player experience – and why trusted partners like IDnow are essential for building a sustainable, responsible iGaming market. 

As one of Germany’s earliest licensed iGaming operators, DGGS has taken on both the pride and responsibility of setting industry standards. With its JackpotPiraten and BingBong brands, the company is committed to combining entertainment with strong compliance and social responsibility. In this interview, CEO Florian Werner shares how DGGS works with regulators, leverages technology to protect players and adapts to the challenges of one of Europe’s most tightly regulated markets. 

Why being first in Germany came with pride – and responsibility  In 2022, DGGS’ JackpotPiraten and BingBong became the first brands to receive a national slot licence from the German regulator, GGL. What did that milestone mean for you as an operator – especially in terms of your responsibility to lead in compliance and player protection?

We were delighted and proud to be the first operator to meet the necessary requirements for entering the German market. At the same time, we are fully aware of the responsibility this entails. That is why we are committed to acting responsibly and have deliberately chosen such an experienced partner as IDnow to stand by our side, supporting us actively in key areas such as player protection, account verification, and the safety of our players.

How does IDnow help you protect your players?

IDnow helps us reliably verify the identity of our players, making sure that no one can play under a false name. At the same time, the solution provides a secure and compliant identity check that effectively prevents underage gaming and fraud. This way, we create a trustworthy and protected environment for all our players.

Why regulation in Germany creates both challenges and opportunities  What were the most significant regulatory and operational challenges you faced in those first months?  

The biggest challenges in the regulated German market have remained unchanged since legalization. These primarily include the high tax burdens in Germany, which have a negative impact on payout ratios and the overall gaming experience of virtual slot machines. In addition, requirements such as a €1 stake limit and the mandatory delay between game rounds (the ‘5-second rule’) pose significant challenges. Since many of these regulations were newly introduced under the 2021 Interstate Treaty on Gambling (GlüStV 2021), a meaningful exchange of experiences was initially difficult. However, we are in contact with various industry representatives and remain hopeful for a more attractive offering for German players in the future.

How does the DGGS work with GGL and other regulators to protect players and combat fraud and how does it stay up to date with any regulatory changes to ensure continuous compliance? 

We are engaged in regular dialogue on multiple levels, collaborating closely with both industry associations and regulatory representatives. In particular our compliance team maintains an ongoing exchange that we experience as collegial, constructive, and open.

Why technology and trusted partners are the backbone of compliance  What role do trusted technology or identity verification partners play in maintaining your compliance and risk posture? 

Verification and identity-check technologies are of vital importance. In Germany, strict regulations rightly govern the handling of personal data. To meet these standards effectively, we rely on experienced external providers whose expertise ensures secure, efficient, and reliable processes at a scale that would not be possible manually.

Why responsible gambling is more than a legal requirement  The German GGL regulation is centred on social responsibility and player protection. What specific measures do you have in place to identify and assist players at risk of gambling harm? 

At our online casinos JackpotPiraten and BingBong, we analyze player behavior and ensure a safe gaming experience. If signs of problematic gambling emerge, we are able to reach out directly to the player and if necessary, exclude them from play. As part of the regulated market, we see this consistent and responsible approach as one of our core duties in protecting players.

How do you ensure that your responsible gambling tools are actually effective? Do you measure outcomes or make improvements based on player feedback or behavioral data? 

We take responsible gambling very seriously and therefore conduct ongoing monitoring of player activity. If signs of problematic gambling behavior are detected and cannot be changed, we can take a range of measures, including the closure of the player’s account.

Can you describe how the OASIS self-exclusion system is integrated into your platform and how you handle self-excluded or returning players? 

Players can exclude themselves at any time directly on our platforms through the OASIS self-exclusion system. In addition, a ‘panic button’ is available, enabling an immediate 24-hour break from play. Once registered with OASIS, players are automatically blocked from accessing our platforms and are prevented from receiving any form of personalized advertising. These measures reflect our strong commitment to responsible gambling and player protection.

What trends are you seeing in player behavior since the introduction of the new regulatory framework? 

In international comparison, German legislation for virtual slot games is very strict. Tax rates are set at a high level, which negatively impacts the payout ratios of the games. In addition, there are stake restrictions and a requirement for a minimum game round duration of five seconds. Players view these measures very critically and often turn to the less restrictive and more attractive offerings of the black market. As a result, tax revenues in Germany from virtual slot games have been continuously declining, an unfortunate negative trend.

Transparency is key in regulated markets. How do you communicate responsible gambling features and policy updates to your players in a clear and proactive way? 

At Deutsche Gesellschaft für Glücksspiel, raising awareness among players about responsible gaming is a core priority. We follow a dual strategy that goes well beyond legal requirements. In line with regulations, we provide a dedicated information section on our platforms that explains how to use gambling products safely. Clear warnings about potential risks are displayed transparently, and players can access support organizations directly through the links we provide.

Going further, we actively engage our players through a regular newsletter and our innovative Slot Academy. Here, education takes place via live video sessions that continuously address the risks of virtual slot games and promote responsible, informed play.

Why entertainment and responsibility can go hand in hand  Looking ahead, what’s next for DGGS? Are there upcoming developments, features, or goals you’re particularly excited about? 

This year we are celebrating the Jackpot Video Awards 2025. The idea for an event together with our players came directly from the community. The Jackpot Video Awards combine entertainment with player protection and are eagerly anticipated by both our team and the players.

Interested in more from our customer interviews? Check out: Docusign’s Managing Director DACH, Kai Stuebane, sat down with us to discuss how secure digital identity verification is transforming digital signing amid Germany’s evolving regulatory landscape.

By

Nikita Rybová
Customer and Product Marketing Manager at IDnow
Connect with Nikita on LinkedIn


auth0

Implementing DPoP with Auth0

Learn to implement DPoP with Auth0 to secure your SPA and API. This guide shows how to protect your tokens and prevent token replay attacks with Auth0's SDKs.
Learn to implement DPoP with Auth0 to secure your SPA and API. This guide shows how to protect your tokens and prevent token replay attacks with Auth0's SDKs.

Oktane Online 2025: The AI Security Event You Can’t Miss

Oktane Online, the AI security event of the year, streams live Sept 25-26. Get 40+ sessions, keynotes, live announcements, and CPE credits—all for free!
Oktane Online, the AI security event of the year, streams live Sept 25-26. Get 40+ sessions, keynotes, live announcements, and CPE credits—all for free!

FastID

Publish your website without a host

Deploy static sites to Fastly Compute directly from your browser or IDE. Publish blogs, apps, and websites at the edge without hosting.
Deploy static sites to Fastly Compute directly from your browser or IDE. Publish blogs, apps, and websites at the edge without hosting.

Thursday, 18. September 2025

SC Media - Identity and Access

Over half of security alerts occur outside of business hours

New Arctic Wolf report shows how attackers exploit identity and timing to breach networks.

New Arctic Wolf report shows how attackers exploit identity and timing to breach networks.


Microsoft, Cloudflare coordinate takedown of RaccoonO365 phishing infrastructure

More than 300 websites were seized by Microsoft’s Digital Crimes Unit following a court order.

More than 300 websites were seized by Microsoft’s Digital Crimes Unit following a court order.


auth0

Is Your Product Hitting Its Limits? A Guide to Upgrading Your Auth0 Plan

Discover the key signals that show your product is ready to move beyond the Auth0 Free plan. Learn how upgrading can enhance security, ensure compliance, and unlock new opportunities for growth.
Discover the key signals that show your product is ready to move beyond the Auth0 Free plan. Learn how upgrading can enhance security, ensure compliance, and unlock new opportunities for growth.

Thales Group

EIB backs Thales with €450 million loan

EIB backs Thales with €450 million loan prezly Wed, 09/17/2025 - 18:15 This EIB financing will support Thales' investments in research and development for aeronautics and radars. The large-scale project will have a significant impact on the European security and defence industry. It is the EIB’s first corporate loan to France’s security and defence sector. The projec
EIB backs Thales with €450 million loan prezly Wed, 09/17/2025 - 18:15 This EIB financing will support Thales' investments in research and development for aeronautics and radars. The large-scale project will have a significant impact on the European security and defence industry. It is the EIB’s first corporate loan to France’s security and defence sector. The project also aligns with the EIB’s TechEU programme, which aims to foster innovation and the development of new technologies.

The European Investment Bank (EIB) has granted a €450 million loan to Thales to finance its research and development investment programme in aeronautics and radar technologies. This programme is set to run until the end of 2027 and aims to enhance the safety and efficiency of both civil and military flights, while those in radar will make it possible to modernise current equipment and develop a new generation of civil and military software and radar systems.

As well as being Thales’ first EIB loan, it is also one of the biggest corporate loans the EIB has ever granted in the security and defence sector. The loan is part of TechEU, the EIB’s innovation programme launched in June with €70 billion in funding available until 2027.

EIB Vice-President Ambroise Fayolle said: “In the security and defence sector, innovation is key. The EIB is therefore pleased to help Thales, global leader in technologies for defence, aerospace and cyber security, to remain at the forefront of technological development. This initial operation with Thales also shows the EIB Group’s strong commitment to financing the security and defence sector, which is central to European sovereignty.”

Thales Senior Executive Vice-President, Chief Financial Officer Pascal Bouchiat said: “We are very pleased with this support from the European Investment Bank, which reinforces the Group’s technological leadership and its contribution to European sovereignty. With 3,000 researchers and 30,000 engineers involved in Research and Development, and €4.2 billion invested each year in R&D, Thales is recognized as one of the most innovative companies in the world.”

EIB Group support for European security and defence

Since 2024, the EIB Group has significantly stepped up its support for the development of European security and defence capabilities. Its activities in this area are a cross-cutting and permanent public policy objective of the Group, as well as being part of its eight strategic priorities for the period 2024-2027.

The EIB Group has revised its lending policy to broaden the eligibility criteria and the range of security and defence projects it can finance. It has also set up a Security and Defence Office to ensure a rapid and effective response to project proposals.The EIB Group’s objective is to allocate 3.5% of its total financing planned for 2025 (approximately €3.5 billion) to security and defence-related projects.

As a result of its ongoing and productive dialogue with industry and financial intermediaries, defence ministries and key institutions such as the European Commission, the European Defence Agency and NATO, the EIB Group has a solid portfolio of 80 projects under review that contribute to the European Union’s security and defence capabilities.

You can find out more about the EIB’s support for the European security and defence sector here.

/sites/default/files/prezly/images/Banni%C3%A8re%20Thales_3.jpg Documents [Prezly] EIB backs Thales with €450 million loan.pdf Contacts Cédric Leurquin 17 Sep 2025 Type Press release Structure Investors The European Investment Bank (EIB) has granted a €450 million loan to Thales to finance its research and development investment programme in aeronautics and radar technologies. This programme is set to run until the end of 2027 and aims to enhance the safety and efficiency of both civil and military flights, while those in radar will make it possible to modernise current equipment and develop a new generation of civil and military software and radar systems. Hide from search engines Off Prezly ID 797400 Prezly UUID f098d425-be29-43e6-b0eb-3a6a7e9f7078 Prezly url https://thales-group.prezly.com/eib-backs-thales-with-450-million-loan Wed, 09/17/2025 - 20:15 Don’t overwrite with Prezly data Off

Dark Matter Labs

Where to? Five pathways for a regenerative built environment

Where to next? Five pathways for a regenerative built environment Possibilities for the Built Environment, part 2 of 3 This is the second in a series of three provocations, which mark the cumulation of a collaborative effort between Dark Matter Labs and Bauhaus Earth to consider a regenerative future for the built environment as part of the ReBuilt project. In the first piece, we sugg
Where to next? Five pathways for a regenerative built environment Possibilities for the Built Environment, part 2 of 3

This is the second in a series of three provocations, which mark the cumulation of a collaborative effort between Dark Matter Labs and Bauhaus Earth to consider a regenerative future for the built environment as part of the ReBuilt project.

In the first piece, we suggested how six guiding principles for a regenerative built environment could redirect our focus. In this piece, we lay out six pathways toward regeneration, with suggested benchmarks and possible demonstrators, as a means of starting conversations, and identifying allies and tensions. The final piece in the series uses the configuration of the cement industry to explore the idea of nested economies and possible regenerative indicators.

Toward a process-based definition of regeneration

This piece leans into the friction between today’s extractive norms and the regenerative futures we have yet to realise.

We propose five pathways to establish regenerative practices throughout the built environment: these will span scales and sectors while driving change aligned with the principles laid out in the previous provocation. These pathways represent five modes for developing a multiplicity of new metrics, as well as creating the conditions for further progress to be taken on by future generations. Embedded in this logic are multiple and diverse systemic entry points for various actors to engage along the way.

These pathways are directions of travel that can be launched within the current economic system, without adopting a solution mindset. However, there are still real challenges to progress because of today’s political economy and scale of the polycrisis. While these pathways can be initiated within the current economic system, to be fully realised they must transform the system itself along the way.

One aspiration for these pathways is that they can capture the imagination and energies of a range of stakeholders, by creating containers for the changes it will take to bring us to a regenerative built environment. If we assume that to reach this future we will need both paradigm-shifting ‘impossible’ ideas and real demonstrations of best practices within our current contexts, then these pathways can hold together the different strands of effort, from the more feasible to the boundary-pushing, in one directional container. In each pathway, we ourselves look toward collaborators across geographies and disciplines to imagine, visualise and orient ourselves toward where these shifts could take us, in 2030, 2050 and beyond.

On a pragmatic level, structures to support initiation and governance of these pathways already exist and can be further fostered. Ownership for pathways can sit at the city or municipal level, supported by city networks such as Net Zero Cities, C40 cities and others, and further enabled through multi-municipal or regional coalitions to reach national scales. This type of multi-scalar, integrated approaches to the pathways can create the conditions for bottom-up schemes and ideas in communities and allow these to grow. The scale and pace of the transition we need requires governing decision-makers to have visibility over exceptional ideas that can push at the edges of the Overton window.

These pathways are not wholesale solutions to the problem, but rather provocative visions to incite discussion, draw out coalitions, grow a sense of responsibility and build momentum. It’s not that if we do these five things that a regenerative future will be reached. Rather, these are components of a re-envisioning.

Pathway 1: Maximising utilisation

Maximising the utilisation of our existing resources, spaces and infrastructures is one of the most transformative actions we can undertake in a context of resource shortage, carbon emissions crisis and labour crisis. That is especially relevant in the European context where our resource and space use inefficiencies are massive. Unlocking this latent capacity promises significant advancements in social justice and decoupling space and use creation from extraction and pollution. This develops a range of strategies from full utilisation of existing building stock, sharing models, flexible space use, with instruments such as open digital registries, smart space use platforms, smart contracts, and the like.

Image: Ivana Stancic, Dark Matter Labs, ‘A New Economy for Europe’s Built Environment’ white paper, for New European Bauhaus lighthouse project Desire: An Irresistible Circular Society, 2024.

Deep structural changes in mechanisms to challenge speculative land markets and reform regulatory frameworks will be needed to embed redistributive and democratic principles into the governance of urban space.

Potential challenges:

The implementation of maximal utilisation is severely constrained by today’s profit-driven development logic, which prioritises profit through new development and property speculation over efficient or shared use. Institutional inertia, entrenched ownership regimes and the financialisation of housing all work against such a shift, while digital tools like registries and smart contracts risk reinforcing existing inequalities if not democratically governed.

System demonstrator: reprogramming office buildings from 35% to a 90% use, increasing financial flows of the building
What could this look like in 2050? Multi-actor spatial governance frameworks and use-based permissions Dynamic pricing structures for building use based on occupancy and social value creation Highly durable building structures with adaptable multi-use internal spaces Outcomes-based financing models tied to social and ecological impacts Mixed use public-private-NGO partnerships Public digital booking platforms for maximised utilisation of spaces Pathway 2: Next-generation typologies

Next typologies are no longer governed by the principle that form follows function. Instead, they transcend traditional asset classes based on programmatic use, as a new asset class valued for the optionality, flexibility, use efficiency and value creation they provide. Decoupling value creation from extraction, systemic inefficiencies and carbon emissions here happens through focusing on social capital–for instance, radical sharing and cooperation models, as well as intellectual capital–as new innovation models and new design typologies.

Image: Ivana Stancic, Dark Matter Labs, ‘A New Economy for Europe’s Built Environment’ white paper, for New European Bauhaus lighthouse project Desire: An Irresistible Circular Society, 2024.

Without directly challenging speculative land markets, financialisation, and the classed and racialised histories embedded in built form, next-generation typologies may risk becoming a greenwashed evolution of the status quo rather than a transformative departure from it.

Potential challenges:

In capitalist urban systems, typologies and asset classes are produced through financial logics, property relations and commodification. Reframing buildings as flexible, innovation-driven assets may simply reproduce these dynamics in a new guise, reinforcing speculative value creation and market discipline under the banner of sustainability.

System demonstrator: Community living rooms–lightweight extensions on existing buildings, providing amenities with the right to use
What could this look like in 2050? Building public awareness in benefits of social time in relation to mental health New standards and codes for shared spaces and assets Tax reductions linked to carbon reduction impact of maximising efficiency Shared kitchens, living rooms, laundry rooms, appliances, tools and workshops Policy innovation enabling categorisation of shared spaces Increased cross-generational support, decreased loneliness, depression, stress levels Pathway 3: Systems for full circularity

Even though we have comprehensive knowledge on circularity, current levels in Europe are extremely low, and globally its rate is declining, thus this work focuses on the systems unlocking it and instruments driving its advancement on the ground. Apart from a comprehensive understanding of the craft (design for disassembly, development of city-scale material components networks, use of non-composite materials), we need the institutional economy and systems enabling circularity. That includes instruments such as material registries, material passports, financing mechanisms, design regulations, all developed simultaneously to unlock the new systems for circularity.

Image: Ivana Stancic, Dark Matter Labs, ‘A New Economy for Europe’s Built Environment’ white paper, for New European Bauhaus lighthouse project Desire: An Irresistible Circular Society, 2024.

For circularity to be genuinely transformative, it must be accompanied by political and economic restructuring — challenging the growth imperative, redistributing material control, and embedding democratic governance into how urban resources are managed and reused.

Potential challenges

Structural barriers hinder circularity. Extraction, planned obsolescence and short-term profit maximisation, which are the main imperatives in the current system, actively disincentivise long-term material stewardship. Circular practices often require slower, more localised and collaborative modes of production, which clash with the logics of global supply chains, speculative development and financialised real estate.

Moreover, without addressing issues of ownership, labour relations and uneven access to materials and technologies, circular systems risk being implemented in ways that benefit private actors while offloading costs onto public bodies or marginalised communities.

System demonstrator: City-scale architectural components bank, with developers’ right-to-use models
What could this look like in 2050? Material data registries and warranties for secondary materials Lightweight extensions, maximising utilisation and reuse of existing buildings City-scale material balance sheets and data registries for localised material cycles Civic material hubs for storage and distribution, zero carbon transport and logistics networks Demountable and highly adaptable building design Sinking funds for facilitating material reuse during deconstruction Pathway 4: Biogenerative material economy

The long-term future of our material economy must be bioregenerative. This transition needs deep understanding of systems impacts, avoiding further global biodiversity and land degeneration through green growth. This shift requires a transformation in land use for materials, moving from “green belts’’ to permaculture and regenerative methods, from supply chains to local supply loops. This requires developing new local material forests, zero-carbon local transport, non-polluting construction methods, as well as the policy, operational and financial innovation for a successful implementation of a fully biocompatible material economy.

Image: Ivana Stancic, Dark Matter Labs, ‘A New Economy for Europe’s Built Environment’ white paper, for New European Bauhaus lighthouse project Desire: An Irresistible Circular Society, 2024.

True transformation will involve challenging capitalist land markets, redistributing land and decision-making power and centering indigenous and community-led stewardship practices within the material economy.

Potential challenges:

We must not underestimate how global capitalism — through land commodification, agribusiness and extractive supply chains — actively undermines regenerative potential. Transforming green belts into permaculture zones, or establishing local material forests, requires not just technical and policy innovation, but a fundamental shift in land ownership, governance and power relations. Without addressing who controls land and resources, and whose interests are served by current material economies, there is a danger that biogenerative strategies become niche or elite enclaves, rather than systemic solutions.

System demonstrator: Neighbourhood gardens of biomaterials for insulation panels components for on site retrofitting
What could this look like in 2050? Regenerative agriculture & forestry practices and open education programs Certification for regenerative agriculture & carbon storage Macro-investments in bioregional forests & urban farms Civic biomaterial experimentation workshops & micro-factories Land restoration & rewilding sinking funds Regional, regenerative biomaterial supply chains, zero-carbon logistics networks Pathway 5: Shifting comfort, increasing contact

The ways we live in buildings today alienates us from our environmental and earthly context. Today’s built environment is designed to optimise for sterilisation through conditioned environments, separating us from the biomatter that is both input and output to our livelihoods. In providing comfort, we have been depending on extraction of resources, other species, biodiversity and ironically ourselves. We need to decouple the economy of comfort, which is here a shorthand for human-optimised environmental conditions, from extraction and externalisation. Pathways in driving this shift include participation and care models, increasing social values, shifting human relation to nature, a shift from technological to ecological services providing comfort, an increase in social and physical activity, a shift from the building scale to other scales, such as city-scale nature-based infrastructures and micro-scale furniture or clothing.

Image: Ivana Stancic, Dark Matter Labs, ‘A New Economy for Europe’s Built Environment’ white paper, for New European Bauhaus lighthouse project Desire: An Irresistible Circular Society, 2024.

Real progress will involve confronting the socio-economic systems that produce uneven access to comfort, land and energy, and reconfiguring them through justice-oriented redistribution, democratic urban governance and decommodified approaches to housing and care.

Potential challenges:

In this pathway, we must not romanticise behavioural or cultural change without sufficiently addressing the structural conditions that produce and maintain the current ‘economy of comfort’. The alienation it describes is not simply the result of misplaced design priorities or cultural habits, but of a capitalist system that commodifies comfort, standardises it through global construction norms, and externalises its costs onto ecosystems and marginalised communities. Some people experience the comfort constructed by today’s systems much more than others.

Shifting toward ecological and participatory models of comfort is valuable, but without challenging the political economy that privileges resource-intensive, climate-controlled lifestyles for some while denying basic shelter or agency to others, such shifts may remain symbolic or limited in scope.

System demonstrator: Retrofitting a neighbourhood to new comfort standards to increase this area’s economic resilience to changing energy landscape.
What could this look like in 2050? New standards and codes for comfort Tax reductions linked to shifts in investments from mechanical towards ecological services Curriculum rethinking lifestyles in relation to health impacts Investments in extending ecological services and permeable surfaces for flood mitigation, indoor and outdoor comfort through passive climatisation Infrastructures for integral value accounting Capturing and measuring physical and mental health impacts More community and individual knowledge about how to deal with the material world, ranging from biomatter to biodegradable consumer goods Local biowaste sorting and utilisation in industry/agriculture From a static to a process-based definition of a regenerative future

In viewing our transition to a regenerative built environment through these core shifts, we look toward a process-based definition of what is regenerative. A process-based definition would be an understanding of the regenerative that is calculated not by fixed, profit-driven metrics, determined on the basis of isolated data-points, or tied to particular policy benchmarks, but rather something dynamic, intuitive, and assembled from across knowledge-spheres and perspectives, with their associated means of measurement.

A process-based definition might adapt to the changing data landscape, material reality, technopolitical ground conditions and Overton windows of different contexts. Whereas absolute metrics like embodied carbon are difficult to attain with accuracy, and fail to capture the whole picture, targets pegged to individual points in time and specific standards can quickly become obsolete. A process-based approach is inspired by DML’s Cornerstone Indicators [more information at this link], a methodology which creates composite, intuitive indicators for assessing change over time, co-developed and governed in place.

Originally co-designed with Dr Katherine Trebeck, the Cornerstone Indicators were initiated in the city of Västerås in Sweden to support citizens to co-design simple, intuitively understandable indicators that encapsulate what thriving means to the people of the Skultana district. The indicators, which align with overall goals like ‘health & wellbeing’ and ‘strong future opportunities’, can facilitate greater understanding of a place, enable further conversation, and guide future decisions. The initial 9-month workshop process to design this first iteration of the Cornerstone Indicators, resulted in indicators such as ‘the number of households who enjoy not owning a car’, and ‘regularly doing a leisure activity with people you don’t cohabit with’ which were analysed and offered to local policymakers. The success of this process has led to explorations of the Cornerstone Indicator process across Europe and North America. Initiatives like the Cornerstone Indicators present a model of how momentum toward a regenerative future for the built environment can be built. It’s urgent that we begin using process-based definitions and practices to bring more people to the table and increase the potential for transition pathways to gain traction.

Conclusion

In the first two pieces in this series, we have explored the idea of a regenerative future in the built environment by examining how our current frameworks for regeneration fall short of meeting the demands of the present moment. We outline principles and pathways for charting a course toward genuine transformation.

In providing examples of leading-edge organisations making progress toward a regenerative future, these pieces are intended to invite conversation, feelings of agency and reflection, even in the face of prevailing systemic constraints. Rather than offering neat solutions, this piece seeks to open doors to new possibilities.

The context and projections offered here raise a number of questions. For a wholesale transition, it will be important to understand what will indicate progress toward regeneration, as well as how decisions will be made in order to resist the co-opting of regenerative principles into status quo ways of operating.

The remaining piece in this series will explore:

How configurations of material extraction, labour and monetary capital entrench nested economies and particular power relations, using the example of the cement industry Possible indicators of progress toward a regenerative built environment, and of the limitations encountered

Together these pieces aspire to introduce the idea of a regenerative built environment and associated promises and challenges, to inspire a sense of direction and to sketch the broader systemic shifts to which we must commit.

This publication is part of the project ReBuilt “Transformation Pathways Toward a Regenerative Built Environment — Übergangspfade zu einer regenerativen gebauten Umwelt” and is funded by the German Federal Ministry for the Environment, Nature Conservation, Nuclear Safety and Consumer Protection (BMUV) on the basis of a resolution of the German Bundestag.

This piece represents the views of its authors, including, from Bauhaus Earth, Gediminas Lesutis and Georg Hubmann, and from Dark Matter Labs, Emma Pfeiffer and Aleksander Nowak.

Where to? Five pathways for a regenerative built environment was originally published in Dark Matter Laboratories on Medium, where people are continuing the conversation by highlighting and responding to this story.


Thales Group

Unlocking innovation: The impact of a diverse workforce in the STEM industry

Unlocking innovation: The impact of a diverse workforce in the STEM industry Language English simon.mcsstudio Wed, 09/17/2025 - 16:17 By Sam, Director of Research, Technology & Solution Innovation, and Charlotte, Principal AI Researcher, Thales UK The face of the technology sector has changed over recent decades. Historically shaped by a narrow demo
Unlocking innovation: The impact of a diverse workforce in the STEM industry Language English simon.mcsstudio Wed, 09/17/2025 - 16:17

By Sam, Director of Research, Technology & Solution Innovation, and Charlotte, Principal AI Researcher, Thales UK

The face of the technology sector has changed over recent decades. Historically shaped by a narrow demographic, the industry is waking up to the reality that diverse perspectives aren’t just welcome – they are essential.

This isn’t about box-ticking or cultural sentiment – it’s about building better solutions. Diversity – of gender, ethnicity, neurodiversity, working background and lived experience – strengthens innovation by unlocking creative problem-solving, challenging assumptions, and producing outcomes that more accurately reflect the world we live in.

As the UK pursues its ambition to become a global leader in AI, as set out in the Prime Minister’s 2025 AI Opportunities Action Plan, it’s clear that people will be just as critical as technology. If we want smarter systems, we need broader perspectives.

Why diversity is critical to innovation in tech

Whether in AI, defence technology or mission-critical systems, innovation today relies on interdisciplinary thinking. Gone are the days of linear product development managed by a single skillset. Modern innovation centres and research teams draw on engineers, mathematicians, psychologists, data scientists, operational end users and domain experts – all working together to interrogate complex problems.

Homogenous teams tend to converge on shared assumptions. Diverse teams, on the other hand, are more likely to stress-test ideas, spot flaws, and think laterally. Problems in these fields rarely have a single “correct” answer.  Creative collaboration and constructive challenge – made possible by teams of people who think differently – leads to more robust, adaptable and user-ready outcomes.

The result? Smarter tools, more intuitive user interfaces, and technologies that don’t just solve today’s challenges, but anticipate tomorrow’s. Crucially, diverse teams are often better positioned to foresee unintended consequences and to build systems that are trustworthy, fair and explainable.

Diversity doesn’t just serve the business – it delivers for the customer

Diversity doesn’t just benefit internal creativity – it also shapes stronger, more relevant solutions for our customers. In defence, aerospace and AI, clients are increasingly seeking partners who understand their problems from different angles – rather than just mirroring their own structure.

Diverse teams demonstrate different thinking, creativity and real-world thinking. That richness enables better co-creation: where solutions are developed in close collaboration with customers, through methods like hackathons, co-design sessions or open-innovation workshops. This collaborative model accelerates innovation delivery, while ensuring solutions meet real-world needs.

We’ve seen this firsthand with autonomous systems, where teams must account for technical viability, operational usability and ethical transparency all at once. A multidisciplinary team – including AI engineers, human factors experts and former operators – will often approach the same problem in fundamentally different ways. The result is a stronger outcome: one that’s not only technically robust, but explainable, mission-relevant, and ready for deployment.

Diversity in practice at Thales cortAIx

cortAIx, Thales’ AI Accelerator, brings together Thales’s capabilities in the fields of research, sensors and systems.

Globally, cortAIx already employs over 600 AI and data specialists. By the end of 2025, cortAIx in the UK will sustain 200 highly skilled AI and data specialist roles, supporting the Government’s vision for AI-driven growth and productivity.

The unit’s focus on innovation, resilience and usability in AI systems demands input from people with widely different perspectives – ensuring that technologies are deployed ethically, securely, and transparently.

From compliance to culture: how to build and retain diverse teams

Delivering on the promise of diversity requires a deliberate shift in how organisations attract, develop and retain people.  When looking to build a workforce that reflects wider society, there are approaches that all organisations could look to apply:

Reshape recruitment: job descriptions can be redesigned to remove exclusionary language, and selection tools introduced that increase inclusivity, support neurodivergent candidates, and reduce unconscious bias. Broaden entry points: candidate pipelines can be diversified through early career outreach, partnerships with community organisations, and better visibility of alternative routes into STEM. Focus on progression: mentoring, coaching and structured development programmes can help underrepresented groups build confidence, access networks, and prepare for leadership. Create inclusive cultures: employee networks and allyship programmes help individuals feel supported and able to bring their whole self to work – fostering a sense of belonging. Support returners: career changers introduce a while new pool of talent and create a more diverse workforce.  Employers can recognise this with tailored schemes to entice them and those re-entering the workforce after time away.

Organisations that embed these principles don’t just see improvements in hiring – they retain talent, unlock creativity, and build cultures where innovation can thrive.

Start earlier: building the future pipeline

If we want lasting diversity in tech, we need to invest in long-term initiatives to reach future innovators early.

Thales has partnered with Primary Engineer, participating in the “If You Were an Engineer, What Would You Do?” Initiatives like these engage tens of thousands of young students across the UK, offering hands-on design challenges and real-world mentoring.

Other initiatives now place teachers into engineering organisations, or bring engineers into schools. These exchanges equip educators with greater insights into STEM career pathways and introduce students to engineers whose backgrounds reflect their own, helping them see a place for themselves in the industry.

Why tech companies need to invest in diversity

Inclusive, diverse, collaborative teams are not just “better” in a cultural sense – they're essential when remaining a world leader in technological innovation. Whether that’s advancing AI systems, delivering agile defence systems, or pushing the limits of applied innovation, diversity is a core enabler.

Real progress happens when people are welcomed into the room and empowered to challenge, shape, and lead the conversation.

In this rapidly evolving technological world, the future will be shaped by organisations with the brightest minds and the broadest perspectives.
 

/sites/default/files/database/assets/images/2019-11/D%26I%20Visual_0.jpg 17 Sep 2025 United Kingdom The face of the technology sector has changed over recent decades. Historically shaped by a narrow demographic, the industry is waking up to the reality that diverse perspectives aren’t just welcome – they are essential. Type News Hide from search engines Off

Shyft Network

Shyft Network’s Veriscope Powers Compliant Crypto Trading with Nowory in India

India’s crypto market, with 93 million investors, demands infrastructure that balances innovation with FATF Travel Rule compliance. Shyft Network, a leading blockchain trust protocol, has partnered with Nowory, an Indian crypto trading platform, to integrate Veriscope, the only frictionless solution for regulatory compliance. This collaboration showcases Veriscope’s ability to enable secure, compl

India’s crypto market, with 93 million investors, demands infrastructure that balances innovation with FATF Travel Rule compliance. Shyft Network, a leading blockchain trust protocol, has partnered with Nowory, an Indian crypto trading platform, to integrate Veriscope, the only frictionless solution for regulatory compliance. This collaboration showcases Veriscope’s ability to enable secure, compliant digital finance in high-growth markets while prioritizing user privacy.

Why Veriscope Matters for India’s

Crypto EcosystemAs India’s regulatory framework evolves, Virtual Asset Service Providers (VASPs) need tools to ensure compliance without complexity. Veriscope leverages cryptographic proof technology to facilitate secure, privacy-preserving data exchanges, aligning with FATF Travel Rule requirements. By integrating Veriscope, Nowory demonstrates how VASPs can achieve regulatory readiness seamlessly.

Nowory’s Role in the Partnership

Nowory, launched in August 2025, is an Indian crypto trading platform designed to serve India’s 93 million crypto investors with a secure and efficient bank-to-crypto gateway. By integrating Veriscope, Nowory aligns with global compliance standards, eliminating risky P2P trading and supporting India’s growing demand for regulated crypto infrastructure.

Key Benefits of Veriscope’s Integration

The Shyft Network-Nowory partnership highlights Veriscope’s power to transform crypto compliance:

Frictionless Compliance: Simplifies FATF Travel Rule adherence without burdening platforms or users. Privacy-First Design: Protects user data using cryptographic proofs, ensuring autonomy. Scalable Solutions: Supports growing VASPs in dynamic markets like India.

Zach Justein, co-founder of Veriscope, emphasized the integration’s impact:

“India’s crypto market needs solutions that streamline compliance while preserving privacy. Veriscope’s integration with Nowory reflects Shyft Network’s commitment to secure, compliant blockchain infrastructure.”
Powering a Compliant Crypto Future

Nowory joins a global network of VASPs adopting Veriscope to meet regulatory demands seamlessly. This partnership underscores the need for secure, compliant crypto infrastructure in high-growth markets like India.

About Veriscope

Veriscope, built on Shyft Network, is the leading compliance infrastructure for VASPs, offering a frictionless solution for FATF Travel Rule compliance. Powered by User Signing, it enables VASPs to request cryptographic proof from non-custodial wallets, simplifying secure data verification while prioritizing privacy. Trusted globally, Veriscope reduces compliance complexity and empowers platforms in regulated markets.

About Nowory

Nowory is an Indian crypto trading platform launched in August 2025, designed for secure and efficient trading of assets like Bitcoin, Ethereum, and Solana. It provides a direct bank-to-crypto gateway for India’s 93 million crypto investors, emphasizing regulatory readiness and the elimination of risky P2P trading.

Stay ahead in crypto compliance.

Visit Shyft Network, subscribe to our newsletter, or follow us on X, LinkedIn, Telegram, and Medium.

Book a consultation at calendly.com/tomas-shyft or email bd@shyft.network

Shyft Network’s Veriscope Powers Compliant Crypto Trading with Nowory in India was originally published in Shyft Network on Medium, where people are continuing the conversation by highlighting and responding to this story.


Elliptic

Follow the money: How analysts can use blockchain data to trace and disrupt Iran’s illicit financing operations

As government agencies intensify efforts to counter nation-state threats, Iran stands out as a critical, evolving case study. Actors within the state, including the Islamic Revolutionary Guard Corps (IRGC), a sanctioned militant entity and designated terrorist organization by various jurisdictions, separate from Iranian Army, have repeatedly turned to cryptocurrencies to bypass internat

As government agencies intensify efforts to counter nation-state threats, Iran stands out as a critical, evolving case study. Actors within the state, including the Islamic Revolutionary Guard Corps (IRGC), a sanctioned militant entity and designated terrorist organization by various jurisdictions, separate from Iranian Army, have repeatedly turned to cryptocurrencies to bypass international sanctions and fund proxy groups. These layered tactics reflect not only Iran’s strategic agility but also the evolving challenge of preventing crypto-enabled illicit finance.


Herond Browser

Where to Watch Cartoons Online: Your Complete Guide to Every Genre

This guide simplifies the search by providing a comprehensive overview of the best sites to watch cartoons online. The post Where to Watch Cartoons Online: Your Complete Guide to Every Genre appeared first on Herond Blog. The post Where to Watch Cartoons Online: Your Complete Guide to Every Genre appeared first on Herond Blog.

Cartoons aren’t just for kids; they are a timeless form of entertainment that spans genres from lighthearted comedy to deep, serialized dramas. With so many streaming services and platforms available today, finding where to watch your favorite animated shows can be a challenge. This guide simplifies the search by providing a comprehensive overview of the best sites to watch cartoons online. Whether you’re looking for classic Saturday morning nostalgia, the latest anime hits, or cutting-edge adult animation.

What to Look for in Watch Cartoons Online Streaming Sites Content Variety

The best platforms offer a diverse and regularly updated library. Look for a mix of classic cartoons, new releases, and a range of genres, including kids’ animation, anime, and shows for adults.

User Experience

A good streaming site should have a clean, easy-to-use interface, high-quality video (HD or 4K), and reliable playback. Useful features like parental controls, watchlists, and an ad-free option are also major pluses.

Legality and Safety

To ensure your security and support content creators, stick to reputable services. Look for platforms that have a clear business model, whether through subscriptions or authorized, ad-supported content. Avoid sites with excessive pop-ups or suspicious download prompts.

Top Sites to Watch Cartoons Online by Genre Netflix

A global streaming giant with a vast library of animated content. This site includes a growing number of original series for both kids (e.g., The Dragon Prince) and adults (e.g., BoJack Horseman, Arcane).

Hulu

Known for its mix of classic and modern cartoons. Hulu offers a wide range of content from networks like Cartoon Network and Nickelodeon, as well as a strong lineup of adult animated hits like Family Guy and Bob’s Burgers.

Max (formerly HBO Max)

The hub for Warner Bros.’ extensive catalog. Max is a go-to for many of the most popular cartoons from Cartoon Network and Adult Swim, including Adventure Time, Rick and Morty, and The Powerpuff Girls.

Disney+

The ultimate destination for Disney and Pixar fans. Disney+ provides access to nearly every animated movie and series from these studios, along with content from Marvel, Star Wars, and National Geographic.

Crunchyroll

For anime enthusiasts, Crunchyroll is the premier service. It offers the world’s largest library of Japanese animation, with new episodes often streaming just an hour after they air in Japan. They also have a limited free section for non-subscribers.

Tubi

A completely free, ad-supported streaming service. Tubi has an impressive and diverse collection of cartoons, from nostalgic classics like Scooby-Doo to popular anime and adult animated series.

YouTube

A massive repository of animation. You can find official channels from studios (like Warner Bros. and PBS Kids). The full episodes of shows that are in the public domain, and a huge community of independent animators sharing their work.

Pluto TV

Another free streaming service that operates like a mix between traditional television and on-demand streaming. It has dedicated channels for various cartoons, including classics and anime, as well as a selection of on-demand content.

Hoopla & Libby

If you have a public library card, these apps are fantastic, completely legal, and free options. They allow you to borrow and stream digital comics, animated shows, and movies from your local library’s collection.

Common Mistakes to Avoid When You Watch Cartoons Online Using Illegal Streaming Sites

The biggest mistake is using unofficial sites that host pirated content. These platforms are a major source of malware, viruses, and endless pop-up ads, which can compromise your computer and personal data.

Falling for Phishing Scams

Be cautious of sites that ask for your personal information, credit card details, or require you to “log in” to another service. Always double-check the URL and never enter sensitive information on a site that seems suspicious.

Disabling Security Software

Some unreliable sites might trick you into disabling your antivirus or ad-blocker to watch a show. This is a red flag and should never be done, as it leaves your device vulnerable to a variety of threats.

Ignoring Parental Controls

For families, a common oversight is not using the parental control features available on most major streaming services. These tools are essential for ensuring that children only have access to age-appropriate content.

Clicking on Suspicious Ads

Even on legal, ad-supported sites, be careful where you click. Avoid engaging with pop-ups or banners that promise free prizes, downloads, or “miracle” products, as they can lead to malicious websites.

Forgetting VPNs for Regional Content

Some shows might be restricted to certain countries. A common mistake is not using a Virtual Private Network (VPN) to access legally available content from another region where you have a subscription.

Tips for Safe and High-Quality Cartoon Streaming Using Reputable Platforms

The most important tip is to stick to legal and well-known streaming services like Netflix, Hulu, Max, and Disney+. These platforms have official partnerships with content creators, guaranteeing that the shows are authorized and free of malware.

Enable Parental Control

For families, it is crucial to set up and use parental controls. Most major streaming services offer robust tools that allow you to create profiles for children and restrict content based on age ratings, preventing them from accessing inappropriate material.

Be Wary of Free Sites

While some free, ad-supported services like Tubi and Pluto TV are legitimate, you should be extremely cautious of obscure sites. If a site offers a massive, brand-new library for free with no subscriptions or ads, it is likely illegal and could be a source of viruses and malware.

Using a VPN

A Virtual Private Network (VPN) can be a great tool for secure streaming. It encrypts your internet traffic and hides your IP address, adding a layer of privacy and security. It can also be used to access content that is legally available in other regions.

Avoid Suspicious Ads and Downloads

On ad-supported sites, never click on pop-up ads, download buttons, or links that seem out of place. These are often phishing attempts or malicious software disguised as something else.

Conclusion

The world of animation is vast and vibrant, offering something for every age and interest. With a clear understanding of the best platforms and a few safety tips, you can unlock a universe of cartoons without hassle. Whether you prefer the convenience of a subscription service like Netflix or the extensive free libraries of Tubi and YouTube, there are plenty of legal options available. By choosing a reputable platform and being mindful of potential risks, you can ensure a safe and high-quality streaming experience, making it easier than ever to enjoy your favorite animated adventures.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Where to Watch Cartoons Online: Your Complete Guide to Every Genre appeared first on Herond Blog.

The post Where to Watch Cartoons Online: Your Complete Guide to Every Genre appeared first on Herond Blog.


Thales Group

Thales signs two strategic contracts with India’s largest airline, IndiGo: 11-year avionics maintenance for 1,200+ aircraft & 5-year fleet-wide Electronic Flight Bag roll-out

Thales signs two strategic contracts with India’s largest airline, IndiGo: 11-year avionics maintenance for 1,200+ aircraft & 5-year fleet-wide Electronic Flight Bag roll-out prezly Wed, 09/17/2025 - 06:30   New 11-year maintenance support contract for IndiGo’s current Airbus A320 fleet and future order of A32X aircraft includes Thales’s avionics
Thales signs two strategic contracts with India’s largest airline, IndiGo: 11-year avionics maintenance for 1,200+ aircraft & 5-year fleet-wide Electronic Flight Bag roll-out prezly Wed, 09/17/2025 - 06:30

 

New 11-year maintenance support contract for IndiGo’s current Airbus A320 fleet and future order of A32X aircraft includes Thales’s avionics ‘By The Hour’ and ‘Repair By The Hour’ programmes. Repairs will be managed at Thales’ recently opened MRO (Maintenance, Repair & Overhaul) facility in Gurugram, India. The AvioBook contract extends usage of the AvioBook Electronic Flight Bag (EFB) solution to the entire IndiGo fleet (650,000 flights per year to date) for five years.

 

Thales and IndiGo, India’s largest airline, have signed a strategic maintenance contract for the airline’s current fleet of 430 Airbus A320 aircraft and future order of over 800 A32X aircraft.

As part of this 11-year contract, Thales will provide IndiGo with expert repair services for avionics components, coupled with Thales’s ‘Avionics-By-The-Hour’ (ABTH) programme - a comprehensive spares management solution that ensures the availability of critical components to minimise aircraft downtime. This, together with Thales’s ‘Repair-By-The-Hour’ (RBTH), guarantees timely maintenance for avionics, allowing IndiGo to increase the availability of its fleet and expedite repairs.

Repairs will be managed notably at Thales’s new state-of-the-art avionics MRO facility in Gurugram, India, located near the Delhi airport, which is designed to handle the increasing demand for avionics support, featuring advanced technology to streamline repair processes and ensure high levels of fleet availability. Thales’s skilled technicians specialise in maintaining complex avionics systems with repairs that meet stringent safety and regulatory standards.

IndiGo has also extended a 5-year contract with AvioBook, a Thales company, for AvioBook Flight —the only Electronic Flight Bag solution currently authorised for paperless operations by the Directorate General of Civil Aviation (DGCA). In use across the entire IndiGo fleet for over a year, AvioBook Flight has already helped significantly reduce consumption of paper usage annually thereby advancing environmental sustainability goals and streamlining flight operations on over 2,000 flights every day.

 

“We are pleased to partner with Thales, a leading aerospace company trusted worldwide for its expertise in avionics support, to augment IndiGo’s maintenance and repairs capabilities. With IndiGo’s growing scale and fleet, this association aligns with our commitment to offer a hassle-free and safe flying experience to our customers, while ensuring operational excellence and reliability.” Parichay Datta, Senior Vice-president, Engineering, IndiGo.

“This strategic partnership with IndiGo underscores our commitment to delivering airline world-class avionics support and services. Our new MRO facility in India increases Thales’s ability to provide a swift, reliable service, backed by the power of our global organisation, to meet the evolving demands of the Indian aviation industry.” Thomas Got, Vice President, Aviation Global Services, Thales.

 

Documents [Prezly] PR_2025-09-17_Thales signs two strategic contracts with India’s largest airline, IndiGo.pdf Contacts Cédric Leurquin 17 Sep 2025 Type Press release Structure Aerospace India Thales and IndiGo, India’s largest airline, have signed a strategic maintenance contract for the airline’s current fleet of 430 Airbus A320 aircraft and future order of over 800 A32X aircraft. prezly_796944_thumbnail.jpg Hide from search engines Off Prezly ID 796944 Prezly UUID f57ac799-309e-4add-95d4-1a69e4e30e3a Prezly url https://thales-group.prezly.com/thales-signs-two-strategic-contracts-with-indias-largest-airline-indigo-11-year-avionics-maintenance-for-1200-aircraft--5-year-fleet-wide-electronic-flight-bag-roll-out Wed, 09/17/2025 - 08:30 Don’t overwrite with Prezly data Off

Wednesday, 17. September 2025

SC Media - Identity and Access

FileFix campaign delivers StealC infostealer

Attackers target browsers, crypto wallets, messaging apps, and cloud credentials.

Attackers target browsers, crypto wallets, messaging apps, and cloud credentials.


Board Priority But Lack of Access & CISO Pressure, 360 Privacy and Pentera Interviews - Chuck Randolph, Tom Pore - BSW #413


Extrimian

Why Extrimian is an AI-First Company

Why Extrimian’s AI‑First Approach Improves Digital Credential Solutions Let’s start explaining why Extrimian is an AI-First company. Our goal is to give universities and other startups, a faster, more reliable way to issue, manage, and verify credentials—while ensuring our own teams work smarter behind the scenes. This post explains how our AI‑first ethos (via the […] The post Why Extrimian is a
Why Extrimian’s AI‑First Approach Improves Digital Credential Solutions

Let’s start explaining why Extrimian is an AI-First company. Our goal is to give universities and other startups, a faster, more reliable way to issue, manage, and verify credentials—while ensuring our own teams work smarter behind the scenes. This post explains how our AI‑first ethos (via the internal agent Micelya) makes Extrimian more efficient, and how our University Portal product solves the very real problems of diploma fraud, identity theft and manual verifications.

TL;DR Extrimian’s AI‑first philosophy refers to how we work internally, not how we verify credentials. Our agent Micelya organises knowledge and speeds up development and support. Self‑Sovereign Identity (SSI) and cryptographic signatures secure the credentials; AI is not used in the verification flow. By using AI internally and SSI externally, Extrimian delivers more complete features, faster updates and a calmer verification process for universities and students. What does “AI‑first” really mean in Extrimian? AI – Artificial intelligence, future technology innovation. Extrimian AI-First Company

When Extrimian says we are AI‑first, we’re talking about our own processes, not the product’s cryptographic core. We have an internal agent called Micelya that acts like a living knowledge hub for our teams. It stores and organises product specifications, SOPs, design decisions and customer insights, making them easy to find and apply. 

How do we use Micelya internally? Agile and interdisciplinary processes

To keep Micelya truly useful, our product and engineering teams continually feed it with the latest internal documentation, release notes, process playbooks and step‑by‑step guidelines for every product. This curated knowledge helps the agent surface the right answers, recommend the correct templates and shorten hand‑offs across the organisation.

When engineers or product managers work on a new release, Micelya suggests the right protocol or template and reminds us of past decisions. This means we iterate more quickly, avoid duplication, and keep every improvement in play. The agent doesn’t handle your credentials; it powers how we build and support the product.

How does Micelya make Extrimian faster and more consistent?

Micelya’s role is to optimize Extrimian’s internal processes. It automatically flags related resources—SOPs, integration steps, templates—at the moment a team member needs them. It nudges us when something requires approval or when a template must be updated. It also stores lessons learned from support tickets and feature requests, so improvements become part of our future releases. This means we respond to universities more quickly, address issues more consistently, and ship updates faster. Because the agent streamlines our internal workflow, you receive a product that evolves continuously without long delays.

Why does AI‑first matter for universities if it’s only internal?

You might wonder why our internal AI should matter to you. Simply put, Micelya makes Extrimian more efficient, which reflects in our product and support. Faster iteration cycles mean new features and fixes arrive sooner. A shared knowledge hub ensures you receive consistent advice regardless of who answers your call. When updates roll out, they’re informed by a complete history of past decisions and user feedback. Although AI never touches your credentials or verification flow, our AI‑first culture ensures we deliver a more refined, dependable product.

Why is it good to be an AI‑first company?

Being AI‑first has benefits that extend beyond Extrimian; companies in many sectors adopt AI to become more responsive, innovative, and resilient. Here’s a concise summary of key advantages and how they play out in our case:

Benefit of being AI‑first Impact on operations Extrimian example Efficiency Faster decisions & shorter release cycles Micelya surfaces the right SOPs and templates so teams ship updates quicker Knowledge retention Shared, up‑to‑date repository of policies & best practices Our knowledge hub prevents repeated mistakes and speeds new‑hire onboarding Cross‑team alignment Consistent workflows and communication across departments Product, engineering & support teams work from the same playbook Continuous improvement AI highlights patterns & informs roadmaps Micelya captures feedback loops so each release builds on lessons learned Better customer experience Quicker responses & higher‑quality products Universities see faster support, smoother updates and less rework

This table illustrates why an AI‑first mindset isn’t just a buzzword—it underpins real gains in speed, quality and alignment. For Extrimian, those gains help us deliver a stable verification product more rapidly and consistently.

What do students and verifiers experience?

From a student’s perspective, digital credentials mean convenience and control. They receive tamper‑proof proofs right in their ID Wallet and share them through a link or QR code. They aren’t forced to disclose their entire transcript when only enrollment status is needed. For verifiers, checking credentials is just as straightforward: visit the university’s verification page, scan the QR code or paste the link, and see an immediate result with clear guidance. No waiting for emails, no guesswork, and no reliance on appearance. This streamlined experience increases trust and speeds up decision‑making for everyone.

AI for process, cryptography for trust

Extrimian’s approach balances two forces: cryptographic security for credentials and AI‑driven efficiency for internal work. SSI and digital signatures make diplomas and enrolment proofs tamper‑proof, while the AI‑first mindset (through Micelya) reduces friction in our development and support processes. The two realms remain separate; AI does not verify credentials, but it helps us build better products and respond faster. For universities, this means a reliable, ready‑to‑use product backed by a company that continuously improves without sacrificing trust.

Recommended resources: Internal links University Portal overview – Learn more about our University Portal and how it issues tamper‑proof credentials.
ID Wallet page – link to the page that introduces the student/employee wallet used to store and share verifiable credentials.
Anchor text: “See how the ID Wallet lets students carry and share their credentials securely. About Extrimian / Our Story – Discover who we are and why we invest in internal AI to deliver better products.” Blog archive or Learning Resources – For a deeper dive into SSI and digital identities, explore our resources page or related articles. Contact or Demo page – If you’d like to see the portal in action, book a demo with our team.
External links W3C Verifiable Credentials specification – The W3C’s Verifiable Credentials Data Model defines how digital credentials are issued and verified. Self‑Sovereign Identity (SSI) explainer – Self‑Sovereign Identity (SSI) is an approach that puts individuals in control of their data; this SSI overview explains the core principles. Industry research or reports by EDUCASE – Recent studies show credential fraud is on the rise; this EDUCAUSE report outlines the challenge for universities. FIDO Alliance passkey standards – Passkeys are based on the FIDO2/WebAuthn standard for secure, phishing-resistant login.

 

The post Why Extrimian is an AI-First Company first appeared on Extrimian.


SC Media - Identity and Access

Supply chain attack targets more than 40 npm repos

Attackers exploit legitimate tools like TruffleHog to steal credentials.

Attackers exploit legitimate tools like TruffleHog to steal credentials.


Elliptic

OFAC sanctions a crypto-enabled financial network for facilitating Iranian oil smuggling

On September 16, 2025, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC)sanctioned four individuals, including Alireza Derakhshan and Arash Estaki Alivand, “for their roles in coordinating funds transfers, including from the sale of Iranian oil, that benefits the IRGC-Qods Force (QF), and Iran’s Ministry of Defense and Armed Forces Logistics (MODAFL),” accordin

On September 16, 2025, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC)sanctioned four individuals, including Alireza Derakhshan and Arash Estaki Alivand, “for their roles in coordinating funds transfers, including from the sale of Iranian oil, that benefits the IRGC-Qods Force (QF), and Iran’s Ministry of Defense and Armed Forces Logistics (MODAFL),” according to OFAC’s press release


Holochain

Dev Pulse 151: Network Improvements in 0.5.5 and 0.5.6

Dev Pulse 151

We released Holochain 0.5.5 on 19 August and all tooling and libraries are now up to date.

Holochain 0.5.5 and 0.5.6 released

With these releases, we’re continuing to work on network performance for the Holochain 0.5.x series. There’s been a bunch of bug fixes and improvements:

New: At build time, Holochain can be switched between libdatachannel and go-pion WebRTC libraries, with libdatachannel currently the default in the Holochain conductor binary release and go-pion the default in Kangaroo-built hApps. go-pion is potentially free from an unwanted behaviour in libdatachannel, in which the connection is occasionally force-closed after a period of time. If you’ve seen this behaviour, consider trying your hApp in a Kangaroo-built binary to see if it’s resolved. Changed: Some tracing messages are downgraded from info to debug in Kitsune2 to reduce log noise. Bugfix: Make sure the transport layer has a chance to fall back to relay before timing out a connection attempt. Bugfix: When Holochain received too many requests for op data, it would start closing connections with the peers making the requests it couldn't handle. This caused unnecessary churn to reconnect, rediscover what ops need fetching, and send new requests. Instead, the requests that can't be handled are dropped and have to be retried. The retry mechanism was already in place, so that part just works. When joining a network with a lot of existing data, the sync process is now a lot smoother. Bugfix: Established WebRTC connections would fall back to relay mode when they failed; now the connection is dropped, and peers will try to establish a new WebRTC session. Bugfix: If a WebRTC connection could not be established, the connection would sometimes be left in an invalid state where it could not be used to send messages and Holochain wouldn't know to replace the connection to that peer. Bugfix: Holochain was using the wrong value for DHT locations. This was leading to differences being observed in the DHT model between peers, who would then issue requests for the missing data. The data couldn't be found because the requested locations didn't match what was stored in the database. This led to DHT sync failing to proceed after some period of time. Note: updating a hApp from Holochain 0.5.4 or earlier might cause a first-run startup delay of a few seconds as the chunk hashes are recalculated. Bugfix: Kitsune2 contains a fix for an out-of-bounds array access bug in the DHT model. Shifted priorities for 0.6

We’d originally planned to start the groundwork for coordinator updates (allowing a cell’s coordinator zomes to be updated) and DHT read access gating via membrane proofs in Holochain 0.6. We’re now going to push those to a later release in favour of focusing on warrants and other features that offer functionality that considers the strategically critical priorities of our partners.

These are the major themes of our work on 0.6:

Resolving incomplete implementations of the unstable warrants feature, writing more tests, and marking the feature stable for all app and sys validation except chain forks. Finishing the work that allows Holochain to block peers at the network level if they publish invalid data. Making sure that the peer connection infrastructure is production-ready. Continuing to build out the Wind Tunnel infrastructure and test suite.

There are a few smaller themes; check out the 0.6 milestone on GitHub for the full story.

Wind Tunnel updates

With many of the big gains in network performance and reliability realised in the 0.5 line and two new developers joining our team, we’ve freed up developer hours to focus on the Wind Tunnel test runner once again. Our big goal is: make it more usable and used. To this end, here are our plans:

We want to run the tests on a regular, automated schedule to gather lots of data and track changes over Holochain’s development. Rather than it being a requirement that a conductor is running alongside Wind Tunnel, Wind Tunnel itself will run and manage the Holochain conductor, allowing us to test conductors with different configs or feature flags within a scenario. Wind Tunnel already collects metrics defined in each scenario, but we are expanding on this to collect metrics from the host OS, such as CPU usage, and from the conductor itself. This will give us insight into system load and how the conductor is performing during the scenarios. More scenarios will be written, including complex ones involving malfunctioning agents and conductors with different configurations. More dashboards are being created to display the new metrics and give us insight into how the scenarios perform from version to version. These will then make it easy for us to track how Holochain's performance envelope changes as new features are added, and also to make it easier to prioritize where to focus our optimization efforts. We plan to run multiple scenarios on a single runner in parallel to make better use of the compute resources we have in our network. Along with adding more runners to the network, this will reduce the time it takes to run all of the tests, which will let us run the tests more often. We’re creating an OS installation image for Wind Tunnel runners, allowing any spare computer to be used for Wind Tunnel testing. This will let people support Holochain by adding their compute power to our own network. Holochain Horizon livestream

If you’re reading this, you probably care about more than just the state of Holochain development. We’re starting a series of livestreams that talk about things like where the Holochain Foundation is headed and what’s happening in the Holochain ecosystem.

The first one, a fireside chat between Eric Harris-Braun, the executive director of the Foundation, and Madelynn Martiniere, the Foundation’s newest council member and ecosystem lead, was on Wed 30 Jul at 15:00 UTC. Watch the replay on YouTube.

Next Dev Office Hours call: Wed 17 Sept

Join us at the next Dev Office Hours on Wednesday 17 Sept at 16:00 UTC — it’s the best place to hear the most up-to-date info about what we’ve been working on and ask your burning questions. We have these calls every two weeks on the DEV.HC Discord, and the last one was full of great questions and conversations. See you there next time!


Indicio

From paper to Proven: what the EUDI wallet means for the secure document printing industry

The post From paper to Proven: what the EUDI wallet means for the secure document printing industry appeared first on Indicio.
The shift to digital identity is accelerating and 2026 will be a critical year for the security printing and paper businesses. Now is the time to prepare.

By Helen Garneau

For decades, trust has been printed. Passports, ID cards, certificates, and other official, government-issued, and securitized documents have been how people prove who they are.  The European Digital Identity (EUDI) wallet signals the end of the era for exclusive use of paper and plastic-based identity. 

The regulation, set to be mandated with new technologies rolled out within the next year, introduces a way for citizens, residents, and businesses to securely share digital identity data in the form of  Verifiable Credentials across all EU member states; banking, travel, enterprises and government services are already piloting credential implementations. 

As with many transformative technologies, change happens slowly and then very fast.  

Companies that adapt quickly will stay relevant and leverage digital identity to deliver better products and services and innovate around seamless authentication and digital trust. Those that delay risk being left behind.

The question for companies in the secure document printing market is: how to not become obsolete when cryptography can make digital credentials every bit as trustworthy as the most secure physical document?

Just because the EUDI wallet framework architecture describes Verifiable Credentials, a digital identity technology that is interoperable, secure, and easy to use, the shift to digital identity doesn’t spell the end of physical documents.

Position for the great transition

The next few years will see a transition to verifiable digital identity and verifiable digital data and identity documents are the on-ramp. A key example: The International Civil Aviation Organization (ICAO) specifications for Digital Travel Credentials start with self-derived credentials (DTC-1), which means people are able to extract the data in the passport’s RFID chip then comparing the image in the chip with a real-time liveness check of the person scanning the passport and issuing a digital credential version of the passport. The passport can then be validated to confirm the data came from an official government source. They’ll still need their physical passport when they travel but it will only be for backup. 

The next step will be governments directly issuing digital passport credentials (following DTC-2 specifications) along with a person’s physical passport. The person will still need this physical passport when they travel.

In both cases, the digital passport credential will do all the heavy lifting in terms of identity authentication that enables the passenger to seamlessly check-in, access a lounge, cross a border, pick up a rental car, and check into their hotel. 

After these have been successfully implemented, we’ll move to a DTC-3 type credential — a fully digital passport where no physical back up is required. 

Where are we in the transition process? Well, with Indicio Proven, governments are able to issue DTC-2 type credentials. Expect to see them soon.

Driver’s licenses, diplomas

It’s not just passports that are being digitalized. The same liveness check and face-mapping that happens with DTCs can be done with government-issued documents, such as driver’s licences and Optical Character Recognition can read the data in the absence of the RFID chip. More US states are adopting Mobile Driver’s Licenses (mdoc/mDL), while the European Union expects this standard to be implemented in Europe by 2030

One bug in this rollout is that many mDL implementations don’t include the verification software businesses need to validate digital versions. These businesses still rely on physical driver’s licenses for customer identity authentication. If you want an mDL with simple, mobile, scalable verification Indicio Proven has you covered.

Diplomas, degrees, course transcripts and certificates are also being rendered as tamper-proof digital credentials through the Open Badges 3.0 specification. While their physical counterparts are not secured in the same way as government-issued identity, the Open Badges 3.0 standard makes these documents impossible to fake, binds them to their rightful holders, and renders them instantly verifiable.

The key to managing the transition to digital identity documents is to enable transition to these documents. And this is where Indicio Proven is unique in the marketplace.

Indicio Proven: your bridge from the physical to digital

Indicio Proven® gives printing companies a direct path into the digital era by transforming secure physical documents into Verifiable Credentials, the same technology outlined in the EUDI specification.

With Proven, your physical products become anchors, on-ramps, or companions to digital credentials. Passports can be turned into DTCs, and more than 15,000 types of identity documents from 250+ countries and territories can be credentialized. Driver’s licenses and other official documents can also be validated, bound with biometrics, and issued as tamper-proof digital Verifiable Credentials that are:

Fraud-resistant and cryptographically secure Combine with biometrics and stored on individual’s own device Portable across borders Instantly verifiable without complex checks

Proven is a fast, simple, and cost-effective way to extend your role in the EUDI realm today that helps your customers:

Save costs by reducing manual checks Protect against fraud with secure digital credentials Unlock new revenue by offering digital trust services alongside physical products

This technology also opens the door to offering new services in identity verification. When passports become Digital Passport Credentials and driver’s licenses become mobile driver’s licenses, organizations like financial institutions, airlines, and government agencies can verify and trust the information. Processes that were once inefficient and cumbersome—such as age verification, KYC, and cross-border travel—become seamless, premium services that create value and potential revenue streams every time they’re issued and verified.

The next chapter for printing and paper

Physical cards and certificates will not disappear overnight, but their primary value will shift. And that doesn’t mean paper-based industries are left out—your expertise in trust, security, and document integrity is more valuable than ever. 

Proven makes this transition easy, enabling your business to grow as identity goes digital. With Indicio, you can carry that expertise into the digital age and position your company at the center of the EUDI wallet revolution.

The world is moving from paper to Proven. The opportunity is here—are you ready to take it? 

Contact us today to get your complimentary EUDI digital identity strategy from one of our experts.

###

The post From paper to Proven: what the EUDI wallet means for the secure document printing industry appeared first on Indicio.


SC Media - Identity and Access

AI-generated military IDs tapped by Kimsuky

Hackread reports that North Korean state-sponsored advanced persistent threat operation Kimsuky has harnessed artificial intelligence-generated military IDs as part of a new spear-phishing campaign initially discovered in July.

Hackread reports that North Korean state-sponsored advanced persistent threat operation Kimsuky has harnessed artificial intelligence-generated military IDs as part of a new spear-phishing campaign initially discovered in July.


Ontology

How Smart Accounts Are Reinventing The Web3 Wallet

If you’ve ever used a crypto wallet like MetaMask, you’ve used an externally owned account (EOA). It’s a simple pair of keys: a public address that acts as your identity and a private key that proves you own it. This model is powerful but rigid, putting the entire burden of security and complexity on the user. Lose your seed phrase? Your funds are gone forever. Find transactions confusing? The eco

If you’ve ever used a crypto wallet like MetaMask, you’ve used an externally owned account (EOA). It’s a simple pair of keys: a public address that acts as your identity and a private key that proves you own it. This model is powerful but rigid, putting the entire burden of security and complexity on the user. Lose your seed phrase? Your funds are gone forever. Find transactions confusing? The ecosystem has little flexibility to help.

A new standard is emerging to solve these problems, moving us from rigid key-based wallets to programmable, user-friendly interfaces. The answer is smart accounts.

What is a smart account?

A smart account (or smart wallet) is not controlled by a single private key. Instead, it is a smart contract that acts as your wallet. This shift from a key-based account to a contract-based account is revolutionary because smart contracts are programmable. They can be designed to manage assets and execute transactions based on customizable logic, enabling features that were previously impossible.

This transition is powered by account abstraction (AA), a concept that “abstracts away” the rigid requirements of EOAs, allowing smart contracts to initiate transactions. While the idea isn’t new, it recently gained mainstream traction thanks to a pivotal Ethereum standard: EIP-4337.

EIP-4337 (the game changer)

EIP-4337: Account Abstraction via Entry Point Contract achieved something critical: it brought native smart account capabilities to Ethereum without requiring changes to the core protocol. Instead of a hard fork, it introduced a higher-layer system that operates alongside the main network.

Here’s how it works: UserOperations: You don’t send a traditional transaction. Instead, your smart account creates a UserOperation — a structured message that expresses your intent. Bundlers: These network participants (such as block builders or validators) collect UserOperation objects, verify their validity, and bundle them into a single transaction. Entry Point Contract: A single, standardized smart contract acts as a gatekeeper. It validates and executes these bundled operations according to the rules defined in each user’s smart account.

This system is secure, decentralized, and incredibly flexible.

Other key proposals (EIP-3074 and EIP-7702)

The journey to account abstraction has involved other proposals, each with different approaches.

EIP-3074: This proposal aimed to allow existing EOAs to delegate control to smart contracts (called invokers). While simpler in some ways, it raised security concerns due to the power given to invoker contracts. It has since been paused. EIP-7702: Proposed by Vitalik Buterin, this upgrade would allow an EOA to temporarily grant transaction permissions to a smart contract. It offers a more elegant and secure model than EIP-3074 and may complement — rather than replace — the infrastructure built around EIP-4337.

For now, EIP-4337 is the live standard that developers and wallets are adopting.

Why smart accounts matter

The real value of smart accounts lies in the user experience and security improvements they enable.

Gas abstraction: Apps can pay transaction fees for their users or allow payment via credit card, removing a major barrier to entry. Social recovery: Lose your device? Instead of a single seed phrase, you can assign “guardians” — other devices or trusted contacts — to help you recover access. Batch transactions: Perform multiple actions in one click. For example, approve a token and swap it in a single transaction instead of two. Session keys: Grant limited permissions to dApps. A game could perform actions on your behalf without being able to withdraw your assets. Multi-factor security: Require multiple confirmations for high-value transactions, just like in traditional banking. The future is programmable

Smart accounts represent a fundamental shift in how we interact with blockchains. They replace the “all-or-nothing” key model with programmable, flexible, and user-focused design. Major wallets like Safe, Argent, and Braavos are already leading the way, and infrastructure from providers like Stackup and Biconomy is making it easier for developers to integrate these features.

We’re moving beyond the era of the seed phrase. The future of Web3 wallets is smart, secure, and designed for everyone.

How Smart Accounts Are Reinventing The Web3 Wallet was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


liminal (was OWI)

Turning Competitive Intelligence into Messaging That Wins (with examples)

Why competitive intelligence often fails in messaging I’ve seen it firsthand: competitor battlecards stacking up in shared drives, analyst PDFs collecting dust, and persona research tucked into charts that never see daylight. It’s easy to feel overwhelmed by the noise and unsure where to even start. I’ve been there more times than I’d like to […] The post Turning Competitive Intelligence into Me
Why competitive intelligence often fails in messaging

I’ve seen it firsthand: competitor battlecards stacking up in shared drives, analyst PDFs collecting dust, and persona research tucked into charts that never see daylight. It’s easy to feel overwhelmed by the noise and unsure where to even start. I’ve been there more times than I’d like to admit. The problem isn’t a lack of data; it’s the ability to digest it and translate it into messaging that actually differentiates. Without that step, teams fall back on the same empty claims: “innovative,” “customer-first,” “the most trusted.” Buyers tune it out. Competitive intelligence only works when it becomes narrative. The raw material exists: persona insights, competitor positioning, feature data – but without the right framework, it collapses into noise. In fact, 83% of B2B buyers now expect personalization on par with consumer experiences, which means vague promises no longer earn attention.

The three pillars of messaging that stand out Buyer persona insights

Great messaging doesn’t start with features; it starts with people. Early on, I wrote messaging as if “the buyer” was a monolith. It fell flat. A CMO trying to differentiate a brand doesn’t think like a sales leader trying to speed up onboarding. Persona-based marketing insights can surface those distinctions, but the job of messaging is to speak to those specific goals and pain points, not to the broadest common denominator.

Competitor messaging & positioning

Copycat messaging is the silent killer of differentiation. Throw the first stone if you’ve never obsessed over a competitor’s launch while paying too little attention to how they positioned their value. Competitive benchmarking is useful, but not if it leads you to recycle the same message with a “we do it better” twist. The real win comes from understanding where you truly differentiate and telling the story of why that matters in the first place.

Feature differentiation that resonates

I used to think listing every capability would convince buyers, but it never did. Features only matter when they connect to buyer outcomes that feel tangible. In fraud prevention, that might mean reducing chargeback losses by 40%. In cybersecurity, it might mean cutting breach detection time in half. The point is not to list what your product does but to anchor why it matters in the buyer’s world, and only nerd about the specifics once you have their undivided attention.

Generic vs persona-informed messaging

To show the difference, here’s a snapshot of how messaging shifts when intelligence is applied. Generic copy focuses on features and broad claims, while persona-informed messaging uses ICP data and persona pain points to connect with specific buyers.

DomainGeneric MessagePersona-Informed MessagePersona ExampleFraud Prevention“We help enterprises stop fraud before it happens by detecting suspicious activity, flagging risky transactions, and protecting customer accounts. Our platform is designed to keep your business safe and secure.”
“You’re responsible for revenue protection across global sales flows, which means chargebacks and payment fraud land on your desk. Teams like yours cut chargeback losses by 40% with real-time fraud alerts that protect revenue without slowing deals. Buyers expect both outcomes: silent protection and measurable margin impact.”
VP of Sales, BDR LeaderFinancial Crimes Compliance (AML/KYC)“We help compliance teams stay audit-ready with AML and KYC tools that reduce risk, cut down on false positives, and keep your business aligned with evolving regulations.”“As Chief Compliance Officer, you know false positives are the hidden tax on your team. Cutting them by 50 percent means analysts focus on true risk while you stay audit-ready against FATF and DOJ scrutiny. Clients report faster SAR filing cycles and stronger exam outcomes that regulators can see.”Chief Compliance OfficerCybersecurity / Threat IntelligenceWe help enterprises stay ahead of account takeover, session hijacking, and phishing attacks with advanced detection and monitoring that safeguard sensitive data and protect customer accounts.”“Your bottleneck probably isn’t a lack of MFA; it’s gaps in mobile session integrity and weak recovery bindings. Leading platforms now combine FIDO2 passkeys, device certificates, runtime attestation, and behavioral biometrics into a single API. Results often show 90–99% reductions in ATO flows and deployments measured in weeks, not quarters, while fitting directly into CI/CD pipelines.”CISOTrust & Safety (Age Assurance, Platform Integrity)“We help platforms create safe online spaces by stopping fake accounts, preventing underage sign-ups, and protecting users from harmful activity. Our solution builds trust across your community.”“You’ve grown marketplaces quickly, but fake accounts and underage signups erode trust as fast as growth builds it. Trust & Safety leaders block fraudulent accounts at scale, improving conversion while lifting NPS. Clients see measurable drops in fake account creation alongside sustained growth.”
Head of Trust & Safety
Risk Management“We help companies manage third-party risk by identifying potential vulnerabilities, monitoring vendor compliance, and providing visibility across your supply chain.”“Your mandate is to catch vendor risk before it turns into tomorrow’s crisis. Risk leaders using continuous monitoring spot supplier red flags weeks earlier. That foresight prevents compliance failures and costly breaches that would otherwise reach the boardroom.”
CRO, Risk Manager

This table turns the theory into practice: with competitive intelligence in play, messaging shifts from broad and forgettable to precise and compelling.

The challenge, of course, is scale. Tailoring a handful of persona-informed messages is one thing. Refreshing them continuously across dozens of campaigns, competitors, and markets is another. That’s where AI-enhanced intelligence platforms become indispensable. By monitoring live market signals, competitor narratives, and persona insights, AI can help us surface fresh message updates, stress-test positioning, and keep playbooks aligned with the market, so teams never slip back into generic messaging.

A framework for refreshing messaging without reinventing the wheel

High-performing teams do not wait for annual off-sites to rethink their messaging. They run refreshes as an ongoing discipline. So, how do we actually keep messaging fresh without burning cycles? Here is a practical process that has worked for us:

Collect signals continuously – competitor launches, persona survey data, market shifts. Map signals to differentiation – identify where buyer priorities intersect with unique strengths. Stress-test narratives – run them through sales conversations, campaign pilots, and post-call analytics. Refresh, don’t rewrite – evolve messaging every few weeks, not every few quarters.

The result is messaging that stays alive, tuned to the market, and sharper than the competition.

How leading teams operationalize competitive intelligence

It’s one thing to know the process, another to make it work at scale. The best GTM teams operationalize competitive intelligence through three capabilities:

1. Always-on market signals

Static PDFs cannot keep up with dynamic markets. Teams that win track real-time signals like funding rounds, regulatory shifts, competitor campaigns, and feed them straight into campaign planning.

2. Persona-level insights at scale

Instead of treating personas as theater, leading teams embed real-time buyer insights into campaigns and sales workflows. Every refresh reflects what buyers are actually thinking now, not last year.

3. Embedded intelligence in workflows

Intelligence only works if it lives where teams work: Slack alerts pushing industry shifts in real time, SEO content built on market truth, email campaigns aligned with buyer signals, and sales calls armed with live AI intelligence. Intelligence becomes actionable in the moment, not theoretical.

The challenge of messaging in niche markets

As adoption grows, so does the data: companies using competitive intelligence report a 15% boost in revenue growth. Platforms like Link are built to deliver these capabilities, from event monitoring and perpetual surveys to dynamic playbooks and post-call analytics. The real challenge is not more data, but the right data — intelligence that is specific enough to your market to make messaging credible and differentiated.

And this is where it gets tricky in niche markets. Sure, we can create a neat competitive battlecard, but what do we actually put on it if I don’t understand how the ICP is behaving in the real world? We can send a well-designed email, but if the target is a cybersecurity leader, they might care more about an upcoming TPRM webinar than a case study from the banking sector. The reality is that without specific, contextual intelligence, even polished campaigns miss the mark without the right segmentation.

At the end of the day, buyers don’t want platitudes; they want proof. In specialized markets, the cost of undifferentiated messaging isn’t just lost deals, it’s lost trust and stalled growth.

Key Takeaways Competitive intelligence fails when it sits in decks and PDFs. It only creates value when it fuels differentiated narratives buyers actually hear. Messaging that stands out comes from three things: persona insights, competitor positioning, and outcomes buyers can measure. Refreshing messaging is not a one-off exercise. The teams that win treat it as an ongoing discipline. Intelligence has to live where teams work: in Slack alerts, sales calls, campaigns, and content, so it becomes actionable in the moment. In niche markets, buyers don’t want platitudes, they want proof. Miss that, and you lose both deals and trust.

The post Turning Competitive Intelligence into Messaging That Wins (with examples) appeared first on Liminal.co.


Herond Browser

Herond Browser Partners with MetaMaskDev to Simplify Web3 Login

We're taking a major leap forward by announcing our partnership with MetaMaskDev, the leading Web3 authentication infrastructure The post Herond Browser Partners with MetaMaskDev to Simplify Web3 Login appeared first on Herond Blog. The post Herond Browser Partners with MetaMaskDev to Simplify Web3 Login appeared first on Herond Blog.

At Herond Browser, our mission is to make the decentralized web accessible to everyone. Today, we’re taking a major leap forward by announcing our partnership with MetaMaskDev, the leading Web3 authentication infrastructure. This collaboration brings Embedded Wallets directly into Herond Browser, allowing users to log in with their social accounts in seconds. Now, you can enter the world of Web3 without the complexity of seed phrases or lengthy setups. It helps you find it is easier than ever to get started.

What is MetaMaskDev?

MetaMaskDev refers to the suite of tools and resources provided by ConsenSys, the company behind MetaMask for developers to build decentralized applications (dapps) and integrate with the MetaMask ecosystem. Key components include the MetaMask SDK for seamless dapp-to-wallet connectivity. MetaMask Snaps for customizing wallet functionality, and developer documentation with APIs and tutorials to help developers leverage MetaMask’s large user base and infrastructure.

What Is the Herond Browser and MetaMaskDev Partnership?

The partnership between Herond Browser and MetaMaskDev is designed to simplify the Web3 user experience. By integrating Embedded Wallets, Herond allows users to create and manage their crypto wallets using their existing social accounts. This removes a major barrier to entry for many newcomers. As they no longer have to navigate the complex process of creating and securing a traditional crypto wallet with a seed phrase. The collaboration leverages MetaMaskDev’s expertise in authentication infrastructure to provide a secure and streamlined way for Herond Browser users to access the decentralized web.

Introducing Embedded Wallets

One of the biggest hurdles for new users in the Web3 space is the complexity of creating and managing a crypto wallet. This often involves navigating browser extensions, dealing with complicated seed phrases.

Embedded Wallets, powered by MetaMaskDev, are designed to solve this problem. Instead of being a separate app or extension, an embedded wallet is a seamless part of the Herond Browser experience. This technology allows users to create a secure, self-custodial crypto wallet and log in to Web3 applications using familiar methods like their social media accounts. This eliminates the need for a seed phrase and makes the onboarding process feel as simple and intuitive as signing into a new app on the traditional web.

Benefits of the New Partnership

The partnership between Herond Browser and MetaMaskDev offers significant benefits for both new and experienced Web3 users. The primary advantage is the dramatic simplification of the onboarding process. By integrating Embedded Wallets, Herond eliminates the need for users to manage complex seed phrases and navigate complicated setups. This makes logging in as easy as using a social media account, which boosts accessibility and encourages wider adoption of decentralized technology. Additionally, this collaboration leverages the expertise of MetaMaskDev’s authentication infrastructure to ensure a secure and reliable way to access the decentralized web, all within the trusted Herond Browser ecosystem.

The Future of Web3 with Herond and MetaMaskDev

The collaboration between Herond Browser and MetaMaskDev is a major step toward a more accessible and user-friendly Web3. By eliminating the complexities of seed phrases and traditional wallet setups, this partnership removes a significant barrier for mainstream adoption. The integration of Embedded Wallets allows users to seamlessly enter the decentralized web using familiar social logins, bridging the gap between Web2 and Web3. This new, streamlined approach promises a future where decentralized applications are as easy to access as traditional websites, paving the way for a more open and inclusive internet.

About Herond

Herond Browser is a Web browser that prioritizes users’ privacy by blocking ads and cookie trackers, while offering fast browsing speed and low bandwidth consumption. Herond Browser features two built-in key products:

Herond Shield: an adblock and privacy protection tool; Herond Wallet: a multi-chain, non-custodial social wallet.

Herond aims at becoming the ultimate Web 3.0 solution, heading towards the future of mass adoption. Herond has now released the mobile version on CH Play and App Store. Join our Community!

Banner cho Blog – eng

The post Herond Browser Partners with MetaMaskDev to Simplify Web3 Login appeared first on Herond Blog.

The post Herond Browser Partners with MetaMaskDev to Simplify Web3 Login appeared first on Herond Blog.


Top Sites to Read Comics Online for Free

There are numerous legal and high-quality platforms where you can read comics online for free, from classic superheroes to indie webcomics. The post Top Sites to Read Comics Online for Free appeared first on Herond Blog. The post Top Sites to Read Comics Online for Free appeared first on Herond Blog.

Searching for a great story to dive into without spending a dime? You’re in luck! There are numerous legal and high-quality platforms where you can read comics online for free, from classic superheroes to indie webcomics. This guide will help you discover the best websites and apps, providing a gateway to a world of endless adventures right at your fingertips.

What to Look for in Sites for Read Comics Online For Free

When seeking out the best sites to read comics online for free, you should prioritize legality, content variety, and user experience. A reputable site will either offer comics that are in the public domain or have clear partnerships with publishers, like Marvel, DC, or VIZ Media. Look for a wide range of genres, from superhero to indie and manga, and a clean, easy-to-navigate interface. Features like a smooth reader, infinite scroll, and mobile-friendly design enhance the reading experience. Avoid sites with excessive pop-ups or suspicious download prompts, as they are often a sign of illegal content.

Top Sites to Read Comics Online for Free

Webtoon: The leading platform for webcomics, offering a vast library of free, mobile-friendly content with a unique vertical scroll format.

Tapas: A community-focused site for free indie webcomics, with a freemium model and a focus on supporting creators.

MangaDex: A well-known, community-driven aggregator for free, fan-translated manga, providing a massive library of titles.

GlobalComix: A legal and creator-supported platform with a mix of free and paid comics, perfect for discovering independent artists.

Comixology (Free Section): Amazon’s digital comic store offers a dedicated section of free comics, including first issues of popular series.

Digital Comic Museum: A treasure trove for classic comic fans, providing free, public-domain Golden Age comics.

Marvel Unlimited (Free Trial): The official Marvel subscription service offers free trials, providing a short-term, all-access pass to its massive library.

DC Universe Infinite (Free Trial): Similar to Marvel Unlimited, this service provides free trial periods to explore its extensive catalog of DC Comics.

Hoopla: A fantastic, free service that partners with public libraries, allowing you to borrow and read thousands of digital comics with your library card.

Libby: Another great library-based app that provides free access to your local library’s digital collection of comics and graphic novels.

Free vs. Paid Read Comics Online for Free Sites: What’s the Difference? FeatureFree comic sitesPaid Comic Sites (e.g., Marvel Unlimited)Content LibraryOften a limited or rotating selection of free issues, public domain comics, or new chapters.Access to a vast, deep back catalog of thousands of comics from a specific publisher or across multiple publishers.New ReleasesNew chapters are often released on a delay or as part of a limited-time promotional offer.Subscribers get access to new issues much faster, sometimes as soon as 30 days after their physical release.User ExperienceCan be ad-supported, with pop-ups and a less refined reading interface.Generally ad-free with a clean, user-friendly interface and advanced reader features.LegalityLegal sites offer public domain works or content with publisher partnerships (e.g., Webtoon, VIZ Media). Other sites may host unauthorized content.Typically fully legal platforms with licenses from publishers, ensuring creators are compensated.CostCompletely free, making it an excellent option for casual readers or those on a budget.Requires a monthly or annual subscription fee, offering a “buffet” model for avid readers.OwnershipYou do not “own” the content and your access is tied to the platform’s availability.You have access as long as your subscription is active, but you typically don’t own digital files. Tips for Safe and Enjoyable Read Comics Online for Free

For a safe and enjoyable comic reading experience, it’s crucial to be mindful of both digital security and your personal reading habits.

Stick to Legal and Reputable Sites: Always use well-known platforms like those listed previously. These sites have the proper licenses and ensure that creators are compensated. Avoid sites that feel suspicious, have a large number of pop-up ads, or offer a huge library of copyrighted material for free without a clear business model. Be Cautious of Phishing and Malware: Illegal streaming or download sites can expose you to security risks. Watch out for suspicious download buttons or prompts to install an app. Always be skeptical of any site that asks for personal information, credit card details, or a log-in to a third-party service without a clear, trustworthy reason. Optimize Your Reading Environment: A comfortable reading experience can make a huge difference. Use a device with a screen large enough to view the art clearly, and adjust the brightness to prevent eye strain. Many apps and websites have a “dark mode” or “night mode” setting that can be helpful for reading in low light. Understand Reading Order: Some comic series, especially from major publishers like Marvel and DC, can have complex reading orders that jump between different series and events. If you’re reading a major title, a quick search for a “reading guide” for that specific storyline can help you follow the narrative without getting lost. Explore Different Genres and Art Styles: Don’t limit yourself to just one type of comic. The world of comics is incredibly diverse, from superhero adventures to slice-of-life, horror, and historical fiction. Try different genres and explore works by various artists to find what resonates with you. Conclusion

Thanks to the internet, accessing a vast universe of stories is easier than ever. Whether you’re a fan of superheroes, manga, or indie tales, you have plenty of legal and free options to choose from. By sticking to reputable platforms like Webtoon and Hoopla, you can enjoy a safe and high-quality reading experience while supporting the creative industry. So, go ahead – pick a site from our list and start your next comic book adventure today.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Top Sites to Read Comics Online for Free appeared first on Herond Blog.

The post Top Sites to Read Comics Online for Free appeared first on Herond Blog.


Spherical Cow Consulting

Who Really Pays When AI Agents Run Wild? Incentives, Identity, and the Hidden Bill

Google recently gave us something we’ve been waiting on for years: hard numbers on how much energy an AI prompt uses. According to their report, the median Gemini prompt consumes just 0.24 watt-hours of electricity — roughly running a microwave for a second — along with some drops of water for cooling. The post Who Really Pays When AI Agents Run Wild? Incentives, Identity, and the Hidden Bill a

“Google recently gave us something we’ve been waiting on for years: hard numbers on how much energy an AI prompt uses.”

According to their report, the median Gemini prompt consumes just 0.24 watt-hours of electricity — roughly running a microwave for a second — along with a few drops of water for cooling.

On its face, that sounds almost negligible. But the real story isn’t the number itself. It’s about incentives: who benefits, who pays, and how those dynamics shape how we deploy AI.

A Digital Identity Digest Who Really Pays When AI Agents Run Wild? Incentives, Identity, and the Hidden Bill Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:11:21 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

A history lesson from the cloud

To understand how incentives can blindside us, let’s revisit the cloud computing boom. You remember that, right? “Save all the money! Get rid of your datacenter! Cloud computing ftw!”

In 2021, Sarah Wang and Martin Casado of Andreessen Horowitz published “The Cost of Cloud: A Trillion-Dollar Paradox.” They showed how cloud services, while indispensable for speed and agility, became a drag on profitability at scale. Dropbox famously repatriated workloads back from public cloud and saved $75 million over two years — a shift that doubled their gross margins from 33% to 67%. CrowdStrike and Zscaler adopted hybrid approaches for similar reasons.

The takeaway: Early incentives reward adoption. But when the bills grow large enough, cost discipline suddenly becomes a board-level issue. By then, inefficiency is already baked into operations.

AI energy use is following the same arc. Vendors and enterprises alike are celebrating adoption, but the hidden costs are waiting to surface.

The incentives for vendors

AI vendors want mass adoption, and their incentives reflect that. They’ll emphasize efficiency gains — like Gemini’s 33-fold reduction in energy per query from 2024 to 2025, according to their recent report — but those are selective disclosures.

As the MIT Tech Review story “In a first, Google has released data on how much energy an AI prompt uses” pointed out, disclosures become marketing tools without standardized metrics. Vendors reveal what flatters them, not necessarily what helps customers make better choices.

And the race to ship bigger, more capable models only deepens this misalignment. Scale brings revenue. The energy, water, and carbon costs? Those are someone else’s problem.

The incentives for enterprises

Enterprises often don’t see the full picture either. A cloud invoice hides the per-prompt costs. IAM and security teams grant permissions to agents, but they don’t own the sustainability budget. Sustainability teams, meanwhile, don’t have visibility into permissions and entitlements.

The result: over-provisioning goes unnoticed. AI agents are allowed to “just run,” and every permissioned action quietly consumes resources. Those costs add up, but they land in someone else’s ledger, often long after the decisions were made.

This is the same organizational mismatch cloud adoption created: IT ops pays the bill, developers get the flexibility, and the CFO finds out later. AI is just the next chapter.

Incentives and regulation

Here’s where things start to change. Environmental, Social, and Governance (ESG) reporting isn’t optional anymore; regulators are giving incentives real teeth.

United States: The SEC’s new climate disclosure rule requires large public companies to report greenhouse gas emissions. Failure to comply has already resulted in multimillion-dollar fines for ESG misstatements, like Deutsche Bank’s $19M settlement. Europe: The EU’s Corporate Sustainability Reporting Directive (CSRD) sets steep penalties. In Germany, fines can reach €10 million or 5% of turnover. In France, executives risk prison time for obstructing disclosures. Australia: Directors must certify sustainability data as part of financial filings. Failure to comply can trigger civil penalties in the hundreds of millions, with individuals personally liable for up to AUD 1.565 million.

None of this is about fearmongering. (OK, maybe it’s a little bit of fearmongering in the hope of catching your attention.) It’s also a reality. Boards are now directly accountable for climate and resource disclosures. AI usage may feel “small” at the per-prompt level, but at enterprise scale, it becomes part of that regulatory picture.

Where identity comes in

So where does identity fit?

Every AI-agent action isn’t just a governance event; it’s also a consumption event. Permissions are no longer just about who can do what. They’re also about what we’re willing to pay, financially and environmentally, for them to do it.

Standing access matters here, too. A human user with unused entitlements is a risk; an AI with broad entitlements is a resource leak. It will happily keep churning until someone tells it to stop — and by then the costs have already piled up.

Imagine if your audit logs evolved to show not just “who accessed what,” but “how much energy and water those actions consumed.” It sounds futuristic, but sustainability reporting is heading in that direction. IAM teams may find themselves pulled into ESG conversations whether they want to be or not.

Runtime governance as sustainability

Earlier, I argued that runtime governance is essential when AIs can act faster than human oversight cycles. Here’s the sustainability angle: runtime checks can throttle not just security risks, but waste.

Deny agents the ability to hammer a system with brute-force permutations. Flag actions that consume far more resources than typical queries. Revoke unnecessary entitlements before they become both a risk and an expense.

Governance is shifting from “is this allowed?” to “is this worth it?”

Bridging past lessons with today’s challenges

The hidden costs of the cloud were supposed to teach us that efficiency ignored eventually becomes inefficiency entrenched. I’m not convinced people and organizations have learned that lesson, but regardless, AI is repeating that story, with energy, water, and carbon as the currencies.

Like cloud spend, AI resource usage may start small, but it scales faster than oversight cycles. And when regulations demand transparency, boards will want answers.

Identity leaders are uniquely positioned here. Permissions are the gate between an agent’s intent and its actions. Expanding the governance lens to include consumption could help organizations stay ahead of both the bills and the regulators.

Putting it together

So let’s put this together:

Vendors are incentivized by adoption and scale, not efficiency. Enterprises have silos that hide true costs. Regulators are introducing real penalties for climate and resource misstatements. Identity teams are sitting at the chokepoint, granting permissions that double as consumption choices.

The shift isn’t about turning identity professionals into sustainability officers. It’s about recognizing that incentives travel with permissions. And when permissions scale through AI, the hidden costs travel with them.

So here’s my question for you: have you seen incentives around AI use in your organization, good or bad? And if so, how did those incentives shape the choices your teams made?

Because incentives aren’t just a policy issue or a compliance box. They’re the difference between governance, which you can explain to your board, and governance, which you only notice when the bill or the fine arrives.

If you’d rather track the blog than the podcast, I have an option for you! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here

Transcript

[00:00:29] Hi everyone, and welcome back to A Digital Identity Digest. I’m Heather Flanagan, and today we’re going to talk about something that’s only just starting to make the headlines: what happens when AI agents run wild—and who actually ends up footing the bill.

Spoiler alert: it’s probably not the vendors themselves, and it’s probably not who you think inside your own organizations either.

[00:00:53] In this episode, we’ll explore:

The incentives driving AI adoption The role of identity in hidden costs The growing regulatory landscape around sustainability Setting the Stage

[00:01:04] What inspired today’s conversation is a recent Google report that finally revealed some long-awaited data: how much energy a single AI prompt consumes.

[00:01:20] Their findings? The median Gemini prompt uses about 0.24 watt hours of electricity.

[00:01:28] To put it in perspective:

That’s like running your microwave for one second, plus a few drops of water for cooling. At first glance, it seems tiny. But at scale, millions of these “drops in the ocean” can eventually flood entire continents.

[00:01:46] The real story isn’t about that single number. Instead, it’s about the incentives behind those numbers—who benefits, who pays, and how those dynamics shape AI deployment.

Lessons from the Cloud

[00:01:57] To understand today’s AI landscape, let’s rewind to the early days of cloud computing. Remember the pitch? “Save money, get rid of your data center—cloud computing for the win.”

[00:02:20] But by 2021, Sarah Wang and Martin Casado at Andreessen Horowitz highlighted the Trillion Dollar Paradox:

Cloud was amazing for speed and agility. Yet at scale, it dragged on profitability.

[00:02:30] Dropbox learned this firsthand, repatriating workloads from the public cloud and saving $75 million over two years—doubling their margins in the process.

[00:02:51] The key lesson? Early incentives reward adoption. But once costs balloon, discipline becomes a board-level issue.

[00:03:10] AI is following the same arc. We’re in the “woohoo adoption” phase now, but hidden costs are waiting to catch up.

Vendor Incentives

[00:03:24] Let’s start with the incentives for LLM vendors. These are crystal clear: encourage mass adoption.

[00:03:33] Vendors emphasize efficiency gains. Google bragged about a 33-fold reduction in energy per query between 2024 and 2025.

[00:03:43] Sounds impressive. But disclosures are:

Not standardized Highly selective Designed to flatter the vendor, not inform customers

[00:03:53] Meanwhile, the race for bigger, flashier, more capable models continues. The revenue comes in, but the energy, water, and carbon costs are left as someone else’s problem.

Enterprise Incentives

[00:04:09] For enterprises, the picture is murkier. Why? Because:

Cloud invoices hide the per prompt cost. IAM and security teams grant permissions but don’t own the sustainability budget. Sustainability teams lack visibility into entitlements.

[00:04:34] The result?

Over-provisioning goes unnoticed. AI agents run unchecked. Bills land on someone’s desk long after the fact—often someone who had no say in granting permissions.

[00:04:58] This is déjà vu from the cloud era. Ops pays the bill, developers enjoy flexibility, and the CFO discovers the hit too late.

Regulators Enter the Chat

[00:05:03] Unlike the early cloud days, regulators are already watching. ESG (Environmental, Social, and Governance) reporting is now mandatory in many regions.

[00:05:15] Examples include:

United States: SEC Climate Disclosure Rule, with fines already issued (e.g., Deutsche Bank’s $19M settlement). Europe: Corporate Sustainability Reporting Directive (CSRD), with penalties up to €10 million or 5% of turnover. France: Executives can face prison time for obstructing disclosures. Australia: Civil penalties can reach hundreds of millions, with directors personally liable.

[00:06:20] This isn’t fearmongering—it’s reality. Boards are accountable, and one AI prompt may seem trivial, but multiplied across millions of queries, it becomes a regulatory reporting item.

Where Identity Comes In

[00:06:38] Every AI agent action is more than a governance event—it’s also a consumption event.

Permissions = not just who can do what, but what we’re willing to pay financially and environmentally. An unused human entitlement is a risk. An AI with broad entitlements is a resource leak that runs until stopped.

[00:07:15] Imagine if audit logs didn’t just say who accessed what, but also recorded how much energy and water were consumed.

[00:07:24] That may sound futuristic, but sustainability reporting is moving that way. IAM teams could soon be pulled into ESG discussions—whether they feel it’s their role or not.

Governance Shifts

[00:07:37] Governance isn’t just about security anymore. With AI, it’s about balancing risk and resource consumption.

Runtime checks can throttle wasteful AI actions. Agents can be denied brute-force or high-cost queries. Entitlements can be revoked before they pile up into risks—or expenses.

[00:08:07] Governance now asks not only “Is this allowed?” but also “Is this worth it?”

History Repeats Itself

[00:08:14] Cloud should have taught us that ignored inefficiency becomes entrenched inefficiency. Once it’s embedded in infrastructure, it’s painfully hard to extract.

[00:08:38] AI is repeating that story—with water, energy, and carbon as the new currencies.

[00:08:54] When regulators demand transparency, boards will expect clear, defensible answers. And that’s where identity leaders can step up.

[00:09:01] Permissions sit at the choke point between agent intent and agent action. Expanding governance to include consumption metrics gives organizations a head start on both the bills and regulatory scrutiny.

Bringing It All Together

[00:09:16] To recap:

Vendors chase adoption and scale, not efficiency. Enterprises operate in silos that hide true costs. Regulators are introducing significant penalties for ESG misstatements. Identity teams control permissions, which now double as consumption risks.

[00:09:41] IAM professionals don’t need to become sustainability officers. But they must recognize that incentives travel with permissions—and when AI scales, costs scale too.

[00:09:57] So here’s the key question:
Have you seen incentives around AI use in your organization—good or bad? And how are those incentives shaping your team’s decisions?

Because incentives aren’t just about compliance checkboxes. They’re the difference between proactive governance, you can explain to your board, and reactive governance, you only notice when the bill—or the fine—lands on your desk.

Closing Thoughts

[00:10:23] That’s it for this episode of A Digital Identity Digest. If you found it useful, subscribe to the podcast or visit the written blog at sphericalcowconsulting.com for reference links.

[00:10:45] If this episode brought clarity—or at least sparked curiosity—share it with a colleague and connect with me on LinkedIn at lflanagan. Don’t forget to subscribe and leave a review on Apple Podcasts or wherever you listen.

Stay curious, stay engaged, and let’s keep these conversations going.

The post Who Really Pays When AI Agents Run Wild? Incentives, Identity, and the Hidden Bill appeared first on Spherical Cow Consulting.


Herond Browser

How to Buy Quarden Token: A Step-by-Step Guide for Beginners

This guide is designed for beginners, breaking down the process of buying Quarden Token into simple, manageable steps. The post How to Buy Quarden Token: A Step-by-Step Guide for Beginners appeared first on Herond Blog. The post How to Buy Quarden Token: A Step-by-Step Guide for Beginners appeared first on Herond Blog.

Thinking about adding Quarden Token to your crypto portfolio? You’re in the right place. This guide is designed for beginners, breaking down the process of buying Quarden Token into simple, manageable steps. We’ll cover everything you need to know, from setting up a secure crypto wallet to making your first purchase, so you can start your journey with confidence.

What Is Quarden Token?

Quarden Token (QDT) is the native cryptocurrency of the Quarden platform, an innovative digital marketplace that leverages blockchain technology to facilitate secure and accessible trading for both individuals and businesses. The token plays a central role in the platform’s ecosystem, enabling a range of functionalities, from streamlined transactions to reduced fees. By using the Quarden Token, users can engage in a new era of digital commerce that is efficient, transparent, and secure.

Step-by-Step Guide to Buying Quarden Token

Acquiring Quarden Token (QDT) can be done through a few different methods, but the most common for beginners is via a centralized exchange (CEX) or a decentralized exchange (DEX). Here is a general step-by-step guide to help you navigate the process.

Step 1: Choose a Crypto Exchange

The first step is to decide where you will buy the token.

Centralized Exchanges (CEXs): These are platforms like Binance or KuCoin. They are user-friendly, offer a simple interface, and typically allow you to buy crypto with fiat currency (like USD or EUR) via credit/debit card or bank transfer. Check if Quarden Token (QDT) is listed on your preferred exchange. Decentralized Exchanges (DEXs): These exchanges, like Uniswap, allow you to trade directly from your crypto wallet without an intermediary. This method offers greater privacy but can be more complex for beginners and requires you to first own a base cryptocurrency (like Ethereum or another token on the same blockchain). Step 2: Create an account and verify Your Identity

If you choose a CEX, you’ll need to create an account. This usually involves:

Providing an email address and creating a secure password. Completing a “Know Your Customer” (KYC) verification process, which often requires you to upload a photo of your ID. This is a standard security measure. Step 3: Fund Your Account

Once your account is set up and verified, you need to add funds.

CEX: You can deposit fiat currency using a credit/debit card or a bank transfer. DEX: You will need to first purchase a base cryptocurrency (like ETH) from a CEX or another source and then send it to your crypto wallet. Step 4: Buy Quarden Token (QDT)

Now you’re ready to make your purchase.

On a CEX: Navigate to the trading section of the exchange. Search for the Quarden Token (QDT) trading pair (e.g., QDT/USDT or QDT/ETH). Enter the amount you wish to buy and execute the trade. On a DEX: Connect your crypto wallet to the DEX. Select your base currency and the Quarden Token (QDT). You may need to manually add the token’s contract address to the DEX if it’s not listed by default. Be extremely cautious and always get the official contract address from the Quarden website or a reliable source like CoinMarketCap to avoid scams. Once selected, confirm the swap. Step 5: Store Your Quarden Token Securely

After purchasing, it’s highly recommended to transfer your Quarden Token to a secure, self-custody crypto wallet (like Trust Wallet or MetaMask). Leaving your tokens on an exchange exposes them to potential security risks. “Not your keys, not your coins” is a well-known adage in the crypto world, emphasizing the importance of holding your own private keys.

Tools and Platforms for Buying Quarden Token

To buy Quarden Token (QDT), you will need to use a crypto exchange and a secure wallet.() Here are some common platforms and tools you might use in the process:

Crypto Exchanges Centralized Exchanges (CEXs): These are platforms that facilitate trading and are often the most straightforward option for beginners. They act as an intermediary, holding your funds in an account. Some of the most popular CEXs that may support Quarden Token (QDT) or other tokens you can use to buy them include: Binance: One of the world’s largest exchanges, known for a wide variety of cryptocurrencies and a user-friendly interface. KuCoin: A popular exchange with a large selection of altcoins, including new or less-common tokens. Gate.io: A robust platform that often lists new projects and has a wide range of trading pairs. Decentralized Exchanges (DEXs): These platforms allow for direct peer-to-peer trading without an intermediary. You connect your personal wallet and swap tokens. DEXs are a key part of the decentralized finance (DeFi) ecosystem. Uniswap: A leading DEX on the Ethereum network, often in the first place new tokens are available for trading. Crypto Wallets

A crypto wallet is essential for securely storing your Quarden Token after you purchase it. Wallets can be categorized as “hot” (connected to the internet) or “cold” (offline).

Software Wallets (Hot Wallets): These are applications you can install on your computer or smartphone. They are convenient for frequent trading. MetaMask: A widely used wallet, particularly for the Ethereum network and its tokens. Trust Wallet: A popular mobile-first wallet known for its security and support for a vast number of cryptocurrencies. Coinbase Wallet: A self-custody wallet that is a separate product from the Coinbase exchange, allowing you to manage your own private keys. Hardware Wallets (Cold Wallets): These are physical devices that store your private keys offline, providing the highest level of security against hacks and malware. Ledger Nano X: A highly-rated hardware wallet that supports a wide range of cryptocurrencies. Trezor Model T: Another top-tier hardware wallet known for its security features.

Always verify that the wallet you choose is compatible with the blockchain on which Quarden Token (QDT) operates and that you are downloading the official app or software from a trusted source.

Tips for Safe Quarden Token Purchases

As with any cryptocurrency, exercising caution and following best practices is essential for securing your investment in Quarden Token. Crypto space, while full of innovation, is also a target for scams and fraudulent activities.

Verify the Official Contract Address

Before making any transaction on a decentralized exchange (DEX), double-check that you have the correct and official contract address for Quarden Token (QDT). Scammers often create fake tokens with similar names to trick users. Always get the address from the official Quarden website or a trusted, reputable source like CoinMarketCap or CoinGecko.

Use Secure Wallets

After purchasing your tokens, it is strongly recommended to move them off the exchange and into a secure, self-custody wallet. For long-term storage, a hardware wallet (cold storage) offers the highest level of security as it keeps your private keys offline.

Enable Two-Factor Authentication (2FA)

Always enable 2FA on any exchange account or platform you use. This adds an extra layer of security, making it much more difficult for an unauthorized person to access your account, even if they have your password.

Beware of Phishing and Scams

Be skeptical of unsolicited messages, emails, or social media posts promising giveaways or special investment opportunities related to Quarden Token. These are almost always scams. Never share your private keys, seed phrases, or passwords with anyone.

Do Your Own Research (DYOR)

The most important tip is to conduct thorough research. Understand the project’s whitepaper, its use case, and the team behind it. Do not invest more than you can afford to lose, and be aware of the volatility inherent in the cryptocurrency market.

Conclusion

Buying Quarden Token (QDT) can be a straightforward process once you understand the key steps involved. By following this guide, from selecting a secure exchange to storing your tokens safely in a crypto wallet, you can confidently add QDT to your portfolio. As with any investment, always prioritize security and conduct your own research to make informed decisions in the dynamic world of cryptocurrency.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post How to Buy Quarden Token: A Step-by-Step Guide for Beginners appeared first on Herond Blog.

The post How to Buy Quarden Token: A Step-by-Step Guide for Beginners appeared first on Herond Blog.


iComply Investor Services Inc.

AML in Real Estate: Source of Funds, Identity, and Global Risk Controls

From complex ownership to offshore funding, real estate is high-risk for money laundering. This guide shows how iComply helps brokers, lawyers, and lenders simplify AML compliance across jurisdictions.

Real estate professionals face rising AML scrutiny across markets. This article breaks down identity verification, source of funds, and beneficial ownership rules in the U.S., Canada, UK, EU, and Australia – and shows how iComply helps automate compliance across agents, lawyers, and lenders.

Real estate is a prime target for financial crime. High-value transactions, opaque ownership structures, and limited oversight have made the sector vulnerable to money laundering worldwide.

From regulators to investigative journalists, scrutiny is intensifying, compliance expectations are evolving. Brokers, lawyers, developers, mortgage professionals, and title companies all have a role to play.

Shifting AML Expectations in Real Estate United States Regulators: FinCEN, state real estate commissions Requirements: Geographic targeting orders (GTOs), beneficial ownership reporting (CTA), SARs, and KYC for buyers and entities Canada Regulators: FINTRAC, provincial real estate councils Requirements: KYC, source of funds verification, PEP/sanctions screening, STRs, and compliance program requirements (as reinforced by the Cullen Commission) United Kingdom Regulators: HMRC, FCA (for lenders), SRA (for law firms) Requirements: Client due diligence, UBO checks, transaction monitoring, and compliance under MLR 2017 European Union Regulators: National AML authorities under AMLD6 Requirements: Risk-based customer due diligence, UBO transparency, STRs, and GDPR-aligned reporting Australia Regulator: AUSTRAC (legislation pending for real estate-specific coverage) Requirements: AML risk management for law firms, lenders, and trust accounts; expected expansion to include property professionals Real Estate-Specific Risk Factors

1. Complex Ownership Structures
Use of shell companies, nominees, and trusts can obscure true buyers.

2. Source of Funds Obscurity
Large cash deposits or offshore funding require enhanced scrutiny.

3. Multi-Party Transactions
Buyers, sellers, agents, lawyers, lenders, and developers often use disconnected systems.

4. Regulatory Patchwork
Requirements vary by jurisdiction and professional role.

How iComply Helps Real Estate Professionals Stay Compliant

iComply enables unified compliance across real estate workflows—from individual onboarding to multi-party coordination.

1. Identity and Entity Verification KYC/KYB onboarding via secure, white-labeled portals Support for 14,000+ ID types in 195 countries UBO discovery and documentation 2. Source of Funds Checks Collect and validate financial statements, employment records, or declarations Risk-based automation of EDD triggers Document retention for regulator inspection 3. Sanctions and Risk Screening Real-time screening of all participants (buyers, sellers, brokers, law firms) Automated refresh cycles and trigger alerts 4. Cross-Party Case Collaboration Connect agents, legal counsel, and lenders in a single audit-ready file Assign roles, track tasks, and escalate within shared dashboards 5. Data Residency and Privacy Compliance Edge computing ensures PII is encrypted before upload Compliant with PIPEDA, GDPR, and U.S. state laws On-premise or cloud deployment options Case Insight: Vancouver Brokerage

A Canadian real estate firm used iComply to digitize ID checks and SoF verification for domestic and foreign buyers:

Reduced onboarding time by 65% Flagged two nominee structures linked to offshore trusts Passed a FINTRAC audit with zero deficiencies Final Take

Real estate professionals can no longer afford fragmented compliance. With global pressure mounting, smart automation ensures faster onboarding, better oversight, and fewer audit risks.

Talk to iComply to learn how we help brokers, lawyers, and lenders unify AML workflows – without slowing down the deal.


PingTalk

Accelerating Financial Service Innovation With Identity-Powered Open Banking in the Americas

Explore how financial institutions across the Americas are using open banking and identity-powered APIs to drive innovation, enhance security, and deliver personalized customer experiences.

Open banking is rapidly becoming a critical plank of digital innovation in the financial services industry across both North and South America. Whether driven by regulation, market innovation, or consumer demand, the financial industry across both continents is increasingly embracing a standards-based, application programming interface (API)-first mindset in a bid to accelerate hyper-personalization, trust-based relationships, and value upsell.

 

While digital challengers continue to capture digitally-savvy customers, incumbent providers are scrambling to meet the increasing demand for seamless and customer-centric experiences in a bid to maintain competitiveness. What might come as a surprise, is this paradigm shift is underpinned by technical standards that govern financial-grade APIs (FAPIs) interacting with enterprise-grade identity and access management (IAM). 

 

The battle for market share in North and South American banking, and indeed the wider financial services industry, will hinge on the degree to which financial service providers embrace these technologies and industry standards and leverage underlying investments to deliver differentiated customer experiences.

 


auth0

Four Identity Security Essentials for a Trusted AI Agent Strategy

Is your AI agent strategy truly secure? Discover how robust customer identity and access management (CIAM) can build trust and protect your business.
Is your AI agent strategy truly secure? Discover how robust customer identity and access management (CIAM) can build trust and protect your business.

FastID

Teach Your robots.txt a New Trick (for AI)

Control how AI bots like Google-Extended and Applebot-Extended use your website content for training. Update your robots.txt file with simple Disallow rules.
Control how AI bots like Google-Extended and Applebot-Extended use your website content for training. Update your robots.txt file with simple Disallow rules.

Monday, 15. September 2025

Thales Group

Thales is a major contributor to the success of SAMP/T NG selected by the Danish Ministry of Defence

Thales is a major contributor to the success of SAMP/T NG selected by the Danish Ministry of Defence prezly Mon, 09/15/2025 - 19:05 • The Danish Ministry of Defence has selected SAMP/T NG to strengthen its air defence and ensure interoperability with European and NATO armed forces. • The SAMP/T NG system is a mobile ground-to-air system designed to intercept and destroy medium ra
Thales is a major contributor to the success of SAMP/T NG selected by the Danish Ministry of Defence prezly Mon, 09/15/2025 - 19:05

• The Danish Ministry of Defence has selected SAMP/T NG to strengthen its air defence and ensure interoperability with European and NATO armed forces.

• The SAMP/T NG system is a mobile ground-to-air system designed to intercept and destroy medium range ballistic missiles, aircraft and drones.

• Thales, integrator of the SAMP/T NG system in collaboration with MBDA, also provides the Ground Fire air defence surveillance radar. Produced in series since the beginning of the year 2025, this radar offers revolutionary performance with a range of up to 400 km and panoramic coverage at 360° and 90° elevation.


SAMP/T NG (c)eurosam

Initially designed to handle the Aster family’s ammunition (A30 B1 and A30 B1NT), for which Thales provides the seeker, a key element in missile guidance, each Danish section of the SAMP/T NG will rely on Thales's Ground Fire radar, as well as on the Command and Control (Engagement Module New Generation), for which Thales is the design authority, and which is produced by Thales in cooperation with MBDA.

Based on fully digital active electronically scanned antennas (AESA) technology, the Ground Fire radar offers a high level of performance to detect, track and classify numerous targets, including in the most complex environments such as mountainous regions and high-traffic airspace. This radar offers a refresh rate of only 1 second and a surveillance capacity up to 400 km, with panoramic coverage at 360° and 90° elevation. It is capable of detecting drones, as well as ballistic missiles, taking advantage of the mobility of a tactical radar.

The open architecture of the SAMP/T NG system, designed by Thales, facilitates its integration and interoperability with other European systems, thus enhancing the air defence capabilities of the continent. The Ground Fire ensures strategic autonomy, with high operational readiness. Its design allows a high level of mobility, with reduced installation and dismantling times and compact dimensions equivalent to those of an ISO transport container.

The Ground Fire maximizes the performance of the new generation ASTER 30 and positions France among the leaders in air defence and medium-range antimissile defence.

The SAMP/T NG programme is overseen by the Organisation Conjointe de Coopération en matière d'Armement (OCCAR). Eurosam, a joint-venture between Thales and MBDA, is the lead contractor for the entire system.

“Thales is honoured by the choice made by the Danish authorities. With Eurosam and MBDA, we sincerely thank our client for their trust. The Danish armed forces will benefit from a state-of-the-art system to guarantee the protection of their airspace and contribute to the defence of European countries and NATO.” said Hervé Dammann, Executive Vice-President, Land and Air Systems, Thales.

Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.

The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies. Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.

 

/sites/default/files/prezly/images/sans%20A-1920x480px_117.jpg Contacts Cédric Leurquin 15 Sep 2025 Type Press release Structure Defence and Security Defence Denmark • The Danish Ministry of Defence has selected SAMP/T NG to strengthen its air defence and ensure interoperability with European and NATO armed forces. prezly_796826_thumbnail.jpg Hide from search engines Off Prezly ID 796826 Prezly UUID 63636f29-9edf-4fd2-8c5f-aae93031cc7f Prezly url https://thales-group.prezly.com/thales-is-a-major-contributor-to-the-success-of-sampt-ng-selected-by-the-danish-ministry-of-defence Mon, 09/15/2025 - 21:05 Don’t overwrite with Prezly data Off

Elliptic

Crypto regulatory affairs: New Wolfsberg Group guidance opens door to bank partnerships with stablecoin issuers

New guidance from the Wolfsberg Group - a collection of twelve major global banks that sets industry guidelines for financial crime risk management - offers a blueprint for banks that wish to offer services to stablecoin issuers in a safe and sound manner.  The Wolfsberg Group’s guidance on the provision of banking services to stablecoin issuers, published on September 8, comes at

New guidance from the Wolfsberg Group - a collection of twelve major global banks that sets industry guidelines for financial crime risk management - offers a blueprint for banks that wish to offer services to stablecoin issuers in a safe and sound manner. 

The Wolfsberg Group’s guidance on the provision of banking services to stablecoin issuers, published on September 8, comes at a time when a growing number of banks are exploring opportunities to innovate through digital assets and stablecoins. In addition to launching their own stablecoins, a growing number of banks are exploring how they can offer services - such as reserve management, operating accounts, and others - to stablecoin issuers. 

New regulatory requirements on stablecoins coming into effect around the world from the US, European Union Asia-Pacific (APAC), and elsewhere require that stablecoin issuers maintain full backing of their token with adequate reserves held at a supervised financial institution. As such, the banking industry stands to play an important role in the rapidly growing stablecoin ecosystem - and providing services to issuers has the potential to serve as a new and attractive revenue stream for banks that can do so in a compliant manner. 

Doing so, of course, requires that banks take steps to manage risks associated with stablecoin issuer relationships they establish - and the Wolfsberg Guidance establishes several principles that banks should follow. Importantly, the guidance rests on the notion that banks should be able to leverage existing anti-money laundering and countering the financing of terrorism (AML/CFT) risk management principles and frameworks that they already apply in their broader compliance and government arrangements, without having to reinvent the wheel. 

In particular, the Wolfsberg guidance encourages banks to draw on correspondent banking standards when conducting AML/CFT due diligence on stablecoin issuers they service. Thus, at onboarding and on an ongoing basis, a bank should apply a risk-based approach to evaluating the risk associated with issuers. This should include taking account of the nature of the relationship, the issuer’s regulatory status, the sufficiency of its own AML/CFT arrangements, and information about the nature and purpose of its underlying stablecoin ecosystem. 

On this last point, Wolfsberg advises that a bank’s compliance team should assess whether the issuer has an understanding of financial crime risks inherent in its stablecoin ecosystem, and the nature of controls - including blockchain analytics solutions - that the issuer uses to ensure that it operates in a manner consistent with its own risk appetite. 

When it comes to monitoring the stablecoin issuer’s banking activity, Wolfsberg further advises that the bank should focus on risk based monitoring arrangements that allow the bank to assess whether the issuer is adhering to its stated risk appetite. Using a risk-based approach, a bank’s compliance team may opt to leverage blockchain analytics solutions that allow the bank to verify its due diligence on the issuer and identify any significant changes to the issuer’s risk profile. 

The Wolfberg Guidance is an important step forward in enabling banks to engage with the stablecoin space in a manner consistent with long-standing AML/CFT risk management principles - and will help to bolster the nascent regulatory regimes that offer a foundation for the growth and increasing adoption of stablecoins.

To learn more about the Wolfsberg guidance on banking stablecoin issuers and its implications for on-chain monitoring arrangements, read our full analysis here.  


Dark Matter Labs

What’s guiding our Regenerative Futures?

Expanding our view toward six guiding principles for regenerative practice. Image: Dark Matter Labs. Adapted from Jan Konietzko, ‘Carbon Tunnel Vision’. Possibilities for the Built Environment, part 1 of 3 This is the first in a series of three provocations, which mark the cumulation of a collaborative effort between Dark Matter Labs and Bauhaus Earth to consider a regenerative future fo
Expanding our view toward six guiding principles for regenerative practice. Image: Dark Matter Labs. Adapted from Jan Konietzko, ‘Carbon Tunnel Vision’. Possibilities for the Built Environment, part 1 of 3

This is the first in a series of three provocations, which mark the cumulation of a collaborative effort between Dark Matter Labs and Bauhaus Earth to consider a regenerative future for the built environment as part of the ReBuilt project.

In this publication, we lay out the historical, professional and theoretical context for the contemporary push toward regenerative practice, and offer six guiding principles for a regenerative built environment, looking beyond profit tunnel-vision. In the second and third pieces, we propose pathways, configurations and indicators of the transformation our team envisions.

What isn’t regenerative? Debunking a misconception

When it was completed in 2014, Bosco Verticale, a pair of 40-story residential towers on Milan’s outskirts, was celebrated as an example of leading-edge regenerative building design for the 800 or so trees cascading from its balconies. In describing the project, its architect Stefano Boeri sketches the figure of the “biological architect”, who is driven by biophilia and prizes sustainability above other design concerns. Praise for Bosco Verticale, in the architectural press and beyond, implies that the development’s vegetal adornments represent a meaningful substitution of traditional building materials with bio-based ones, and further that measures supporting biodiversity constitute climate-positive architecture.

The list of green credentials associated with the project ignores other characteristics of Bosco Verticale that don’t align with this vision. The steel-reinforced concrete structure was designed with unusually substantial 28cm deep slabs to support the vegetation’s weight (which totals an estimated 675 metric tons) and associated dynamic loads. Considering that this slab depth is about twice that of comparable buildings without the green facade, the embodied carbon associated with the project’s 30,000m² floor slabs alone is approximately double that of a standard building.

In tandem, an existing workspace for local artists and artisans based in a former industrial building was demolished to make space for the premium residential units accessible only to the few. Although a replacement workspace was eventually built nearby, the structure’s regenerative aspirations are weighed down by profound contradictions beneath the leafy surface.

Certainly, Bosco Verticale is significant as an exceptional investment in urban greening on the part of the developer, and as a leading-edge demonstration of innovations that enhance the multiple benefits of green infrastructure. Bosco Verticale contributed to the viability of future developments that extend the geographic reach of urban greening discourse into new geographies: copy-cat schemes have been built in East Asia and elsewhere. However, it’s clear that Bosco Verticale fails to stand up to a holistic consideration of what regenerative building looks like. Many voices overlooked the social and material impacts of the project, instead dazzled by the urban greening.

Puzzle pieces of the regenerative

In recent years, societies worldwide have become familiar with weather events and political shifts that were unprecedented or previously unthinkable. Six of the nine planetary boundaries that demarcate the safe operating space for humanity were crossed as of 2023. There is now a strong case for the idea that our entangled human and planetary systems exist in a state of polycrisis. Bearing this in mind, what do we mean when we refer to a built environment that is regenerative?

This piece aims to add nuance and system-scale perspective to our working definitions. As examples like Bosco Verticale show, it’s possible to be green in the public eye while counteracting what is regenerative. Perhaps we need new methods to help us understand:

How long a building will last, How its materials will be stewarded, Whether it is built in a context that enables low-carbon living, And what its end of life might involve.

System-scale perspective is needed because the built environment cannot be disentangled from systemic needs like the demand for affordable housing and the reality of physical, material constraints. Although we do need initial demonstrations to spark change, a single, locally-sourced timber building constructed with ethical labour does not define wholly regenerative practice in itself.

What is regenerative?

Regenerative is the term of the moment, yet it remains loosely defined in public discourse: we rely on examples, implicit understandings, and theoretical frameworks to give it meaning. How, then, is it used in particular contexts?

Beyond ‘green’

Regeneration refers to approaches that seek to balance human and natural systems, allowing for coexistence, repair and self-regulation over time.

The regenerative paradigm seeks to look beyond what’s merely ‘green’, and to do net good. A broader lineage of thinking around the term spans agriculture, biology and ecology, medicine, urbanism and design: disciplines and industries that connect to the health and wellbeing of biomes, bodies and buildings. Variation in definition can be observed in different contexts, sectors and aims.

‘Regenerative’: a brief history of the term
The term regenerative began to gain traction in fields including agriculture and development to outline a new paradigm from the 1980s. The US’ Rodale Institute popularised the term ‘regenerative agriculture’ to describe farming systems that go beyond sustainability by improving soil, biodiversity and ecosystem health. The practices invoked are ancient, with precedents across the globe, and rooted in Indigenous land management. However, this specific application of the term ‘regenerative’ articulated an emergent attitude in this period that focused on renewal and improvement of ecological and social systems. The Rodale Institute advanced this concept through research, advocacy, farmer training, publications and consumer education geared toward regenerative organic agriculture, laying the groundwork for its integration into mainstream agricultural discourse and integration into other disciplines.
From the early 2000s, the work of Bill Reed and the Regenesis Institute for Regenerative Practice has anchored the application of regeneration to design fields and the built environment in particular. With a focus on ecosystem renewal and coevolution of human and natural systems, Reed’s framework implies that regenerative design goes beyond sustainability by restoring and renewing ecosystems, integrating humans and nature in a symbiotic relationship. Expanding this idea beyond ecology, many architects and urbanists have adapted Reed’s model to their own corners of their fields, looking for design that doesn’t simply do less harm, but does more good. Bauhaus Earth maps Reed’s familiar bowtie-shaped diagram onto four basic categories for the built environment: from conventional, to green, to restorative and finally regenerative–that which has the greatest positive environmental and social impact.
Across applications, several elements of a core meaning of what is regenerative exist: a focus on supporting systems of different scales to recover from loss, to take on new life, to grow responsively. The evocative nature of this idea, easily applied across different disciplines, has inspired a range of permutations and schools of thought.
Other key references on the regenerative:
1 Regenerative Development, Regenesis Group, 2016.
2 Regenerative Development and Design, Bill Reed and Pamela Mang, 2012.
3 Shifting from ‘sustainability’ to regeneration, Bill Reed, 2007.
4 Towards a regenerative paradigm for the built environment, Chrisna du Plessis, 2011.
5 Doughnut for Urban Development, Home.Earth, 2023.
6 The Regenerative Design Reading List, Constructivist, 2024.
Image: Bauhaus Earth, adapted from Bill Reed’s ‘Trajectory of Ecological Design’

The term’s uses have gained traction and proliferated within the particular historical context of the last half-century, during which concepts like the anthropocene and the full extent of human impact on the planet have been evidenced. As technology has enabled our understanding of the ways in which humanity has degraded our environments — at scales from the cellular to whole earth systems — to grow, so too has our desire for models that point to possible ways to repair this damage. Conceptualising the regenerative across scales and disciplines opens the door to alternative futures in which planetary demise at the hands of humans is not inevitable. The application of the core elements of regenerative theory to fields like architecture has spurred a range of generative and planet-benefitting practices. However, these individual actions, and even the rise of the sustainability paradigm across design fields, cannot override the prevailing limitations of capitalism that continue to increase rates of extraction, social inequality and environmental degradation. As it stands, regenerative approaches continue to be exceptions working against the odds.

The main limitation: political economy

These frameworks were written within academic and industrial contexts, largely from a Western, wealthy nations’ perspective. While regenerative thinking has inspired thinkers across the planet and across fields, attempts to translate these concepts into a global, political economic scale fails to account for deep-seated inequalities. We are limited by the systems and power imbalances in which we’re working. Capitalism, in particular, compounds these blindspots, limiting attempts to translate regenerative thinking into other spaces such as the built environment. As such, while trailblazing organisations, communities and individuals are offering proofs of possibilities in regenerative infrastructure and urbanism, these are currently exceptional cases. It is not yet evident how these ideas can be instantiated at scale to benefit all people and meaningfully address systemic inequalities.

The role for and responsibilities of professionals

The interconnected challenges of this moment invoke new layers of complexity. But if professionals can’t understand or deploy the idea of regeneration, then it won’t guide their decisions and actions.

Extractive activities led by the industrialised global North continue to irreversibly alter our planet at pace, while the transition to renewable energy will involve even higher rates of extraction of critical minerals than those of today. As such, the earth’s systems’ ability to regenerate is stressed more than ever. The built environment, with its outsized responsibility for global carbon emissions associated with construction, building operations and demolition, must admit these impacts and face up to its epoch-defining responsibility. So how do we get off the one-way road of identifying problems without solutions?

There is a separation between perceived responsibility and power in today’s professional landscape. This moment necessitates a shift from individual to collective agency in taking on advocacy for the regenerative potential of the built environment.

Imagine this: you are an architect today, trying to answer the client’s brief by maximising the use of responsibly-sourced bio-based materials, embedding social justice in your design processes and objectives, and considering carbon-storage potential and place stewardship for future generations, while accepting that your brief is to create market-rate apartments. This is nearly impossible in the context of today’s imperative to maximise profits and commodify housing. Architects in the current professional environment are profoundly limited in means to meaningfully address these intersecting priorities, whether one at a time or in concert. Our current economic system simply does not position architects to be the core innovators, as much as Stefano Boeri’s reflections on the Bosco Verticale boast otherwise.

These professional limitations are an indirect signal of the political economy of real estate development and the power relations underpinning the construction industry. Only a systemic shift can address the limitations facing individuals operating within a design scope. To genuinely take on the intersections of ecology, social justice and the built environment, architects need to see their work for all its entanglement with the broader political, economic and social forces, using the tools of the profession and connections, bolstered by connections with aligned collaborators, and their collective power to dismantle the systems of power that limit transformation at across scales.

We’re orienting ourselves toward a future in which there is more latitude for these crucial priorities to be addressed. This future will hold an altered scope for decisions made by architects and other built environment professionals in the course of development processes, and a transition to a regenerative built environment driven by collective commitment.

A growing field: precedents and trailblazers

A range of contemporary initiatives, programmes and projects aim to establish frameworks to define the idea of a regenerative built environment. Drawing on advancements in circular economic thinking, increasing recognition of the significance of embodied carbon in addition to operational carbon in buildings, and as the industry’s understanding of indicators like biodiversity and water use that are tied to planetary boundaries grows, these programmes help experts and the general public to move beyond misconceptions.

Bauhaus Earth emerged in 2021 as an initiative around the use of timber and other bio-based materials for construction and their ability to store carbon. Today, Bauhaus Earth is a research and advocacy organization dedicated to transforming the built environment into a regenerative force for ecological restoration. It brings together experts from architecture, planning, arts, science, governance, and industry to promote systemic change in construction practices.

Index of aligned enquiries

A global range of community-led and grassroots organisations focusing on the work and needs of underserved groups receive grant funding from and can be discovered via the Re:arc Institute.
Non-Extractive Architecture(s)’ directory gathers a global index of projects that rethink the relationship between human and natural landscapes, alongside questions about the role of technology and politics in future material economies. The directory is an ongoing project itself.
A range of related organisations and initiatives in the working ecosystem of Europe can be found in the table below. The range in types of these enquiries represents the broad coalition of stakeholders and types of activity that will be required to activate transformation toward a regenerative built environment.
Index of related initiatives in Europe. For links, see the end of this post.
Bio-based building materials are an important nexus of social and material relations. These materials, which bridge human and earth-based capacities for creation, urge an expanded view of stewardship. Understanding this will enable us to move past a paradigmatic dichotomy between the human and the natural, which enables humans to exploit planetary resources. Bio-based building materials were humans’ first building materials, and over millennia the practices, most notably agricultural and indigenous ones, that created the materials we work with today, have developed in concert with human civilisations and material realities. Holding these strands together, it’s evident why a maintained focus upon bioregionally-sourced and bio-based materiality is crucial for a regenerative future.
For a contemporary design and research practice that focuses on this intersection of agendas, see Material Cultures.
Regeneration across time horizons: shortsightedness and the Capitalocene

As Reed’s Trajectory of Ecological Design diagram and the examples above indicate, regeneration of ecosystems and societies are continuous, open-ended processes that occur over time, at scales from the cellular, to the neighbourhood, and to the planetary. As the repair and balancing of regenerative processes have occurred in many contexts across eons, we need to understand regeneration across multiple accordant time horizons. Within this complex and extensive landscape, time horizons can act as organising units that help make sense of interconnections and nested scales of action.

In construction, key processes take place across different timescales. These range from time needed for a regenerative resource such as a forest to grow, to the lifespan of a building, to the longer time periods associated with meaningful carbon sequestration. In each of these cases, regenerative interventions involving acts of maintenance and design directly modulate the temporal register of the built environment. For example, extending a building’s lifespan through processes of care and preventing demolition impacts the future form of its locale and pushes back against the conceptualisation of buildings strictly as sources of profit within capitalist logic–that is, viewing buildings primarily in terms of their capacity to generate immediate economic returns through cycles of development, exploitation and obsolescence. By this means, it is within the medium of time that a regenerative lens on the built environment can be most revealing.

Regeneration in deep time and at the timescale of ecosystems has been disrupted by human processes. We are accustomed to the idea of the Anthropocene, in which an epoch defined by human activity has become the dominant influence on climate and the environment, which was initiated by the industrial revolution. However, recent discussions by Jason W Moore, Andreas Malm and others offer a critique of this concept in making the case for the Capitalocene as a more precise term. Rather than treating humanity as a homogenous force as Anthropocene theory does, the Capitalocene examines how differences in responsibility, power and agency within societies have been compounded in the context of the capitalist system, and how this system has driven ecological crisis. Rather than humanity as a whole, Moore argues that we should examine how the social, economic and political processes that have shaped recent centuries, and which reach back to the early modern period, provide a better basis for understanding the relationship between human activity and planetary wellbeing, and how this dynamic produces ecological crises. Using this focus on the un-natural and political origins of the crisis we face today, it’s possible to see how shifting senses of responsibility, agency and relationships, operating against capitalist logics, are essential for developing effective pathways toward planetary regeneration. In the predominant logic of the Capitalocene, short-term profits, increases in productivity, and optimisation around flawed ideas of efficiency are necessitated–and regeneration could be mistaken for a loss, an indicator of inefficacy, a concession to the ineffable–and as such, unwarranted. This is the systemic logic that must be resisted.

The prevalence of demolition today is one example of how this systemic short-sightedness is bad for people and the planet. The UK is now facing the consequences of the prevalent use of reinforced aerated autoclave concrete (‘RAAC’), in municipal buildings nationwide during the 1980s. With a material lifespan of only 30 years, many hospitals and schools built of RAAC are now being demolished. Indeed, the lifespan of many of the structures that are most viable in our current urban development models are steadily decreasing in spite of increasing awareness of the embodied carbon impacts of demolition.

We would do well, in looking toward a regenerative future for the built environment, to retune our time horizons. This might involve syncing carbon sequestration time with lifecycles for construction that create value over time, taking into account things like municipal land leases and emerging whole life carbon regulations. What if we had a way to see the long-term impact of decisions made today?

In this effort to hold more timescales in mind when we consider processes of regeneration, we can learn a great deal from indigenous cultures from across the world, many of whom have developed, over the course of millennia, methods and ideologies supporting the human ability to connect with scales of time beyond our species-specific and news-cycle dependent parameters. Some of these examples are evidenced in the above Index of enquiries.

Theoretical underpinnings: what constitutes a regenerative built environment?

The built environment is both a physical and a social construct: it’s not fitting in this moment of polycrisis to continue to abstract the physical materials that shelter us from the labour that built them, the livelihoods that maintain them, the design processes that make them fit for purpose, and the policies or decisions that keep them standing.

To identify ways to directly address the injustices to people and the planet engendered by the Capitalocene, we need to look to historical and political decisions that have driven the crises in housing affordability and race-based inequality that are defining features of cities today. In recent years, there has been a greater focus on how the built environment can benefit from the application of lenses that focus on the distribution of power and agency within societies, including critical theory and urban political ecology. These approaches can help us to articulate how the built environment and natural resources can be viewed in the context of human struggles to meet their needs in the context of today’s critical conditions.

David Harvey, most notably in Social Justice and the City, points to how a purely quantitative or spatial design-based approach to understanding urban space consistently fails to engage socioeconomic phenomena like inequality and urban poverty, while arguing for the necessity of approaches that integrate the spatial with the social. Harvey’s reading, grounded in radical geography, makes clear how spatial development processes are driven by financial capital, which keeps governments, civil society, communities and individuals in predetermined roles, ill-equipped to resist the calcification of capitalised space. Recently, climate justice movements like the Climate Justice Alliance (on the grassroots side) have formed alliances with decision-makers and activists in the built environment around causes like health and buildings, retrofit poverty and feminist approaches to building, under banners like a Global Green New Deal, in which a spatialised social justice lens can be directly applied.

Harvey’s work is a key influence on urban political ecology approaches, which assist us in understanding of how cities are hybrids of natural and social processes, rejecting a dichotomy between people and nature. Similarly, Marxist political economic thinkers like Raymond Williams have pointed to how capitalism organises space and produces environmental inequalities, as analysed using multiscalar analysis, among other techniques. Through a political ecology lens, we see that developers and investors, not communities or ecological needs, shape the built environment, often through speculative real estate practices that exploit labour and resources. These critiques of the built environment emphasise that urban development is driven primarily by capitalist interests, prioritising profit over social and environmental well-being, leading to inequality, displacement, and environmental degradation. Theory can support an analysis of exclusion in planning, and advocacy for participatory processes that could support socially regenerative places.

In sum, focusing exclusively on buildings misses the point that cities are fluid, open, contested multivocal landscapes. At scales from the individual building, to the neighbourhood, including infrastructure like street systems, as well as cities and regions, the built environment is a negotiation between matter, human behaviour and social systems over time.

As we look to the future, how will our urban environments be produced? Who will benefit from them? And how can we challenge the environmental injustices inherent to the systems we live in?

Guiding principles for regenerative practice Six layered principles for a regenerative built environment

Expanding our definition of what’s regenerative in the built environment calls for clear ways to speak to the material, economic and social dimensions of cities. We need ways of accessing and assessing regeneration that cut across disciplinary boundaries, invite broader participation in these conversations, and account for future risks and technological developments.

What layers and principles might expand and deepen our understanding of systemic interactions as we work toward more holistic indicators? Below are six suggestions to focus our gaze.

Time horizons and generational preparedness

Future indicators of a regenerative built environment must take a long-term view. If the built environment is to form a matrix in support of human life for generations to come, it should fundamentally be building material preparedness for the future. This means the way we measure and quantify what the built environment does ought to speak to this extended time horizon, for example by considering how much carbon is stored for three generations to come, how much of our timber is sourced in a way that will allow for replanted trees that will mature over decades, or how much of a building’s material stock can be disassembled and reused within the same settlement.

Today we have standard metrics like Floor Area Ratio (FAR) that are aligned with present development models and profit-driven logics requiring maximum saleable use of space, fundamentally constraining possibilities for the built environment. Foregrounding time horizons for change enables retooling of these ways of measuring cities, focusing not on short-term, singular profits and benefits, but rather on the future generations and our planetary resources.

Geopolitical resilience and security

Future indicators for a regenerative built environment should address the geopolitical stakes of decisions.This is especially relevant now in Europe, with regard to geopolitical dynamics within and between the US, Russia and China, in light of multipolarity and the EU Strategic Autonomy conversation. Can we refashion the socioeconomic and material dependencies in cities so that they are resilient to the crises that may face future generations, while supporting enhanced responses to geopolitical dangers? We should look to modes of resilience that address the political and economic systems that exacerbate geopolitical precarity, such as the extractive nature of global trade, and the ongoing influence of multinational corporations in shaping environments across scales. The status quo propositions toward resilience often fall short of addressing geopolitical power structures.

Place-based and planetary approaches

Future policies and indicators should adopt a multiscalar view that takes into account the unique local context to which it’s applied, as well as the transformative potential and influence interventions may leverage across scales (e.g. throughout the value chain). Contextual specificity is associated with direct impact in regenerative efforts, but these must be connected to transformative change that fundamentally alters the properties and functions of systems.

Living systems approach

Actions should help to shift thinking towards more holistic and ecocentric worldviews, in which non-capitalistic, nature-centred systems of values are given primacy. This layer considers interventions as part of dynamic social-ecological systems rather than isolated components. It is crucial to see these social-ecological systems for their complex adaptive qualities, in which people and nature are inextricably linked.

A living systems approach supports biogenerative thinking, in which processes, systems, or designs that actively promote, support, and regenerate life — both biological and ecological — create conditions for continuous growth, renewal, and self-sustaining ecosystems.

Co-evolutionary and community-led

Interventions should structurally empower communities to act and evolve in line with their ecosystems. Structural empowerment means building systems and resources to make communities stronger and self-sufficient and allowing nature to flourish in tandem. This approach foregrounds the utility of feedback mechanisms from nature, like soil health indicators, phenological changes, and biodiversity and species presence, to support the co-evolution and improvement of social-ecological systems.

Supporting holistic value creation

A regenerative built environment should operate on the basis of a broad definition of value, from economic, to ecological and social. As the theoretical approaches discussed previously indicate, the built environment is a hybrid of natural and social processes occurring in the constraints of systems that thrive on extraction and inequality. A holistic approach that combines material, interpersonal and spatial integrators to consider what is regenerative generates cascading value across multiple scales.

“Measuring the impact of regenerative practices on living systems must therefore recognise entangled systemic value flows. Current economic approaches fail to account for this complexity.”
— Dark Matter Labs, A New Economy for Europe’s Built Environment, white paper, 2024
Conclusion

In the context of the polycrisis, we need to move beyond notions of sustainability, toward, as Bill Reed’s diagram suggests, creating healthy, counter-extractive communities and bioregions that can scale from exceptions to define new norms.

Embracing a broadened definition of regenerative practice — one which is informed by the historical and contemporary context of such practices — will evidence the potential contradictions and tensions in the current system. Deploying multimodal metrics and indicators, of the type that the principles introduced in this piece imply, will enable new thinking for net-regenerative outcomes in our cities. Without redirecting our points of orientation toward these six principles, even motivated actors will be limited by today’s system, which allows only for shifting of blame and incremental, localised improvements in the status quo. We will never reach a regenerative built environment without transformational change.

Further pieces in this series will explore in more detail the systemic shifts we envision, pathways toward regenerative practice, and possible indicators for recognising progress.

This publication is part of the project ReBuilt “Transformation Pathways Toward a Regenerative Built Environment — Übergangspfade zu einer regenerativen gebauten Umwelt” and is funded by the German Federal Ministry for the Environment, Nature Conservation, Nuclear Safety and Consumer Protection (BMUV) on the basis of a resolution of the German Bundestag.

This piece represents the views of its authors, including, from Bauhaus Earth, Gediminas Lesutis and Georg Hubmann, and from Dark Matter Labs, Emma Pfeiffer and Aleksander Nowak.

Additional links: Built By Nature Material Cultures Ecococon LUMA Arles / Le Magasin Électrique HouseEurope! Rotor Gleis 21 Home Silk Road Kalkbreite La Borda Living for Future Habitat for Humanity Poland

What’s guiding our Regenerative Futures? was originally published in Dark Matter Laboratories on Medium, where people are continuing the conversation by highlighting and responding to this story.


Elliptic

Israel links crypto wallets that received $1.5 billion to Iran’s Revolutionary Guard

The National Bureau for Counter Terror Financing of Israel (NBCTF) has today published a list of 187 cryptocurrency addresses that it says are linked to Iran’s Revolutionary Guards, also known as the Islamic Revolutionary Guard Corps (IRGC). The IRGC is sanctioned and designated as a terrorist group by various jurisdictions, including the United States, Canada, the United Kingdom and th

The National Bureau for Counter Terror Financing of Israel (NBCTF) has today published a list of 187 cryptocurrency addresses that it says are linked to Iran’s Revolutionary Guards, also known as the Islamic Revolutionary Guard Corps (IRGC). The IRGC is sanctioned and designated as a terrorist group by various jurisdictions, including the United States, Canada, the United Kingdom and the European Union.


uquodo

How Businesses Can Detect Crypto Fraud and Protect Digital Assets

The post How Businesses Can Detect Crypto Fraud and Protect Digital Assets appeared first on uqudo.

ComplyCube

Online Safety Act 2023 vs. EU DSA: What You Need to Know

Discover how the UK Online Safety Act 2023 and the EU Digital Services Act differ on age verification, compliance, and platform accountability to protect children online. The post Online Safety Act 2023 vs. EU DSA: What You Need to Know first appeared on ComplyCube.

Discover how the UK Online Safety Act 2023 and the EU Digital Services Act differ on age verification, compliance, and platform accountability to protect children online.

The post Online Safety Act 2023 vs. EU DSA: What You Need to Know first appeared on ComplyCube.


IDnow

Why eID will be key in Germany’s digital future – Docusign’s Kai Stuebane on trust, timing and transformation.

We spoke with Kai Stuebane, Managing Director for DACH at Docusign, to explore how secure digital identity verification is transforming digital signing amid Germany’s evolving regulatory landscape. From navigating increasing compliance demands to delivering seamless user experiences, we discussed why eID (Electronic Identification) is becoming a strategic priority for faster, more secure, and legal
We spoke with Kai Stuebane, Managing Director for DACH at Docusign, to explore how secure digital identity verification is transforming digital signing amid Germany’s evolving regulatory landscape.

From navigating increasing compliance demands to delivering seamless user experiences, we discussed why eID (Electronic Identification) is becoming a strategic priority for faster, more secure, and legally compliant digital signatures – and how Docusign’s partnership with IDnow is empowering enterprises to stay ahead with secure, scalable and user-centric digital workflows.

Why now: Perfect conditions for eID to scale In today’s rapidly evolving regulatory landscape, particularly in Germany but also across Europe, digital identity is becoming increasingly significant. From Docusign’s perspective, what factors are driving the growing importance of secure digital identity solutions in the enterprise environment? 

First, regulatory compliance is a major driver. Regional laws such as eIDAS, and the impending eIDAS 2.0 in the EU are enhancing the need for digital authentication solutions across the region by introducing initiatives such as European Digital Identity Wallets (EUDI). In Germany, the focus on digital trust services, enforced by institutions such as BaFin and regulations like GwG, demand robust, verifiable digital identity solutions. Enterprises must meet strict requirements for customer identification and authentication when signing or executing agreements electronically. 

Second, security concerns and fraud prevention are top priorities. According to a recent Docusign global survey into the identity verification landscape, 70% of organisations agree that identity fraud attempts are on the rise, as remote and hybrid work models become the norm and businesses continue digitising their operations. As a result, companies require robust authentication solutions that ensure document integrity and signer identity across borders and devices.

A third major driver is that user expectations have shifted. Both customers and employees now expect seamless, secure digital experiences, with 50% of organisations actually prioritising customer experience over fraud prevention, given its perceived importance. Organisations like Docusign enable enterprises to deliver this through a frictionless signing experience while maintaining high standards of security and trust. For example Grenke who, in addition to offering IDnow’s videoident process through Docusign, decided to also add the new eID capability in order to offer more convenience to their customers.  

Finally, digital transformation continues to accelerate. Enterprises are modernising legacy workflows at an exponential rate, and secure digital identity is foundational to automating agreement processes end-to-end. Digital-first solutions empower businesses to operate faster, more efficiently, and with greater legal certainty – particularly in highly regulated markets like Germany.

As Germany advances its digital transformation initiatives, how do you anticipate electronic identification (eID) solutions will reshape document signing processes for both enterprises and consumers in the German market?

There is an overall shift within the identity verification and authentication landscape  where organisations are actively seeking-out solutions that enable them to maintain security and compliance, without impacting the user experience.  

For enterprises, eID solutions will help streamline identity verification, enabling faster onboarding, contract execution, and compliance with stringent regulatory requirements such as eIDAS and Germany’s Trust Services Act. Again, take Grenke as an example, the ability to integrate German eID schemes into their existing signing workflow – especially for digital signatures – means they can ensure the highest level of legal validity while reducing manual processes and streamlining the customer experience.

For consumers, eID will offer a more seamless and familiar experience whilst maintaining security – something we pride ourselves on delivering here at Docusign. With familiar national identity methods integrated into digital transactions, users will be able to verify their identity and complete agreements with confidence and ease. This not only enhances trust but also accelerates adoption in regulated sectors like finance, insurance, and real estate.

Through our partnership with IDnow, Docusign is committed to supporting the German market by leaning into evolving regulations and integrating eID solutions into its portfolio, meeting local regulatory needs while delivering the trusted experience that users expect.

The eID advantage: Seamless UX meets compliance How can Germany unlock and accelerate the full potential of eID?

Based on our experience, accelerating eID adoption in Germany hinges on three key factors: user experience, awareness, and interoperability. 

First, simplifying the user experience is critical. For individuals to embrace eID for digital agreement completion, the process must be intuitive, fast, and secure. Reducing friction, such as removing lengthy registration steps or complex verification methods, can significantly increase user adoption. By leveraging the familiar eID methods, this will streamline this experience while maintaining high levels of identity assurance.

Second, education and awareness are essential. Many individuals are unaware that their national eID can be used as part of the digital agreement process. Promoting the benefits (legal validity, security, and convenience, etc.) will help build trust and drive usage across different age and user groups.

Third, ensuring broad interoperability with public and private identity schemes is key. Businesses need confidence that the eID solutions they implement will work across sectors and meet local (GwG) and regional (eIDAS) regulatory standards.

In what ways has Docusign enhanced its signing workflows by incorporating eID with other IDnow-powered verification solutions?

Docusign has a long-standing partnership with IDnow. The evolution of this partnership to now include IDnow’s eID capabilities enhances the security and user experience of its joint offering in the following ways:

Automation: Customers can make the most of an Identification method that simply relies on  the electronic identification (eID) function of the German national identity card.  Security: Two factors of authentication for additional security:  PIN entry  Scanning of the near field communication (NFC) chip contained within German eIDs  Familiarity and ease of use: not only are eIDs increasingly adopted across Germany, but the fact we leverage new technology such as NFC provides an additional element of ease of use. Real-world application: GRENKE’s eID-first transformation For businesses that already use Docusign but haven’t yet implemented eID-based signing, what are the key benefits they might be missing out on?

Ultimately, we can distill the key benefits to: 

Increased completion rates, driven through familiarity: enable customers to use their German eID for straightforward, intuitive identity verification that supports compliance obligations.  Secure, simplified signing:  built-in security enhancements (i.e. use of PIN, scanning of NFC, etc.) mean that SMS re-authentication and live video interactions are no longer required, resulting in an even faster identification process for signers. Storage and centralisation of key identity information: continue to download or easily access required signer identity information through Docusign and IDnow, to demonstrate compliance with BaFin GwG requirements  Can you share a real-world example of how a customer of Docusign is using eID to improve efficiency and achieve measurable business outcomes?

A strong example is our long-standing collaboration with Grenke, a leading provider of leasing and financing services. For several years, Grenke has enabled customers and dealers to digitally sign contracts using Docusign eSignature, with IDnow’s VideoIdent solution supporting identity verification.

Recently, Grenke enhanced this process by integrating IDnow’s eID solution as an alternative verification method. The impact has been clear: the introduction of eID has helped Grenke accelerate contract turnaround times, reduce reliance on physical materials, and improve the overall user experience. This has translated into greater operational efficiency, enhanced customer satisfaction, and measurable progress toward the company’s digital and sustainability goals.

What’s next: Looking beyond legal requirements As we anticipate the implementation of eIDAS 2.0 and the European Digital Identity framework in the coming months, how do you envision these regulatory advancements shaping the evolution of electronic identification and digital signature solutions across Germany and the broader European market?

These regulatory advancements will establish a unified, interoperable framework for digital identity across EU member states, enabling individuals and businesses to authenticate and complete digital agreements securely and seamlessly across borders. For Germany, this means greater alignment with a pan-European standard that facilitates trust, legal certainty, and smoother cross-border transactions.

eIDAS 2.0 introduces the concept of the European Digital Identity Wallet (EUDI), which empowers citizens to manage, store and share verified identity attributes as they wish. This will significantly enhance user control, reduce onboarding friction, and boost adoption of high-assurance digital signatures, particularly Qualified Electronic Signatures (QES). At Docusign our stated ambition is to become an federator of identities, where all EUDI wallets are available through our platform . 

For businesses, these changes will reduce complexity in managing multiple identity systems while improving compliance and scalability. 

We’re excited for what’s to come. 

Interested in more from our customer conversations? Check out: Holvi’s Chief Risk Officer, René Hofer, sat down with us to discuss fraud, compliance, and the strategies needed to stay ahead in an evolving financial landscape.

By

Nikita Rybová
Customer and Product Marketing Manager at IDnow
Connect with Nikita on LinkedIn

Sunday, 14. September 2025

Innopay

Mariane ter Veen to speak on responsible AI adoption at MyData 2025

Mariane ter Veen to speak on responsible AI adoption at MyData 2025 from 24 Sep 2025 till 26 Sep 2025 Trudy Zomer 14 September 2025 - 16:36 Helsinki, Finland 60.110698558061, 25.01868035 We’re e
Mariane ter Veen to speak on responsible AI adoption at MyData 2025 from 24 Sep 2025 till 26 Sep 2025 Trudy Zomer 14 September 2025 - 16:36 Helsinki, Finland 60.110698558061, 25.01868035

We’re excited to announce that Mariane ter Veen, INNOPAY’s Director Data Sharing, will speak at the MyData 2025 conference, taking place in Helsinki from 24–26 September 2025.

MyData 2025 is one of the world’s leading conferences on human-centric data sharing, bringing together innovators, policymakers, and experts from across the globe. This year’s programme highlights the growing importance of digital sustainability, with a dedicated track exploring how organizations can innovate responsibly in the age of AI.

In her session, Mariane will introduce INNOPAY’s Triple AI framework (Access, Integrity & Intelligence): a practical approach to adopting artificial intelligence effectively, responsibly, and sustainably. She’ll share insights on how organizations can:

Align digital innovation with societal values while safeguarding trust and inclusivity Gain control over AI strategies to unlock responsible innovation at scale Create long-term value by linking environmental, social, and economic sustainability goals

Drawing on INNOPAY’s expertise in creating trusted digital ecosystems, Mariane will explore how AI, data, and governance can work together to deliver innovation with purpose.

Event details
 

Date: 24–26 September 2025
Location: Helsinki, Finland
More information — MyData 2025 programme


Mariane ter Veen to speak at Andersen Lab conference on digital sovereignty

Mariane ter Veen to speak at Andersen Lab conference on digital sovereignty from 23 Oct 2025 till 23 Oct 2025 Trudy Zomer 14 September 2025 - 16:25 NEMOS Suite, Frankfurt, Germany 50.121329352631, 8.6365638
Mariane ter Veen to speak at Andersen Lab conference on digital sovereignty from 23 Oct 2025 till 23 Oct 2025 Trudy Zomer 14 September 2025 - 16:25 NEMOS Suite, Frankfurt, Germany 50.121329352631, 8.6365638

On 23 October, Mariane ter Veen, Director Data Sharing at INNOPAY, will deliver a keynote at an exclusive Andersen Lab conference in the NEMOS Suite in Frankfurt.

In her session, "The next competitive edge: building a sovereign and sustainable digital future," Mariane will highlight how organisations can leverage digital sovereignty and sustainable data ecosystems to gain a competitive advantage.

Andersen Lab hosts high-level conferences for executives, innovators, and strategic decision-makers driving digital transformation. These events combine thought leadership and in-depth knowledge sharing in an exclusive, focused setting

Date and location
23 October 2025
NEMOS Suite, Frankfurt, Germany

For more details and registration go to the event website.


Mariane ter Veen to speak at Andersen Lab conference on digital sovereignty

Mariane ter Veen to speak at Andersen Lab conference on digital sovereignty from 04 Nov 2025 till 04 Nov 2025 Trudy Zomer 14 September 2025 - 16:22 hotel Jakarta, amsterdam On 4 November, Mariane ter Veen, Director Data Sharing at INNOP
Mariane ter Veen to speak at Andersen Lab conference on digital sovereignty from 04 Nov 2025 till 04 Nov 2025 Trudy Zomer 14 September 2025 - 16:22 hotel Jakarta, amsterdam

On 4 November, Mariane ter Veen, Director Data Sharing at INNOPAY, will speak at an exclusive Andersen Lab conference at Hotel Jakarta in Amsterdam.

In her keynote, "The next competitive edge: building a sovereign and sustainable digital future," Mariane will explore the strategic importance of digital sovereignty and how organisations can use it to create sustainable competitive advantage.

Andersen Lab organises exclusive, small-scale conferences for C-level executives and decision-makers in the financial and technology sectors. The events bring together thought leaders to share insights, explore visions, and shape the digital future.

Date and location

4 November 2025
Hotel Jakarta, Amsterdam, the Netherlands

For more details and registration go to the event website.

Saturday, 13. September 2025

Recognito Vision

The Future of Face ID Search in Smartphones 2025

Face ID search technology has rapidly evolved, becoming a standard feature in smartphones. In 2025, its capabilities are expected to expand even further, offering a seamless, secure, and personalized experience for users. This blog explores the future of Face ID search in smartphones, how it integrates with existing technology, and the potential benefits and challenges...

Face ID search technology has rapidly evolved, becoming a standard feature in smartphones. In 2025, its capabilities are expected to expand even further, offering a seamless, secure, and personalized experience for users. This blog explores the future of Face ID search in smartphones, how it integrates with existing technology, and the potential benefits and challenges of this advancement.

 

What is Face ID Search?

It is a technology that uses facial recognition to unlock smartphones and enable various features such as security, payments, and app access. Unlike traditional password systems, it allows users to unlock their devices by simply looking at them, using the unique features of their faces as identification.

This technology has come a long way since its inception and continues to evolve with advancements in 3D facial recognition and other biometrics. By 2025, Face ID will likely be even more accurate, efficient, and secure.

 

How Facial ID Recognition Works

It relies on advanced facial recognition algorithms and hardware, such as depth sensors, infrared cameras, and AI-powered software. It captures the unique features of a person’s face, including the distance between their eyes, nose, mouth, and other defining characteristics.

In the case of smartphones, Face ID works by:

Scanning your face using a 3D depth sensor to create a detailed map of your features. Comparing the scanned data to the stored template to confirm your identity. Unlocking the device or allowing access to apps, payment systems, and more once the match is confirmed.

This process is both fast and secure, offering a more convenient method of authentication compared to traditional PIN codes or passwords.

 

The Future of Face ID Search in Smartphones (2025)

As we look toward the future of smartphones, Face recognition is set to play an even more central role. Here are some expected advancements:

 

1. Improved Accuracy with 3D Facial Recognition

Currently, Face ID systems rely on 2D mapping and some 3D depth sensors for better security. However, by 2025, 3D facial recognition will likely become the standard for even more accurate and precise identification. With the integration of advanced 3D facial recognition, your smartphone will be able to detect your face from multiple angles, providing enhanced security and reducing the risk of errors in recognition.

 

2. More Personalized User Experience

It will move beyond just unlocking your phone. By 2025, smartphones will likely offer a personalized user experience based on facial recognition. For instance, Face ID search could automatically:

Adjust screen brightness or display settings based on your face. Personalize app suggestions or content based on your past preferences. Unlock specific apps and features automatically when the phone detects that you are looking at it.

This level of personalization can enhance user engagement and make smartphone interactions more intuitive.

 

3. Facial Recognition for Payments and Secure Transactions

Already, smartphones with Face ID capabilities allow users to make payments through mobile wallets like Apple Pay or Google Pay. By 2025, face unlock for payments will become even more common and secure. We may see Face ID search systems that can perform secure transactions, even without the need for an additional password or PIN. This will make financial transactions quicker and more secure for users.

 

4. Integration with Augmented Reality (AR)

Augmented reality is quickly gaining popularity, and Face ID search will likely integrate seamlessly with AR experiences. Imagine using your smartphone’s facial recognition to control AR experiences unlocking virtual environments, personalizing characters, and interacting with digital content. 3D facial recognition will provide accurate data to ensure a more immersive experience, enabling personalized AR interactions based on your facial features.

 

5. Enhanced Privacy and Security Features

With the growing concern over digital privacy, the future of Face ID search will focus on enhancing security measures. Face unlock technology will be enhanced to ensure that it is more difficult for people to bypass the system. Expect additional layers of security such as liveness detection, where the phone can determine if it’s looking at a real face (not a photo or video), or multi-factor authentication (combining face recognition with voice or fingerprint authentication).

 

Its Impact on the Smartphone Industry

The introduction of Face ID is already changing the way we interact with our smartphones. By 2025, it will likely have a profound impact on various industries:

 

1. Mobile Payments and E-Commerce

As smartphones adopt Face ID search technology, mobile payment and e-commerce platforms will see an uptick in secure transactions. Users will no longer need to fumble with passwords, credit cards, or PINs. Just a glance at their phone will be enough to authorize payments, making online shopping and in-store purchases more efficient.

 

2. Smartphone Security

Smartphone security will continue to evolve. With improved facial recognition technology, phone manufacturers will likely be able to deliver a much higher level of security. This could reduce the likelihood of data theft and unauthorized access, making smartphones much more secure.

 

3. Privacy Concerns

As Face ID search becomes more widespread, privacy concerns are likely to rise. Many people worry about the potential for their facial data to be stored and misused. The smartphone industry will need to address these concerns by implementing stronger encryption and giving users control over their data.

 

Challenges and Concerns in the Future of Face ID Search

While Face ID search has many advantages, it does come with its challenges:

 

1. Privacy and Security Risks

Storing and using facial data raises privacy concerns. If this data is hacked or stolen, it could lead to identity theft. To combat these risks, manufacturers will need to adopt robust encryption and make sure that personal data is stored securely.

 

2. Facial Recognition Accuracy

While facial recognition technology has improved, it’s still not flawless. Factors such as lighting, aging, or facial hair changes can affect recognition. As we move toward 2025, more accurate 3D facial recognition systems will likely emerge to minimize these issues.

 

3. Increased Dependency on Facial Recognition

As more tasks are tied to Face ID search, users may become overly reliant on facial recognition for security. This could present issues if the system fails or the user’s facial features change significantly due to injury or surgery.

 

Conclusion

The future of Face ID search in smartphones looks promising. By 2025, it will be more accurate, secure, and integrated with other technologies, enhancing the user experience and providing improved functionality. Whether for security, payments, or personalization, Face ID search will be a key player in how we interact with our smartphones.

If you’re a business or developer interested in incorporating facial recognition technology into your app, tools like Recognito’s Face ID SDK can help. Tested under the NIST FRVT 1:1 case study, it delivers reliable performance while prioritizing both security and privacy. Recognito offers robust, easy-to-integrate solutions for adding face unlock features into your products. To learn more and explore the implementation, you can also visit Recognito’s GitHub repository.

The future is looking brighter with Face ID search, but it’s essential to address privacy, accuracy, and security concerns as the technology continues to evolve.

 

Frequently Asked Questions

1) What is Face ID search, and how does it work?

Face ID search uses facial recognition technology to unlock your smartphone by scanning unique facial features and matching them to a stored template.

 

2) Is Face ID search more secure than traditional passwords?

Yes, Face ID search is more secure as it uses biometric data, which is harder to guess or steal compared to traditional passwords.

 

3) Can Face ID search be fooled by photos or videos?

Modern Face ID systems use liveness detection, making it difficult for photos or videos to fool the system.

 

4) What happens if Face ID search doesn’t recognize my face?

If Face ID fails, you can unlock your device with an alternative method like a password, PIN, or fingerprint.

 

5) Will Face ID search work if my face changes significantly (e.g., due to aging, makeup, or injury)?

Face ID can adapt to minor changes but might struggle with significant changes like severe injuries or drastic aging.

Friday, 05. September 2025

Radiant Logic

California’s Countdown to Zero Trust—A Practical Path Through Radiant Logic

California’s AB 869 Zero-Trust mandate demands unified, real-time identity data, and Radiant Logic’s platform provides the foundation to ensure smarter security and seamless compliance. The post California’s Countdown to Zero Trust—A Practical Path Through Radiant Logic appeared first on Radiant Logic.

AI for Access Administration: From Promise to Practice

Streamline access reviews and boost compliance with Radiant Logic’s AIDA AI—an assistant that transforms cumbersome reviews into quick, confident decisions for modern identity governance. The post AI for Access Administration: From Promise to Practice appeared first on Radiant Logic.

Rethinking Enterprise IAM Deployments with Radiant Logic’s Cloud-Native SaaS Innovation

Learn how Radiant Logic’s cloud-native SaaS redefines IAM operations with agility, resilience, and real-time observability, empowering enterprises to thrive in the cloud era. The post Rethinking Enterprise IAM Deployments with Radiant Logic’s Cloud-Native SaaS Innovation appeared first on Radiant Logic.

Thales Group

Thales receives BSI certification for key component of COMTICS system

Thales receives BSI certification for key component of COMTICS system Language English pitt.marx Fri, 09/12/2025 - 17:09 The German Federal Office for Information Security (BSI) has awarded Thales Common Criteria certification for a key component in the terminal of the COMTICS tactical communication system ensuring secure separation of information with di
Thales receives BSI certification for key component of COMTICS system Language English pitt.marx Fri, 09/12/2025 - 17:09

The German Federal Office for Information Security (BSI) has awarded Thales Common Criteria certification for a key component in the terminal of the COMTICS tactical communication system ensuring secure separation of information with different classifications. It is the only BSI-certified product enabling simultaneous connection to classified and unclassified networks.

Designed for modern naval operations, COMTICS equips French FDI frigates and BRF tankers, UK Type 31 and Type 45 frigates, and German K130 corvettes, future supply vessels and frigates. “In critical situations, the system delivers operational precision and BSI-certified safety even under the toughest conditions, ensuring exactly the reliability that matters today – which is exactly how communication on board should work today”, says Kim Oliver Schneidewind, Director NIS Solutions at Thales in Germany.

More information https://lp.thalesgroup.com/comtics

/sites/default/files/database/assets/images/2025-09/COMTICS%20LinkedIn%20Post-01.png Contacts Media Relations - Pitt Marx © Thales Deutschland 12 Sep 2025 Germany The German Federal Office for Information Security (BSI) has awarded Thales Common Criteria certification for a key component in the terminal of the COMTICS tactical communication system ensuring secure separation of information with different classifications. Type News Hide from search engines Off

Ocean Protocol

Service Resumes — DF153 Completes and DF154 Launches

Service Resumes — DF153 Completes and DF154 Launched Predictoor DF153 rewards are available after a temporary disruption in service — no rewards were lost in the process. DF154 ran September 4th — September 11th, 2025 1. Overview Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI
Service Resumes — DF153 Completes and DF154 Launched Predictoor DF153 rewards are available after a temporary disruption in service — no rewards were lost in the process. DF154 ran September 4th — September 11th, 2025 1. Overview

Data Farming (DF) is an incentives program initiated by ASI Alliance member, Ocean Protocol. In DF, you can earn OCEAN rewards by making predictions via ASI Predictoor.

Data Farming Round 153 (DF153) completed on September 4th following an unexpected disruption in service that began on Wednesday, August 6th and was fixed by Monday, September 1st. No Predictoor rewards were lost in the process. Rewards due from August 6th to September 1st will be available as part of the usual rewards-claiming process.

DF154 is live as of, September 4th. It concluded on September 11th. For DF round 154, Predictoor DF had 3,750 OCEAN rewards and 20,000 ROSE rewards.

2. DF structure

The reward structure for DF154 is comprised solely of Predictoor DF rewards.

Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.

3. How to Earn Rewards, and Claim Them

Predictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.

4. Specific Parameters for DF154

Budget. Predictoor DF: 3.75K OCEAN + 20K ROSE

Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.

Predictoor DF rewards are calculated as follows:

First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.

Expect further evolution in DF: adding new streams and budget adjustments among streams.

Updates are always announced at the beginning of a round, if not sooner.

About Ocean, DF and ASI Predictoor

Ocean Protocol was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.

In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.

Service Resumes — DF153 Completes and DF154 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.


Thales Group

Jean-Marc Reynaud appointed as regional CEO of Thales in China and Mongolia

Jean-Marc Reynaud appointed as regional CEO of Thales in China and Mongolia prezly Fri, 09/12/2025 - 11:01 Jean-Marc Reynaud succeeds Thierry Weulersse to assume the role of CEO for Thales in China and Mongolia. Based in Beijing, Jean-Marc Reynaud will leverage his rich experience in the Asian market to drive Thales’ business growth in the region. &
Jean-Marc Reynaud appointed as regional CEO of Thales in China and Mongolia prezly Fri, 09/12/2025 - 11:01 Jean-Marc Reynaud succeeds Thierry Weulersse to assume the role of CEO for Thales in China and Mongolia. Based in Beijing, Jean-Marc Reynaud will leverage his rich experience in the Asian market to drive Thales’ business growth in the region.

 

Thales, a global high-tech leader and active player committed to long term local development, is pleased to announce the appointment of Jean-Marc Reynaud as the new CEO for China and Mongolia, effective from Sep 1st, 2025. In this role, Jean-Marc will lead the team to steer the company’s strategic growth across its operational domains in the region, strengthen market commitment and enhance local collaborations. Jean-Marc succeeds Thierry Weulersse who takes up a new role within Thales Group.

Jean-Marc joined Thales in 2017 to manage the rail ticketing business that was subsequently sold to Hitachi Group. Prior to Thales, he worked consecutively for Renault-Nissan, Alstom and Yanmar. Over his more than 30-year career, he has held diverse management positions across engineering, operations, sales & marketing, strategic planning, business development, and mergers & acquisitions, gaining extensive experience managing European and Asian markets within technology-focused multinational companies.

“Jean-Marc is an accomplished leader with a solid track record in multicultural management. We believe that his comprehensive leadership and in-depth understanding of the Asian market will further reinforce our strategic objectives in this dynamic region. He will sustain the momentum built on Thales’ robust existing base and pursue new opportunities through strengthened collaboration with local customers and partners.” Pascale Sourisse, President & CEO, Thales International.

Jean-Marc is a graduate from Ecole Polytechnique, holding a Master of Science degree. He also holds an executive MBA EMBA-Global Asia, joint program by Columbia GSB, London Business School and Hong Kong University.

/sites/default/files/prezly/images/sans%20A-1920x480px_116.jpg Documents [Prezly] PR_Jean-Marc Reynaud appointed as regional CEO of Thales in China and Mongolia.pdf Contacts Cédric Leurquin 12 Sep 2025 Type Press release Structure China Thales, a global high-tech leader and active player committed to long term local development, is pleased to announce the appointment of Jean-Marc Reynaud as the new CEO for China and Mongolia, effective from Sep 1st, 2025. In this role, Jean-Marc will lead the team to steer the company’s strategic growth across its operational domains in the region, strengthen market commitment and enhance local collaborations. Jean-Marc succeeds Thierry Weulersse who takes up a new role within Thales Group. prezly_795827_thumbnail.jpg Hide from search engines Off Prezly ID 795827 Prezly UUID 1ab66d76-f5cd-41d0-9302-8d1ac684fb0a Prezly url https://thales-group.prezly.com/jean-marc-reynaud-appointed-as-regional-ceo-of-thales-in-china-and-mongolia Fri, 09/12/2025 - 13:01 Don’t overwrite with Prezly data Off

iComply Investor Services Inc.

Nonprofit Due Diligence: How to Manage Global Compliance Without Mission Drift

Nonprofits face growing AML obligations. This guide explains how to verify donors, partners, and grantees while maintaining trust and operational focus using iComply.

Nonprofits are under growing pressure to vet grantees, partners, and donors to meet global AML standards. This article outlines key KYC and KYB expectations in the U.S., UK, EU, Canada, and Australia – and shows how iComply enables automated risk screening without disrupting trust or operations.

Nonprofits and non-governmental organizations (NGOs) are mission-driven – but increasingly, they’re also AML-obligated. Regulators, donors, and banking partners now expect them to verify counterparties, conduct due diligence on sub-recipients, and track risk exposure across jurisdictions.

Global AML rules are expanding—and nonprofits must ensure their programs and funds are not diverted for criminal or terrorist use.

Emerging AML Obligations for Nonprofits United States Regulators: FinCEN, IRS, Department of State Requirements: Due diligence on foreign grantees, donor vetting, sanctions screening, and enhanced scrutiny of transactions involving high-risk countries United Kingdom Regulators: Charity Commission, HMRC Requirements: Financial controls, PEP and sanctions screening, and governance reviews for organizations handling overseas grants European Union Regulators: National charity bodies, AML authorities Requirements: UBO transparency, transaction monitoring, GDPR-compliant due diligence, and STR obligations Canada Regulator: CRA, FINTRAC Requirements: Anti-terrorist financing controls, donor due diligence, reporting obligations, and foreign activity reviews Australia Regulator: ACNC, AUSTRAC Requirements: AML/CTF compliance for overseas programs, sanctions compliance, and source-of-funds transparency Challenges Nonprofits Face

1. Resource Constraints
Small compliance teams, tight budgets, and limited infrastructure

2. Complex Grant Networks
Sub-grantees, international affiliates, and in-country partners with limited transparency

3. Donor Sensitivity
Trust and confidentiality must be preserved during verification

4. High-Risk Regions
Operations often focus on areas with elevated AML or sanctions risk

iComply: Mission-Aligned AML Tools for Nonprofits

iComply offers a lightweight, privacy-respecting AML platform that supports risk screening and verification across the nonprofit ecosystem.

1. KYC + KYB for Partners and Grantees Verify local nonprofits, vendors, and individuals with document and registry checks Onboard stakeholders using multilingual, mobile-ready portals Collect declarations, signatures, and supporting documentation securely 2. Sanctions and Risk Screening Screen partners and donors against OFAC, EU, UN, and national sanctions lists Apply configurable thresholds and refresh cycles Automate PEP/adverse media checks without storing unnecessary PII 3. Privacy-First Infrastructure Data processed on-device before transmission Full compliance with PIPEDA, GDPR, and local privacy laws Configurable consent workflows and retention schedules 4. Case Management and Reporting Assign compliance reviews and track escalations Export audit logs for internal governance or third-party funders Maintain a defensible trail of due diligence Case Insight: Charitable Gifting Platform

A Canadian-registered charitable gifting platform operating across North America adopted iComply to manage grantee and partner due diligence. Results:

Screened 60+ partners in under 4 weeks Flagged one entity with prior sanction exposure Increased trust with a major foundation through automated compliance The Bottom Line

Doing good doesn’t exempt you from doing due diligence. Nonprofits that integrate smart, mission-aligned compliance tools can:

Meet funder and regulatory expectations Maintain operational focus Build donor and partner trust

Talk to iComply to learn how we help nonprofits automate global AML screening – without sacrificing impact or transparency.


Aergo

BC 101 #6: Why Exchanges Are Building Their Own Blockchains

Crypto exchanges are no longer content with just being marketplaces. Increasingly, they are launching their own networks. On the surface, this appears to be a bid to reduce costs or capture transaction fees. But the real agenda is bigger: to become the gateway. The Strategic Position of Exchanges Exchanges already sit at the most valuable chokepoints in crypto: They own the user 

Crypto exchanges are no longer content with just being marketplaces. Increasingly, they are launching their own networks. On the surface, this appears to be a bid to reduce costs or capture transaction fees. But the real agenda is bigger: to become the gateway.

The Strategic Position of Exchanges

Exchanges already sit at the most valuable chokepoints in crypto:

They own the user funnels. They aggregate liquidity. They provide fiat on/off ramps. They hold the keys to KYC and AML compliance, giving them regulatory leverage and privileged access to the intersection of traditional finance and crypto.

By creating their own blockchains, exchanges extend this power. They no longer just host trading. They design the rails on which trading, applications, and interactions take place. In doing so, they secure the single sign-on (SSO) layer for Web3 and dApps.

A Familiar Playbook: Enterprises and Stablecoins

This strategy mirrors what is happening in traditional finance. Top enterprises and financial institutions are increasingly launching their own stablecoins, not because they want to compete with Bitcoin or Ethereum directly, but because they see stablecoins as the gateway to the digital financial system. Whoever owns the stablecoin rails owns the access point to payments, settlements, and capital flows.

In both cases — exchanges with blockchains and enterprises with stablecoins — the logic is the same: secure the gateway, and you secure the market.

Lessons from the Internet

We’ve seen this dynamic before. In the early days of the web, Facebook dominated single sign-on (SSO) by making “Login with Facebook” the default across apps and websites. Today, that role has largely shifted to Google, which owns identity and access at internet scale.

Exchanges are now attempting to replicate this playbook for Web3. By pushing users and developers onto their own chains, they position themselves as the default login layer of the crypto economy. Meanwhile, enterprises aim to achieve the same goal in finance through stablecoins, thereby creating a default settlement layer for the digital economy.

The Bigger Picture

What looks like fragmented innovation is in fact the same strategic move: to own the gateway layer of the future.

Exchanges are building a crypto SSO for decentralized apps.
Enterprises are building a financial SSO for digital payments.

Both are racing to become the indispensable entry point to their respective domains.

And yet, there is a third frontier emerging: the gateway for AI-native infrastructure. That story belongs to HPP, and it’s one we’ll explore in the next article.

BC 101 #6: Why Exchanges Are Building Their Own Blockchains was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.


FastID

Fastly + Scalepost: Extending the Fastly platform to manage AI Crawlers

See when and how AI chatbots use your content. With Fastly and ScalePost, publishers finally gain visibility into how their work shows up in AI-generated answers.
See when and how AI chatbots use your content. With Fastly and ScalePost, publishers finally gain visibility into how their work shows up in AI-generated answers.

Thursday, 11. September 2025

auth0

Integrate Your Auth0 Secured Remote MCP Server in ChatGPT Developer Mode

Connect your Auth0-secured Model Context Protocol (MCP) server to ChatGPT. Learn how to enable Developer Mode, configure custom connectors, authorize connections with Auth0 Universal Login, and interacting with your API in chat.
Connect your Auth0-secured Model Context Protocol (MCP) server to ChatGPT. Learn how to enable Developer Mode, configure custom connectors, authorize connections with Auth0 Universal Login, and interacting with your API in chat.

Indicio

Credence Nigeria joins the Indicio Network as a global Node Operator

The post Credence Nigeria joins the Indicio Network as a global Node Operator appeared first on Indicio.
Today, Indicio welcomes Credence Nigeria as the latest organization to join the Indicio Network as a global Node Operator.

Credence Networks Inc is a Canadian-Nigerian based technology company that builds foundational infrastructure for digital trust ecosystems. Their platform enables governments and businesses to build trust in digital platforms that fosters the emerging digital economy. This collaboration grows the global footprint of the Indicio Network–hosted across seven continents and 11 countries. Both organizations are committed to working together to create the systems and technologies that will accelerate the adoption of decentralized identity and Verifiable Credentials.

As a Node Operator Credence joins the ecosystem of companies and institutions operating on the Indico Network, a decentralized network where organizations build and deploy trusted digital identity solutions. Indicio powers three professionally managed networks the TestNet, DemoNet, and MainNet. The TestNet and DemoNet are free to use as part of our Public Benefit community offering. The MainNet is an enterprise-grade, identity network designed for the exchange of Verifiable Credentials and the creation of decentralized identity services at scale.

“We’re delighted to welcome Credence Networks as a Node Operator,” said Heather Dahl, CEO of Indicio. “They’re commitment to transforming manual, costly, and fraud-prone credential verification into instant and secure digital processes is a mission we are aligned on. We look forward to growing the network together and continuing to provide companies the opportunity to launch and scale decentralized identity solutions.”

Engr. Malik Itopa Sule, co-founder of Credence Networks, explained that this partnership establishes the groundwork for the portability of Nigerian-issued credentials, enabling them to be verified internationally.

Indicio’s community of network partners are deploying real-world solutions that prioritize interoperability, user agency, and security. Join the Indicio Network as a Node Operator and Transaction Endoser today by completing this form or by talking with our team today.

Visit credence.com.ng or contact us at info@credenc.com.ng to learn more about Credence Networks Inc.

The post Credence Nigeria joins the Indicio Network as a global Node Operator appeared first on Indicio.


Thales Group

Thales and Stinville awarded air traffic modernization contract in Peru with TopSky - AMHS system

Thales and Stinville awarded air traffic modernization contract in Peru with TopSky - AMHS system prezly Thu, 09/11/2025 - 17:00 This selection marks an important milestone for Thales and Stinville in the ongoing air traffic modernization in Latin America with the award of a first contract for CORPAC (Peruvian Corporation of Airports and Commercial Aviation) which aims to improve
Thales and Stinville awarded air traffic modernization contract in Peru with TopSky - AMHS system prezly Thu, 09/11/2025 - 17:00 This selection marks an important milestone for Thales and Stinville in the ongoing air traffic modernization in Latin America with the award of a first contract for CORPAC (Peruvian Corporation of Airports and Commercial Aviation) which aims to improve the processing of aeronautical messages with TopSky - AMHS (Aeronautical Message Handling System). This new system will cover more than 35 sites across the country and will optimize communication between air traffic control centers, airports, and international air navigation service providers (ANSPs). This contract, in collaboration with Thales’s local partner Stinville, represents a significant advancement for the country's aeronautical infrastructure, further establishing Thales as a key partner in the modernization of air traffic management in Latin America.
© Copyright : Thales

Thales, global leader in advanced technologies for the aerospace sector, together with its local partner Stinville, are revolutionizing Peru’s air traffic communication with the implementation of the TopSky - AMHS system, which will enable CORPAC to modernize the transmission of aeronautical messages, improving interoperability with other systems and align with the highest international standards set by ICAO (International Civil Aviation Organization).

This new contract includes the implementation of an advanced Aeronautical Message Handling System (AMHS), along with the implementation of a backup solution, which together will deliver the highest level of safety, along with enhanced efficiency and operational continuity in aeronautical communications management in Peru. The TopSky-AMHS system will thus integrate one of the main communication hubs of the Americas, ensuring connectivity between South American countries, the United States, Spain, and Central America. Thales partnered with Stinville, its industrial partner in Peru, to fulfil this contract.

“This contract demonstrates Thales’s commitment to advancing air traffic management in Latin America. We are pleased to work with CORPAC and Stinville on this major project, which will modernize aeronautical communications management in the country, thereby delivering the highest standards of safety in operations.” Youzec Kurp, Vice-President Airspace Mobility Solutions, Thales.

Thales’s TopSky - AMHS solution has already been adopted in many countries, proving its reliability and efficiency. Its implementation in Peru will also support the country’s aviation industry. By improving response times and coordination capabilities among various sector stakeholders such as CORPAC, the Peruvian Air Force (FAP), the Directorate General of Civil Aviation (DGAC), the Navy, airline operators, airport authorities, and meteorological services, it will help strengthen the entire air system.

“We are honored to play a leading role in this important project for CORPAC. Partnering with Thales, we will bring our local expertise and dedication to ensure the successful deployment of the TopSky – AMHS system, contributing to the modernization of Peru’s aeronautical infrastructure and its stronger integration within the global aviation community." Ivan Ortega, CEO, Stinville.

Thales has already participated in many air traffic modernization projects across the region, providing innovative technological solutions to enhance the efficiency of aeronautical systems. The Group also inaugurated its integration and service centre in Mexico City in December 2023, which works with the entire Latin America and Caribbean region. With this new contract, Thales reaffirms its leadership in air traffic control, strengthening its presence in Latin America and reinforcing its commitment to innovation and safety in the aviation sector

Thales is a global leader in aerospace with 2 out of 3 aircraft in the world taking off, flying and landing using its technologies. #1 worldwide in Air Traffic Management (ATM), its solutions span the entire spectrum, from air traffic control (inc. drones), navigation aids, global surveillance systems integrating ATC radar and non-radar sensors, and turnkey ATM systems, managing operations from pushback to landing in more than 180 countries.

 

/sites/default/files/prezly/images/Banni%C3%A8re%20Thales_0.jpg Documents [Prezly] PR - Thales and Stinville awarded air traffic modernization contract in Peru with TopSky - AMHS system.pdf Contacts Cédric Leurquin 11 Sep 2025 Type Press release Structure Aerospace Colombia Thales, global leader in advanced technologies for the aerospace sector, together with its local partner Stinville, are revolutionizing Peru’s air traffic communication with the implementation of the TopSky - AMHS system, which will enable CORPAC to modernize the transmission of aeronautical messages, improving interoperability with other systems and align with the highest international standards set by ICAO (International Civil Aviation Organization). prezly_795589_thumbnail.jpg Hide from search engines Off Prezly ID 795589 Prezly UUID bdae5705-394a-433c-8dc8-9448849f96a5 Prezly url https://thales-group.prezly.com/thales-and-stinville-awarded-air-traffic-modernization-contract-in-peru-with-topsky-amhs-system Thu, 09/11/2025 - 19:00 Don’t overwrite with Prezly data Off

Thales and BAE Systems announce new phase of collaboration to deliver next-generation submarine sonar capability for the UK

Thales and BAE Systems announce new phase of collaboration to deliver next-generation submarine sonar capability for the UK prezly Thu, 09/11/2025 - 16:15 DSEI, London, 11 September 2025: BAE Systems and Thales today announced a new phase in their long-standing collaboration on submarine sonar capability, marked by the signing of a Memorandum of Understanding (MoU). In support of
Thales and BAE Systems announce new phase of collaboration to deliver next-generation submarine sonar capability for the UK prezly Thu, 09/11/2025 - 16:15

DSEI, London, 11 September 2025: BAE Systems and Thales today announced a new phase in their long-standing collaboration on submarine sonar capability, marked by the signing of a Memorandum of Understanding (MoU).

In support of the MoU, BAE Systems proposes the appointment of Thales as the pan-flotilla Main Sonar Design Authority and Integrator (MSDA&I). 

This role recognises Thales’s deep expertise and ensures that the evolution of the submarine sonar enterprise remains centred on delivering enhanced capability to the armed forces.

Building on more than two decades of close collaboration, BAE Systems and Thales have developed a streamlined delivery construct that accelerates the deployment of advanced sonar solutions. Sonar products and components will continue to be sourced from across the UK sonar enterprise on a “best athlete” basis, reinforcing the sector’s sovereign strength and industrial resilience.

“The underwater battlespace is one of the most complex and unforgiving environments in defence, where threats are often unseen but always present. By combining the complementary strengths of Thales and BAE Systems, we are bringing together world-class innovation and proven expertise to deliver cutting-edge sovereign capability for the UK to maintain decisive advantage at sea.” Paul Armstrong, Managing Director for Underwater Systems, Thales in the UK.

"BAE Systems is delighted to sign this MoU with Thales and build upon our long standing, successful and collaborative relationship working to deliver operational advantage to the Royal Navy. This MoU unlocks the opportunity to further improve how we work together across all of our submarine programmes and provides a clear and joint focus in delivering the UK sovereign sonar capability of the future. This collaborative relationship will continue to ensure that we deliver world leading technologies and capabilities to the Royal Navy." Henry Parker, BAE Systems Integrated Combat Systems Programme Director.


(c)Thales

Across the combined underwater warfare systems enterprise, BAE Systems and Thales employ around 500 people in the UK. With the advent of the Royal Navy’s next-generation attack submarines that number is set to grow beyond 660, underlining the critical importance of our contribution to the UK’s future submarine programme.

Thales provides anti-submarine warfare sonar solutions to surface platforms, through its Sonar 2087, supporting a further 200 highly skilled staff. With new opportunities emerging internationally, this remains a significant area of growth for Thales’s business.

The signing of the Memorandum of Understanding marks a milestone in the UK’s submarine sonar enterprise, ensuring cutting-edge technology, sovereign capability, and operational advantage for the Royal Navy well into the future.

About Thales

Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.

The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.

Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.

Recent images of Thales and its Defense, Aerospace and Cyber & Digital activities can be found on the Thales Media Library. For any specific requests, please contact the Media Relations team.

 

/sites/default/files/prezly/images/sans%20A-1920x480px_114.jpg Contacts Cédric Leurquin 11 Sep 2025 Type Press release Structure Defence and Security Defence United Kingdom DSEI, London, 11 September 2025: BAE Systems and Thales today announced a new phase in their long-standing collaboration on submarine sonar capability, marked by the signing of a Memorandum of Understanding (MoU). prezly_795624_thumbnail.jpg Hide from search engines Off Prezly ID 795624 Prezly UUID 0bd93fa4-fde8-4d1a-89dc-a828c02a9b7c Prezly url https://thales-group.prezly.com/thales-and-bae-systems-announce-new-phase-of-collaboration-to-deliver-next-generation-submarine-sonar-capability-for-the-uk Thu, 09/11/2025 - 18:15 Don’t overwrite with Prezly data Off

Shyft Network

UAE Crypto Regulation: From Experiments to Enforcement

The UAE’s crypto story has often been framed as a race to innovate. But Q3 2025 marks a turning point: regulators aren’t just experimenting anymore — they’re enforcing. Across Dubai, Abu Dhabi, and the mainland, five authorities pushed new rules that will reshape how stablecoins, tokenized assets, and payment tokens operate in one of the world’s most ambitious digital-asset hubs. Stablecoins and

The UAE’s crypto story has often been framed as a race to innovate. But Q3 2025 marks a turning point: regulators aren’t just experimenting anymore — they’re enforcing. Across Dubai, Abu Dhabi, and the mainland, five authorities pushed new rules that will reshape how stablecoins, tokenized assets, and payment tokens operate in one of the world’s most ambitious digital-asset hubs.

Stablecoins and RWAs Step Into the Spotlight

Dubai’s VARA made its Virtual Asset Issuance Rulebook effective this June, locking in disclosure duties, reserve requirements, and full licensing for fiat-referenced (FRVA) and asset-referenced (ARVA) tokens. Translation? If you want to issue a stablecoin or tokenize real-world assets in Dubai, you’re now playing by institutional-grade rules — and VARA is already testing the waters with enforcement.

Securities Meet Sukuk on Chain

The SCA introduced a new framework for Security and Commodity Tokens, bringing digital contracts under existing securities law. At the same time, it consulted on tokenized sukuk, hinting at a future where Islamic finance and blockchain converge. If realised, that could be a global first — making sukuk more accessible and liquid through fractionalisation.

ADGM: Innovation With Guardrails

In Abu Dhabi, the FSRA updated its digital-asset guidance, streamlined approvals, and drew a hard line against privacy coins and algorithmic stablecoins. It also opened consultation on fiat-referenced tokens — expanding oversight to custody, payments, and intermediation. The message is clear: ADGM wants to attract serious players, but only those willing to play inside the guardrails.

Payments Tighten Under the Central Bank

The CBUAE officially ended its transition period for Payment Token Services. From now on, general retail payments onshore can only be made with licensed, dirham-pegged stablecoins. For merchants and PSPs, that narrows the rails to CBUAE-approved tokens — a major nudge toward a domestic stablecoin ecosystem.

Real Estate Goes On-Chain — And Sells Out

Perhaps the most headline-grabbing news came from the Dubai Land Department (DLD). Its property-title tokenization pilots sold out instantly, drawing hundreds of investors from dozens of countries. With the launch of the DIFC PropTech Hub, the UAE is building a sandbox-to-scale pipeline for tokenized real estate. In a country where property is king, this is a glimpse of the future.

The Quiet Challenge: Data & the Travel Rule

Behind all these flashy pilots and frameworks lies a less visible, but equally crucial shift: compliance with the FATF Travel Rule. VASPs must now share user data across borders, creating new privacy risks and operational headaches. This is where tools like Shyft Veriscope come in — offering a frictionless, peer-to-peer way to comply without parking sensitive data in centralised databases. For firms in the UAE, that could be the difference between regulatory success and privacy failure.

Why This Quarter Matters

The UAE is moving from regulatory ambition to execution. Stablecoins are regulated, tokenized assets have clear pathways, and payments are narrowing to licensed rails. At the same time, real estate tokenization is proving there’s real demand beyond theory.

For founders, issuers, and investors, the signal is clear: the UAE isn’t just a crypto playground anymore — it’s becoming a serious, rules-based market. Those who embrace compliance as part of their strategy, rather than a burden, will be best placed to ride the next wave of growth.

About Veriscope

‍Veriscope, the compliance infrastructure on Shyft Network, empowers Virtual Asset Service Providers (VASPs) with the only frictionless solution for complying with the FATF Travel Rule. Enhanced by User Signing, it enables VASPs to directly request cryptographic proof from users’ non-custodial wallets, streamlining the compliance process.

For more information, visit our website and contact our team for a discussion. To keep up-to-date on all things crypto regulations, sign up for our newsletter and follow us on X (Formerly Twitter), LinkedIn, Telegram, and Medium.

Book your consultation: https://calendly.com/tomas-shyft or email: bd@shyft.network

UAE Crypto Regulation: From Experiments to Enforcement was originally published in Shyft Network on Medium, where people are continuing the conversation by highlighting and responding to this story.


Veracity trust Network

UK’s Data Act now in force – aims to establish new investment regime

New data laws aimed at making life easier for people within the UK are now in force. The Data (Use and Access) Act received Royal Assent following a number of setbacks in the House of Lords as Peers claimed parts of the Bill would leave the UK vulnerable to AI copyright breaches. The post UK’s Data Act now in force – aims to establish new investment regime appeared first on Veracity Trust Ne

New data laws aimed at making life easier for people within the UK are now in force.

The Data (Use and Access) Act received Royal Assent following a number of setbacks in the House of Lords as Peers claimed parts of the Bill would leave the UK vulnerable to AI copyright breaches.

The post UK’s Data Act now in force – aims to establish new investment regime appeared first on Veracity Trust Network.


1Kosmos BlockID

1Kosmos Takes the Lead in Workforce Identity Verification

The 2025 Gartner® Magic Quadrant for Identity Verification report offers compelling insights and underscores a critical reality: identity verification sits at the core of cybersecurity. This annual report—departing from the usual bi-annual cycle—highlights the escalating threat of identity-based attacks and the rapid technological evolution needed to counter them. The report emphasizes growing con

The 2025 Gartner® Magic Quadrant for Identity Verification report offers compelling insights and underscores a critical reality: identity verification sits at the core of cybersecurity. This annual report—departing from the usual bi-annual cycle—highlights the escalating threat of identity-based attacks and the rapid technological evolution needed to counter them.

The report emphasizes growing concerns about identity fraud in critical business operations. In logistics and transportation, for example, false identity credentials create significant operational and liability risks. When unverified, untrained, or uninsured individuals operate commercial vehicles, companies face regulatory violations, safety incidents, and supply chain disruptions.

Recent headlines about Scattered Spider social engineering attacks and an FBI warning about North Korean operatives targeting American businesses through hiring fraud illuminate the current threat landscape. These incidents demonstrate that traditional identity verification processes are failing under modern attack methods.

Our Journey to Leader in Workforce Identity in One Year

Last year, 1Kosmos was selected from numerous competitors to join the Magic Quadrant alongside a handful of other vendors. Twelve months later—after tripling our annual recurring revenue (ARR) and securing $57 million in venture backing—we’ve emerged as the sole solution provider in the Challenger quadrant.

More significantly, 1Kosmos ranked Highest for Workforce Use Cases in the 2025 Gartner® Critical Capabilities for Identity Verification report. This recognition validates our core principle: securing the person, not just the credential, forms the foundation of modern enterprise security.

What Sets 1Kosmos Apart: The Trifecta of Trust

Gartner’s analysis highlighted three core strengths that differentiate 1Kosmos:

1. FedRAMP High Authorization

The 1Kosmos platform has achieved FedRAMP High Authorization —the highest security compliance level under the Federal Risk and Authorization Management Program. 1Kosmos is the only vendor holding this authorization while also being a Kantara-certified full-service Credential Service Provider (CSP). Since we offer the same platform to commercial customers, these organizations benefit from an identity verification solution that has passed rigorous testing against over 420 separate security controls.

2. Comprehensive Integration Ecosystem

While many identity verification vendors struggle with basic workforce integrations, 1Kosmos provides deep, prebuilt connectors across the identity and access management stack. We integrate seamlessly with Active Directory, Ping, CyberArk, Okta, Microsoft Entra ID, and emerging tools for recruitment and IT service management.

3. Advanced Biometric Authentication

Our extensive face biometrics experience extends beyond one-time verification. We enable continuous, adaptive authentication that detects and responds to threats in real-time, creating a persistent security layer that evolves with your risk profile. No other vendor offers this comprehensive support for both identity verification and a reusable identity wallet for biometric authentication.

Innovation That Drives Results

Our privacy-by-design architecture represents more than marketing messaging—it’s a fundamental architectural advantage. By combining identity verification, passwordless authentication, and a distributed ledger for user-managed privacy, we’ve created a platform that rapidly adapts to new threats and requirements.

This approach recently earned recognition from KuppingerCole, who ranked 1Kosmos highest in innovation among identity verification vendors in their 2025 Leadership Compass for Identity Verification report. When two leading analyst firms independently validate your technical approach, it signals you’re solving problems correctly.

The results demonstrate our platform’s effectiveness: customers have reduced identity fraud by more than 40% within six months of deployment, while our global platform processes over one billion daily authentications for 75+ million users.

Solving Real Business Problems

The 1Kosmos platform defends against stolen and fake identities daily at some of the world’s largest organizations, whether addressing in-person or online identity fraud.

We protect major retailers from identity fraud at point-of-sale and equipment rental locations. We secure logins for one of the largest global business process outsourcing firms and support one of the world’s largest FIDO2 deployments.

Our solutions protect healthcare workers and secure patient information for medical service providers, while enabling workforce logins at major financial services firms worldwide.

The 1Kosmos Difference: Complete Digital Identity

Combining identity verification, passwordless authentication, and user-controlled privacy in a single platform that supports both customers and workers delivers concrete business value.

This approach provides more than enhanced security against hiring fraud and social engineering attacks on IT service desks—it improves user experience. When employees can securely access all work applications through a single, verified digital identity, productivity increases while security risk decreases.

We’re the only company providing users with a digital identity wallet they control, enabling convenient and secure access to enterprise applications like Microsoft, Saviynt, ServiceNow, and Epic.

For privileged access management, our platform ensures that access to mission-critical systems remains tied to verified, identity-backed biometrics.

Speed of Deployment, Strength of Security

For enterprise decision-makers, 1Kosmos delivers these capabilities through rapidly deployable cloud services. While point solutions can require weeks or months to implement, our platform typically deploys in hours to days. In a threat environment where speed matters, this deployment advantage can mean the difference between preventing an attack and becoming a headline.

Looking Forward

Gartner’s recognition validates our approach while reinforcing our responsibility to continue pushing boundaries and exploring new possibilities in identity security. As threats evolve, our defenses must evolve accordingly. The criminals behind Scattered Spider and similar operations are sophisticated and well-funded—our response must be equally sophisticated and agile.

We’re building more than improved identity verification; we’re constructing the foundation for a more secure digital economy where trust is verifiable, privacy is preserved, and organizations can confidently embrace digital transformation without compromising security or convenience.

The future of enterprise security begins with identity. And identity security starts with verified trust.

The post 1Kosmos Takes the Lead in Workforce Identity Verification appeared first on 1Kosmos.

Wednesday, 10. September 2025

liminal (was OWI)

The Convergence of Authentication and Fraud Prevention

The post The Convergence of Authentication and Fraud Prevention appeared first on Liminal.co.

Elliptic

How to squeeze investigative evidence from any cryptocurrency address

Cryptocurrency and crime have been linked since Bitcoin's early days. While the industry has matured significantly, criminals continue to exploit digital assets for money laundering, ransomware, drug trafficking, sanctions evasion, and terrorist financing. Government investigators must be equipped to handle cryptocurrency evidence in their cases.

Cryptocurrency and crime have been linked since Bitcoin's early days. While the industry has matured significantly, criminals continue to exploit digital assets for money laundering, ransomware, drug trafficking, sanctions evasion, and terrorist financing. Government investigators must be equipped to handle cryptocurrency evidence in their cases.


Ockto

Eerlijk isoleren met HouMeerOver: zo verdelen gemeenten subsidies

Gemeenten willen verduurzaming versnellen. Dat lukt alleen als bewoners ook echt meedoen, juist díe mensen die het moeilijk kunnen betalen. Het Nationaal Isolatieprogramma stelt middelen beschikbaar, maar de praktijk laat zien dat die subsidies vaak terechtkomen bij huishoudens die het eigenlijk zonder hulp ook wel redden.

Gemeenten willen verduurzaming versnellen. Dat lukt alleen als bewoners ook echt meedoen, juist díe mensen die het moeilijk kunnen betalen. Het Nationaal Isolatieprogramma stelt middelen beschikbaar, maar de praktijk laat zien dat die subsidies vaak terechtkomen bij huishoudens die het eigenlijk zonder hulp ook wel redden.


IDnow

Serious about fraud prevention? Visit IDnow at SBC Summit.

Are you ready for the future of Gaming? Prepared for the industry’s upcoming fraud and compliance challenges? IDnow’s identity verification experts will be on hand to answer all your IDV-related questions at Booth E405.  We will be attending SBC Summit in Lisbon from September 16-18 to share actionable insights on how to onboard players in […]
Are you ready for the future of Gaming? Prepared for the industry’s upcoming fraud and compliance challenges? IDnow’s identity verification experts will be on hand to answer all your IDV-related questions at Booth E405. 

We will be attending SBC Summit in Lisbon from September 16-18 to share actionable insights on how to onboard players in seconds, remain compliant throughout Europe, and block fraud before it impacts the customer experience.  

As one of the first companies in Europe to receive certification under the latest ETSI standard for remote identity proofing (a key requirement for eIDAS 2.0 and EUDI Wallet compliance), IDnow is well equipped to assess how prepared and future-ready businesses are for upcoming regulatory challenges. The team can be found at Booth E405 in Hall 4 and will be demonstrating how its wide range of automated and expert-led identity verification solutions can unlock safer and more secure gaming experiences. 

Gaming operators are also invited to swing by to check out some of IDnow’s latest product developments, from its expanded fraud prevention technology to its NFC-enabled offering, which provides a seamless and streamlined experience, from document tap to trusted onboarding. 

At midday on September 18, don’t forget to head over to Stage 3 – Technology & Compliance to attend the ‘AML 2.0: Getting Serious about Fraud’ panel.

This will be a great opportunity to hear from Edouard Baussier, Solution Sales Director at IDnow, who, alongside other industry leaders and insiders, will explore how AI, real-time data, and regulations are transforming AML efforts. 

Traditional AML strategies are often too rule-based and reactive; focusing more on catching yesterday’s fraud than tomorrow’s. I look forward to joining my peers from the gaming and gambling space to explore how AI, data enrichment and behavioral analytics could be used to shape the future of AML.

Edouard Baussier, Solution Sales Director at IDnow
Hoping for the treble. 

IDnow will also be hoping history repeats itself at this year’s SBC Awards (taking place on the final day of SBC Summit Lisbon on September 18,) as it has once again been nominated for the ‘Fraud and Compliance Solution of the Year’ award. 

Having won the award in both 2023 and 2024, the Munich-headquartered identity verification platform provider will be hoping to win the prestigious award for three years in a row. 

Schedule a meeting with the IDnow team at SBC Summit by clicking below.

By

Jody Houton
Senior Content Manager at IDnow
Connect with Jody on LinkedIn

SBC Summit Lisbon Schedule a meeting with the team to discover how IDnow’s range of automated and expert-led solutions can help you unlock safer and more secure gaming and gabling experiences. Book a meeting

Dock

The 3 Steps You Need to Take for eIDAS 2.0 Compliance

We sat down with Viky Manaila (Trust Services Director at Intesi Group) and Vedran Lalic (Digital Identity Consultant at the World Bank) to break down a massive topic:  By 2026, eIDAS 2.0 will change how digital identity works in Europe.  The shift to&

We sat down with Viky Manaila (Trust Services Director at Intesi Group) and Vedran Lalic (Digital Identity Consultant at the World Bank) to break down a massive topic: 

By 2026, eIDAS 2.0 will change how digital identity works in Europe. 

The shift to verifiable credentials and digital wallets isn’t optional, it’s happening. 

Governments, businesses, and institutions that adapt early will gain a competitive advantage. Those who don’t? They’ll be scrambling to keep up.

So, what should you be doing right now to get ahead? Let’s break it down.


PingTalk

The Competitive Advantage of Decentralized Identity in European Finance

Discover how eIDAS 2.0 and decentralized digital identity are reshaping European financial services - reducing fraud, improving CX, and enabling growth.

From opening a bank account to approving a mortgage or executing a cross-border payment, trust in a person’s digital identity is what keeps the financial system running smoothly. But in Europe, the digital identity landscape has long been fragmented with each country relying on its own tools, trust schemes, and identity providers. For financial services providers operating across borders, that means rising compliance costs, customer friction, and missed growth opportunities. The EU’s eIDAS 2.0 regulation is about to change all that, and for banks, insurers, and fintechs, the implications are massive.


auth0

Defending Against AI-Powered CLI Supply Chain Attacks

Learn how AI-powered supply chain attacks turn trusted command-line tools into threats. Discover an identity-first defense strategy to secure developer environments and prevent data exfiltration.
Learn how AI-powered supply chain attacks turn trusted command-line tools into threats. Discover an identity-first defense strategy to secure developer environments and prevent data exfiltration.

BlueSky

Our Approach to Age Assurance

We’re committed to keeping our community informed as we navigate new regional regulations.

At Bluesky, we’re working to drive large-scale adoption of technologies for open and decentralized public conversation. We built our app to provide you with better choices when it comes to privacy, expression, and safety. That’s why we give people options for how content moderation works, on top of our baseline policies.

We recognize that promoting safety for young people is a shared responsibility, and we support the idea of collective action to protect children from online risks. We also recognize that governments may have strong, often conflicting, views on these issues and how to weigh competing priorities. In this rapidly evolving regulatory environment, our goal is to respect the law while balancing safety, free expression, and user privacy to serve the greater good of our community. Responding to new laws and regulations will require pragmatism and flexibility.

In the UK, we complied with a new law that requires platforms to restrict children from accessing adult content. In Mississippi, the law requires us to restrict access to the site for every unverified user. To implement this change, we would have had to invest substantial resources in a solution that we believe limits free speech and disproportionately harms smaller platforms. We chose not to offer our service there at this time while legal challenges continue.

South Dakota and Wyoming have also passed online safety laws that impose requirements on services like ours. These are very similar to the requirements of the UK Online Safety Act. So, as we did in the UK, we’ll enable Kids Web Services’ (KWS) age verification solution for users in these states. Through KWS, Bluesky users in South Dakota and Wyoming can choose from multiple methods to verify their age. We believe this approach currently strikes the right balance. Bluesky will remain available to users in these states, and we will not need to restrict the app for everyone.

We’re committed to keeping our community informed as we navigate these new regulations. As more states and countries adopt similar requirements, we will update this blog post accordingly.


FastID

Control and Monetize Your Content with the RSL Standard

AI crawlers are scraping the web, often ignoring rules and costing publishers resources. The new RSL Standard lets you block, allow, or even charge AI for access to your content. Here’s how it works.
AI crawlers are scraping the web, often ignoring rules and costing publishers resources. The new RSL Standard lets you block, allow, or even charge AI for access to your content. Here’s how it works.

DDoS in August

August 2025 DDoS attack trends: Hyperscale clouds are the source for 70% of attacks. Get insights on the latest application DDoS trends to strengthen security.
August 2025 DDoS attack trends: Hyperscale clouds are the source for 70% of attacks. Get insights on the latest application DDoS trends to strengthen security.

Tuesday, 09. September 2025

Indicio

Indicio’s authenticated biometrics — a simple defense against a “tidal wave” of synthetic identity fraud

The post Indicio’s authenticated biometrics — a simple defense against a “tidal wave” of synthetic identity fraud appeared first on Indicio.
With leading research company Juniper predicting a “fraud tidal wave,” Indicio’s authenticated biometric credential solution is a simple, powerful, cost effective defense against synthetic identity fraud and deepfakes while also streamlining account access, mobile, and cross-border payments.

By Tim Spring

Juniper Research predicts fraud will cost financial institutions $58.3 billion dollars, globally, by 2030 — and the bill is coming from synthetic identity fraud, where real, stolen, and fake information is combined to trick institutions into opening accounts and granting credit.

Add this to bots, phishing attacks, account takeovers, and AI being used to accelerate attacks, and generate deepfakes.

Meanwhile, the demand for seamless, fast, mobile banking and payments has only increased. Juniper also forecasts that mobile payments will grow to over $8 trillion dollars by 2028.

Money 20/20 — Indicio is “poised to transform the world of money”

We’re doing this with authenticated biometric credentials, a simple, cost-effective solution to these authentication and KYC problems that can scale from the smallest SME to the corporations and countries.

With Indicio Proven software, any government issued identity document containing an image can be bound to the person who rightfully owns it — through a combination of face-mapping and liveness checking. And through our partnership with Regula, thousands of official identity documents from all over the world can be validated as authentic.

The result is a Verifiable Credential that contains an authenticated biometric — a combination of personal identity data and a biometric image that can be presented anywhere for instant verification — no centralized storage of personal or biometric data needed.

What makes this so powerful is that the issuer of the credential — a bank, a brokerage, a financial institution — can be cryptographically proven, along with the integrity of the data.

And this authentication takes place before any data is shared.

So if you trust the bank, you can trust the information in the credential — plus, you can automatically compare a live image of the person with a tamper-proof copy of their biometrics, a simple way to identify deepfakes.

The result is the most powerful digital identity in the global marketplace — one that can be created in minutes and verified with simple mobile software anywhere.

Bonus — with Indicio Proven, your authenticated biometric credential is globally interoperable, meaning it can work with the European Union’s new Digital Identity Wallet.

Indicio — the IDV disruptors

We first created this solution to enable seamless border crossing with the world’s first digital passport credential based on international standards. We won awards. But more importantly, we saw how this could transform identity verification for everyone and meet the emerging challenges of synthetic identity fraud.

Our software enables anyone to hold an authenticated biometric of themselves and instantly share it anywhere as the ultimate proof of identity in a world of fakery. And we also make it easy to verify anywhere, even offline.

It’s simple to implement — it will work with your existing systems. It’s simple to use — generate or scan a QR code; integrate with existing biometric infrastructure. And it is significantly less expensive than traditional IDV — but you’ll have to contact us to find out by how much.

The question is, in a world where synthetic identities and deepfakes threaten the financial security of your company, can you afford not to ask for a Proven biometric?

Getting Started

To get a better understanding of the technologies involved, you can visit our banking and finance page. To discuss specifics or learn how you can start integrating this solution into your systems today, please contact our team and we will be happy to answer any questions or set up a time for a free consultation.

###

The post Indicio’s authenticated biometrics — a simple defense against a “tidal wave” of synthetic identity fraud appeared first on Indicio.


Elliptic

The Wolfsberg Group’s guidance on banking stablecoin issuers: Harnessing on-chain insights to assess risk

Stablecoins are one of the most compelling innovations in the cryptoasset space, increasingly seen as a fundamental to the future of digital payments and cross-border value transfer. Now accounting for trillions of dollars in transactions, stablecoins are playing a growing role in use cases such as digital commerce, cross-border payments and remittances, capital markets settlement, and

Stablecoins are one of the most compelling innovations in the cryptoasset space, increasingly seen as a fundamental to the future of digital payments and cross-border value transfer. Now accounting for trillions of dollars in transactions, stablecoins are playing a growing role in use cases such as digital commerce, cross-border payments and remittances, capital markets settlement, and treasury management - and an ever-growing number of fintechs, payments firms, and financial institutions are looking to launch their own stablecoins. 


Spherical Cow Consulting

AI Permissions vs. Human Permissions: What Really Changes?

We’ve been talking about identity and access for people for decades (millennia if you think outside tech). Policies, role assignments, reviews, zero trust — these are familiar tools. The assumptions that go into them, however, don't quite work when the "user" is no longer a person." Enter in the AI Agent. The post AI Permissions vs. Human Permissions: What Really Changes? appeared first on Spher

“We’ve been talking about identity and access for people for decades (well, millennia if you think outside the tech box). Policies, role assignments, reviews, zero trust — these are familiar tools. The assumptions that go into them, however, don’t quite work when the “user” is no longer a person.”

Enter in the AI Agent.

An AI doesn’t log in, perform a task, and then head off to lunch. It doesn’t get tired, second-guess itself, or stop at the boundaries we assume people understand. Instead, it keeps going (was the Energizer Bunny an early AI? Hmmmm) at a scale no human can match. That difference matters. The way we’ve designed permissions for humans has always relied on certain constraints: limited speed, bounded intent, and oversight cycles that can reasonably keep up.

When the actor is an AI, those constraints are gone. What we’re left with is a gap between the pace at which machines can act and the pace at which human-designed governance can respond. Unfortunately, I don’t think that the gap can be smoothed over with existing tools.

This post looks at three of those cracks: how policy enforcement differs for people and AIs, why runtime governance becomes essential, and what zero trust does (and doesn’t) offer when roles blur.

A Digital Identity Digest AI Permissions vs. Human Permissions: What Really Changes? Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:10:38 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

Policy enforcement for people vs. AIs

With humans, policies usually align with job functions: a role grants access, and reviews catch drift over time. Even if people sometimes work around the edges of a policy, they’re bounded by human limits: a person can only click so fast, submit so many forms, or request so many resources. Enforcement mechanisms are tuned to those limits.

With AI, those assumptions evaporate. One executive at a very large enterprise told me — and asked me not to name them publicly — that they’d watched their own AI agents behave exactly like an attacker. The agents weren’t malicious; they were just single-minded. When faced with a roadblock, they tried every possible permutation of the request until something went through. From the agent’s point of view, this was just persistence in solving a problem. From a security team’s perspective, it looked indistinguishable from a brute-force attack.

That story captures the core difference: enforcing policies on humans is about constraining intent, while enforcing policies on AIs is about constraining behavior patterns that can unfold at machine speed.

Why runtime governance matters more

Oversight loops designed for quarterly certifications or annual audits simply don’t scale when an AI can run thousands of actions in seconds. Quarterly access reviews, audit reports, entitlement certifications: these are slow, deliberate checks designed for slow, deliberate actors. That’s why governance is shifting toward runtime validation. NIST’s AI Standards “Zero Drafts” Pilot Project makes a similar point in its early work on Testing, Evaluation, Verification, and Validation (TEVV): evaluation results are time-bound and must be re-established in live contexts as systems and environments change.

But an AI agent can spin through thousands of transactions in seconds. If one of those transactions violates policy, you don’t have three months to catch it. By the time the audit report lands, the damage is done.

That’s why runtime governance matters more in an AI world. Instead of periodic reviews, you need ongoing checks that validate each action in real time against business state, risk scores, and context. Governance has to run in the same tight loops as the systems it’s meant to protect. The consequences here aren’t theoretical. Weak runtime governance shows up directly in compliance failures, operational risks, and security exposures. If your audit assumes human pacing but your agents act at machine speed, that mismatch can quickly become costly.

This isn’t a radical departure from what we already know, but it is definitely a sidestep. It’s the same shift we’ve been making with zero-trust networking when verifying every access, every time. But with AIs, the volume and unpredictability make runtime enforcement non-negotiable.

Zero trust and blurred roles

Zero trust, in human terms, is simple enough: don’t assume trust based on location or role; verify every request.

But what does that look like when an AI agent is simultaneously:

Acting as a customer service rep, Writing new code modules, Spinning up cloud infrastructure, and Querying internal HR data?

With people, those roles are clearly separated. With an AI, the boundaries collapse. The same system may be acting across functions at once, not because of malice but because it was asked to “just get the job done.”

Zero trust principles such as least privilege, continuous verification, and minimizing standing access still apply, but they need a new level of granularity. Instead of asking “Does this role have permission to access this system?”, the question becomes “Does this pattern of behavior still look acceptable, given what this agent is trying to achieve?”

And that’s not a static answer. It has to be recalculated in real-time because the roles themselves blur when machines act faster than our ability to categorize them.

What really changes?

For humans, permissions are about who can do what. For AIs, permissions are about what actions are acceptable, in what sequence, at what speed, and with what guardrails.

The shift is from assigning access to governing behavior, from periodic reviews to runtime enforcement, static roles to dynamic patterns. It’s not that the old tools are obsolete. Roles, reviews, and zero trust still matter, but they’re no longer sufficient on their own. When your “users” are tireless, literal, and unimaginably fast, you need governance that matches that pace.

The enterprise anecdote I mentioned earlier — of an AI acting like an attacker just to finish its assigned task — is a preview. It’s what happens when yesterday’s assumptions about permission models meet today’s machine-driven reality.

In my earlier post on Agentic AI in the open standards community, I mentioned that standardization work is starting to grapple with these questions, too. Whether it’s NIST’s early TEVV guidance or W3C and IETF discussions on agent behavior, there’s a growing recognition that machine permissions as much a governance challenge as they are a technical one.

Closing thought

The real change isn’t in the idea of permissions itself. It’s in the urgency of treating permissions as living, runtime checks rather than dusty entitlements waiting for an audit.

So here’s my question to you: Are your permissions models built for human pace or machine pace? If you’ve already run into this problem in your deployments, I’d love to hear what you saw and how you dealt with it.

If you’d rather track the blog than the podcast, I have an option for you! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here

Transcript Permissions in the Age of AI Agents

[00:00:30] Hi everyone, and welcome back.

[00:00:32] Today I want to talk about something that sounds deceptively familiar: permissions. Specifically—who is allowed to access what, when, where, why, and how?

[00:00:42] The tech space has been dealing with identity and access for decades. It’s a core concept not only for cybersecurity, but also for how businesses function.

[00:00:50] And honestly, if you zoom out far enough, humanity has been grappling with this concept for millennia—whether priests deciding who can enter a temple, or sysadmins deciding who can SSH into a server.

Policy Enforcement in a Human vs. AI World

[00:01:02] My very first tech job was in the 90s as a Galacticom BBS operator. My primary function was to create accounts, group users, and ban them when needed. In other words, managing who could and couldn’t access certain spaces.

[00:01:30] Enter stage left: the AI agent.

[00:01:34] Unlike humans, AI agents don’t self-limit. People get tired, bored, or notice they’re pushing too far. They can only click so fast or request so many resources before fatigue sets in.

[00:01:52] AI does not have those limits. It doesn’t need a coffee break. It doesn’t get bored. And it doesn’t stop at the guardrails we assume humans understand.

Humans → bounded by natural constraints AI → tireless, literal, and unimaginably fast

[00:02:07] That difference matters. For years, permissions assumed humans were the actors—even bad actors. Governance cycles, reviews, and controls were tuned to human pace and intent.

[00:02:29] But when the actor is an AI, those assumptions fall apart. What we’re left with is a widening gap between machine speed and human-designed governance.

Governance at Machine Speed

[00:02:46] In this episode, I want to dig into three challenges:

How policy enforcement differs for people and AIs Why runtime governance becomes essential What zero trust really gives us when roles blur

[00:03:00] Let’s start with policy enforcement.

[00:03:03] With humans, policies align with job functions. Roles grant access, and reviews catch drift. Sure, people sometimes find workarounds, but their intent and ability are still bounded.

[00:03:20] With AI, those assumptions evaporate.

[00:03:37] I spoke with an executive at a large enterprise who shared a telling story. Their AI agents behaved almost exactly like attackers—not because they were malicious, but because they were single-minded.

The AI hit a roadblock Instead of asking for new permissions, it tried every possible permutation until something worked To the AI, that was persistence. To the security team, it looked like brute force

[00:04:10] Here’s the difference:

With humans → enforcing policies means constraining intent With AI → enforcing policies means constraining behavior at machine speeds Why Runtime Governance Matters

[00:04:25] Oversight cycles work for people: quarterly reviews, annual audits, entitlement certifications.

[00:04:42] But AI agents can execute thousands of transactions in seconds. If just one violates policy, waiting months for an audit report is far too late.

[00:04:56] This mismatch shows up in:

Failed audits Blown budgets Security incidents no one saw coming

[00:05:16] This is why runtime governance matters more in an AI world. Instead of periodic reviews, we need continuous validation:

Every action checked in real time Risk scores recalculated constantly Context updated dynamically

[00:05:29] NIST is already moving in this direction with the AI Standards Zero Drafts. One key theme: evaluation results are time-bound.

[00:05:52] AI permissions can’t be static entitlements waiting for audits. They must be living checks, recalculated as conditions shift.

Rethinking Zero Trust

[00:06:23] Let’s talk about zero trust.

[00:06:25] For humans, the principle is simple: don’t assume trust based on network location or job role. Verify every request.

[00:06:42] But what happens when the “user” is an AI agent?

[00:06:53] Unlike humans, who work within distinct roles, an AI might simultaneously:

Act as a customer service rep Write new code modules Spin up cloud infrastructure Query HR data

[00:06:59] No human does all of that at once. But for AI, boundaries collapse.

[00:07:17] Zero trust still applies—least privilege, continuous verification, minimizing standing access. But it must go further.

[00:07:23] The real question isn’t does this role have access? It’s:

Does this behavior pattern look acceptable given the AI’s task?

[00:07:30] And those patterns aren’t static. They must be recalculated in real time because roles blur faster than we can categorize them.

From Permissions to Governance

[00:07:40] So what really changes when the user is an AI?

For humans → permissions define who can do what For AIs → permissions define what actions are acceptable, in what sequence, at what speed, under which guardrails

[00:07:53] This represents a fundamental shift:

From assigning access → to governing behavior From periodic reviews → to runtime enforcement From static roles → to dynamic patterns

[00:08:18] Roles, reviews, and zero trust still matter. But on their own, they’re no longer enough when users act tirelessly and unimaginably fast.

[00:08:31] The anecdote I shared earlier of an AI acting like an attacker? That’s what happens when yesterday’s permission models collide with today’s machine-driven reality.

The Urgency of Machine-Ready Permissions

[00:08:47] This isn’t just happening inside one enterprise. Standards bodies like W3C and IETF are also recognizing that permissions for machines are more than just a technical detail.

[00:09:05] The real shift isn’t only about permissions—it’s about urgency. Permissions can’t sit as dusty entitlements waiting for audits. They must become runtime checks, recalibrated constantly for actors without human limits.

[00:09:22] So here’s a question for you: Are your permission models built for human pace, or for machine pace?

[00:09:33] If you’ve already seen cracks—your AI systems bumping up against the edges of human-centric permission models—I’d love to hear your stories. Maybe they’ll even make it into a future post.

Closing Thoughts

[00:09:52] Thank you for listening. Please share this with your colleagues and tune in again next week.

[00:10:02] That’s it for this week’s episode of Digital Identity Digest.

If this helped make things clearer—or at least more interesting—share it with a friend or colleague. You can also:

Connect with me on LinkedIn: @hlflanagan Subscribe and leave a rating on Apple Podcasts (or wherever you listen) Read the full written post at sphericalcowconsulting.com

Stay curious, stay engaged, and let’s keep these conversations going.

The post AI Permissions vs. Human Permissions: What Really Changes? appeared first on Spherical Cow Consulting.


IDnow

IDnow and Docusign partner to expand secure and compliant digital identity and e-signature solutions in Germany

Munich, September 9, 2025 – IDnow, a leading identity verification platform provider in Europe, and Docusign, the Intelligent Agreement Management company, today announced the launch of a joint solution enabling customers’ compliance with Germany’s Anti-Money Laundering (Geldwäschegesetz, or GwG) law through secure and automated identity verification and electronic signatures, powered by Germany’s

Munich, September 9, 2025 – IDnow, a leading identity verification platform provider in Europe, and Docusign, the Intelligent Agreement Management company, today announced the launch of a joint solution enabling customers’ compliance with Germany’s Anti-Money Laundering (Geldwäschegesetz, or GwG) law through secure and automated identity verification and electronic signatures, powered by Germany’s electronic ID (eID).

A joint solution for trust, speed, and compliance

The new joint offering is designed to support customers’ obligations to meet GwG requirements and is aligned with evolving BaFin guidance and the EU eIDAS regulation, streamlining digital onboarding and agreement processes across regulated industries. This collaboration addresses the increasing demand for compliant, user-friendly digital identification services in the German market, particularly in sectors such as finance, insurance, and public administration.

In light of recent legislative discussions in Germany around enabling more automated identity solutions under GwG, and the growing expectation among users for faster and more intuitive experiences, this partnership broadens the available options for secure and compliant digital identification, reflecting the industry’s ongoing shift toward more flexible, future-ready technologies.

Leveraging combined expertise for enhanced solutions

This integrated solution leverages IDnow’s latest eID-based technology, fully integrated within the new AI-powered Docusign IAM platform. The process uses the Near Field Communication (NFC) chip and PIN functionality of German eID cards to enable automated, eIDAS-compliant, and binding e-signatures, allowing signers to verify their identity and complete agreements using just their smartphone, in under a minute. It delivers a seamless, secure and mobile-first experience, without video calls or manual checks, for both businesses and their customers.

Together, IDnow and Docusign now offer:

Solution to enable customers’ compliance with GwG using digital identification with Qualified Electronic Signature (QES) A completely automated user experience, removing the need for video verification Integration with Docusign’s trusted eSignature and Maestro workflows Certification via IDnow Trust Services AB, an EU-accredited Qualified Trust Service Provider (QTSP)

We are thrilled that Docusign has extended its existing partnership with IDnow, adding IDnow Trust Services AB to its network of qualified trust service providers, and leveraging our eID solution.

Uwe Stelzig, Managing Director DACH at IDnow.

“This partnership will not only streamline and accelerate digital signing processes for holders of the German eID card and resident permits but also make identification more convenient. With the growing complexity of digital regulations across Europe, it is more important than ever to have a secure, compliant and seamless solution in place for electronic signatures and identity verification,” added Stelzig.

“Germany is a priority market for Docusign, where we’re seeing digital transformation accelerate and demand for compliant, seamless digital experiences rise rapidly across financial services, insurance, and beyond,” said Maxime Hambersin, Senior Director, Product Management International at Docusign. “By combining our trusted eSignature capabilities with IDnow’s advanced identity verification, we’re removing friction while increasing compliance.”


iComply Investor Services Inc.

AML Essentials for MSBs: Screening, Sanctions, and Global Oversight

MSBs face intense global AML scrutiny. This article breaks down jurisdictional requirements and shows how iComply streamlines onboarding, monitoring, and reporting across borders.

Money service businesses (MSBs)—including remittance providers, currency exchanges, and prepaid platforms – face some of the strictest AML expectations globally. This article breaks down key KYC, KYB, KYT, and AML requirements in the U.S., UK, EU, Canada, Australia, and Singapore – and how iComply helps automate screening and reporting across borders.

Money service businesses (MSBs) operate in high-risk zones for financial crime, often processing large volumes of low-margin transactions across borders. As a result, regulators expect MSBs to maintain exceptional AML programs – on par with traditional banks.

With sanctions enforcement, PEP exposure, and transaction monitoring under scrutiny, MSBs need real-time, automated tools to meet growing global expectations.

AML Requirements for MSBs by Jurisdiction United States Regulator: FinCEN Requirements: MSB registration, SARs, Travel Rule compliance, OFAC screening, and AML program implementation United Kingdom Regulator: FCA Requirements: AML registration, customer due diligence (CDD), sanctions/PEP screening, and transaction monitoring European Union Regulators: National AML authorities (under AMLD6) Requirements: CDD, UBO verification, risk-based monitoring, and suspicious transaction reporting (STR) Canada Regulator: FINTRAC Requirements: MSB registration, client identification, sanctions list checks, STRs, and transaction recordkeeping Australia Regulator: AUSTRAC Requirements: AML/CTF compliance, customer verification, risk assessment, sanctions screening, and SMRs Singapore Regulator: MAS Requirements: AML licensing, KYC/EDD procedures, real-time screening, Travel Rule compliance, and robust recordkeeping Top Compliance Challenges for MSBs

1. High Volume, Low Margin
Manual processes are unsustainable at scale.

2. Multi-Jurisdictional Risk
Global MSBs must satisfy overlapping and sometimes contradictory AML obligations.

3. Sanctions Exposure
Real-time OFAC, UN, EU, and national list screening is mandatory—and changing daily.

4. Complex Workflows
Onboarding, transaction monitoring, and alert handling often happen in siloed tools.

How iComply Supports Global MSBs

iComply offers MSBs a fully integrated platform to manage end-to-end AML workflows—designed to scale with global growth.

1. KYC + KYB with Edge Security Verify individuals and businesses with on-device document processing UBO mapping and risk profiling by geography, industry, and behavior Supports ID types and languages in 195+ countries 2. Sanctions and PEP Screening Real-time screening against OFAC, EU, UN, UK, and local lists Refresh cycles and trigger-based review automation Configurable thresholds and escalation rules 3. Transaction Monitoring (KYT) Score by volume, frequency, and velocity Detect structuring, layering, and red-flag behaviours Trigger SAR/STR workflows automatically 4. Centralized Case Management Assign reviews, document findings, and resolve alerts in one interface Export audit logs for FinCEN, FCA, AUSTRAC, and others 5. Deployment and Data Governance Cloud, private cloud, or on-premise setups Data residency controls for sensitive jurisdictions (e.g., UAE, EU) Consent management and end-to-end encryption Case Insight: Global Remittance Platform

A cross-border remittance provider integrated iComply to centralize onboarding and monitoring across Africa, North America, and Europe:

Reduced sanctions screening false positives by 45% Consolidated compliance review into one multilingual dashboard Passed audits in three jurisdictions with unified audit logs Final Thought

Regulators treat MSBs like banks – but most MSBs aren’t staffed or equipped like one. The only way forward is automation.

Talk to iComply to discover how our AML tools help MSBs manage global compliance, eliminate manual reviews, and focus on serving their customers.


Herond Browser

Top 10 Sites to Watch Free Movies Online Without Hassle

We've done the work for you, sifting through countless options to bring you a list of the top 10 sites to watch free movies online without hassle. The post Top 10 Sites to Watch Free Movies Online Without Hassle appeared first on Herond Blog. The post Top 10 Sites to Watch Free Movies Online Without Hassle appeared first on Herond Blog.

Looking for a way to watch your favorite movies and TV shows without breaking the bank? The internet is filled with websites offering free streaming, but finding a reliable one can be tough. We’ve done the work for you, sifting through countless options to bring you a list of the top 10 sites to watch free movies online without hassle. Get ready to enjoy a high-quality streaming experience, all for free.

What to Look for When You Watch Free Movies Online What Makes a Great Free Streaming Site?

Not all free streaming sites are created equal. The best platforms offer legal content, so you can watch without worrying about copyright issues. They also feature a user-friendly interface that makes it easy to find what you want to watch. Minimal ads are a must, as nothing ruins a movie marathon like constant interruptions. Finally, a great site should have strong device compatibility, allowing you to stream on your phone, tablet, or smart TV.

Stay Safe from Malware and Scams

When looking for free movies, you might encounter sites that seem too good to be true. Many unofficial streaming platforms are loaded with malware, pop-ups, and scams designed to steal your personal information or damage your device. To stay safe, always stick to trusted websites and avoid clicking on suspicious links. You should also use a secure browser like Herond Browser to protect your privacy and block malicious scripts.

Top 10 Free Platforms to Watch Free Movies Online for 2025 Tubi

Tubi offers a vast, ad-supported library of movies and TV shows across all genres. It’s a completely legal service with no subscription required, and it’s compatible with a wide range of devices, from smart TVs to mobile phones. You’ll find everything from cult classics to modern hits, making it a great choice for your next movie night.

Pluto TV

Pluto TV gives you the feel of traditional television but for free. It features hundreds of live channels as well as a large selection of on-demand movies and TV shows. The service is simple to navigate and works on most devices. The ads are integrated into the content, just like on cable TV.

Crackle

If you’re a fan of classic films and original content, Crackle is for you. This platform provides a reliable streaming experience with a curated selection of movies and series. While it is ad-supported, the interruptions are minimal. It’s an excellent option for discovering hidden gems and enjoying well-known films without a subscription.

YouTube

Beyond cat videos, YouTube is a solid source for free movies. The platform hosts a large collection of ad-supported films that are legally uploaded by content creators. While the quality can vary, it’s easy to find a wide array of movies, from indie films to major studio releases, with a simple search.

Kanopy

Kanopy is perfect for film lovers with a library card. This service partners with public libraries and universities to offer free, ad-free streaming of a high-quality collection of classic cinema, documentaries, and educational content. It’s a great choice if you prefer a more curated and thoughtful selection of films.

Peacock (Free Tier)

Peacock, NBCUniversal’s streaming service, has a free tier that offers a rotating selection of movies and TV shows. While a subscription unlocks the full library, the free section still provides a good number of popular titles with ads. It’s a great way to check out the platform before committing to a paid plan.

Vudu (Free Section)

Known for its high-quality video, Vudu also has a robust free section. The platform offers a large collection of ad-supported movies that stream in high definition, so you don’t have to sacrifice quality for a free experience. The user interface is clean and makes browsing easy.

Popcornflix

Popcornflix is a straightforward, no-frills streaming site. It features a simple interface and a solid collection of movies across various genres. The service is completely free and supported by ads, making it easy to jump right in and start watching without the need for an account or sign-up.

Xumo

Xumo provides a combination of free on-demand movies and live TV channels. This ad-supported service offers a diverse selection of content, including news, sports, and entertainment. With its clean interface and multi-device support, Xumo is a convenient option for streaming on the go or at home.

Freevee

Formerly IMDb TV, Freevee is Amazon’s dedicated free streaming service. With a growing library of movies and original series, it offers a high-quality streaming experience with ads. You’ll find a diverse range of popular titles and hidden gems, all available for free with an Amazon account.

Tips for Safe and Hassle-Free When You Watch Free Movies Online Stream Legally, Stay Safe

To protect yourself from malware and scams, it’s crucial to stick to legal and trusted streaming platforms. Unofficial websites often contain malicious software, pop-up ads, and phishing attempts that can compromise your device and personal information. By using well-known services like Tubi, Pluto TV, or Crackle, you can enjoy your movies without any security risks, ensuring a hassle-free viewing experience.

Get the best platform to watch free movies online

For smooth, high-quality streaming, a stable internet connection is key. To watch movies in HD (High Definition) without buffering, you should aim for a minimum download speed of 25 Mbps. A reliable internet connection ensures that you can enjoy your favorite films in their full glory, with crisp visuals and uninterrupted playback, making your movie night truly enjoyable.

How to Enhance Your Free Movie Streaming Experience Check Your Internet Speed When You Watch Free Movies Online

To ensure you have the best possible streaming experience, you should test your internet speed before you start a movie. Use reliable tools like Speedtest.net to check your download speed. A good connection prevents buffering and lag, letting you enjoy high-definition content without frustrating interruptions.

Use Compatible Devices When You Watch Free Movies Online

For the most convenient viewing experience, use devices that offer seamless compatibility with streaming platforms. Devices like smart TVs, Roku, Amazon Fire Stick, and Apple TV are optimized for streaming and provide a user-friendly interface. Using these devices ensures that you can easily access your favorite free movie sites and watch content on the big screen without any hassle.

Conclusion

With so many options available, watching free movies online has never been easier or safer. By choosing legal, ad-supported platforms, you can enjoy a vast library of films and TV shows without the risks of malware, pop-ups, and scams.

To get the most out of your experience, remember to check your internet speed for buffer-free viewing and use a secure browser like Herond Browser to protect your privacy. Whether you’re in the mood for a classic film on Crackle or a live TV marathon on Pluto TV, these top 10 sites offer a hassle-free way to enjoy your favorite content for free.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org Banner cho Blog – eng

The post Top 10 Sites to Watch Free Movies Online Without Hassle appeared first on Herond Blog.

The post Top 10 Sites to Watch Free Movies Online Without Hassle appeared first on Herond Blog.


Top 10 Anime Sites to Watch Anime in 2025

When selecting the top anime sites to watch in 2025, prioritize diverse libraries, robust subtitle and dub options, legal content, and minimal ads The post Top 10 Anime Sites to Watch Anime in 2025 appeared first on Herond Blog. The post Top 10 Anime Sites to Watch Anime in 2025 appeared first on Herond Blog.

Dive into the vibrant world of anime with our guide to the top 10 anime sites to watch anime in 2025! From legal streaming giants like Crunchyroll to free platforms like Tubi, we’ve curated the best sites for high-quality, safe anime streaming. Whether you’re chasing new releases or classic series, find the perfect platform to watch anime online effortlessly.

What to Look for in Anime Streaming Sites Key Factors for Choosing Anime Sites in 2025

When selecting the top anime sites to watch in 2025, prioritize diverse libraries, robust subtitle and dub options, legal content, and minimal ads. Platforms like Crunchyroll and Anime-Planet offer vast collections, multi-language support, and licensed streaming for a seamless experience. Choose sites with these features to enjoy high-quality anime while ensuring a safe and engaging viewing journey.

Prioritize Safety to Avoid Malware Risks

Safety is crucial in 2025 to avoid malware from unverified platforms. Stick to trusted, legal sites like Tubi or HIDIVE to protect your device from harmful ads or viruses. By prioritizing secure streaming options, you can watch anime online confidently, ensuring a malware-free experience while enjoying your favorite shows.

Top 10 Anime Streaming Sites for 2025 Crunchyroll Offers a vast anime library with simulcasts in 2025. Premium plans (~$7.99-$14.99/month) for ad-free anime streaming. Top choice for fans to watch anime online on trusted sites. Funimation Features extensive dubs, backed by Sony in 2025. Premium plans (~$5.99-$9.99/month) for high-quality anime streaming. Ideal for dubbed anime lovers seeking reliable platforms. Netflix Growing an anime catalog with originals like Demon Slayer in 2025. Plans (~$7.99-$24.99/month) support HD/4K anime streaming sites. Perfect for diverse, high-quality anime content online. Hulu Diverse anime selection with ad-supported plans (~$9.99-$19.99/month) in 2025. Offers a mix of subs and dubs for anime streaming. Great for fans exploring top sites with variety. HIDIVE Niche, affordable (~$4.99/month) in 2025. Provides sub/dub options for dedicated streaming sites. Budget-friendly choice for unique anime content online. 9anime Free, ad-supported anime streaming site in 2025. Use with caution due to potential legality risks. Popular for cost-free access to watch anime online. AnimeLab (Australia/NZ) Free and premium tiers, Funimation-affiliated, in 2025. Offers quality anime streaming for Australia/NZ fans. Reliable choice among regional. Tubi Free, ad-supported anime with growing titles in 2025. User-friendly platform for cost-free anime streaming sites. Ideal for casual viewers seeking legal anime content. Pluto TV Free anime channels, ad-supported, in 2025. User-friendly interface for seamless anime streaming sites. Great for discovering anime without subscription costs. Anime-Planet Free, legal anime streaming with community recommendations in 2025. Offers curated lists for top. Perfect for fans seeking safe, engaging platforms to watch anime online. Common Mistakes to Avoid When Using Anime Sites Steer Clear of Unverified

When exploring anime sites in 2025, avoid unverified platforms that risk malware or data theft. Stick to trusted sites like Crunchyroll or Tubi to protect your device and personal information. Choosing legal anime streaming sites ensures a safe, high-quality viewing experience without security threats.

Meet Internet Speed Needs for Smooth Streaming

For buffer-free anime streaming in 2025, don’t ignore internet speed requirements. A minimum of 25 Mbps is ideal for HD or 4K content like Netflix or HIDIVE. Test your connection with Speedtest to enjoy seamless, uninterrupted anime watching.

How to Enhance Your Anime Streaming Experience Test Internet Speed for Seamless Anime Streaming

To enjoy seamless HD or 4K anime streaming in 2025, test your internet speed with Speedtest. A minimum of 25 Mbps ensures buffer-free viewing like Crunchyroll or Netflix. Confirm your connection speed to watch anime online without interruptions, enhancing your streaming experience.

Use Compatible Devices for Anime Streaming

Stream anime effortlessly in 2025 using devices like smart TVs, iOS, or Roku for optimal compatibility. Platforms like Hulu and Funimation work smoothly across these devices, delivering high-quality anime content. Choose the right device to watch anime online with ease and flexibility.

Conclusion

Discover the ultimate anime experience with our top 10 anime sites to watch anime in 2025! From Crunchyroll’s vast library to Tubi’s free streaming, these platforms offer legal, high-quality anime for all fans. Ensure a safe, buffer-free experience with trusted sites and a strong internet connection. Start your marathon today and dive into the best anime sites for seamless viewing!

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Top 10 Anime Sites to Watch Anime in 2025 appeared first on Herond Blog.

The post Top 10 Anime Sites to Watch Anime in 2025 appeared first on Herond Blog.


Best Tools and Tips to Download YouTube Shorts in 2025

Our guide to the best tools and tips to download YouTube Shorts in 2025 makes it easy and safe The post Best Tools and Tips to Download YouTube Shorts in 2025 appeared first on Herond Blog. The post Best Tools and Tips to Download YouTube Shorts in 2025 appeared first on Herond Blog.

Want to save your favorite YouTube Shorts for offline viewing? Our guide to the best tools and tips to download YouTube Shorts in 2025 makes it easy and safe. Discover top tools, step-by-step methods, and expert advice to download shorts without hassle.

Best Tools to Download YouTube Shorts in 2025

SnapDownloader for High-Quality YouTube Shorts Downloads

Top tool to download YouTube Shorts in 2025 with high-quality video. User-friendly, paid with free trial, ideal for beginners and pros.

YT-DLP: Free Open-Source Tool for Advanced Users

Free, open-source tool for downloading YouTube Shorts in 2025. Supports various formats, perfect for advanced users.

4K Video Downloader for Easy Shorts Downloads

Easy-to-use tool for YouTube Shorts downloads in 2025 (~$15-$45). Free and premium plans, support high-quality video.

Online Tools Like Y2Mate and SaveFrom.net

Free, browser-based tools to download YouTube Shorts in 2025

TubeMate: Mobile App for Android Users

Free, ad-supported app for Android to download YouTube Shorts in 2025. Simple interface for quick downloads. Step-by-Step Guide to Download YouTube Shorts

Step 1: Copy the YouTube Shorts URL

Copy the URL from the YouTube app or website in 2025. Open the Shorts video, click “Share,” and select “Copy Link.” Ensures a smooth start to downloading YouTube Shorts offline.

Step 2: Choose a Trusted Download Tool

Select reliable tools like SnapDownloader or Y2Mate in 2025. SnapDownloader offers high-quality downloads; Y2Mate is free. Reduces malware risks for safe YouTube Shorts downloads.

Step 3: Paste URL and Select Quality

Paste the URL into SnapDownloader or Y2Mate in 2025. Choose quality like 1080p for high-quality YouTube Shorts. Follow prompts for a seamless download process.

Step 4: Save and verify the Downloaded File

Save the YouTube Shorts file to your device in 2025. Confirm the video plays correctly with no issues. Ensures YouTube Shorts are ready for offline viewing. Tips for Safe and Effective Downloading Use Legal Tools and Respect YouTube’s Terms

To download YouTube Shorts safely in 2025, stick to legal tools like SnapDownloader or 4K Video Downloader and respect YouTube’s terms of service. Legal downloads avoid copyright issues and ensure a secure experience. Choose trusted platforms to download YouTube Shorts responsibly for personal use, keeping your viewing hassle-free and compliant.

Ensure a Stable Internet Connection

A stable internet connection of at least 10 Mbps is crucial for quick downloads of YouTube Shorts in 2025. This speed ensures smooth, buffer-free downloading, especially for high-quality videos like 1080p. Test your connection before starting to enjoy a seamless experience when downloading YouTube Shorts.

Common Mistakes to Avoid When Downloading YouTube Shorts Steer Clear of Unverified Websites

When downloading YouTube Shorts in 2025, avoid unverified websites that may install malware or steal data. Stick to trusted tools like SnapDownloader or 4K Video Downloader to ensure a safe experience. Unverified sites pose risks to your device and privacy, so prioritize secure platforms for downloading YouTube Shorts without complications.

Protect Personal Information on Download Platforms

Never share personal information on dubious platforms when downloading YouTube Shorts in 2025. Shady sites may exploit your data, leading to security risks. Use reputable tools like YT-DLP or SnapDownloader to safely download YouTube Shorts while keeping your personal details secure and your offline viewing worry-free.

Legal Considerations for Downloading YouTube Shorts Understanding YouTube’s Terms for Downloading Shorts

YouTube’s terms of service in 2025 generally allow downloading YouTube Shorts for personal use, such as offline viewing, but redistribution without permission can violate copyright laws. To stay compliant, use trusted tools like SnapDownloader and avoid sharing downloaded Shorts publicly. Respecting YouTube’s terms ensures a safe and legal experience when downloading YouTube Shorts for personal enjoyment.

Get Creator Permission for Sharing YouTube Shorts

When downloading YouTube Shorts in 2025, always seek the creator’s permission before sharing. While personal use is often allowed, redistributing Shorts without approval risks copyright infringement. Use platforms like SnapDownloader for safe downloads and contact creators directly to share their content legally, ensuring a responsible approach to downloading YouTube Shorts.

Conclusion

Downloading YouTube Shorts in 2025 is simple with the right tools and tips. From SnapDownloader’s high-quality downloads to YT-DLP’s free versatility, our guide ensures safe, legal, and hassle-free access to your favorite videos. Stick to trusted platforms, respect YouTube’s terms, and enjoy Shorts offline anytime. Start downloading YouTube Shorts today for a seamless, secure experience!

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Best Tools and Tips to Download YouTube Shorts in 2025 appeared first on Herond Blog.

The post Best Tools and Tips to Download YouTube Shorts in 2025 appeared first on Herond Blog.


Top Scariest Movies of All Time: Classics and 2025 Must-Sees

Ready to get your heart racing? Dive into our top scariest movies of all time The post Top Scariest Movies of All Time: Classics and 2025 Must-Sees appeared first on Herond Blog. The post Top Scariest Movies of All Time: Classics and 2025 Must-Sees appeared first on Herond Blog.

Ready to get your heart racing? Dive into our top scariest movies of all time. From timeless classics that defined the genre to the new horror films of 2025 that will keep you up all night, we’ve got your next scream-filled movie marathon covered.

What Makes a Movie Truly Scary? The Anatomy of a Scream

The most terrifying movies aren’t just about gore; they are masterclasses in psychological manipulation. Suspense is the slow burn, the creeping dread that something is just out of sight, making you anticipate the horror. Jump scares are the sudden, explosive release of that tension, designed to jolt you out of your seat. A great atmosphere uses sound, lighting, and setting to create a world that feels inherently wrong and unsettling. Finally, powerful storytelling makes you care about the characters and their fate, making the scares hit on a deeper, more emotional level.

Why the Classics Endure

Classic horror films like Psycho and The Exorcist are legendary for a reason. They perfected the art of suspense and atmosphere, often relying on what you don’t see to create terror. Instead of cheap tricks, they used masterful cinematography, sound design, and psychological depth to build a feeling of inescapable dread. These films prove that true horror comes from within, showing us our deepest fears reflected on screen.

The NewWave of 2025

This year’s releases are pushing the boundaries of what horror can be. The best new movies of 2025 are blending genres, from psychological thrillers and social commentary to sci-fi and survival horror. They tap into modern anxieties about technology, surveillance, and mental health, making the scares feel more personal and relevant than ever before. With innovative techniques and A-list talent, these films prove that horror is more than just a genre. It’s a reflection of our current fears.

Top Scariest Movies of All Time

Before we get to the new releases of 2025, let’s revisit the horror films that defined the genre and continue to haunt audiences today. These classics are a must-see for any true fan of fright.

Top Scariest Movies of All Time – The Exorcist (1973): More than a movie, this is an experience of psychological and visceral horror. Its terrifying power comes from a chillingly realistic portrayal of demonic possession, complete with groundbreaking practical effects and an unrelenting sense of dread that challenges your sense of reality. Top Scariest Movies of All Time – Psycho (1960): Alfred Hitchcock’s masterpiece changed horror forever. It’s not about jump scares but about the terror of a true human monster. The iconic shower scene is just one part of a film that masterfully builds suspense and a chilling atmosphere, making you fear the seemingly normal person next door. Top Scariest Movies of All Time – Psycho (1960) Top Scariest Movies of All Time – The Shining (1980): Stanley Kubrick’s film is a slow, methodical descent into madness. Its genius lies in its unsettling atmosphere, haunting score, and masterful use of space to create a feeling of claustrophobia and inescapable dread. The horror here is both supernatural and deeply psychological, exploring how isolation can break a person’s mind.

You can often find these timeless classics on popular streaming platforms like Netflix and HBO Max. Remember to browse safely with Herond Browser for a seamless and secure streaming experience.

Top Scariest Movies to Watch in 2025

Horror is constantly evolving, and 2025 is a testament to that, with filmmakers pushing boundaries and tapping into our deepest, most modern fears. This year’s releases are bringing fresh takes on classic terror and introducing new forms of dread.

M3GAN 2.0: The killer AI doll is back! The sequel to the viral hit M3GAN dives deeper into our anxieties about technology and artificial intelligence. This film promises to explore what happens when our digital companions become a little too intelligent, and a lot more malicious. 28 Years Later: The legacy of the rage virus continues with this highly anticipated sequel. Directed by Danny Boyle, this film is set to deliver the relentless, visceral horror of the original while exploring the long-term consequences of a world ravaged by a fast-moving, terrifying plague. The Conjuring: Last Rites: This is set to be the final chapter in the core Conjuring series, bringing back paranormal investigators Ed and Lorraine Warren for one last, terrifying case. Fans of supernatural horror and jump scares can expect a chilling conclusion to be one of the most successful horror franchises of all time. Tips for Watching Top Scariest Movies of All Time

For a scream-worthy movie night without the risk, stick to these trusted platforms.

Netflix, Hulu, and Disney+: These are industry leaders with robust security measures, including data encryption and anti-malware protection. They offer a huge library of content and ensure a safe, high-quality streaming experience. Amazon Prime Video: A secure and reliable option, Amazon Prime Video provides a vast selection of movies and TV shows, with a strong focus on user data protection. Reputable Free Services: If you’re looking for free options, stick to well-known, ad-supported platforms like Tubi, Pluto TV, and Crackle. These are run by legitimate companies and are much safer than obscure, illegal streaming sites. How to Choose the Right Platform for Top Scariest Movies of All Time

To pick the perfect platform for your horror binge, consider your viewing habits and budget. While a major service like Netflix offers a wide variety of genres, a niche platform like Shudder is a true haven for horror fanatics.

Netflix: With plans ranging from $7.99 to $24.99 per month, Netflix is a one-stop shop for everything from original horror films to classic thrillers. It supports 4K Ultra HD streaming on its Premium plan and is compatible with nearly every device, from smart TVs and game consoles to laptops and mobile phones. Shudder: For the serious horror fan, Shudder is a must-have. Priced at a more affordable $6.99 per month, it focuses exclusively on horror, thriller, and supernatural content. You’ll find a curated collection of classics, indie gems, and exclusive originals you can’t get anywhere else. Shudder is compatible with major devices like Roku, Apple TV, and Xbox. Conclusion

Whether you’re a seasoned horror veteran or a newcomer looking for a good fright, the world of scary movies has something for everyone. The classics show us that true terror lies in psychological suspense and chilling atmosphere, proving that a great story is timeless. Meanwhile, the new releases of 2025 are pushing the genre forward, using modern anxieties to deliver fresh, terrifying experiences. To get the most out of your movie marathon, remember to use secure and trusted streaming platforms like Netflix and Shudder, and for a truly worry-free experience.

About Herond

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Have any questions or suggestions? Contact us:

On Telegram https://t.me/herond_browser DM our official X @HerondBrowser Technical support topic on https://community.herond.org

The post Top Scariest Movies of All Time: Classics and 2025 Must-Sees appeared first on Herond Blog.

The post Top Scariest Movies of All Time: Classics and 2025 Must-Sees appeared first on Herond Blog.


FastID

CISO Perspective: Q2 2025 Threat Insights Report

Explore Fastly's Q2 2025 Threat Report through our CISO, Marshall Erwin's eyes. Uncover bot traffic insights and key security practices.
Explore Fastly's Q2 2025 Threat Report through our CISO, Marshall Erwin's eyes. Uncover bot traffic insights and key security practices.

Sustainability dashboard: Shine a light on your digital carbon footprint

Fastly's Sustainability dashboard provides instant access to electricity-related Scope 2 & 3 emissions data. Understand and optimize your digital carbon footprint with ease.
Fastly's Sustainability dashboard provides instant access to electricity-related Scope 2 & 3 emissions data. Understand and optimize your digital carbon footprint with ease.

Monday, 08. September 2025

Dock

How to Turn Open Finance Data into Digital ID Credentials and Connect IAM Silos [Video and Takeaways]

The way organizations handle digital identity is rapidly evolving and nowhere is this more visible than in Brazil’s booming Open Finance and Open Insurance ecosystems.  To explore how verified financial data can be transformed into reusable digital identity credentials, Dock Labs recently hosted a live podcast: 

The way organizations handle digital identity is rapidly evolving and nowhere is this more visible than in Brazil’s booming Open Finance and Open Insurance ecosystems. 

To explore how verified financial data can be transformed into reusable digital identity credentials, Dock Labs recently hosted a live podcast: How to Turn Open Finance Data into Digital ID Credentials and Connect IAM Silos.

The session was led by Nick Lambert, CEO of Dock Labs, and featured industry leaders shaping the future of identity in Latin America:

André Facciolli, CEO of Netbr, a consultancy specializing in end-to-end identity management solutions that works with Brazil’s top 10 banks. Alan Kim Mareines, CEO of Lina, a technology provider delivering Open Finance and Open Insurance infrastructure across Brazil. Rodrigo Azevedo, Developer at Netbr, who built and presented the live proof-of-concept demo showing how Open Finance data can be issued as verifiable credentials and used across real-world scenarios like hotel check-ins or age verification at a pub.

Together, the panel explored the challenges large enterprises face with siloed IAM systems, the benefits of combining Open Finance with verifiable credentials, and the broader implications for user privacy, security, and business innovation.


Shyft Network

Shyft Network and IN1 Powering Privacy-Preserving Compliance for Unified Digital Finance

Shyft Network, the trust protocol, has entered into a partnership with IN1, a unified fintech platform offering fiat and crypto financial services, to support scalable regulatory readiness as the company expands globally. As digital finance platforms increasingly integrate both traditional and crypto assets, companies like IN1 are ensuring compliance with FATF regulations. Through this partnershi

Shyft Network, the trust protocol, has entered into a partnership with IN1, a unified fintech platform offering fiat and crypto financial services, to support scalable regulatory readiness as the company expands globally.

As digital finance platforms increasingly integrate both traditional and crypto assets, companies like IN1 are ensuring compliance with FATF regulations. Through this partnership, IN1 will integrate Veriscope, Shyft Network’s Travel Rule solution, providing seamless regulatory compliance. Unlike traditional approaches, Veriscope facilitates the exchange of verified user data between Virtual Asset Service Providers (VASPs) using cryptographic proof — ensuring compliance without compromising user privacy or operational efficiency.

For emerging fintech platforms operating across multiple jurisdictions, building trust through transparent and compliant infrastructure is critical. This collaboration reflects growing demand for solutions that bridge the gap between privacy, innovation, and regulatory alignment.

“As unified financial platforms mature, there is a clear need for tools that simplify compliance without burdening users or platforms,” said Zach Justein, co-founder of Veriscope. “IN1’s commitment to seamless Veriscope integration aligns with our mission to embed privacy and compliance into digital finance infrastructure.”

IN1’s platform combines traditional banking services with cryptocurrency capabilities through a single mobile app, serving users across multiple countries. The platform emphasizes security, regulatory compliance, and user accessibility — principles that resonate strongly in today’s evolving financial landscape.

With this integration, IN1 joins other VASPs choosing Veriscope to meet regulatory requirements without friction. The move reflects Shyft Network’s broader mission to enable secure, compliant digital finance infrastructure for innovative financial service providers.

About Veriscope

Veriscope is the only frictionless FATF Travel Rule compliance solution, enabling VASPs to securely verify and share user data through cryptographic proof. Built on Shyft Network, it reduces complexity and risk while protecting user autonomy — trusted by leading VASPs worldwide.

About IN1

IN1 is a unified fintech platform offering fiat accounts, crypto wallets, and the world’s first dual fiat-crypto payment card in a single mobile app. VASP-licensed and serving users across 35+ countries, IN1 delivers seamless financial management with plans for global expansion.

Shyft Network and IN1 Powering Privacy-Preserving Compliance for Unified Digital Finance was originally published in Shyft Network on Medium, where people are continuing the conversation by highlighting and responding to this story.


Kin AI

The Kinside Scoop 👀 #13

Updates, podcasts, and keeping cool under pressure

Hey folks 👋

We’re back with another update on what’s new, what’s brewing, and what’s inspiring us this month at Kin.

As always, stick around to the end for this month’s super prompt - this time, you can learn more about who you are under pressure.

But first…

What’s new with Kin 🚀 Listening, learning, and stabilizing ⚓

We’ve been gathering feedback on our newly-released advisor system, so we can make sure it’s the best it can be.

It’s been exciting to see the ways you’ve all been using it, and we’re already using your insights to make it sharper, smoother, and more supportive.

Reminders that actually remind you ⏰

Our reminders have gotten a tune-up. They’re now more stable, more reliable, and more ready to keep you on track without slipping.

The return of Custom Kin ✨

A lot of you missed the ability to create and edit custom prompts for your Kin, outside of the advisor profiles - so it’s coming back.

Right now, if you already had custom Kin instructions, you can view and edit them directly in the app.

If you didn’t set them up before the advisor update, don’t worry. The ability to create and edit your own Kin persona is coming back soon.

Kin in conversation 🎙

I (Kasper, Kin’s CEO) recently sat down for a podcast with ai4that to talk about what Kin is, why we’re building it, and how we’ve made it talk so far.

You can listen here.

Secret things ahead 👀

Like we say in every edition, we have new features to make Kin an even better companion (group) to have in your pocket on the cusp of release. Keep an eye out for updates!

Your Kin, your rules 💌

Kin can only get better when you tell us what you think.

So from here on, we’ll be regularly reminding you how to get in touch in your Kinside Scoops.

You can always reach out to the KIN team at hello@mykin.ai with anything, from feature feedback to a bit of AI discussion (though support queries will be better helped over at support@mykin.ai).

For something more interactive, the official Kin Discord is still the best place to talk to the Kin development team (as well as other users) about anything AI.

We regularly run three casual weekly calls, and you’re invited:

Monday Accountability Calls - 5pm GMT/BST
Share your plans and goals for the week, and learn tips about how Kin can help keep you on track.

Wednesday Hangout Calls - 5pm GMT/BST
No agenda, just good conversation and a chance to connect with other Kin users.

Friday Kin Q&A - 1pm GMT/BST
Drop in with any questions about Kin (the app or the company) and get live answers in real time.

Big or small, we want to hear your thoughts and feelings. Kin’s for you, not for us.

Our current reads 📚

Article: Claude starts training on user chat transcripts
READ - The Verge

Article: Anthropic spends $1.5B to settle book theft lawsuit
READ - The Guardian

Tool: Switzerland launches a fully open LLM as an experiment
READ - ETH Zurich

Article: Denmark begins the process of giving everyone the copyright of their personal likenesses
READ - The Guardian

This week’s super prompt 🤖

In this edition, we’re asking:
“How can I better respond to pressure?”

If you have Kin installed and up to date, you can tap the link below (on mobile!) to explore how you think about pressure, and how you can keep cool under it.

As a reminder, you can do this on both iOS and Android.

Try prompt in Kin

We need you 🤝

Kin is currently going through more changes than it ever has - and we want to make sure it’s your steering the ship, not us.

So, please: email us, chat in our Discord, or even just shake the app to reach out to us with your thoughts and ideas.

You are, and always will be, the core of Kin.

With love,

The KIN Team


Veracity trust Network

AI coding practices are exposing UK companies to security risks

Escalating software supply chain threats and the rise in companies adopting AI coding practices are putting UK business at risk. The Cloudsmith 2025 Artifact Management Report has revealed that organisations are being forced to rethink how they manage, secure and scale their software artifact infrastructure as a result of security issues surrounding GenAI-powered codebases. The post AI codin

Escalating software supply chain threats and the rise in companies adopting AI coding practices are putting UK business at risk.

The Cloudsmith 2025 Artifact Management Report has revealed that organisations are being forced to rethink how they manage, secure and scale their software artifact infrastructure as a result of security issues surrounding GenAI-powered codebases.

The post AI coding practices are exposing UK companies to security risks appeared first on Veracity Trust Network.


PingTalk

Complying with NIST SP 800-63-4 Standards: Identity as the Roadmap

Learn how NIST SP 800-63-4 transforms identity assurance with IAL, AAL, and FAL—and how Zero Trust and modern identity platforms simplify compliance and reduce risk.

Herond Browser

Herond Browser x BingX Exclusive Promotion: Win Up to $7,700 USDT and 50% Trading Fee Cashback

Herond Browser has partnered with BingX to launch an exclusive promotion for new users, offering a chance to earn up to $7,700 USDT in rewards along with 50% trading fee cashback The post Herond Browser x BingX Exclusive Promotion: Win Up to $7,700 USDT and 50% Trading Fee Cashback appeared first on Herond Blog. The post Herond Browser x BingX Exclusive Promotion: Win Up to $7,700 USDT and 50%

Herond Browser has partnered with BingX to launch an exclusive promotion for new users, offering a chance to earn up to $7,700 USDT in rewards along with 50% trading fee cashback. This special campaign is designed to maximize your gains and make trading more rewarding by providing premium bonuses and extra benefits when you register through the Herond Browser x BingX exclusive link.

Why Herond Browser X BingX are a match made in Web3 Heaven

This isn’t just a campaign-it’s a game-changing partnership! Herond Browser offers a seamless, secure, and privacy-focused way to explore decentralized web, while BingX empowers traders with cutting-edge tools for spot, derivatives, and copy trading. Together, they create the perfect ecosystem for Web3 enthusiasts to trade smarter, earn bigger, and dive deeper into the future of finance.

Herond Browser: Your Web3 portal with lightning-fast browsing, built-in crypto wallet integration, and access to dApps, all while prioritizing your privacy and security. BingX: Trusted by 20M+ users across 18+ languages, awarded TradingView’s Best Crypto Browser/Exchange (2021-2023), and backed by 100% fund reserves for ultimate security.

By combining Herond’s Web3 prowess with BingX’s trading excellence, this collab delivers unmatched rewards and a premium trading experience.

What’s in It for You?

Unlock massive rewards and boost your profits with our latest promotion! Here’s what’s for you:

A massive $7,700 USDT voucher pool for maximum rewards. Enjoy an incredible 50% cashback on trading fees to optimize your profits.

Event Period: September 10th – 30th, 2025

How to Get Involved

Ready to get started? Follow these simple steps to participate and unlock your rewards:

Sign Up on BingX: Use our special link to create your account Join the Herond Community: Create a Herond account and join our Discord Complete the Campaign Form: Fill out the required [FORM LINK] to confirm your participation. Deposit & Trade: Make a deposit and start trading to unlock your exclusive rewards. What You Can Earn

Unlock incredible rewards by participating in our exclusive campaign. Here’s a breakdown:

50% Cashback on trading fees (Herond Exclusive!) $5 Token Voucher for trading volume over $30k $10 Token Voucher for trading volume over $200k Up to 1,500 USDT in vouchers for completing Advanced KYC, deposit, and trading tasks. Daily Check-in bonuses Important Notes

Before you get started, here are a few key details to keep in mind to ensure you receive all your rewards:

USDT rewards will be distributed as Token Vouchers, which you can redeem for fiat. You can check your rewards in the BingX Rewards Hub. Remember, you must register via the campaign link and complete the form to participate in this exclusive event! Herond Browser: A Privacy-First Web 3.0 Browser

Herond Browser is a cutting-edge Web 3.0 browser designed to prioritize user privacy and security. By blocking intrusive ads, harmful trackers, and profiling cookies, Herond creates a safer and faster browsing experience while minimizing data consumption.

To enhance user control over their digital presence, Herond offers two essential tools:

Herond Shield: A robust adblocker and privacy protection suite. Herond Wallet: A secure, multi-chain, non-custodial social wallet.

As a pioneering Web 2.5 solution, Herond is paving the way for mass Web 3.0 adoption by providing a seamless transition for users while upholding the core principles of decentralization and user ownership.

Why Trade with BingX?

BingX is a global leader in crypto trading, serving over 10 million users across 100+ countries. Known for its user-friendly interface, innovative tools like copy trading, and robust security measures, BingX is the perfect platform for both beginners and seasoned traders. With features like:

Spot and Futures Trading: Trade over 700 cryptocurrencies with up to 150x leverage. Copy Trading: Mirror the strategies of top traders with a single click. Secure Platform: Backed by 100% margin reserves and regular Proof of Reserves audits.

This exclusive promotion enhances your trading experience with substantial rewards and reduced fees, making it the ideal time to join BingX.

DOWNLOAD HEROND BROWSER Don’t Miss Out!

Make sure you don’t miss your chance to claim a share of the $7,700 USDT prize pool and get 50% cashback on your trading fees. The clock is ticking – register, trade, and secure your rewards now!

The post Herond Browser x BingX Exclusive Promotion: Win Up to $7,700 USDT and 50% Trading Fee Cashback appeared first on Herond Blog.

The post Herond Browser x BingX Exclusive Promotion: Win Up to $7,700 USDT and 50% Trading Fee Cashback appeared first on Herond Blog.


FastID

Bridging the real-time testing gap: Fanout support in local development for Fastly Compute

Fastly Compute now supports local Fanout testing, letting you build and validate real-time features without deploying to production.
Fastly Compute now supports local Fanout testing, letting you build and validate real-time features without deploying to production.

Sunday, 07. September 2025

Ontology

What is Account Abstraction? The Bridge to Web3 Mass Adoption

Imagine trying to send an email but first having to manually configure SMTP servers, manage encryption keys, and pay postage fees in a specific currency you don’t own. This is essentially what Web3 feels like today. Account Abstraction (AA) promises to change that, making blockchain interactions as seamless as using Gmail. The Current Problem: Web3’s User Experience Crisis Today’s Ethereum

Imagine trying to send an email but first having to manually configure SMTP servers, manage encryption keys, and pay postage fees in a specific currency you don’t own. This is essentially what Web3 feels like today. Account Abstraction (AA) promises to change that, making blockchain interactions as seamless as using Gmail.

The Current Problem: Web3’s User Experience Crisis

Today’s Ethereum wallets rely on Externally Owned Accounts (EOAs) accounts controlled by a single private key. While groundbreaking for decentralization, EOAs create massive friction:

Gas Token Dependency: You must hold ETH to pay fees, even for simple token transfers Single Point of Failure: Lose your seed phrase, lose everything forever Complex Interactions: Each transaction requires manual approval and gas estimation Poor Recovery: No built-in way to recover lost accounts

These limitations explain why Web3 remains challenging for mainstream users. Account Abstraction addresses these pain points by reimagining how accounts work entirely.

What is Account Abstraction?

Account Abstraction transforms user accounts from simple private key wallets into programmable smart contracts. Instead of being bound by EOA limitations, Account Abstraction allows accounts to define custom logic for authentication, fee payment, and transaction execution.

Think of it as upgrading from a flip phone to a smartphone, the core functionality remains, but possibilities expand dramatically.

How Account Abstraction Works Smart Contract Wallets

Instead of being tied to a private key, Account Abstraction uses a smart contract that acts as your account. This smart contract holds your tokens and assets while containing custom logic for managing the account.

ERC-4337: The Technical Foundation

The primary technical implementation of Account Abstraction comes through EIP-4337, which enables Account Abstraction without changing Ethereum’s core protocol. Here’s the simplified flow:

UserOperations: Users create “UserOperations” containing their intended actions like token transfers. Bundlers: Special actors collect UserOperations and submit them in bundles. EntryPoint Contract: A singleton contract that validates and executes operations. Smart Wallets: Execute the actual transactions based on their programmed logic.

An in-depth explanation on the abstraction process can be found on this Proposal.

Paymasters: The Game Changer

Paymasters are entities that can sponsor transaction fees, enabling gasless transactions. A dApp can pay your gas fees, or you can pay in USDC instead of ETH.

Key Benefits of Account Abstraction for Users Gasless Transactions Enables users to pay fees in any token (USDC, DAI, etc.)via paymaster. dApps can sponsor your transaction costs. No need to hold ETH for every interaction. Social Recovery

Set up recovery procedures with trusted contacts or services. Lost your keys? Your designated recovery guardians can help restore access, no more permanent fund loss.

Customized Security Multi-signature requirements Spending limits for large transactions Time delays for high-value transfers Biometric authentication (Face ID, Touch ID) Improved User Experience Session Keys: Authorize games to make small purchases automatically. Transaction Bundling: Execute multiple operations in one confirmation. Automated Execution: Set up recurring payments or trading strategies. One-Click Onboarding: Start using Web3 without seed phrases. Real-World Applications

Gaming: Players authorize a game for micro-transactions within set limits, eliminating constant wallet confirmations while maintaining security.

DeFi: Users set automated strategies like “swap to stablecoins if my portfolio drops 20%” without keeping devices online.

E-commerce: Shoppers pay with any token they own, while merchants receive their preferred currency all sponsored by the platform.

Enterprise: Companies implement multi-department approval workflows for large transactions.

Current Implementation & Tools Coinbase Smart Wallet: Mainstream-friendly onboarding. UniPass: Actively enhancing Account Abstraction capabilities in partnership with Keystone. Biconomy: Developer infrastructure for gasless experiences Alchemy’s Account Kit: Tools for building Account Abstraction-enabled dApps

Layer 2 networks like Polygon and Arbitrum are optimizing specifically for smart contract wallets, making AA transactions faster and cheaper.

The Road Ahead

While ERC-4337 works today, additional proposals could enhance Account Abstraction:

EIP-3074: Allows existing EOAs to delegate control to smart contracts EIP-7702: Proposes native account abstraction at the protocol level

These aren’t competing solutions but complementary approaches that could coexist, providing migration paths for existing users.

Why This Matters for Web3 Adoption

Account Abstraction represents Web3’s evolution from a power-user tool to a mainstream platform. Current barriers preventing mass adoption. Complex key management, mandatory gas tokens, poor recovery options are solved by Account Abstraction.

The infrastructure is maturing rapidly. What took Web2 decades to develop (user-friendly authentication, payment flexibility, account recovery) can now be built into Web3 from the ground up.

Conclusion: The Account Abstraction Revolution

Account Abstraction isn’t just a technical upgrade, it is the bridge between Web3’s technical sophistication and mainstream usability. By making accounts programmable, we unlock user experiences that rival traditional applications while maintaining blockchain’s core benefits: self-custody, transparency, and decentralization.

The question isn’t whether Account Abstraction will succeed, major wallets and dApps are already implementing it. The question is how quickly the entire ecosystem will embrace this paradigm to build truly user-friendly Web3 experiences.

As we move toward blockchain interactions as seamless as using any modern app, Account Abstraction stands as the critical infrastructure making that future possible. Web3’s next billion users won’t need to understand private keys, gas fees, or seed phrases, they’ll just use applications that happen to be decentralized.

Ready to explore the practical side? Next week, we’ll dive into Smart Accounts: the actual implementation of Account Abstraction that’s transforming user experiences across Web3.

What is Account Abstraction? The Bridge to Web3 Mass Adoption was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.

Saturday, 06. September 2025

Recognito Vision

What Is Face Identity Search and Why It’s Useful

Face identity search is a method that uses AI-powered facial matching instead of IDs or passwords. A system compares key features like eye spacing or cheek shape to a stored faceprint. It’s fast, contactless, and often more accurate than manual checks. People use it in banks, airports, and healthcare settings. Structurally, it works like this:...

Face identity search is a method that uses AI-powered facial matching instead of IDs or passwords. A system compares key features like eye spacing or cheek shape to a stored faceprint. It’s fast, contactless, and often more accurate than manual checks.

People use it in banks, airports, and healthcare settings. Structurally, it works like this:

Captures a face image

Extracts meaningful facial points

Creates and compares a faceprint

Outputs a match or no-match result

This technology offers quick and secure identity checks without needing physical tokens. You can even explore open-source projects like Recognito’s GitHub repository to see how developers are building practical tools with it.

 

Why Modern Systems Depend on AI-Driven Face Matching

Passwords and IDs can be lost or stolen. That’s why many systems now rely on biometric verification for better security, speed, and ease of use.

Benefits include:

Fast identity checks for crowds or busy queues

Higher accuracy than visual or document-based ID

Hands-free operation—no scanning or swiping cards

Scalable systems for millions of users

Studies show biometric tech is growing fast, with accuracy and adoption soaring across industries. Independent evaluations, such as the Face Recognition Vendor Test (FRVT), confirm which systems are the most reliable in real-world conditions.

 

How Independent Testing Sets the Gold Standard

Governments and businesses lean on NIST’s FRVT program to judge performance, fairness, and accuracy. This ongoing benchmark evaluates algorithms on speed, bias, and resilience to poor image quality. Full results are published openly, like in NIST’s FRVT 1:1 reports, which compare one-to-one verification across different vendors.

By using such public benchmarks, companies can pick technologies that are not only fast but also proven to be fair and secure.

 

Everyday Applications

This technology is no longer confined to research labs. It’s already part of daily life:

 

Security and Policing

Authorities use it to identify suspects in public areas. London’s police reported dozens of arrests in a single week of trial deployments.

Financial Services

Banks now let users unlock apps or approve payments by simply looking into the camera, improving both speed and trust.

Travel and Border Control

Airports in Singapore and the US speed up boarding by replacing paper tickets with biometric gates.

Healthcare

Hospitals deploy it to verify patient identities and reduce fraud in insurance systems.

Business and Retail

Companies use it for employee access, while retailers are testing it to create personalized shopping experiences.

 

Strengths and Weaknesses

Advantages

Quick and seamless compared to ID cards

Helps prevent fraud and identity theft

Improves user experience

Works at scale for large organizations

Challenges

Raises privacy concerns if misused

Accuracy can drop with poor image quality

Bias risk if systems aren’t trained on diverse datasets

Sensitive databases may attract hackers

The good news is that testing programs like FRVT are pushing the industry to improve. For example, error rates have fallen drastically as vendors adapt their algorithms to meet those standards.

The Future of Face Identity Search

Looking ahead, we’ll see this technology combining with other biometrics like voice and fingerprint for multi-factor security. Processing will also move to local devices using edge computing, making systems faster and less dependent on cloud storage.

Smart cities may integrate it for public safety, while businesses will use it to enhance customer experiences. As the technology matures, issues like bias and privacy will need strict regulation, but the potential is too strong to ignore.

 

Conclusion

Face identity search is reshaping how people prove who they are. From faster airport boarding to secure banking apps, it blends convenience with stronger protection. Independent testing programs, such as the FRVT run by NIST, ensure that the systems are fair, accurate, and ready for real-world use. The road ahead includes both challenges and opportunities, but its role in the future of digital identity is undeniable.

Recognito is helping lead the way in bringing this future closer

 

Frequently Asked Questions

 

What is face identity search?

Face identity search is a technology that scans and matches facial features with stored data to confirm identity. It’s widely used in banking, airports, and security systems.

How does face identity search work?

The system captures a face image, extracts unique points like eye distance or jawline, and creates a template. That template is compared with databases to confirm or deny a match.

Is face identity search safe?

It’s safe when managed properly. Trusted systems use encryption and comply with security standards, though privacy concerns exist if data is mishandled.

Where is face identity search used today?

You’ll find it in smartphone unlocks, airport boarding gates, online banking apps, and even healthcare systems that require quick patient verification.

What are the main advantages of face identity search?

It offers faster verification than ID cards, prevents fraud, improves user experience, and scales easily for large organizations.


Lockstep

Comparing Three Party and Four Party data verification models

Infostructure patterns One of the hottest topics in the digital economy has for some time been data sharing. Many proposals are evolving in Open Banking and Open Data, alongside digital identity frameworks and more specific digital credentialling. I’m seeing verifiable credentials methods and thinking leaning towards verified data. “Infostructure” is a term for the orchestrated... The post Compa
Infostructure patterns

One of the hottest topics in the digital economy has for some time been data sharing. Many proposals are evolving in Open Banking and Open Data, alongside digital identity frameworks and more specific digital credentialling. I’m seeing verifiable credentials methods and thinking leaning towards verified data.

“Infostructure” is a term for the orchestrated systems of policies, standards, rules, technologies and architecture that help control the use of important information.

Strikingly similar patterns are evident in the infostructures that have emerged in digital identity, open banking, card payments and digital credentialing. These patterns can help us solve the scaling problems that held back acceptance of digital IDs, and streamline the way we architect a number of important programs. It turns out that many of these programs are variations on a common theme.

The Standard Model of Digital Identity

The digital identity field has been dominated for twenty years by a supply-and-demand model featuring three types of participant: Subjects, Identity Providers (IdPs) and Relying Parties (RPs).

Technical standards, government policy, industry associations, businesses, and legislation have all been structured around this Three-Party model in which digital identities are “issued”, “held”, “presented”, “exchanged”, “used” and/or “consumed” as if these are a type of good.

The Standard Model has not gone well but we can look to a much older canonical data sharing model for help.

What’s holding back the digital identity market?

One huge historical challenge has been apportioning liability and allocating reasonable fees for digital identity services.  It’s never been really a clear in the standard three-party model of Digital Identity which parties gain the most economic benefit from assured qualities of the data they consume, and how do fees get fairly levied for these assurances.

This problem was solved over sixty years ago with the network business model of the credit card schemes. They realise a two-sided market of payment card issuers and merchants.  These are just special cases of ID Issuers and Relying Parties.

Credit card networks have one core job: distribute and verify customer IDs so that merchants can extend credit to customers without needing to know them, and moreover, without knowing the customers’ banks either.  That is, the networks join the credit providers (customers’ banks) to merchants without the merchants needing to make their own bilateral arrangements.

Don’t make this personal!

Another problem with traditional approaches to digital identity is they tend to over-complicate the problem, by framing it in terms of solving for “who someone is”.

Personal identity is complicated, hard to define, and impossible to standardise. In real life, “identity” means different things to different people. In transactional settings (where digital identity matters) each party needs to know different things about their counterparties, so a singular answer to “who you are” is fundamentally elusive.

On the other hand, if we reframe the digital identification problem around as What Do You Need To Know about a counterparty, and if we expect to address that question in different ways according to context, then the possible solutions look rather different from the traditional three-party model.

That is, let’s recognise digital identity as a special case of verified data sharing — and keep the personal out of it.

Generalising from Three Parties to Four

Lockstep has been working on a four-party data verification platform (DVP) architecture inspired by the credit card network model.  The DVP augments the traditional three players with a new fourth party that intermediates between Relying Parties and Issuers.

As I look at it, the awkward failures of Federated Identity (despite it seeming like such a great idea) shows that digital identity is not what we thought it was. But the tools and infrastructure that we’ve developed along the way can be repurposed.

It will be far more useful (and far less complicated) if we generalise digital identity frameworks from WHO to WHAT.

We should be issuing third party verifiable credentials to non-human Subjects (IoT devices, virtual agents, even AI algorithms themselves) to prove all the qualities and properties of interest. And to make these assertions legible and acceptable at scale, we need a new type of fourth party to intermediate between data sources and data receivers when these are at arm’s length from each other.

The fourth party onboards data receivers (just like acquiring banks onboard merchants into the card systems), executes a standard form of contract with them, and supports them with metadata (credential descriptors, accreditation information, public keys etc.).

The fourth party is the missing link in scalable systems of verifiable credentials.

Verifiable credentials cannot verify themselves. That is, the verification step requires essential metadata which need to be distributed to relying parties.  This metadata includes the public keys needed to cryptographically confirm the signatures on credentials and presentations. It also includes the names and target values of such things as credential issuers, credential types, accreditations etc. These are the critical details needed for relying party software to make programmatic decisions to accept or reject the data that it’s being presented with.

Comparing Three Party and Four Party models

The following tables compare several paragons of the two types of model.

The post Comparing Three Party and Four Party data verification models appeared first on Lockstep.

Friday, 05. September 2025

Anonym

How to stop your personal data from being used to train AI

Every year artificial intelligence (AI) is doing more, delivering better, and becoming faster. Apple says the AI revolution is “as big or bigger” than the internet, smartphones, cloud computing, and apps. Microsoft says AI technology will change every part of our lives. But our personal information is fuelling the AI revolution—and that presents massive AI […] The post How to stop your personal

Every year artificial intelligence (AI) is doing more, delivering better, and becoming faster. Apple says the AI revolution is “as big or bigger” than the internet, smartphones, cloud computing, and apps. Microsoft says AI technology will change every part of our lives. But our personal information is fuelling the AI revolution—and that presents massive AI privacy risks.

Without our consent, companies are scraping our personal information from across the internet and using it to train AI systems—and that’s just one way AI threatens personal privacy. Here we look at the long laundry list of AI privacy threats in 2025 and the tools you need to fight back.

12 AI privacy threats—and counting  

Everything we do generates data—and AI systems scrape, link together, and thrive off that data.

AI uses our information to both understand what we want from it and to perform its tasks. We give AI our data intentionally (e.g. by writing prompts containing personal details) and unintentionally (e.g. by being near facial recognition technology such as a Ring doorbell). 

But AI privacy and security threats don’t only stem from what we share with AI but also from how AI can analyze, infer, and act on that information without permission.Academics have identified at least 12 privacy risks from AI:

AI collects massive amounts of data from everywhere, increasing risks of surveillance. AI can harvest phone numbers, emails, and personal information and images from websites, social media, and public records. AI automatically links identity information across various data sources, increasing risk of personal identity exposure. Using pattern recognition, AI can match and correlate scraped data from scattered sources and readily knit it together into a clear profile of a person. When AI combines data about a person, it makes inferences from it, boosting the risks of privacy invasion. AI infers personality or social attributes from physical characteristics, potentially leading to bias and discrimination. AI repurposes data beyond its original intended use, further eroding user control. AI has opaque data practices which fail to inform and give users control over how their data is used. AI storage practices and data requirements risk data leaks and improper access. AI can reveal sensitive information, such as through generative AI techniques. AI’s ability to generate realistic but fake content makes it easier to spread false or misleading information. AI can cause improper sharing of data when it infers additional sensitive information from raw data. AI makes sensitive information more accessible to a wider audience than intended. AI technologies invade personal space or solitude, often through surveillance measures.

One rapidly growing impact of AI data gathering is targeted scams and phishing. AI makes fraud more convincing by using readily available personal data to tailor attacks. AI-generated voice deepfakes, and deepfake texts, emails and web sites promoting fake products, deals and giveaways are part of the highest reported form of scam, according to the FTC.

Artificial intelligence (AI) is the ultimate data broker

If you think about it, AI is the ultimate data broker.

Data brokers are companies that harvest, manipulate and even misrepresent consumer data and sell it to companies, usually for marketing. Data brokers are legitimate but unregulated businesses, there are about 4,000 of them worldwide, and their industry is worth about US $200 billion annually. The largest data brokers, such as Acxiom, have tens of thousands of servers collecting and analyzing thousands of data points per person from hundreds of millions of consumers globally.

AI systems basically do the same thing—and in turn data brokers are using AI to boost their success rate and profit margins. According to the Bureau of Investigative Journalism, “a rapidly growing industry has also sprung up to broker training data to AI companies with more niche requirements. Some of the datasets you can buy on this marketplace include images of conflict, protest crowds, adult content, audio datasets of recorded phone conversations on various topics, and social media posts classified by the sentiment they express.”

Auto opt-in to AI training is a big issue

A recent deep dive into how to stop AI from getting its bots on your personal data by The Guardian says default opt-ins are an industry-wide issue. It says a recent report by the FTC on the data practices of nine social media and streaming platforms including WhatsApp, Facebook, YouTube and Amazon “found that nearly all of them fed people’s personal information into automated systems with no comprehensive or transparent way for users to opt out.” The article gives instructions for opting out of the major platforms but warns it’s not easy.

Wired ran a similar article on how to opt out of AI training and covered more platforms including Figma, Adobe, Grammarly, Google Gemini, LinkedIn and loads more.

The article also has instructions but warns consumers to be realistic about the fact that the horse has already bolted.

“Any companies building AI have already scraped the web, so anything you’ve posted is probably already in their systems. Companies are also secretive about what they have actually scraped, purchased, or used to train their systems,” the Wired guide notes.

How to protect your personal information from AI

You can use The Guardian and Wired’s instructions for removing your data from AI training on all the major platforms, but there’s an easier strategy going forward: don’t expose your personal information in the first place. How do you do that? Use MySudo, MySudo Reclaim, and the rest of the MySudo suite. And note: this strategy for protecting your personal information from AI is the same strategy you’d use to protect your personal information from the surveillance capitalism machine that is big tech and others that profit from your personal data (even your bank!).

How MySudo protects your personal information from AI

MySudo is a privacy app that gives you up to 9 separate Sudos—secure digital profiles with phone, email, and payment cards to use instead of your own. Anywhere you would usually give your personal details, give your Sudo details instead.

Each Sudo has: 1 customizable phone number* 1 email address 1 virtual card* 1 private browser 1 handle**

In the AI era, Sudos are powerful because they:

Separate your identity from your activity:Each Sudo is compartmentalized. If you use one for online shopping, another for dating apps, and another for networking, for example, AI scrapers can’t easily link them together and build a profile on you. Limit your exposure: Instead of sharing your real phone number and email all over the internet, you share your alternative Sudo details, which breaks your data trail. Offer strong security: You can use a dedicated Sudo number for 2FA and account recovery, keeping your real number out of the databases that AI systems analyze.

What’s more, MySudo is an immediate safeguard for you and your family against voice deep fakes like the popular grandparent scam. To protect yourself:

Set up a Sudo and assign it a phone number that you only ever give out to your closest family and friends. Be diligent about only giving out the number to your loved ones so that you build and protect a trusted communication channel with your inner circle. If you have only carefully shared the Sudo number with those you trust, then you’ll know if that number rings, it’s a legitimate communication from within your circle and not a deepfake scammer impersonating you or your loved ones. If you’ve been diligent in protecting your safe Sudo number, it is very unlikely a criminal would have it. Invite your family and friends to use MySudo and use the app’s phone numbers or handle-based end-to-end encrypted calling to communicate with each other.

How MySudo Reclaim adds another layer of protection

The MySudo suite includes the MySudo app’s companion product, MySudo Reclaim, which helps you take back your personal data that AI systems mine (and bad actors can use for scams with or without AI).

MySudo Reclaim helps by:

Helping you to identity where your data is being held. Monitoring continuously to make sure your details don’t reappear or pop up anywhere else. Reducing the raw material AI can use to track, profile, or impersonate you.

By cutting your data off at the source, MySudo Reclaim ensures there’s less for AI—and bad actors—to exploit.

Why you need both MySudo and MySudo Reclaim to protect against AI privacy risks

Together, MySudo and MySudo Reclaim provide a two-pronged defense against AI-driven privacy risks:

MySudo prevents new exposure of your information by giving you secure, alternative phone numbers, email addresses, and virtual cards, which you can compartmentalize by Sudo (e.g. one for shopping, dating, networking, travel etc.), breaking your data trail and making it difficult to profile you. MySudo Reclaim cleans up your existing digital footprint by removing personal data from public access.

The result? Less exposure, less linkage, and more control over how your personal data exists in an AI-driven world. The horse might have bolted for AI data use, but you can have a second chance at digital privacy with MySudo and MySudo Reclaim.

Download MySudo

Try MySudo Reclaim

Explore the MySudo suite

Learn more on our blog

You might also like:

4 Ways MySudo Email is Better than Masked Email

How to Get 9 “Second Phone Numbers” on One Device

The Shocking Facts our CEO told Naomi Brockwell About Cell Phones

* Phone numbers and virtual cards are only available on a paid plan. Phone numbers available for US, CA and UK only. Virtual cards for US only. ** Handles are for end-to-end encrypted comms between app users.

The post How to stop your personal data from being used to train AI appeared first on Anonyome Labs.


HYPR

Making Self-Service Password Reset and Account Recovery Secure

Self-service password reset (SSPR) and self-service account recovery (SSAR) are essential for reducing IT workload and empowering users. However, these solutions, if not implemented securely, can become an organization's biggest security hole. Up to 50% of all IT help desk tickets are for password resets, costing approximately $70 each. While SSPR and SSAR aim to solve this, traditional

Self-service password reset (SSPR) and self-service account recovery (SSAR) are essential for reducing IT workload and empowering users. However, these solutions, if not implemented securely, can become an organization's biggest security hole. Up to 50% of all IT help desk tickets are for password resets, costing approximately $70 each. While SSPR and SSAR aim to solve this, traditional methods are often fundamentally broken, leaving organizations vulnerable to costly account takeovers.

What Are SSPR and SSAR?

SSPR and SSAR are self-service features that allow users to reset their passwords or recover access to their accounts without needing help from an IT professional. While this can drastically cut operational costs and reduce help desk tickets, it introduces a significant security issue.

Definitions and Business Use Cases:

SSPR (Self-Service Password Reset): Allows users to reset a forgotten password without IT intervention. SSAR (Self-Service Account Recovery): Enables users to regain access to a locked or compromised account on their own. The Risk of Traditional Recovery Methods

Traditional SSPR and SSAR solutions rely on methods that are easily exploited by attackers, turning a convenience into a major security vulnerability. These gaps leave organizations open to account takeover (ATO) and social engineering.

Security questions: Easily guessed or found online through social engineering, making them a weak form of authentication. SMS/email OTPs: Susceptible to phishing and SIM swaps, where attackers can intercept the codes sent to a user's device. Authenticator apps: Can be bypassed with "push bombing" attacks or rendered useless if a user loses or replaces their device. Why Identity Verification Is Critical

Verifying a user's identity before granting access is the only way to ensure security during password resets or recovery. Modern solutions use a multi-factor identity verification (IDV) process that combines document scanning with liveness detection to confirm that a real, present person is requesting access.

The Modern SSPR Challenge: Uniting Security and Simplicity

Effective account recovery presents a difficult challenge: how do you balance the need for absolute security with the user's demand for a fast, simple experience? Traditional methods often fail this test. A lengthy call to a help desk might be secure, but it creates frustration and high operational costs. Conversely, a simple security question is easy for the user but offers almost no real protection against a determined attacker.

The ideal solution is an intelligent, adaptive flow that can orchestrate multiple signals of identity. It should be able to create a recovery path that is appropriate for the level of risk, making the process frictionless for legitimate users while presenting insurmountable barriers for fraudsters.

This modern approach moves beyond simple checks to a holistic verification of a user's identity, ensuring that convenience and security are no longer a trade-off.

The HYPR Affirm SSPR/SSAR Flow

HYPR Affirm is a secure, self-service solution that solves the paradox of traditional SSPR and SSAR. It eliminates the vulnerabilities of legacy methods by using a robust, multi-layered identity verification process.

Here’s how Affirm verifies the user at each step:

User Initiates SSPR/SSAR: The process begins when the user requests a password reset or account recovery from the login screen or a dedicated service portal. Phone number, Location Check: This includes phone number verification to confirm possession, along with checks on geographic location to identify anomalies. ID Document Scan and Selfie Liveness Check: The user is prompted to scan a government-issued photo ID (like a driver's license or passport). HYPR then performs a certified liveness check with a selfie to confirm the user is physically present, preventing deepfake and presentation attacks in compliance with NIST standards. Automated Verification & Intelligent Escalation: The system instantly cross-references all identity data points to make a verification decision. If the evidence is conclusive, the user is approved. If the risk signals are uncertain, the flow can be automatically escalated to a secure manager or help desk agent chat or a live video call for final, human-assisted verification. Phishing-Resistant Credential Reset: Once fully verified, the user securely completes their password reset or account recovery, establishing a new, phishing-resistant credential for safe, ongoing access.

Conclusion Traditional SSPR/SSAR methods are not secure and can lead to costly account takeovers. Multi-factor identity verification is the most effective way to secure the recovery process. HYPR Affirm replaces vulnerable methods with a seamless, secure flow that cuts costs and reduces risk. FAQs

Q: How does HYPR Affirm prevent deepfake attacks? A: HYPR Affirm uses a certified liveness check that analyzes the user's selfie in real-time to ensure they are a physically present person, not a deepfake or a static photo.

Q: Can HYPR Affirm be used with different types of IDs? A: Yes, HYPR Affirm is designed to work with various government-issued photo IDs, such as driver's licenses and passports.

Q: What is the cost benefit of using HYPR Affirm? A: By reducing help desk tickets for password resets and account recovery by up to 95%, HYPR Affirm can drastically cut operational costs for organizations.

Related Resources  The Self-Service Paradox: Securing Password Reset Multi-Factor Authentication (MFA) vs. Phishing-Resistant MFA How to Implement a Secure SSPR Solution

Indicio

Five sessions not to miss at Identity Week America

The post Five sessions not to miss at Identity Week America appeared first on Indicio.
Identity Week is the place to learn about the latest in identity technology. Whether you are attending on behalf of a large enterprise, government agency, or small business, this is your chance to see what others are doing and what is coming next in the industry. Here are just a few sessions that Indicio is most excited about.

By Tim Spring

The Startup Pitch Competition (Day 2, Seminar Theater A, 12:50 – 2:50)

The startup pitch competition brings together 10 startups that have impressed the judges with their applications and technologies. This is your chance to evaluate up and comers in the space and ask questions about their products and services. With each competitor having only seven minutes to pitch and three  minutes for questions, this session moves fast and keeps things lively as you get a sneak peek at tomorrow’s tech. Be sure not to miss Indicio’s CEO Heather Dahl as she takes the stage at 1:25 to pitch Indicio and explain how our authenticated biometrics and verifiable credentials solution will save the world!

Digital IDs at a national scale (Day 1, Seminar Theater B, 3:00)

Mohamed Al Kuwaiti, Head of Cybersecurity, Cyber Security Council
David Almirol, Undersecretary for e-Government, Department of Information and Communication Technology
Moderator:
Scott Rea, Chief Operating Officer, CertiNext

The most important identity that most of us have is the one issued to us by our government, usually through a physical document like a driver’s license or passport. This panel brings together leaders from the United Arab Emirates and the Philippines who have both implemented digital national identities to learn more about their experiences and what the rest of the world can learn from their solutions. Our team is particularly interested in hearing about the benefits their citizens have realized, each government’s strategy for building trust and privacy, and their future plans for interoperability between their national systems and other countries.

Digital identity at the border: What it means for you, me, and global travel (Day 2, Theater 1, 11:50)

Michael Zureik, Head of Ecosystem Partnerships – Digital Travel, SITA

Verifiable Credentials containing authenticated biometrics enable “government-grade” digital identities. These can be used for preauthorized travel and seamless border crossing, transforming international travel. SITA’s Michael Zuriek explains the evolution of this technology, how it’s needed to meet the current and projected growth in international travel, how it benefits airlines, airports, governments, and travelers — and how crossing the border is only the start of the traveler’s digital identity journey.

Fighting fraud: Assessing the state of play across the fraud landscape (Day 1, Theater 3, 2:20)

Chris Skowronek, Dr. Solutions Engineering, Vonage
Raphael Tsow, Sr. Director, Identity and Risk Engineering, Ebay
Christian Guirnalda, Senior Director Network API Innovation, Verizon
Jon Prisby, Lead Biometric and Identity Technology Center, DHS S&T
Moderator:
Maria Karamalis, CEO/President, Karamalis Consulting LLC

Fraud is surging with identity-based attacks displacing malware as the critical vector of attack. Boosted by brute force attacks using AI tools and by the rise of sophisticated  generative AI deepfakes, it has never been easier to steal or impersonate someone’s identity. This session will discuss the most promising  strategies to combat fraud, how AI innovations are both enabling and preventing fraud, and how to better educate and protect the public. Our team is interested in hearing their thoughts as Indicio’s recent combination of authenticated biometrics in Verifiable Credentials presents a powerful way to prevent account phishing and synthetic identity fraud and bypass deepfakes.

Human-centered, business-ready: AI for smarter identity decisions (Day 2, Seminar Theater B, 1:30)

Arif Mamedov, CEO, Regula Forensics Inc.

Here’s the pitch from Regula Forensics CEO Arif Mamedov: “AI is transforming identity verification, but it is not magic. When used without context or proper control, even advanced systems can mislead. This session explores what makes AI truly effective in high-stakes identity workflows, from airports to banking. Drawing on Regula’s decades of forensic expertise, we will share how explainable logic, human-in-the-loop design, and well-defined boundaries lead to reliable, scalable business results – without relying only on automation.”  Count us interested!

Talk to Indicio at the conference

If you will be at the conference and would like to set up a time to talk with Heather or a member of our team one on one you can stop by booth S43 or reach out to our team here to coordinate a meeting.

If you would like to attend Identity Week but don’t already have a ticket please get in touch and our team can help get you a guest pass.

The post Five sessions not to miss at Identity Week America appeared first on Indicio.


Ontology

WHY THE ONTOLOGY NETWORK EXISTS

Building Trust In The Decentralized Era In a world that is rapidly moving towards decentralization, one question continues to dominate the conversation: how do we build trust when intermediaries disappear? This is the challenge that gave birth to Ontology Network a high performance, open source blockchain designed not just for speed or scalability, but for trust, identity, and data sovereignty.
Building Trust In The Decentralized Era

In a world that is rapidly moving towards decentralization, one question continues to dominate the conversation: how do we build trust when intermediaries disappear? This is the challenge that gave birth to Ontology Network a high performance, open source blockchain designed not just for speed or scalability, but for trust, identity, and data sovereignty.

The Problem: Trust in the Digital Age

The internet has connected billions, yet it has also created a paradox while information flows freely, trust remains scarce. Every time we log in, share data, or engage in digital transactions, we are forced to rely on centralized platforms. These platforms act as the gatekeepers of identity, data, and reputation.

But this centralization comes at a cost:

Data exploitation by corporations who monetize personal information.

Single points of failure that expose users to breaches, hacks, and censorship.

Lack of digital sovereignty, where individuals cannot truly own or control their digital identities.

Clearly, the digital future requires a new framework one that puts people, not platforms, at the center.

The Vision of Ontology

Ontology Network was created to answer this need. Its existence is grounded in one simple but transformative idea: trust should be decentralized, verifiable, and user owned.

By combining high-speed blockchain infrastructure with decentralized identity (DID) and data solutions, Ontology gives individuals and enterprises the ability to:

Own their identities across multiple platforms without relying on a central authority.

Control their data and decide who can access it, when, and for what purpose.

Transact securely and transparently, with trust anchored in cryptography rather than third parties.

Why The Ontology Network Exists

Ontology exists because the future of the internet demands more than just financial decentralization. While many blockchains focus primarily on tokenization and DeFi, Ontology focuses on the foundations of digital society: who we are, how we prove it, and how we interact.

Here’s what sets Ontology apart:

1. Decentralized Identity (ONT ID): A framework where individuals own their identity credentials and can use them anywhere.

2. Data Sovereignty: Instead of handing over your data to corporations, you control, share, and even monetize it on your own terms.

3. Enterprise Ready Infrastructure: Ontology provides the scalability and tools businesses need to integrate blockchain trust into their services.

4. Interoperability: Ontology is designed to work across chains, ensuring that identity and data can move freely across the Web3 ecosystem.

The Bigger Picture

Ontology doesn’t just exist to solve today’s problems. It exists to shape tomorrow’s digital world a world where:

Healthcare records belong to patients, not hospitals.

Educational achievements are verified and portable across borders.

Financial inclusion becomes a reality, as people without banks can still build verifiable reputations.

Communities thrive on trust that is algorithmically provable, not institutionally enforced.

CONCLUSION

The Ontology Network exists because trust is the currency of the future, and the way we build and verify that trust must evolve. By enabling decentralized identity, data sovereignty, and interoperable trust frameworks, Ontology is laying the foundation for a digital world that is more secure, transparent, and human centric.

The internet of the past belonged to corporations.
The internet of the future belongs to us.
And Ontology is here to make that future possible.

WHY THE ONTOLOGY NETWORK EXISTS was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


Dock

How to Create Government-Issued Digital Identities using Truvera [Demo]

Most interactions with local government still rely on paper forms, manual checks, and brittle PDFs. In this demo, Richard Esplin (Head of Product at Truvera) shows how a city can issue a digital residency credential and then use it to verifyeligibility across departments—from getting

Most interactions with local government still rely on paper forms, manual checks, and brittle PDFs. In this demo, Richard Esplin (Head of Product at Truvera) shows how a city can issue a digital residency credential and then use it to verifyeligibility across departments—from getting a library card to scheduling trash pickup—using verifiable credentials.

The front end for this proof-of-concept was spun up in an afternoon with an AI code generator, while Truvera handled issuance, verification, selective disclosure, revocation, and ecosystem governance. 

Watch the video above to see how easily digital IDs can slot into existing workflows.


How to Create Digital Verifiable Certificates with Truvera [Demo]

Managing and verifying professional certificates is still stuck in the paper era: paper documents are slow, insecure, and easy to fake. Digital PDFs aren’t much better — they can be forged, misplaced, or become outdated as soon as someone changes jobs. That’s where verifiable credentials come

Managing and verifying professional certificates is still stuck in the paper era: paper documents are slow, insecure, and easy to fake. Digital PDFs aren’t much better — they can be forged, misplaced, or become outdated as soon as someone changes jobs.

That’s where verifiable credentials come in. In this demo, Richard Esplin (Head of Product at Truvera) shows how fast and simple it is to build a credential issuance and verification solution using the Truvera platform. In just an afternoon, our team put together a proof of concept for issuing and verifying safety training certificates.


iComply Investor Services Inc.

AML and KYB for Commercial Lenders: Enabling Compliance Across Borders

Lenders face growing AML demands for business onboarding and UBO checks. This guide shows how iComply helps automate compliance and accelerate decision-making across jurisdictions.

Commercial lenders face heightened global AML expectations, especially around KYB, UBO verification, and ongoing monitoring. This article outlines key obligations across the U.S., UK, Canada, EU, and Australia—and how iComply helps automate compliance for business loan onboarding and risk management.

Commercial lenders – from banks to fintech platforms to leasing companies – are under increasing pressure to validate the legitimacy of the businesses they serve. Regulators worldwide now expect lenders to implement robust know-your-business (KYB) procedures, identify beneficial owners (UBOs), and monitor ongoing risk across their business lending portfolios.

With varying standards across borders and complex corporate structures at play, automation is no longer optional – it’s essential.

AML and KYB Expectations for Lenders United States Regulators: FinCEN, OCC, FDIC, state banking departments Requirements: BOI reporting under the Corporate Transparency Act, CDD Rule compliance, SAR filings, and sanctions screening United Kingdom Regulator: FCA, PRA Requirements: KYB, UBO verification, transaction monitoring, and enhanced due diligence (EDD) for high-risk entities Canada Regulator: FINTRAC Requirements: Business client verification, beneficial ownership discovery, ongoing monitoring, and STRs for suspicious transactions European Union Regulators: National regulators under AMLD6 framework Requirements: KYB and UBO collection, EDD for complex structures, and real-time transaction tracking Australia Regulator: AUSTRAC Requirements: AML/CTF compliance for non-bank lenders, UBO transparency, and reporting obligations for high-value transactions Lending-Specific Risk Factors

1. Opaque Business Structures
LLCs, trusts, and holding companies often obscure real ownership.

2. High Application Volume
Manual KYB checks don’t scale with demand.

3. Evolving Regulatory Standards
CTA in the U.S., EU AMLA rollout, and FATF alignment create shifting expectations.

4. Loan Fraud and Misuse of Funds
Inadequate checks can lead to reputational damage, defaults, and penalties.

How iComply Supports AML in Lending

iComply provides a configurable platform that simplifies KYB, UBO discovery, and AML monitoring for commercial lenders.

1. Streamlined KYB Onboarding Verify legal entities through registry and document checks Identify directors, shareholders, and authorized signatories Localized workflows and multilingual support 2. Beneficial Ownership Mapping Visual UBO trees across jurisdictions Automated detection of nominee owners and shell structures Apply configurable thresholds for deeper review 3. AML and Sanctions Screening Real-time screening of businesses and individuals against global watchlists Continuous monitoring with refresh cycles and trigger-based reviews Risk scoring by industry, geography, and transaction patterns 4. Case Management and Reporting Unified dashboard for all onboarding and screening activity Audit-ready logs and regulatory export templates (FinCEN, FCA, AUSTRAC, etc.) Track escalations, reviews, and resolution timelines Case Insight: SME Lender in the UK

A UK-based lender adopted iComply to digitize business borrower onboarding. Within 6 weeks:

Cut average application processing time by 45% Flagged 3 UBO anomalies across high-value applicants Passed an FCA review of UBO verification procedures and audit trails Final Word

Commercial lenders must scale responsibly. Those who embrace KYB automation now can:

Reduce onboarding friction Improve risk visibility Meet cross-border AML expectations with confidence

Talk to iComply to see how we help lenders automate 90% of compliance tasks—so your team can focus on building relationships, not chasing paperwork.


FastID

Powering PyPI with Advanced Traffic Engineering

PyPI serves millions daily. See how Fastly’s Individual Provider Anycast unlocks faster, smarter routing for Python’s package index.
PyPI serves millions daily. See how Fastly’s Individual Provider Anycast unlocks faster, smarter routing for Python’s package index.

Thursday, 04. September 2025

liminal (was OWI)

Why Ransomware Prevention Needs Intelligence, Not Just Defense

Ransomware is evolving faster than defenses. See why intelligence-driven ransomware prevention is essential for enterprises in 2025. The post Why Ransomware Prevention Needs Intelligence, Not Just Defense appeared first on Liminal.co.

Ransomware prevention is no longer about defense alone. It’s a Monday morning at a global consumer bank. Customers logging into online banking suddenly can’t access their accounts. Behind the scenes, ransomware has encrypted core systems and stolen millions of customer records. The attackers aren’t only demanding payment to restore access, they’re also threatening to release personally identifiable information (PII), exposing customers to fraud and the bank to severe regulatory penalties. This isn’t a nightmare scenario, but the reality that many financial institutions are already facing. According to the Link Index for Ransomware Prevention (2025), ransomware incidents are rising year-over-year in the financial services sector, with projected damages exceeding $30 billion annually by 2026. The Link Index echoes findings from Cybersecurity Ventures, which identify ransomware as one of the fastest-growing forms of cybercrime worldwide, with a new attack occurring every two seconds as perpetrators refine their malware payloads and extortion tactics.

What is Ransomware?

The Link Index defines ransomware as malicious software that encrypts or steals an organization’s data and demands payment for its return or release. Once considered a technical nuisance, ransomware has become a systemic cyber risk impacting industries from financial services to healthcare.

Types of Ransomware Attacks Encryption-based ransomware: Locks critical systems until ransom is paid. Double extortion: Combines encryption with data theft, threatening to publish sensitive data if payment is refused. AI-enabled ransomware: Accelerates the threat further, mutating payloads faster than defenders can respond. Why Traditional Defenses Fail

The Link Index highlights a persistent reliance on backups, endpoint detection (EDR), and extended detection and response (XDR) that are proving inadequate:

Backups no longer guarantee resilience, since stolen data can still be weaponized for extortion. EDR/XDR tools overwhelm analysts, with over 40% of ransomware alerts flagged as false positives in some enterprises.

These findings are reinforced by IBM and Ponemon Institute, which identify alert fatigue as one of the costliest inefficiencies for enterprise security teams. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) echoes this challenge, noting in its #StopRansomware Guide that traditional defenses often fail against modern double extortion and data destruction tactics.Perhaps most concerning: defenses can’t keep up with the speed of ransomware evolution. By the time a signature is written, AI-enabled ransomware variants like LockBit 3.0 and BlackCat have already mutated, leaving enterprises one step behind.

The Stakes Are Rising

According to Liminal’s research, the top drivers of enterprise adoption for ransomware prevention solutions are regulatory pressure, insurance mandates, and operational continuity. These forces are intensifying across global markets.

Top buyer adoption drivers for ransomware prevention solutions Regulatory Pressure: In the U.S., the SEC now requires public companies to disclose material cyber incidents on Form 8-K. In Europe, the EU NIS2 Directive enforces similarly strict resilience standards. Insurance Mandates: The Link Index found that insurance mandates rank among the top three adoption drivers, with industry leaders like Marsh confirming stricter underwriting standards. Operational Continuity: Downtime remains one of the most critical financial risks. Studies show a single day of ransomware downtime can cost enterprises $1M per day (ITIC via ransomware.org).

For broader strategies around managing supplier and insurer demands, see the Link Index for Cybersecurity Third-party Risk Management.

“We’re seeing ransomware shift from being an IT headache to a full-blown business crisis. The data shows damages climbing past $30B by 2026, and the old playbook of backups and detection just isn’t enough anymore. Enterprises need intelligence-first prevention to stay ahead.”— Jonathan Gergis, Insights Team Lead, Liminal

The Solution: How Intelligence-Driven Ransomware Prevention Works

The Link Index identifies a decisive shift toward intelligence-driven prevention as the new enterprise standard. Rather than waiting for alerts, enterprises are adopting solutions that:

Correlate weak signals across endpoints, cloud, and networks. Apply behavioral analytics to detect credential abuse and lateral movement. Provide real-time business context to analysts for decisive action.

This shift is visible in the market. Vendors are retooling product roadmaps to deliver ransomware-specific intelligence capable of detecting advanced variants like LockBit and BlackCat. Importantly, 63% of CISOs surveyed in the Link Index now rank intelligence-first ransomware prevention above legacy tool upgrades. This trend is echoed by Gartner, which emphasizes that behavioral detection and intelligence-driven strategies must replace signature-based tools.

Leading security vendors are already pivoting toward this model:

Microsoft has embedded ransomware-specific intelligence into its Defender platform. CrowdStrike has expanded its Falcon platform to correlate signals across endpoints and cloud. Palo Alto Networks is retooling its Cortex suite to emphasize prevention through behavioral analytics and automated response.

These shifts reflect a broader industry recognition that traditional defenses cannot keep pace with AI-enabled ransomware variants.

For broader strategies around managing AI Data Governance, see the AI Data Governance Link Index.

What CISOs Should Do Now

CISOs looking to strengthen resilience against ransomware should prioritize intelligence-first strategies. Key actions include:

Build cross-platform intelligence pipelines to unify data across endpoints, cloud, and network environments. Validate vendor claims by demanding proof of real-time ransomware variant detection, not just signature-based defenses. Update incident response playbooks to address modern double extortion scenarios. Align prevention strategies with regulations like the SEC’s cyber disclosure rules and the EU’s NIS2 Directive, ensuring compliance and insurer coverage. Invest across five prevention categories from the Ransomware Prevention Link Index: endpoint protection, backup and recovery, identity security, detection and response, and email/web security.

By embedding these practices into a unified, intelligence-driven prevention framework, enterprises can reduce reliance on reactive defenses and build resilience that meets both regulatory scrutiny and insurance mandates.

Key Takeaways $30B in annual ransomware damages by 2026 (Link Index). Traditional defenses fail against AI-enabled ransomware like LockBit 3.0 and BlackCat; false positives drain analyst resources. Intelligence-driven prevention is the new enterprise standard: signal correlation, behavioral analytics, and real-time context. Regulatory, insurance, and financial pressures SEC, EU NIS2, and leaders like Marsh, are accelerating adoption. CISOs must act now: align strategies with regulations and insurance standards while investing in intelligence-led prevention.

For deeper insights and data, access the full Link Index for Ransomware Prevention (2025) via Link.

The post Why Ransomware Prevention Needs Intelligence, Not Just Defense appeared first on Liminal.co.


ComplyCube

The CryptoCubed Newsletter: August Edition

Sit tight as we welcome you back to the latest edition of CryptoCubed. From Ripple Lab's high-stakes lawsuit to President Trump's executive orders, the crypto scene is buzzing with drama. Read on to learn more latest crypto news. The post The CryptoCubed Newsletter: August Edition first appeared on ComplyCube.

Sit tight as we welcome you back to the latest edition of CryptoCubed. From Ripple Lab's high-stakes lawsuit to President Trump's executive orders, the crypto scene is buzzing with drama. Read on to learn more latest crypto news.

The post The CryptoCubed Newsletter: August Edition first appeared on ComplyCube.


PingTalk

Trust at the Speed of Innovation: How Digital Identity Is Transforming Financial Services in ASEAN and ANZ

Discover how digital identity is reshaping financial services across ASEAN and ANZ. Learn how banks are fighting fraud, enabling seamless payments, and driving inclusion—at scale, with trust.

Across the Association of Southeast Asian Nations (ASEAN), including mature economies like Singapore and Malaysia, and high-growth markets like Indonesia, Vietnam, and the Philippines, as well as in Australia and New Zealand (ANZ), the future of finance is being written in real time. From Jakarta to Sydney, Bangkok to Wellington, financial institutions are embracing rapid digitization. Regulatory reform, fintech competition, rising fraud threats, and shifting consumer expectations are all pushing the industry to evolve rapidly.

 

But in this rush to innovate, success is no longer just about launching the next digital wallet, cashless payment option, or open banking Application Programming Interfaces (API). It’s about trust.

 

To grow and scale in today’s connected economy, financial services organizations must continuously prove who a customer is, whether a transaction is safe, and how data should be shared. That’s where digital identity, or identity and access management (IAM) comes in. Digital identity is not simply a technical enabler - it’s the connective tissue between trust, innovation, security, and scale. And across ASEAN and ANZ, it’s increasingly being recognized as the foundational capability that determines how, and how fast, financial services can evolve.

 

Wednesday, 03. September 2025

Extrimian

How to Protect Students Data: Digital Diplomas & Credentials

Your diploma, on your phone: a student-first guide to secure digital credentials Who this is for: students (and anyone helping students—career services, program leads, registrars) Promise: zero paper chase, faster opportunities, more privacy—without you learning any tech. TL;DR (read this if you’re between classes) Show proof in seconds. Instead of digging for PDFs or waiting […] The post How to
Your diploma, on your phone: a student-first guide to secure digital credentials

Who this is for: students (and anyone helping students—career services, program leads, registrars)
Promise: zero paper chase, faster opportunities, more privacy—without you learning any tech.

TL;DR (read this if you’re between classes) Show proof in seconds. Instead of digging for PDFs or waiting on office emails, you share a secure link or QR from your phone. Employers, scholarships, other schools—everyone gets a clear yes/no instantly. You control your info. Share only what’s needed (e.g., “enrolled this term” or “degree awarded”). No oversharing, no surprises. Built for real life. Lost your phone? Credentials can be re-issued. Name spelled wrong? They can revoke and fix fast, and verifiers always see the latest version. AI-first for safety. Extrimian uses AI to protect your identity and speed up university workflows—not to snoop on you or cut corners.

Why should you care (today, not “someday”)?

Scholarships and benefits need status now, not next week. Many proofs are simple: “Is this student currently enrolled?” Your enrollment credential answers that without dumping your full transcript. Fewer forms; faster yeses.

Study abroad and transfers are smoother. Another school can confirm a course completion or degree without emailing five offices. You share once; they verify independently; your application keeps moving.

Privacy actually improves. You don’t have to forward ancient PDFs that reveal way too much. With a digital credential, you show the minimum required—and only when you choose.

You always have it with you. Your phone already holds tickets, payments, and boarding passes. Your diploma and key proofs belong there too—secure, portable, ready when opportunity calls.

How it works—without the nerd talk

Think of each credential (your diploma, enrollment status, course badge) as a sealed envelope with your university’s unique stamp.

If someone opens it and changes even a line, the stamp breaks, and the checker immediately says Not valid. Extrimian provides the stamp (digital signature), the envelope (the credential in your wallet), and the counter window (the university’s one-page verification site) where anyone can check it—no emails, no guessing.

You don’t manage keys, blockchains, or any of that. You just receive, store, and share—and it works.

 

Real moments you’ll use it (and how it feels) 1) “Can you prove you actually graduated?”

You tap Share diploma, send a link or show a QR. The recruiter scans and sees: Valid — Degree: [Your Degree], Issuer: [Your University], Date: [Month/Year]. Done. No PDF edits, no “I’ll pass it to my manager,” no waiting.

2) “We need proof you’re enrolled for this semester.”

You share Enrollment: Current Term. It shows exactly that—and nothing else. If your status changes, the old credential is revoked and anyone who checks it sees that it’s no longer valid.

3) “Upload a course completion for credit transfer.”

You share a verifiable course credential that confirms you passed the class. The other school verifies it themselves and moves on to the next step. Less paperwork, fewer delays.

4) “Student discount—show ID?”

You present a student ID credential. The vendor or campus service scans and gets a simple Yes without seeing your grades, address, or anything personal they don’t need.

5) “Oh no, I lost my phone…”

If you lose your device, you tell the university. They revoke the old credentials and re-issue to your new device after confirming it’s you. The verification page always shows the latest truth, so you’re covered.

6) “There’s a typo on my diploma.”

It happens. The registrar revokes the old one and re-issues a corrected credential. Anyone who checks the old link sees “Revoked,” and the new link shows your accurate details. No awkward explanations.

Your data, your call (how privacy works in plain language) Share the minimum. Many checks only need a yes/no on a specific fact (enrolled, degree awarded, course completed). Your credential can provide just that. You choose when to share. Nothing leaves your wallet until you decide to present it. You’re in the driver’s seat. It’s obvious if someone tampers. If a file is altered, the verification fails immediately. You don’t have to argue; the page tells the truth. Clean history for you. When a credential is revoked and re-issued (e.g., to fix a typo), everyone sees the updated version at the same link. No “which PDF is the latest?” chaos. Get started in 3 easy steps (what you’ll actually do) Receive your credential.
When your university turns this on, you’ll get instructions to add a wallet (mobile or web) and receive your diploma/enrollment credentials securely. Keep it safe.
Set a PIN or biometric lock for the digital identity wallet (Face ID, fingerprint). If you change phones, you’ll have a simple way to recover or re-issue with university support. Share when needed.
For scholarships, or transfers: open the wallet → Share → send link or show QR. The other side gets a clear answer in seconds, and you keep control.

See a real live demo here from UAGRO, one of our succesfull cae studies: UAGRO – Students Credentials & Digital ID Wallet Demo

University Secure Identity & Data

FAQ about verified digital diplomas: Can I still get a paper diploma?

Yes, if your university offers it. The digital version is the official way to prove authenticity online—and you can even print a QR on the paper diploma that points back to it.

Do I need the internet to show it?

You can open your wallet and show the QR; the verifier needs a connection to check the status. If you’re somewhere with poor signal, you can share the link later. Many events now have scanners or staff with connectivity.

What if I don’t want to share my grades?

You don’t have to. Most checks only need a degree or enrollment. Share the minimum required for the situation.

What if something’s wrong on my credential?

Ask the registrar to revoke and re-issue. You’ll get the corrected one quickly, and anyone using the old link will see it’s no longer valid. No awkward “ignore my last attachment” moments.


Which benefits this tech offers to student & clubs Club badges and event passes: your university may issue digital badges for roles or events. They’re easy to share with sponsors or include in portfolios. Volunteering & labs: log verified hours or lab competencies as mini-credentials you can show to research programs or NGOs. Community trust: a simple Valid check reduces ticket fraud and line headaches at big events.

(Availability depends on what your university enables—ask your student affairs office what’s planned.)

What this means for your university

With Extrimian, the university issues tamper-proof digital credentials, offers one official page to verify them in seconds, and uses AI internally to spot risk and speed corrections. Students get control and privacy; employers get instant answers; staff spend less time on inbox ping-pong. It’s security and simplicity, together.

Ready when you are

When your university enables Extrimian credentials, you’ll receive a message with simple steps to get your wallet and your first credentials. Until then, save this page, tell your career office what you’d love to see first (diploma, enrollment, course badges), and get ready to retire the messy PDF folder.

Extrimian: AI-first for safety, student-first for experience.

Contact us

Further reading & internal links Fundamentals of SSI (plain-English intro): https://academy.extrimian.io/fundamentals-of-ssi/
Integrate Solution (connect issuer/verifier to SIS/LMS): https://academy.extrimian.io/integrate-solution/
Masterclass (training for registrar & IT/security): https://academy.extrimian.io/masterclass/

Contact Extrimian (book a 30-minute review): https://extrimian.io/contact-us

The post How to Protect Students Data: Digital Diplomas & Credentials first appeared on Extrimian.


Elliptic

OFAC Sanctions Guangzhou Tengyue Chemical Co., Ltd., – a China-based chemical manufacturing company – two individuals, for trafficking drugs into the United States

On September 3, 2025, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC)sanctioned Guangzhou Tengyue Chemical Co., Ltd., a Chinese company, along with two company representatives, Huang Xiaojun and Huang Zhanpeng. The only cryptocurrency address sanctioned today was associated with Huang Xiaojun. According to OFAC’s press release, Guangzhou Tengyue Chemical is

On September 3, 2025, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC)sanctioned Guangzhou Tengyue Chemical Co., Ltd., a Chinese company, along with two company representatives, Huang Xiaojun and Huang Zhanpeng. The only cryptocurrency address sanctioned today was associated with Huang Xiaojun.

According to OFAC’s press release, Guangzhou Tengyue Chemical is “a chemical company operating in China that is involved in the manufacture and sale of synthetic opioids to Americans. In addition to opioids, Guangzhou Tengyue has also sold dangerous analgesic chemicals often used as cutting agents that are mixed with synthetic opioids and other illicit drugs.” Both individuals mentioned above are “representatives of Guangzhou Tengyue” who OFAC says “were directly involved in coordinating the shipments of these illicit drugs and cutting agents to the United States.”

Huang Zhanpeng is the executive director and 50 percent shareholder of Guangzhou Tengyue. He also is listed as the company’s legal representative. Huang Xiaojun is the owner of the bitcoin account the company used to sell controlled substances in 2023 to a U.S. buyer.

The designations reflect wider US efforts against the drug trade within and into the United States, particularly where Chinese fentanyl producers and cartels, namely from Mexico and Columbia, import and sell illicit drugs in US cities and launder their funds in the United States using local professional money laundering organizations (PMLO). In this context, in addition to OFAC’s designations, the Federal Bureau of Investigations (FBI) is also announcing a federal criminal indictment against the abovementioned and other individuals and companies “for their roles in facilitating the flow of illicit drugs… The charged defendants include three individuals in the United States and approximately 22 individuals and businesses based in China. The indictment is based upon a joint investigation by [the] FBI and DEA, which commenced in January 2024.”

For context, “Opioid overdose remains the leading cause of death for Americans aged 18 to 45. Since 2021, more than 70 percent of all reported drug overdose deaths have involved synthetic opioids, with fentanyl being the primary synthetic opioid driving this crisis.  China-based chemical manufacturing companies remain the primary source of fentanyl precursor chemicals and other illicit opioids entering the United States,” the press release states. Elliptic has conducted extensive research on the use of crypto in the trafficking of fentanyl and related synthetic opioids

As noted, OFAC listed one crypto address associated with Huang Xiaojun. Elliptic’s data shows that this address has received funds directly from multiple known Fentanyl precursor vendors we have labelled in our dataset. It has also sent funds directly to multiple known stolen credit card data vendors, thieves, and scams. 


Indicio

Indicio to advance trusted digital identity with APTITUDE, Europe’s newest Large Scale Project for digital wallet travel and payments

The post Indicio to advance trusted digital identity with APTITUDE, Europe’s newest Large Scale Project for digital wallet travel and payments appeared first on Indicio.
Through its partnership with SITA, Indicio will advance government-issued digital travel credentials in this two-year digital identity wallet trial, building on its success as the first to implement biometric-enabled credentials for international travel and border crossing.

By James Schulte

APTITUDE, one of the newest Large Scale Pilots backed by the European Commission, has officially launched, marking a major milestone in the EU’s drive to equip 80% of residents with a digital identity wallet by 2026 and setting out to prove how digital wallets can transform travel and payments across Europe.

What is APTITUDE?

APTITUDE is a groundbreaking €20 million cross-border initiative coordinated by the French government that brings together 118 partners from 11 EU Member States and Ukraine to analyze, integrate, and pilot real-world use cases for travel and payment within the European Digital Identity Framework (EUDI).

Backed by funding under the €8.1 billion Digital Europe Programme, APTITUDE is part of the EU’s broader effort to drive digital transformation and operationalize the European Digital Identity Wallet by demonstrating its value across critical industries.

The scale of APTITUDE reflects the importance of digital identity in enabling secure, efficient, and interoperable services across borders. The project is a milestone in the global movement to make digital identity secure, interoperable, and practical at scale. Uniting governments, technology providers, and industry leaders, APTITUDE will test and validate solutions that meet EU standards and deliver practical benefits to citizens and businesses.

The digital transformation of travel

Travel and payments are critical touchpoints between people, governments, and businesses. As more governments and businesses worldwide build new digital identity ecosystems, Indicio’s leadership and expertise in decentralized identity, its expertise in combining biometrics in Verifiable Credentials, and its focus on interoperability based on open standards, make digital identity in travel work seamlessly, simply, and cost-effectively across ecosystems while delivering real value.

With our partner SITA, a recognized leader in aviation technology, Indicio is helping to create the infrastructure and software solutions that allow digital identity to be securely verified and reused across airlines, airports, border control checkpoints, and payment channels.

Indicio’s technology streamlines the traveler’s journey by reducing repeated identity checks, reliance on paper documents, manual data entry, and visual inspections. It also increases airport capacity and enables governments to control their borders with the highest level of identity assurance.

The result is measurable value:

Airlines and airports reduce bottlenecks and improve operational flow without the need to increase resources or higher costs. Governments gain secure, interoperable systems that strengthen compliance and protect against identity fraud and document abuse. Travelers and citizens enjoy a  faster, seamless experience that safeguards their privacy and personal data. Global leadership, local impact

Indicio’s contributions to APTITUDE are part of our broader leadership in building solutions that deliver digital trust worldwide. From Africa, the Middle East, and Asia to Europe, the Carribean and the Americas, Indicio is connecting industries, governments, and citizens in ways that are fast, secure, private, and valuable.

APTITUDE shows what is possible when expertise and collaboration come together. By contributing to this large-scale pilot, Indicio is helping shape the future of travel and payments in Europe and the global framework for trusted digital identity.

If you are an organization preparing for the shift to digital identity, now is the time to act. Connect with Indicio to stay up-to-date with this project and to book a call with one of our experts to discuss how our solutions can rapidly deliver the benefits of trusted digital identity and data.

###

The post Indicio to advance trusted digital identity with APTITUDE, Europe’s newest Large Scale Project for digital wallet travel and payments appeared first on Indicio.


Innopay

FiDA Data Studios: Shaping The Future Of Financial Data

FiDA Data Studios: Shaping The Future Of Financial Data from 29 Sep 2025 till 29 Sep 2025 Trudy Zomer 03 September 2025 - 10:19  EintrachtLab, Deutsche Bank Park, Frankfurt am Main, Germany 50.06661481897, 8.64804
FiDA Data Studios: Shaping The Future Of Financial Data from 29 Sep 2025 till 29 Sep 2025 Trudy Zomer 03 September 2025 - 10:19  EintrachtLab, Deutsche Bank Park, Frankfurt am Main, Germany 50.06661481897, 8.6480471

What if regulation wasn’t a brake on innovation, but your biggest opportunity?

On 29 September 2025, innovators, strategists, regulators and product leads will gather at the EintrachtLab in Deutsche Bank Park, Frankfurt, for the FiDA Data Studios event. Together, we’ll explore how the Financial Data Access (FiDA) regulation could reshape Europe’s financial services industry.

Through scenario planning, deep-dive sessions and real-world use cases, the event goes beyond compliance to focus on new business and operating models, AI-powered products and how banks can strategically position in the data economy.

Join our expert roundtable:
INNOPAY’s Mounaim Cortet, Vice President, will host an expert roundtable on how financial institutions can strategically position to leverage the opportunities of FiDA to drive innovation and value creation.

Event highlights 5 expert sessions on AI, API infrastructure, strategy & more Executive briefings & high-level networking Shuttle service from TechQuartier Co-hosted by Deutsche Bank and TechQuartier

 

Program


Daytime sessions: 10:00 – 17:00 (expert sessions)
Evening program: from 17:00 onwards (presentation & networking)
Location: EintrachtLab, Deutsche Bank Park, Frankfurt am Main, Germany
Date: 29 September 2025

⚠️ Limited seats available - registration is on a first-come, first-served basis.

Register now through the event website.


Okta

Build Secure Agent-to-App Connections with Cross App Access (XAA)

Secure access with enterprise IT oversight between independent applications that communicate with each other is a recognized gap in OAuth 2.0. Enterprises can’t effectively regulate cross-app communication, as OAuth 2.0 consent screens rely on users granting access to their individual accounts. Now, with the advent of AI agents that communicate across systems, the need to solve the gap is even gre

Secure access with enterprise IT oversight between independent applications that communicate with each other is a recognized gap in OAuth 2.0. Enterprises can’t effectively regulate cross-app communication, as OAuth 2.0 consent screens rely on users granting access to their individual accounts. Now, with the advent of AI agents that communicate across systems, the need to solve the gap is even greater – especially given the growing importance of enterprise AI security in protecting sensitive data flows.

What is Cross App Access (XAA)?

Cross App Access (XAA) is a new protocol that lets integrators enable secure agent-to-app and app-to-app access. Instead of scattered integrations and repeated logins, enterprise IT admins gain centralized control: they can decide what connects, enforce security policies, and see exactly what’s being accessed. This unlocks seamless, scalable integrations across apps — whether it’s just two like Google Calendar and Zoom, or hundreds across the enterprise. Read more about Cross App Access in this post:

Integrate Your Enterprise AI Tools with Cross-App Access

Manage user and non-human identities, including AI in the enterprise with Cross App Access

Semona Igama

Or watch the video about Cross App Access:

In this post, we’ll go hands-on with Cross App Access. Using Todo0 (the Resource App) and Agent0 (the Requesting App) as our sample applications, and Okta as the enterprise Identity Provider (IdP), we’ll show you how to set up trust, exchange tokens, and enable secure API calls between apps that enable enterprise IT oversight. By the end, you’ll not only understand how the protocol works but also have a working example you can adapt to your own integrations.

If you’d rather watch a video of the setup and how XAA works, check this one out.

Prerequisites to set up the AI agent to app connections using Cross App Access (XAA)

To set up secure agent-to-app connections with Cross App Access (XAA), you’ll need the following:

Okta Developer Account (Integrator Free Plan): You’ll need an Okta Developer Account with the Integrator Free Plan. This account will act as your Identity Provider (IdP) for setting up Cross App Access. If you don’t already have an account, sign up for a new one here: Okta Integrator Free Plan Once created, sign in to your new org AWS Credentials: You’ll need an AWS Access Key ID and AWS Secret Access Key The IAM user or role associated with these credentials must have access to Amazon Bedrock, specifically the Claude 3.7 Sonnet model, enabled If you don’t know how to obtain the credentials, follow this guide Developer Tools: These tools are essential for cloning, editing, building, and running your demo applications Git – to clone and manage the repository VS Code – for reading and modifying the sample source code Dev Containers Extension (VS Code) – recommended, as it automatically configures dependencies and environments when you open the project Docker – required by the Dev Container to build and run the sample applications in isolated environments

Table of Contents

What is Cross App Access (XAA)? Prerequisites to set up the AI agent to app connections using Cross App Access (XAA) Use Okta to secure AI applications with OAuth 2.0 and OpenID Connect (OIDC) Enable Cross App Access in your Okta org Create the resource app (Todo0) Create the requesting app (Agent0) Establishing connections between Todo0 & AI agent (Agent0) Set up a test user in Okta org Create the test user Assign the Okta applications to the test user Configure the Node.js Cross App Access project The Cross App Access MCP project at a glance Configure OAuth 2.0 and AI foundation models environment files Generate OIDC configuration and access token files Configure AI and resource application connection values Register OAuth 2.0 redirect URIs for both apps Initialize the database and run the project Bootstrap the project Run and access the apps in your browser Testing the XAA flow: From Bob to Agent0 to Todo0 Interact with Todo0, the XAA resource app, by creating tasks Let the AI agent, the requesting app, access your todos Behind the scenes: the OAuth 2.0 Identity Assertion Authorization Grant Need help setting up secure cross-domain enterprise AI application access? Learn more about Cross App Access, OAuth 2.0, and securing your applications Use Okta to secure AI applications with OAuth 2.0 and OpenID Connect (OIDC)

Before we dive into the code, we need to register our apps with Okta. In this demo:

Agent0: the AI agent requesting app (makes the API call on behalf of the user) Todo0: the resource app (owns the protected API) Managed connection: the trust relationship between the two apps, created in Okta

We’ll create both apps in your Okta Integrator Free Plan account, grab their client credentials, and then connect them.

Enable Cross App Access in your Okta org

⚠️ Note: Cross App Access is currently a self-service Early Access (EA) feature. It must be enabled through the Admin Console before the apps appear in the catalog. If you don’t see the option right away, refresh and confirm you have the necessary admin permissions. Learn more in the Okta documentation on managing EA and beta features.

Sign in to your Okta Integrator Free plan account In the Okta Admin Console, select Settings > Features Navigate to Early access Find Cross App Access and select Turn on (enable the toggle) Refresh the Admin Console

Create the resource app (Todo0) In the Okta Admin console, navigate to Applications > Applications Select Browse App Catalog Search for Todo0 - Cross App Access (XAA) Sample Resource App, and select it Select Add Integration Enter “Todo0” in the Application label field and click Done Click the Sign On tab to view the Client ID and Client secret. These are required to include in your .env.todo

Create the requesting app (Agent0) Go back to Applications > Applications Select Browse App Catalog Search for Agent0 - Cross App Access (XAA) Sample Requesting App, and select it Select Add Integration Enter Agent0 in the Application label field and click Done Click the Sign On tab to view the Client ID and Client secret. These are required to be included in your .env.agent

Establishing connections between Todo0 & AI agent (Agent0) From the Applications page, select the Agent0 app Go to the Manage Connections tab Under App granted consent, select Add requesting apps, select Todo0, then Save Under Apps providing consent, select Add resource apps, select Todo0, then Save

Now Agent0 and Todo0 are connected. If you check the Manage Connection tab for either app, you’ll see that the connection has been established.

Set up a test user in Okta org

Now that the apps are in place, we need a test user who will sign in and trigger the Cross App Access flow.

Create the test user In the Okta Admin Console, go to Directory > People Select Add Person Fill in the details: First name: Bob Last name: Tables Username / Email: bob@tables.fake Under Activations, select Activate now, mark ☑️ I will set password, and create a temporary password Optional: You can mark ☑️ User must change password on first login Select Save (If you don’t see the new user right away, refresh the page)

Assign the Okta applications to the test user Open the Bob Tables user profile Select Assign Applications Assign both Agent0 (requesting app) and Todo0 (resource app) to Bob

This ensures Bob can sign in to Agent0, and Agent0 can securely request access to Todo0 on his behalf.

⚠️ Note: Bob will be the identity we use throughout this guide to demonstrate how Agent0 accesses Todo0’s API through Cross App Access.

Configure the Node.js Cross App Access project

With your Okta environment (apps and user) ready, let’s set up the local project. Before we dive into configs, here’s a quick look at what you’ll be working with.

Clone the repository:

git clone https://github.com/oktadev/okta-cross-app-access-mcp

Change into the project directory:

cd okta-cross-app-access-mcp

Open VS Code Command Palette and run “Dev Containers: Open Folder in Container”
To open Command Palette, select View > Command Palette…, MacOS keyboard shortcut Cmd+Shift+P, or Windows keyboard shortcut Ctrl+Shift+P

⚠️ Note: This sets up all dependencies, including Node, Redis, Prisma ORM, and Yarn.

The Cross App Access MCP project at a glance okta-cross-app-access-mcp/ ├─ packages/ │ ├─ agent0/ # Requesting app (UI + service) – runs on :3000 │ │ └─ .env # Agent0 env (AWS creds) │ ├─ todo0/ # Resource app (API/UI) – runs on :3001 │ ├─ authorization-server/ # Local auth server for ID-JAG + token exchange │ │ └─ .env.agent # IdP creds (Agent0 side) │ │ └─ .env.todo # IdP creds (Todo0 side) │ ├─ id-assert-authz-grant-client/ # Implements Identity Assertion Authorization Grant client logic ├─ .devcontainer/ # VS Code Dev Containers setup ├─ guide/ # Docs used by the README ├─ images/ # Diagrams/screens used in README ├─ scripts/ # Helper scripts ├─ package.json └─ tsconfig.json Configure OAuth 2.0 and AI foundation models environment files

At this point, you have:

Client IDs and Client Secrets for both Agent0 and Todo0 (from the Okta Admin Console)

Your Okta org URL, visible in the Okta Admin Console profile menu of the Admin Console. It usually looks like

https://integrator-123456.okta.com

This URL will be your IdP issuer URL and is shared across both apps.

Generate OIDC configuration and access token files

From the project root, run:

yarn setup:env

This scaffolds the following files:

packages/authorization-server/.env.todo packages/authorization-server/.env.agent packages/agent0/.env Configure AI and resource application connection values

Open each file and update the placeholder with your org-specific values:

authorization-server/.env.todo

CUSTOMER1_EMAIL_DOMAIN=tables.fake CUSTOMER1_AUTH_ISSUER=<Your integrator account URL> CUSTOMER1_CLIENT_ID=<Todo0 client id> CUSTOMER1_CLIENT_SECRET=<Todo0 client secret>

authorization-server/.env.agent

CUSTOMER1_EMAIL_DOMAIN=tables.fake CUSTOMER1_AUTH_ISSUER=<Your integrator account URL> CUSTOMER1_CLIENT_ID=<Agent0 client id> CUSTOMER1_CLIENT_SECRET=<Agent0 client secret>

agent0/.env

AWS_ACCESS_KEY_ID=<your AWS access key id> AWS_SECRET_ACCESS_KEY=<your AWS secret access key>

⚠️ Note:

The issuer URL (CUSTOMER1_AUTH_ISSUER) is the same in both .env.todo and .env.agent The Client ID/Client secret values differ because they come from the respective apps you created AWS credentials are required only for Agent0 (requesting app)
Register OAuth 2.0 redirect URIs for both apps

Finally, we need to tell Okta where to send the authentication response for each app.

For Agent0:

From your Okta Admin Console, navigate to Applications > Applications Open the Agent0 app Navigate to the Sign On tab In the Settings section, select Edit

In the Redirect URIs field, add

http://localhost:5000/openid/callback/customer1 Select Save

Repeat the same steps for Todo0:

Open the Todo0 app Go to the Sign On tab > Settings > Edit

In the Redirect URIs field, add:

http://localhost:5001/openid/callback/customer1 Select Save

Now both apps know where to redirect after authentication.

Initialize the database and run the project

With the apps and environment configuration in place, the next step is to prepare the local project, set up its databases, and bring both applications online.

Bootstrap the project

From the root of the repo, install all workspaces and initialize the databases:

yarn bootstrap

Since this is your first run, you’ll be asked whether to reset the database. Type “y” for both Todo0 and Agent0.

Run and access the apps in your browser

Once the bootstrap is complete, start both apps (and their authorization servers) with:

yarn start

Open the following ports in your Chrome browser’s tab:

Todo0 (Resource App): http://localhost:3001 Agent0 (Requesting App): http://localhost:3000

At this point, both apps should be live and connected through Okta. 🎉

Testing the XAA flow: From Bob to Agent0 to Todo0

With everything configured, it’s time to see Cross App Access in action.

Interact with Todo0, the XAA resource app, by creating tasks In the Work Email field, enter: bob@tables.fake, and select Continue You’ll be redirected to the Okta Login page. Sign in with the test user credentials: Username: bob@tables.fake Password: the temporary password you created earlier The first time you sign in, you’ll be prompted to: Set a new password Enroll in Okta Verify for MFA Once logged in, add several tasks to your to-do list Select one of the tasks and mark it as complete to verify that the application updates the status accurately Let the AI agent, the requesting app, access your todos Open the Agent0 app in your browser Select Initialize to set up the AWS Bedrock client. Once connected, you’ll see the following message:
✅ Successfully connected to AWS Bedrock! You can now start chatting. Select the Connect to IdP button Behind the scenes, Agent0 requests an identity assertion from Okta and exchanges it for an access token to Todo0 If everything is configured correctly, you’ll see the following message
Authentication completed successfully! Welcome back. To confirm that Agent0 is actually receiving tokens from Okta: Open a new browser tab and navigate to: http://localhost:3000/api/tokens You should see a JSON payload containing: accessToken, jagToken, and idToken This verifies that Agent0 successfully authenticated through Okta and obtained the tokens needed to call Todo0 Now interact with Agent0 using natural prompts. For example: write this prompt What's on my plate in my to-do list?

⚠️ Note: Agent0 will call the Todo0 API using the access token and return your pending tasks

Let’s try some more prompts Ask Agent0 to add a new task Ask it to mark an existing task complete Refresh the Todo0 app — you’ll see the changes reflected instantly Behind the scenes: the OAuth 2.0 Identity Assertion Authorization Grant

✅ Bob Tables logs in once with Okta
⏩ Agent0 (requesting app) gets an identity assertion from Okta
🔄 Okta vouches for Bob and exchanges that assertion for an access token
👋 Agent0 uses that token to securely call the Todo0 (resource app) API

🎉 Congratulations! You’ve successfully configured and run the Cross App Access project.

Need help setting up secure cross-domain enterprise AI application access?

If you run into any issues while setting up or testing this project, feel free to post your queries to the forum: 👉 Okta Developer Forum

If you’re interested in implementing Cross App Access (XAA) in your own application — whether as a requesting app or a resource app — and want to explore how Okta can support your use case, reach out to us at: 📩 xaa@okta.com

Learn more about Cross App Access, OAuth 2.0, and securing your applications

If this walkthrough helped you understand how Cross App Access works in practice, you might enjoy diving deeper into the standards and conversations shaping it. Here are some resources to continue your journey

📘 Cross App Access Documentation – official guides and admin docs to configure and manage Cross App Access in production 🎙️ Developer Podcast on MCP and Cross App Access – hear the backstory, use cases, and why this matters for developers 📄 OAuth Identity Assertion Authorization Grant (IETF Draft) – the emerging standard that powers this flow

If you’re new to OAuth or want to understand the basics behind secure delegated access, check out these resources:

What the Heck is OAuth? What’s the Difference Between OAuth, OpenID Connect, and SAML? Secure Your Express App with OAuth 2.0, OIDC, and PKCE Why You Should Migrate to OAuth 2.0 From Static API Tokens How to Get Going with the On-Demand SaaS Apps Workshops

Follow us on LinkedIn, Twitter, and subscribe to our YouTube channel for more developer content. If you have any questions, please leave a comment below!

Tuesday, 02. September 2025

ComplyCube

How to Comply with Failure to Prevent Fraud

The UK’s Failure to Prevent Fraud offence holds large firms liable for fraud by employees or agents unless “reasonable procedures” are in place. Finance and fintech face early scrutiny, with the SFO leading enforcement. The post How to Comply with Failure to Prevent Fraud first appeared on ComplyCube.

The UK’s Failure to Prevent Fraud offence holds large firms liable for fraud by employees or agents unless “reasonable procedures” are in place. Finance and fintech face early scrutiny, with the SFO leading enforcement.

The post How to Comply with Failure to Prevent Fraud first appeared on ComplyCube.


liminal (was OWI)

Fighting Third-Party Fraud

The post Fighting Third-Party Fraud appeared first on Liminal.co.

The post Fighting Third-Party Fraud appeared first on Liminal.co.


Dock

5 Identity Gaps That Put AI Agents at Risk

AI agents will soon be booking travel, managing workflows, and making purchases on our behalf. By next year, non-human agents may outnumber human users online.  The problem is, our identity systems were built for people, not for autonomous software. During our recent “Know Your Agent” 

AI agents will soon be booking travel, managing workflows, and making purchases on our behalf. By next year, non-human agents may outnumber human users online. 

The problem is, our identity systems were built for people, not for autonomous software.

During our recent “Know Your Agent” live session with Peter Horadan, CEO of Vouched, we went through the five critical identity problems we need to solve before agents become the default way we interact online:


Elliptic

Crypto regulatory affairs: From China to Russia to South Korea to the EU - Stablecoin and digital payments work accelerates following US GENIUS Act

The passage of major stablecoin legislation in the United States this summer is prompting countries around the world to reassess their strategies and timelines around digital asset-linked payments - demonstrating that innovation in the stablecoins and digital payments space has geopolitical implications. 

The passage of major stablecoin legislation in the United States this summer is prompting countries around the world to reassess their strategies and timelines around digital asset-linked payments - demonstrating that innovation in the stablecoins and digital payments space has geopolitical implications. 


Spherical Cow Consulting

Roads, Robots, and Responsibility: Why Agentic AI Needs Identity Infrastructure

We don’t spend much time thinking about the roads we drive on—until one cracks, collapses, or dumps us somewhere we didn’t mean to be. Identity in the age of agentic AI? Same deal. It’s infrastructure. Like a good road, it needs to be ready for traffic we can’t imagine. The post Roads, Robots, and Responsibility: Why Agentic AI Needs Identity Infrastructure appeared first on Spherical Cow Consul

“We don’t spend much time thinking about the roads we drive on—until one cracks, collapses, or dumps us somewhere we didn’t mean to be.”

Identity in the age of agentic AI? Same deal. It’s infrastructure. And just like a good road system, it needs to be engineered with care, built on solid standards, and ready for traffic we can’t even imagine yet.

Right now, autonomous agents are already taking actions on behalf of people and businesses—booking meetings, writing and summarizing emails, pushing code, moving money. Which means we should probably stop and ask: how are those identity and access decisions getting made? Are they secure? Reviewed? Built to best practices? Or are we flooring it across an uninspected bridge, hoping the potholes aren’t too deep?

The protocols making this possible—things like the Model Context Protocol (MCP) and Google’s Agent2Agent (A2A)—are still wet cement. If we want to go from today’s cow paths (cow poop included) to tomorrow’s superhighways, we can’t just slap on more lanes later. We need a strong identity layer poured in from the start.

This post is based on a keynote I gave recently at a large corporate event, where the audience was asking the right questions. If you’re building or maintaining systems that will eventually include autonomous agents, or you’re already there, this is for you.

A Digital Identity Digest Roads, Robots, and Responsibility: Why Agentic AI Needs Identity Infrastructure Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:12:22 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

What I mean by identity, identity infrastructure, and agentic AI

“Identity” and “identity infrastructure” can mean different things depending on who you ask. (Get a hundred IAM professionals in a room and you’ll get a thousand definitions.) Since this is my blog post, here’s how I’m using the terms:

Identity – a persistent, verifiable representation of an entity—human or non-human—that other systems can use to decide what it can do, when, for what purpose, and under what conditions. Identity infrastructure – the shared, stable, and standards-based systems, protocols, and governance that make those identities usable across teams, organizations, and technologies, securely, interoperably, and at scale. Agentic AI – borrowing NVIDIA’s phrasing, an AI system (often powered by large language models) with sophisticated reasoning and iterative planning that can autonomously solve complex, multi-step problems. The key word here is autonomous. Generative AI creates content; agentic AI takes action.

Without grounding in these definitions, it’s easy to talk past each other. With them, we can focus on the real issue: building identity infrastructure that works across both human and non-human actors, especially when those non-humans are making decisions at machine speed.

AI’s upside is real, but it’s missing a foundation

When most people talk about AI, we talk about the upside:

Faster iteration cycles Smart automation Real productivity gains Code generation Helpful chatbots that can field questions at scale

GitHub’s Octoverse report showed a 59% surge in contributions to generative AI projects and a 98% increase in the number of projects overall. Many contributions came from India, Germany, Japan, and Singapore. Interestingly, they also reported that AI hasn’t flooded open source with low-quality junk—if anything, it’s drawing more people into development. (I’m not sure I believe their assertion about the junk. That doesn’t match what I’m hearing anecdotally, but then again, that’s why there are actual studies to balance perception with facts.)

That’s all impressive, even when the results aren’t perfect. These tools are still young, evolving fast, and unlocking new creativity across the stack.

But there’s a missing question in all this excitement: who is acting? On whose behalf? And with what authority?

That’s the identity layer. Without it, all this innovation becomes harder to govern, harder to scale, and harder to trust.

Agents are already in your systems

This isn’t hypothetical. Agents are in your tools, updating dependencies, answering tickets, creating calendar invites, summarizing documents, pushing code, and talking to customers.

Microsoft’s 2025 Work Trend Index reports that global leaders rank customer service, marketing, and product development as the top three areas for accelerated AI investment in the next 12–18 months. Seventy-three percent of leading-edge companies will use AI for marketing. Sixty-six percent for customer success. Even internal communications sees 68% adoption.

That’s a lot of automation acting in our name. Without clear identity controls, there is also a lot of potential for AI “marketing fails” or, worse, high-stakes errors.

A few examples:

A rogue AI coding assistant wiped out a startup’s production database. AI-powered recruiting software rejected qualified applicants based purely on age and gender, landing the company in court with the EEOC.

These tools are powerful and fast—but oversight around identity and accountability hasn’t kept up.

Identity isn’t just a login box

Identity is infrastructure. And infrastructure is more than a username and password. When humans act, we typically have an audit trail: who did what, when, and why. We rely on login sessions, logs, access controls, and behavioral patterns.

But when AI agents act, especially ones with high autonomy, we need something more durable. We need fine-grained delegation models, audit trails tied to machine-driven decisions, and identity primitives that work across humans and non-humans alike.

Identity systems that recognize both human and non-human actors Delegation models that can express “who can do what, for whom, under what conditions” Clear provenance: who authorized the action, and is it appropriate in this context? Verifiability—so we can prove what happened, after the fact

Without that infrastructure, the entire agentic AI ecosystem risks becoming a black box. And for security teams, DevOps leads, and auditors, that’s a non-starter.

The right questions lead to better systems

If an agent makes a change, you should be able to answer: Was it authorized? Who delegated the authority? What policy applied?

Microsoft’s report hints at this by asking leaders: how many agents are needed for which roles and tasks, and how many humans to guide them? Those are good but very surface-level questions.

We can push further:

Do you have enough data to clearly scope the role for an AI? Can you give it only the access it needs, when it needs it, for the specific task at hand?

These questions aren’t just risk management. They’re a chance to improve system hygiene and clarity across the board.

Protocols are evolving but identity hasn’t caught up

You might be thinking: okay, so what’s out there to support this?

Protocols like the Multi-Agent Communication Protocol (MCP) and Agent2Agent (A2A) messaging are early candidates. They enable agents to communicate and coordinate in powerful ways. But they were designed to simplify agents’ communication with agents; they weren’t designed with identity in mind.

Even folks who helped shape OAuth are wrestling with how traditional delegation models fit—or don’t fit—into this space. The communication protocols aren’t broken, they’re just early. Identity hasn’t caught up yet.

And if we don’t make faster progress on these issues, we’ll be forever retrofitting trust into systems that were never built to handle it.

Why this can’t be proprietary

You might be tempted to solve this in-house. Build your own delegation model, your own trust chain, your own method for agentic AI authorization. This scenario freaks me out. If every organization invents its own approach to agent identity, we’ll end up right back where we started, in a world of fragile integrations, inconsistent assumptions, and big gaps in accountability.

We’ve ALL seen this before, and the result is always the same:

Fragile integrations Misaligned assumptions between systems Gaps in visibility and accountability Security holes you can drive a nation-state through

That’s why open standards matter, not as a checkbox, but as the only viable way to scale trust across systems, companies, and industries.

And to be clear, “open” doesn’t just mean “you can download the spec.” It means:

Shared governance Transparent development Real-world applicability Participation from a broad mix of stakeholders, including security, product, legal, and compliance

This isn’t easy work. But it’s the work that makes the rest possible. And when it works, we get something better than “compliant.” We get trustworthy infrastructure that scales.

What to do now—before the collapse

So where does that leave us?

If you’re building agentic AI capabilities into your platform, or even just experimenting with automation, you’re already laying infrastructure. The question is whether that infrastructure will support accountability, or collapse under the weight of delegation you can’t verify. Either we bolt identity onto agentic systems after the fact, or we treat identity like the infrastructure it is, and build it into the foundation.

You don’t need to have all the answers today. But you do need to start asking better questions:

Is identity part of the design, or bolted on later? Are we modeling trust relationships clearly, or making assumptions? Will our logs stand up in an audit, or are we relying on magic?

Start there.

And if you’re in a position to influence the broader direction of the industry, join a standards group. Challenge assumptions in product reviews. Push for interoperability, not lock-in. Make identity part of the foundation, not just a feature.

We don’t have to wait for things to fall apart. We can build roads we actually want to drive on.

If you’d rather track the blog than the podcast, I have an option for you! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here

Transcript Roads as a Metaphor

[00:00:29] Welcome back to A Digital Identity Digest. I’m Heather Flanagan, and today we’re going to talk about roads. Yes, roads. They’re an amazing metaphor, and I’m just going to drive this one all night long.

[00:00:42] We usually don’t think about the roads we drive on—until one cracks, collapses, or leaves us stranded somewhere we never meant to be.

[00:00:49] Identity in the age of agentic AI works the same way. It is infrastructure. And like any good road system, it must be:

Engineered with care Built on solid standards Ready for traffic we can’t even imagine yet The Rise of Autonomous Agents

[00:01:04] Autonomous agents are already taking actions on behalf of people and businesses. They’re:

Booking meetings Writing and summarizing emails Pushing code Moving money

[00:01:14] Which raises the key question: how are identity and access management decisions being made for those actions?

Are they secure? Reviewed? Designed according to best practices? Or are we flooring it across an uninspected bridge, hoping the potholes aren’t too deep?

Protocols in Wet Cement

[00:01:34] Many of the protocols enabling this—such as Model Context Protocol (MCP) and Google’s Agent-to-Agent (A2A)—are still wet cement.

[00:01:44] If we want to move from today’s cow paths (cow poop included) to tomorrow’s superhighways, we can’t just slap on more lanes later. We need a strong identity layer poured in from the start.

Defining Identity and Agentic AI

[00:02:19] Let’s pause and define a few key terms. Because “identity” can mean wildly different things depending on who you ask.

Identity → A persistent, verifiable representation of an entity (person or machine) that other systems use to decide what it can do, when, and under what conditions. Identity Infrastructure → Shared, stable, standards-based systems and governance that make identity portable, interoperable, and reliable at scale. Agentic AI → Borrowing from Nvidia: AI, usually powered by large language models, that doesn’t just generate code but plans and reasons through complex multi-step problems on its own.

[00:03:46] Generative AI writes things.
[00:03:52] Agentic AI acts on things.

And that difference matters.

Productivity Gains vs. Identity Risks

[00:04:11] Conversations around agentic AI often emphasize upsides:

Faster iteration cycles Smarter automation Productivity gains Code generation Scalable chatbots

[00:04:25] GitHub’s Octoverse report shows:

59% surge in contributions to generative AI projects 98% increase in overall projects Growth driven by developers in India, Germany, Japan, Singapore, and Latin America

[00:05:15] But what’s often missing is the question: who or what is acting on whose behalf, and with what authority? Without identity, this innovation becomes harder to govern, scale, and trust.

Real-World Consequences

[00:06:19] Consider these examples:

An AI coding assistant that wiped out a startup’s production database. AI-powered recruiting software that rejected qualified applicants based on age and gender, resulting in lawsuits.

[00:06:47] These tools are fast and powerful—but oversight around identity and accountability has not caught up.

Why Identity Infrastructure Matters

[00:06:59] Infrastructure is more than usernames and passwords. When humans act, we leave audit trails.

[00:07:15] But when AI agents act at machine speed, we need more durable systems:

Identity recognition for both human and non-human actors Delegation models clarifying who can do what for whom Provenance signals to confirm authorization Verifiability to prove what happened

[00:07:42] Without this infrastructure, agentic AI becomes a black box—and that’s a nonstarter for security teams, DevOps leads, and auditors.

Open Standards, Not DIY

[00:09:34] You may be tempted to build your own delegation models and trust chains.

[00:09:42] Please don’t.

Doing so leads to:

Fragile integrations Misaligned assumptions Gaps in visibility and accountability Security holes you could drive a nation-state through

[00:09:56] That’s why open standards matter—not as a compliance checkbox, but as the only viable way to create scalable trust across companies and industries.

Building Roads That Last

[00:10:27] If you’re building agentic AI capabilities, you’re already laying down infrastructure. The question is:

Will your road support accountability? Or will it collapse under unverifiable delegation?

[00:10:49] Ask yourself:

Is identity part of the design—or bolted on later? Are trust relationships clearly modeled—or just assumed? Will logs stand up in an audit—or are you relying on magic?

[00:11:03] If you want to shape the standards of the future, join standards groups, challenge assumptions in product reviews, and push for interoperability—not lock-in.

[00:11:21] We don’t need to wait for the bridge to collapse. We can build roads we actually want to drive on.

Closing Thoughts

[00:11:28] Thanks for listening to A Digital Identity Digest. If this sparked questions or gave you something to debate, share it with your colleagues—the more voices in this conversation, the stronger our identity infrastructure can be.

[00:11:46] If you enjoyed this episode:

Share it with a friend or colleague Connect with me on LinkedIn Subscribe and leave a rating or review on Apple Podcasts or wherever you listen Read the full post at sphericalcowconsulting.com

Stay curious, stay engaged, and let’s build identity systems that last.

The post Roads, Robots, and Responsibility: Why Agentic AI Needs Identity Infrastructure appeared first on Spherical Cow Consulting.


iComply Investor Services Inc.

Legal KYC and AML: What Global Law Firms Need to Know About Client Verification

Law firms face growing AML pressure worldwide. This guide shows how to streamline compliance workflows without compromising client confidentiality or jurisdictional privacy laws.

Law firms face rising global AML expectations, especially for client onboarding, source of funds checks, and beneficial ownership verification. This article explores evolving KYC and KYB rules across Canada, the UK, the U.S., Australia, and the EU – and how iComply automates compliance without compromising client confidentiality.

For legal professionals, client trust is everything. But across key jurisdictions, law firms are being asked to do more: verify client identity, trace beneficial ownership, and flag suspicious behaviour—all while protecting solicitor-client privilege and meeting strict privacy laws.

In Canada, the U.S., UK, and beyond, anti-money laundering regulations are evolving quickly. Firms must now demonstrate that they not only follow procedures – but that their systems can withstand audits and adapt to new threats.

AML Obligations for Law Firms by Jurisdiction Canada Regulators: Law societies, FINTRAC Requirements: Client Identification Procedures (CIP), ongoing monitoring, beneficial ownership checks, privacy compliance (PIPEDA) United Kingdom Regulator: SRA (Solicitors Regulation Authority) Requirements: AML risk assessment, KYC for clients, source of funds/source of wealth checks, SARs, and recordkeeping under MLR 2017 United States Regulators: ABA model rules, BOI reporting (Corporate Transparency Act) Expectations: Evolving best practices for law firm AML controls, especially in real estate and corporate formation Australia Regulator: Legal Services Commissions, AUSTRAC guidance Requirements: Identification and verification for clients in regulated transactions; alignment with AML/CTF Act for high-risk sectors European Union Regulators: National bar associations, 6AMLD Requirements: Client due diligence, UBO transparency, suspicious transaction reporting, GDPR compliance Common Challenges in Legal Compliance

1. Confidentiality vs. Transparency
Law firms must balance their duty to clients with the obligation to detect and report suspicious activity.

2. Manual and Fragmented Workflows
Paper forms, email, and disconnected tools result in audit gaps and inefficiencies.

3. Complex Entity Structures
Client organizations often involve trusts, layers of ownership, or offshore nominees.

4. Jurisdictional Conflicts
Global clients mean law firms must harmonize privacy, AML, and risk obligations across borders.

iComply: Legal-Grade KYC and AML for Modern Firms

iComply offers a configurable platform designed to help law firms automate AML compliance while preserving client confidentiality.

1. Secure Client Onboarding (KYC/KYB) Edge-based identity and document verification No raw PII leaves the client device unencrypted Supports Canadian, U.S., UK, EU, and Australian standards 2. Beneficial Ownership Mapping Automatically uncover UBOs across jurisdictions Flag nominee structures and offshore shell patterns Enable configurable thresholds for review and escalation 3. Risk-Based Screening and Case Management Sanctions, PEP, and adverse media checks Centralized dashboard for audits, escalations, and decision documentation Secure retention policies to meet legal recordkeeping duties 4. Privacy and Privilege Safeguards Local hosting or on-prem options for law firm control Full audit logs without exposing client communications Compliance with GDPR, PIPEDA, and solicitor-client privilege standards Case Insight: Canadian Corporate Law Firm

A Toronto-based firm specializing in incorporations and M&A deals implemented iComply to digitize its CIP and UBO review processes. Results:

Reduced due diligence time by 70% Flagged two nominee structures with high-risk SOEs in a single case Expanded ability to engage directors, officers, and key stakeholders anywhere in the world Final Word

Legal compliance is evolving fast. Law firms that modernize with purpose-built, privacy-first tools can stay ahead of audits, reduce admin burden, and build deeper client trust.

Schedule a walkthrough with iComply to see how we help law firms automate AML obligations – without sacrificing discretion or control.

Monday, 01. September 2025

Ontology

After the Banking Data Leak Scandal

Ontology’s DIDs as a Solution for Global Financial Security The recent massive leaks of banking data have highlighted the vulnerability of centralized financial systems and the urgent need to rethink the security of personal information. In an increasingly digital world, where cyberattacks are commonplace, users’ trust in financial institutions has been shaken. In the face of this crisis of confi
Ontology’s DIDs as a Solution for Global Financial Security

The recent massive leaks of banking data have highlighted the vulnerability of centralized financial systems and the urgent need to rethink the security of personal information. In an increasingly digital world, where cyberattacks are commonplace, users’ trust in financial institutions has been shaken. In the face of this crisis of confidence, Decentralized Identities (DIDs), offered by platforms like Ontology, are emerging as a promising solution to strengthen global financial security. This article will explore how Ontology’s DIDs, by returning control of data to users, can transform the financial security landscape and prevent future scandals.

The Achilles Heel of Centralized Systems: Banking Data Leaks

Traditional banking systems rely on a centralized model where clients’ personal and financial information is stored in vast databases managed by institutions. Although these systems are protected by sophisticated security measures, they remain prime targets for cybercriminals. Each year, millions if not billions of customer records are compromised in data breaches, leading to significant financial losses, identity theft, and the erosion of public trust.

These incidents underline a fundamental weakness: the concentration of data creates a single point of failure. Once an attacker breaches an institution’s defenses, they potentially gain access to a goldmine of sensitive information. Moreover, the fact that data is managed by third parties means users have little to no control over how their information is stored, used, or shared. This lack of sovereignty over data is at the heart of today’s security issues.

ONT ID: Ontology’s Decentralized Identity Solution

Ontology offers a radically different approach to identity and data management through its decentralized identity framework, ONT ID. Based on W3C recommendations for Decentralized Identifiers (DID) and Verifiable Credentials (VC), ONT ID enables individuals and organizations to create and control their own digital identities. Unlike centralized systems, where data is held by third parties, ONT ID restores data sovereignty to the user.

With ONT ID, users can generate unique, self-sovereign identifiers that are not tied to any central entity. They can then collect verifiable credentials (e.g., diplomas, driver’s licenses, proof of residence) from trusted issuers and store them securely in their digital wallet. The crucial aspect is that the user decides when and with whom to share this information, and only the necessary data. For instance, to prove their age, a user would not need to reveal their exact date of birth, but only a verifiable proof that they are over 18. This approach minimizes the exposure of sensitive data and drastically reduces the attack surface for cybercriminals.

How DIDs Improve Global Financial Security

The integration of DIDs, and specifically ONT ID, into the financial sector provides several key advantages for security:

Reduced risk of massive data leaks: By decentralizing the storage of identity data and allowing users to control their information, DIDs eliminate the single point of failure represented by centralized databases. Even if a system is compromised, attackers would only access pseudonymous identifiers rather than full personal data. Stronger, passwordless authentication: DIDs enable more robust authentication methods than traditional passwords, which are frequent targets of hacking. DID-based authentication can leverage cryptographic keys, making phishing and identity theft attempts far more difficult. Improved regulatory compliance with privacy protection: DIDs allow for more effective and privacy-preserving KYC/AML compliance. Financial institutions can verify necessary credentials without storing full copies of clients’ documents. Zero-Knowledge Proofs (ZKP), often associated with DIDs, enable proving possession of an attribute (e.g., being of legal age) without disclosing the attribute itself. Fraud and identity theft prevention: By ensuring the authenticity of digital identities and making it harder to create fake ones, DIDs can significantly reduce financial fraud and identity theft. Each transaction or interaction can be tied to a verifiable identity, without revealing the real identity to all parties. Enhanced auditability and traceability: DID-related transactions are recorded on a blockchain, providing an immutable and transparent audit trail. This facilitates the detection of suspicious activities and the tracing of funds in case of fraud, while protecting legitimate users’ privacy through pseudonymization. Challenges and Future Outlook

Despite their revolutionary potential, widespread adoption of DIDs in the financial sector is not without challenges. Interoperability between different DID implementations, raising awareness and educating both users and institutions, and achieving global regulatory harmonization are all crucial steps. Governments and regulators will need to collaborate with decentralized technology developers to create frameworks that foster innovation while ensuring consumer protection and financial stability.

Ontology, with its commitment to W3C standards and its growing ecosystem, is well-positioned to play a leading role in this transition. By continuing to develop user-friendly tools and forging strategic partnerships, Ontology can help bridge the gap between blockchain technology and the needs of the traditional financial sector paving the way for a future where banking data security is inherently tied to digital identity sovereignty.

Conclusion

Banking data leak scandals are a stark reminder of the fragility of centralized systems and the urgent need to adopt more resilient solutions. Decentralized Identities (DIDs), and especially Ontology’s ONT ID, offer a promising path to redefining financial security. By empowering individuals to regain control of their data, strengthening authentication, enabling privacy-preserving compliance, and reducing fraud, DIDs can radically transform how we interact with our finances.

The future of global financial security no longer lies in reinforcing centralized fortresses but in distributing the power and responsibility of digital identity to the users themselves. Ontology is at the forefront of this revolution, providing the necessary tools to build a safer, fairer, and more resilient financial ecosystem.

After the Banking Data Leak Scandal was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


Tokeny Solutions

SkyBridge Tokenises $300m Hedge Funds with Tokeny and Apex Group

The post SkyBridge Tokenises $300m Hedge Funds with Tokeny and Apex Group appeared first on Tokeny.
August 2025 SkyBridge Tokenises $300m Hedge Funds with Tokeny and Apex Group

Last month, together with Apex Group, we introduced Apex Digital 3.0, the first truly global single-source infrastructure designed to handle the full lifecycle of tokenised products. That includes fund creation, issuance, administration, custody, connectivity to multiple distribution channels, as well as the broader DeFi ecosystem.

$300m of hedge funds go on-chain for always-on services

In less than a month after the launch, SkyBridge Capital, founded by Anthony Scaramucci, a believer of bitcoin and former White House Communications Director, is moving $300m of its flagship hedge funds on-chain through Apex Digital 3.0.

Hedge funds are now open to invest in cryptocurrencies. These assets are designed to settle instantly, without friction. However, investors in those funds face the opposite reality as they are distributed on traditional rails.

It causes slow subscription, redemptions, and transfers due to fragmented settlements, as a transfer often has to pass through multiple layers of middlemen. It results in high transactional costs and delays, which in turn limit liquidity.

That’s why SkyBridge is moving on-chain to eliminate fragmentation and deliver real-time services. By tokenising its hedge funds, subscriptions, redemptions, and transfers can run 24/7 with full transparency. The result is lower costs, faster operations, and an investor experience that finally matches the always-on expectations of today’s markets.

Tokenisation market challenges

For years, tokenisation struggled to take off. Most early projects weren’t true tokenisation but digitalisation experiments. The problem wasn’t legal, but operational.

The key actors, including transfer agents, custodians, and asset managers, simply weren’t ready. They could put the asset on-chain, but struggled to manage subscriptions, redemptions, and custody on-chain. As a result, many institutional projects ended up with assets merely represented on the blockchain, while the servicing processes remained off-chain.

The market has been maturing, service providers have built the capabilities, custodians can hold tokenised assets, more people are equipped and accepting self-custody wallets, and regulators have set clearer frameworks. But integration remains critical and without it tokenisation risks becoming another silo.

On-chain finance adoption accelerates for real

That’s why we built Apex Digital 3.0. For too long, firms were promised “end-to-end” tokenisation, only to discover critical gaps. No legal structuring, no compliance support, no custody of the underlying assets, and no real distribution. The result was complexity, with issuers forced to juggle multiple providers and still falling short of scale.

Apex Digital 3.0 changes that. It brings everything together: legal setup, compliance advisory, issuance, custody, servicing, and cross-platform distribution in one infrastructure. Clients who want a complete 0-to-1 solution rely on us without the headache of managing separate partners. And, for those who already have preferred tools, our open architecture makes integration seamless.

With 22 years of proven trust and $3.5 trillion of assets under administration, Apex Group is the trusted bridge to on-chain finance, giving institutions the confidence to move massively.

SkyBridge’s $300m project is a live example, with more in the pipeline. This time, institutional adoption at scale is real.

Tokeny Spotlight

Press Release

SkyBridge Capital is tokenising $300m of hedge funds with Tokeny via Apex Digital 3.0.

Read More

SEC mentions ERC-3643

Paul S. Atkin, mentioned ERC-3643 in his speech for launching the Project Crypto.

Read More

Welcome to the Team

Meghavi Raval joins Tokeny. Learn about why she is a great fit to the team.

Read More

Exclusive Interview

Our CCO and Global Head of Digital Assets at Apex Group, Daniel Coheur, talks about Apex Digital 3.0

Read More

Apex Digital 3.0 is Live

Tokenisation is full of promise. But in reality, it’s still hard to execute. That Apex Digital 3.0 solves.

Read More

DAW NY Panel

“In 10 years time there won’t be any fiat left” – Peter Hughes Founder and CEO of Apex Group.

Read More Tokeny Events

Spark 25 by Fireblocks
September 8th-10th, 2025 | 🇪🇸 Spain

Register Now

Apex Invest Global Event Series 2025
September 22nd-23rd, 2025 | 🇨🇭 Switzerland

Register Now

Sibos 2025
September 29th-October 2nd, 2025 | 🇩🇪 Germany

Register Now

Tokeny Team Building
September 17th-19th, 2025 | 🇪🇸 Spain

Learn More

KCMC 2025
September 29th-30th, 2025 | 🇰🇷 South Korea

Register Now ERC3643 Association Recap

Stellar Development Foundation Joins ERC3643 Association

The Stellar Development Foundation (SDF), a non-profit organisation supporting the development and growth of the Stellar network, today announced it has joined the ERC3643 Association.

Learn more here

The U.S. White House has highlighted the growing impact of tokenisation in its newly released report.

On page 40, a market sizing chart for RWAs, provided by our member Plume, includes a small but meaningful footnote: the chart begins in September 2021, the month the Ethereum community officially recognised the ERC-3643 tokenisation protocol as an official standard for permissioned tokens.

Learn more here

Subscribe Newsletter

A monthly newsletter designed to give you an overview of the key developments across the asset tokenization industry.

Previous Newsletter  Sep1 SkyBridge Tokenises $300m Hedge Funds with Tokeny and Apex Group August 2025 SkyBridge Tokenises $300m Hedge Funds with Tokeny and Apex Group Last month, together with Apex Group, we introduced Apex Digital 3.0, the first… Aug1 Apex Digital 3.0 is Live – The Future of Finance Starts Now July 2025 Apex Digital 3.0 is Live – The Future of Finance Starts Now To truly scale tokenisation, we need a global force at the… Jul1 Real Estate Tokenization Takes Off in Dubai June 2025 Real Estate Tokenization Takes Off in Dubai Dubai’s real estate market is breaking records. According to data shared by Property Finder, Dubai recorded… May13 Is the UAE Taking the Lead in the Tokenization Race? April 2025 Is the UAE Taking the Lead in the Tokenization Race? As you know, the U.S. is now pushing to become the crypto nation.…

The post SkyBridge Tokenises $300m Hedge Funds with Tokeny and Apex Group appeared first on Tokeny.


uquodo

How to Detect Deepfakes: Advanced Identity Verification for 2025

The post How to Detect Deepfakes: Advanced Identity Verification for 2025 appeared first on uqudo.

Saturday, 30. August 2025

Aergo

Cut the Noise, Find Conviction: Crypto’s Next Chapter with DeFAI and ArenAI

As markets oscillate between euphoria and despair, investors are left asking the timeless question: What do I own, and what do I trade? Yet in today’s world of TradingView charts, Twitter threads, Telegram calls, Medium deep-dives, and endless newsletters, the real challenge is not just deciding between BTC, ETH, or the next altcoin. It is cutting through the noise. Everyone has an opinion, and co

As markets oscillate between euphoria and despair, investors are left asking the timeless question: What do I own, and what do I trade? Yet in today’s world of TradingView charts, Twitter threads, Telegram calls, Medium deep-dives, and endless newsletters, the real challenge is not just deciding between BTC, ETH, or the next altcoin. It is cutting through the noise. Everyone has an opinion, and consuming them all takes enormous energy. Finding a strategy that actually fits your needs is harder than ever.

And even if you manage to find the right answer, that is only half the battle. Implementing it in your portfolio means identifying the best yield models, deciding between staking and re-staking, and continually rebalancing across different chains and platforms. For most, this becomes a full-time job.

That reality is about to change. DeFAI (Decentralized Finance + AI) is poised to unlock possibilities that many investors were previously unaware of. Intelligent systems can filter the noise, craft strategies tailored to your goals, and execute them automatically across chains. Instead of waking up at 3 AM to react to volatility, DeFAI agents will monitor, rebalance, and compound for you while you sleep.

ArenAI: The Investor’s Edge

For investors, ArenAI offers a straightforward way to access sophisticated strategies without requiring coding or tracking every market tick. You can browse models created by experts, select those that fit your goals, and let them work on your behalf in real time. Whether you want a conservative ETH staking strategy, an aggressive momentum trader, or a balanced multi-chain allocator, ArenAI lets you plug into ready-made intelligence that adapts as conditions change.

From Consumer to Creator

But ArenAI does not stop at consumption. If you have an investment thesis or a trading style that works, you can turn it into a model and offer it to others on a subscription basis. Your trading perspective becomes more than just a personal experiment. It becomes a product that others can use and pay for, creating an entirely new revenue stream. Instead of being lost in a sea of opinions, you can build, implement, and monetize your own edge.

Ready to cut through the noise and find your edge? Start the journey at hpp.io

Cut the Noise, Find Conviction: Crypto’s Next Chapter with DeFAI and ArenAI was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.

Monday, 12. May 2025

Radiant Logic

Modernizing Healthcare IAM: From Legacy Pain Points to Unified Identity

Explore how modernizing healthcare IAM with RadiantOne transforms legacy pain points into unified identity solutions, enabling faster provisioning, improved security, and seamless access for caregivers across all systems. The post Modernizing Healthcare IAM: From Legacy Pain Points to Unified Identity appeared first on Radiant Logic.

Recognito Vision

How Facial Recognition Attendance System Is Changing Attendance Management

Tracking attendance has evolved significantly from the old methods of paper registers and punch cards. Today, organizations are increasingly adopting facial recognition attendance systems to streamline tracking, improve security, and save time. These systems combine advanced face detection attendance system technology with AI to ensure accurate and hassle-free employee management. With workplaces g

Tracking attendance has evolved significantly from the old methods of paper registers and punch cards. Today, organizations are increasingly adopting facial recognition attendance systems to streamline tracking, improve security, and save time. These systems combine advanced face detection attendance system technology with AI to ensure accurate and hassle-free employee management.

With workplaces getting more tech-driven, integrating an AI attendance system not only improves efficiency but also reduces human errors associated with traditional attendance methods. This technology ensures that attendance is accurate, instantaneous, and tamper-proof, offering a significant upgrade over legacy systems.

 

What is a Facial Recognition System for Attendance

A facial recognition system for attendance uses biometric technology to identify individuals based on their unique facial features. Unlike cards or fingerprint scanners, face recognition offers touch-free verification, making it quicker and more sanitary.

These systems capture the user’s face using cameras and match it against a stored database. The system analyzes unique facial features, such as eye spacing, nose structure, and jaw contours, to confirm a person’s identity. Modern AI-powered systems even adapt to changes in lighting, angle, and facial accessories like glasses or masks.

 

Key Features of a Facial Recognition System for Attendance Contactless Verification: Reduces physical touchpoints, improving hygiene.

High Accuracy: Advanced algorithms minimize false positives and negatives.

Real-Time Tracking: Attendance logs update instantly.

Integration with Payroll: Automatically syncs attendance data with payroll systems.

Multi-Device Support: Works on cameras, smartphones, and tablets.

A study by NIST FRVT highlights the high accuracy rates of modern facial recognition algorithms, proving their reliability in real-world applications. For detailed technical insights, you can check their Face Recognition Technology Evaluation.

 

Benefits of Using a Face Detection Attendance System

Switching to a face detection attendance system offers several benefits for organizations, large or small:

Time Efficiency: Employees no longer wait in lines to clock in. Attendance is recorded within seconds.

Reduced Buddy Punching: Eliminates the risk of proxy attendance since the system identifies each individual uniquely.

Enhanced Security: Only authorized personnel can gain access to the premises.

Data Analytics: Offers detailed insights into attendance trends, overtime, and staff punctuality.

Cost Savings: Cuts down administrative work and prevents errors in manual attendance management.

 

AI-Based Face Recognition Attendance System in Modern Workplaces

The rise of AI has transformed traditional face recognition systems into AI-based face recognition attendance systems. These solutions not only identify faces but also analyze patterns, detect anomalies, and prevent fraud.

For instance, AI algorithms can detect if someone is trying to spoof the system using a photo or video. This adds an extra layer of security that older systems lacked. Additionally, AI models continuously learn from new data, improving their accuracy over time.

Companies implementing AI attendance systems have reported up to 30% reduction in payroll errors and significant improvements in attendance management efficiency.

 

Face Recognition Time Attendance vs Traditional Methods Feature Traditional Methods Face Recognition Time Attendance Verification Speed Slow (manual punch cards) Instant (seconds per employee) Contactless No Yes Accuracy Prone to errors High accuracy with AI algorithms Security Vulnerable to proxy Secure and tamper-proof Integration Manual processing Automated with payroll and HR tools

Switching to a face recognition time attendance system modernizes workplace management while improving employee experience and operational efficiency.

 

Implementing a Facial Recognition Attendance System

Setting up a facial recognition attendance system needs thoughtful preparation:

Assess Needs: Identify the number of employees, office layout, and data management requirements.

Choose the Right Software: Select software that is AI-driven, scalable, and compatible with your current HR systems.

Hardware Setup: High-quality cameras and controlled lighting improve recognition accuracy.

Training & Onboarding: Educate staff about system usage and privacy measures.

Regular Audits: Monitor accuracy and performance regularly to ensure reliability.

Organizations that implement these steps experience smoother adoption and minimal disruptions.

 

Use of Facial Recognition Attendance System in Different Industries

Facial recognition attendance systems are versatile and can benefit a wide range of industries, from education to healthcare. This is how various industries are putting this technology to use:

 

Education: Colleges and Schools Schools and colleges implement facial recognition system for attendance to automate class attendance, reduce buddy punching, and maintain secure campuses.

Real-time tracking helps identify latecomers and monitor classroom occupancy efficiently.

Corporate Offices Large companies use AI attendance systems to streamline employee check-ins and integrate with payroll.

Face recognition time attendance ensures only authorized personnel access sensitive areas.

Small Businesses Small businesses benefit from reduced administrative overhead with face detection attendance systems.

These systems require minimal hardware, making them cost-effective while still accurate.

Hospitals Medical facilities adopt AI-based face recognition attendance systems to track doctors, nurses, and staff shifts accurately.

Contactless verification also reduces infection risks in sensitive environments.

Banks and Financial Institutions Banks use facial recognition attendance systems to secure entry points and monitor staff presence efficiently.

Integrating attendance data with HR systems ensures compliance and improves operational reporting.

Across all these industries, facial recognition attendance systems provide a reliable, secure, and efficient method for managing workforce attendance while reducing errors and administrative work.

Case Study: Efficiency Gains from AI Attendance Systems

A mid-sized tech company in the US replaced their fingerprint-based attendance system with an AI attendance system. Within three months:

Attendance errors dropped by 85%.

Payroll processing time reduced by 50%.

Employee satisfaction improved due to reduced waiting times and contactless check-ins.

This shows how integrating a facial recognition system for attendance directly impacts operational efficiency.

 

Common Challenges and Solutions

Even with advanced technology, some challenges may arise:

Lighting Variations: Use cameras with wide dynamic range or adjust indoor lighting.

Mask or Accessories: AI algorithms trained with partial face data can still recognize employees.

Data Privacy: Store data securely, follow local regulations, and inform employees about usage.

By addressing these challenges proactively, organizations can fully leverage the benefits of a modern AI-based face recognition attendance system.

 

Conclusion

A facial recognition attendance system is more than a convenience; it’s a strategic investment that improves accuracy, efficiency, and security in workforce management. From face detection attendance systems to face recognition time attendance, integrating AI transforms how organizations track attendance.

For organizations looking to adopt cutting-edge solutions, learning from NIST FRVT evaluations can guide technology selection. Recognito offers solutions that combine advanced AI with user-friendly implementation, making it easier for businesses to adopt modern facial recognition attendance systems without hassle.

Explore more at Recognito GitHub for tools and resources related to AI attendance management.

 

Frequently Asked Questions

 

1. How accurate are facial recognition attendance systems?

Modern AI-based systems can achieve over 99% accuracy. Accuracy may vary slightly depending on lighting, camera quality, and employee positioning.

2. Can facial recognition systems work with masks or glasses?

Yes. Advanced algorithms recognize partial faces, so verification works even when employees wear masks, glasses, or hats.

3. Are facial recognition attendance systems safe and secure?

Yes. Data is encrypted, access is restricted to authorized personnel, and AI prevents spoofing or fraud attempts.

4. How do facial recognition systems compare to traditional methods?

They are faster, contactless, more accurate, and prevent buddy punching. Integration with payroll and HR systems also saves time and reduces errors.

5. Which industries benefit most from facial recognition attendance systems?

Schools, colleges, corporate offices, banks, hospitals, and small businesses use these systems to improve attendance tracking, security, and operational efficiency.


iComply Investor Services Inc.

AML for Insurers: Global Regulatory Pressures and Smart Automation Solutions

Insurers face growing global AML scrutiny. This guide shows how to simplify compliance, monitor brokers, and meet multi-jurisdictional requirements using iComply.

Insurance firms face increasing AML scrutiny across jurisdictions—from onboarding to broker due diligence. This article explores key KYB, KYC, and AML obligations in Australia, Canada, the U.S., UK, and Singapore—and how iComply simplifies compliance workflows with edge-secure automation.

Insurers are no longer flying under the AML radar. Regulatory bodies from AUSTRAC to the FCA are sharpening expectations for identity verification, beneficial ownership checks, transaction monitoring, and third-party oversight—particularly for insurers operating across regions or managing delegated broker networks.

In this increasingly complex environment, manual compliance approaches can’t scale. The solution? Intelligent, flexible, and automated AML tools tailored to insurance workflows.

Global AML Standards for Insurers Australia Regulator: AUSTRAC Requirements: AML/CTF program, CDD/EDD on policyholders and beneficiaries, broker monitoring, and suspicious matter reporting Canada Regulator: FINTRAC + OSFI Requirements: Identification of policyholders, UBO checks for corporate accounts, source of funds verification, and transaction monitoring United States Regulators: State DOIs, FinCEN, NAIC guidance Requirements: Customer identification programs (CIP), sanctions/PEP screening, and STRs for high-value or suspicious policies United Kingdom Regulator: FCA Requirements: CDD for life insurance clients, ongoing monitoring of brokers, sanctions screening, and AML risk assessments under MLR 2017 Singapore Regulator: MAS Requirements: AML/CFT policyholder and intermediary due diligence, transaction reviews, and suspicious transaction reporting (STR) Unique Insurance-Specific Risks

1. Broker and MGA Delegation
Insurers rely on brokers and MGAs to onboard and service clients—creating compliance gaps without centralized oversight.

2. Long-Term Policies and Beneficiaries
Life insurance, annuities, and trusts require deeper due diligence due to multiple parties and beneficiary changes over time.

3. Geographic Expansion
Insurers expanding across jurisdictions must manage overlapping and conflicting compliance frameworks.

4. High-Value Transactions
Single-premium life insurance or corporate policies may attract financial crime risk, especially when funded through offshore accounts or third parties.

How iComply Helps Insurance Firms Stay Ahead

iComply provides modular tools designed for real-world insurance compliance—covering policyholder, broker, and partner workflows with full auditability.

1. KYC + KYB for Policyholders and Brokers Onboard individuals and legal entities via branded portals Edge-based identity checks support secure document and biometric verification Automate UBO discovery and documentation 2. AML Monitoring + Screening Screen policyholders, brokers, and payees against sanctions, PEP, and adverse media Monitor payments and claim patterns using configurable risk models Trigger alerts based on policy type, geography, or source of funds 3. Broker Oversight Tools Centralized broker verification and periodic review cycles Assign compliance ownership and flag issues within shared dashboards 4. Privacy-First Architecture Deploy on-prem or in region to support data residency needs Encrypt personal data before transit; manage user consent 5. Audit-Ready Case Management Maintain logs of onboarding decisions, escalations, and communications Generate compliance reports for internal audits or regulator reviews Case Insight: Commercial Insurer in Australia

A national property and casualty insurer used iComply to centralize onboarding and screening for commercial policyholders and their brokers. Key results:

50% reduction in business client onboarding time Improved detection of shell companies and nominee directors Passed AUSTRAC inspection with full audit traceability and no findings Final Take

Insurers that rely on outdated compliance processes are exposed—not just to enforcement, but to inefficiencies and missed risk signals.

Connect with iComply to learn how our platform helps insurance providers simplify AML tasks, reduce broker risk, and stay compliant—across borders and business lines.

Thursday, 28. August 2025

HYPR

The CBUAE's SMS and OTP Ban is a Golden Opportunity

The Central Bank of the UAE has drawn a line in the sand. By March 2026, the era of the SMS and One-Time Passwords will be over for the nation's financial institutions. This is not a minor policy tweak. It's a seismic shift. For years, the SMS/OTP has been the default security blanket for digital banking. A familiar, but flawed, solution. But the CBUAE's directive acknowledges a h

The Central Bank of the UAE has drawn a line in the sand. By March 2026, the era of the SMS and One-Time Passwords will be over for the nation's financial institutions.

This is not a minor policy tweak. It's a seismic shift.

For years, the SMS/OTP has been the default security blanket for digital banking. A familiar, but flawed, solution. But the CBUAE's directive acknowledges a harsh reality: in the face of sophisticated phishing, SIM-swapping, and social engineering attacks, this legacy method has become a critical liability. It creates unacceptable financial and reputational risk.

For the C-suite in the UAE's banking sector, it's easy to view this as another compliance burden. Another costly, complex project to manage. But that’s a limited view. The leaders who will win the next decade of digital banking will see this mandate for what it truly is: a strategic inflection point. This is your opportunity to leapfrog the competition by building a digital experience that is not only radically more secure, but also profoundly simpler for your customers.

Phishing-Resistant Passkeys: The Secure Alternative to SMS OTP

The CBUAE recommends a move toward robust, risk-based authentication. The golden standard that unequivocally answers this call is passkeys.

Passkeys are not just an incremental improvement. They represent a fundamental change in authentication technology, offering a rare combination of superior security and a user experience that is genuinely effortless. Built on FIDO standards, passkeys replace passwords and OTPs entirely. They use the biometrics already built into your customers' devices, like Face ID or a fingerprint, to create a login experience that is fast, familiar, and frictionless.

So, why are passkeys the definitive solution to the CBUAE mandate?

They are Inherently Phishing-Resistant. A passkey is cryptographically bound to your bank's specific website or app. There is no password to steal, no code to intercept. The primary attack vector for financial fraud is neutralized at its source, directly protecting your customers and your firm’s bottom line. They Create a World-Class Customer Experience. No more waiting for delayed SMS messages. No more frustrated calls to the help desk. A frictionless, biometric login increases digital channel adoption, boosts customer satisfaction, and builds loyalty in a fiercely competitive market. They Lower Your Operational Costs. The business case is undeniable. You can immediately eradicate the significant and rising costs of SMS delivery. More importantly, passwordless authentication slashes password-related help desk inquiries, lowering your total cost of ownership (TCO) and freeing up valuable IT resources to focus on innovation, not resets. From Onboarding to Transactions: A CIAM Approach to Customer Identity

True digital leadership isn't just about a secure login. It’s about securing the entire customer relationship. This is where HYPR’s Customer Identity and Access Management (CIAM) solution extends the power of passkeys across the entire user journey.

Our unified framework allows you to:

Onboard Customers with Trust: Securely register new customers and establish confidence from the very first interaction, accelerating their transition into high-value digital clients. Deliver Effortless Authentication: Provide a consistent, best-in-class login experience across all your digital properties, reinforcing your brand’s commitment to innovation and security. Protect High-Value Transactions: Implement seamless, biometric step-up authentication for sensitive actions, preventing fraud without adding frustrating friction for your legitimate customers. The HYPR Advantage: Proven Results and Accelerated Time-to-Market

Navigating this transition requires more than just new technology; it requires a proven, globally-deployed partner.

HYPR is not a startup testing a new theory. We are the trusted identity partner to the world's most demanding financial institutions, including two of the four largest US banks. Our FIDO-certified solutions are architected for the scale, reliability, and security your institution demands. And with our flexible SDKs and APIs, we enable rapid integration with your existing infrastructure, ensuring you lead the market in this transition, not follow it.

Conclusion

The CBUAE’s SMS OTP ban is far more than a compliance requirement — it’s a turning point for the UAE’s financial sector. Institutions that treat it as a checkbox exercise will fall behind, while those that embrace phishing-resistant passkeys will gain a lasting competitive edge.

Now is the time to act. With the March 2026 deadline fast approaching, early movers will be the ones to set the standard for secure, passwordless digital banking in the region.

Related Resources Preventing Social Engineering Attacks on the Helpdesk Best Practices for Identity Proofing in the Workplace NIST SP 800-63-3 Review: Digital Identity Guidelines Overview Passwordless MFA Security Evaluation Guide


1Kosmos BlockID

Addressing AI-Enabled Hiring Fraud: The Remote Work Identity Challenge

Hiring fraud is in the news. Google recently announced it’s bringing back in-person job interviews, citing concerns about AI cheating during technical assessments. But there’s a bigger issue lurking beneath the surface: how do companies verify that the identity of the person who applied, interviewed remotely, and got hired is actually the same and is … Continued The post Addressing AI-Enabled Hi

Hiring fraud is in the news. Google recently announced it’s bringing back in-person job interviews, citing concerns about AI cheating during technical assessments. But there’s a bigger issue lurking beneath the surface: how do companies verify that the identity of the person who applied, interviewed remotely, and got hired is actually the same and is who they claim to be?

This identity verification challenge has created an opening that sophisticated fraud networks and state-sponsored actors are actively exploiting. The US government has recognized the serious issue of North Korean operatives successfully impersonating American tech workers, securing remote positions and gaining access to sensitive corporate systems.

The Scale of the Problem

According to the Federal Trade Commission, financial losses from job and employment scams have exploded from $90 million in 2020 to more than $501 million in 2024, a staggering 456% increase that signals the emergence of hiring fraud as a major profit center for organized criminal networks.

These financial losses, while significant, represent only the measurable impact. The broader concern is operational disruption, intellectual property theft, and potential access to sensitive systems that could compromise business operations or customer data.

How Modern Hiring Fraud Works

Today’s hiring fraud has evolved beyond simple resume padding. We’re witnessing the emergence of “synthetic identities,” completely fabricated personas backed by AI-generated credentials, deepfake technology, and sophisticated social engineering.

AI-Powered Identity Fabrication

Modern fraud networks deploy AI tools that can generate convincing resumes and cover letters in minutes. More concerning, they’re using deepfake technology to mask fraudsters’ appearances and voices during video interviews, creating personas that can pass human scrutiny while bypassing traditional verification methods.

These aren’t isolated incidents. According to Google’s Mandiant threat intelligence team, one American facilitator working with North Korean IT workers “compromised more than 60 identities of U.S. persons, impacted more than 300 U.S. companies, and resulted in at least $6.8 million of revenue” over just three years. The report notes it’s “not uncommon for a DPRK IT worker to be working multiple jobs at once, pulling in multiple salaries on a monthly basis.”

The Challenges with Current Hiring Processes

The very technologies designed to streamline hiring (automated applicant screening, virtual interviews, and rapid onboarding) have become tools that sophisticated adversaries exploit at unprecedented scale.

The traditional hiring trust model, built on static documents, phone interviews, and the assumption that remote workers are who they claim to be, has proven insufficient in an era of AI-enabled deception.

Moving Beyond Point Solutions: The Identity Assurance Approach

Most cybersecurity vendors are approaching hiring fraud with the same mindset they apply to email phishing or malware detection as a point-in-time problem requiring better filters. But hiring fraud isn’t just a detection problem; it’s an identity assurance challenge.

Current solutions fall into two categories: applicant filters that optimize recruitment by culling suspicious applications, and breach prevention tools that try to catch infiltrators before they access sensitive systems. Both approaches treat symptoms while ignoring the root cause: the absence of a verifiable, persistent digital identity foundation.

How 1Kosmos Addresses Identity Assurance

1Kosmos has developed a different approach to this challenge, one that establishes verified identity proofing at the very first interaction and maintains that assurance throughout the entire employee lifecycle.

Our platform’s LiveID technology performs real-time liveness detection while cross-referencing live biometrics with verified government-issued credentials from issuing authorities. This creates a triangulation of identity claims that is exponentially more difficult for synthetic identities or deepfakes to spoof than traditional document-plus-selfie verification methods.

Continuous Identity Assurance Beyond Hiring

The value of true identity assurance extends beyond initial hiring decisions. Once an employee’s digital identity is established through the 1Kosmos platform, it becomes the foundation for every subsequent authentication, access request, and sensitive transaction throughout their tenure.

While point solutions focus exclusively on the hiring moment, 1Kosmos provides continuous identity-backed security. This addresses an important gap in most security strategies: the reality that threats don’t end once someone is hired. Account takeovers, insider threats, and credential compromise can still occur unless there’s a persistent, biometrically-backed identity foundation preventing them.

Building the Identity Foundation for Modern Workforce Security

The hiring fraud challenge represents more than a cybersecurity issue. It’s a trust challenge that requires organizations to rethink how they establish and maintain confidence in their workforce’s identity.

Companies can no longer afford to treat identity as a point-in-time checkbox in their security strategy. In an environment where sophisticated adversaries can manufacture convincing digital personas and nation-state actors are actively infiltrating American businesses through fraudulent hiring, identity assurance must become the foundational layer upon which all other security measures are built.

1Kosmos addresses hiring fraud by:

Establishing Trust on First Use: Securely onboarding new hires with high-assurance, government-verified identity proofing Maintaining Trust Continuously: Providing continuous monitoring and persistent identity assurance for every login, access request, and sensitive operation Empowering User Control: Making employees partners in their own security by giving them control over their identity data Future-Proofing the Enterprise: Creating a zero-trust foundation that protects against the full spectrum of identity-based threats Looking Forward: Evolution in Identity Security

As AI-powered deception capabilities continue to advance and organized fraud networks become increasingly sophisticated, companies face an important choice: evolve their identity assurance strategies or remain vulnerable to an escalating threat.

The companies that recognize identity as the new security perimeter and invest in platforms that provide verified identity assurance rather than point-in-time fraud detection will gain a significant advantage in both security and talent acquisition.
The question isn’t whether your organization will encounter hiring fraud. The question is whether you’ll detect it before it impacts your business, or better yet, prevent it entirely by building your workforce on a foundation of verified, persistent digital identity.

Is your organization prepared for the next wave of AI-enabled hiring fraud? Discover how 1Kosmos provides the identity foundation your workforce security strategy needs. Watch a Demo

The post Addressing AI-Enabled Hiring Fraud: The Remote Work Identity Challenge appeared first on 1Kosmos.


Indicio

Answering IATA’s call: how Indicio solves the bottlenecks in air travel

The post Answering IATA’s call: how Indicio solves the bottlenecks in air travel appeared first on Indicio.
Combining Verifiable Credentials with biometric authentication, Indicio Proven underpins secure, privacy-preserving, and scalable travel tech solutions for governments, airlines, and airports.

By Trevor Butterworth

The International Air Transport Association (IATA) recently released a new white paper, Unlocking the Future – The Passenger’s Journey Toward a Seamless and Contactless Experience which highlights the pressing challenges facing aviation: growing passenger volumes, repeated identity checks, and the burden of manual document verification at every stage of the journey. 

From baggage drop to security,  lounge access to boarding, and crossing international borders, travelers are asked to present documents again and again. This creates bottlenecks, frustrates passengers, consumes staff resources, and creates long queues that overwhelm airport infrastructure.

With air travel numbers growing each year and expected to reach eight billion by 2041, IATA argues that it is imperative to shift identity and admissibility checks as quickly as possible into a seamless, contactless system. 

This is what Indicio’s decentralized identity technology makes possible.

Indicio was the first to successfully develop and deploy Digital Passport Credentials following the International Civil Aviation Organization’s (ICAO) specification  for Digital Travel Credentials (DTC) to allow travelers to cross borders in seconds.

Indicio was also the first to implement IATA’s OneID for seamless check in, lounge access, and boarding — and show how it could be combined with a Digital Passport Credential for international travel in a simple, single workflow for a traveler.

And Indicio will be the first to deploy a Digital Passport Credential issued by governments by the end of the year — and will use its expertise to help develop these credentials for issuance by European governments as part of the APTITUDE Large Scale Pilot project.

Streamline the traveler experience with reusable digital identity

Airlines, airports, and border agencies all need to confirm passenger identity. This means repeating the same check multiple times. 

Indicio Proven® turns these manual checks into automated, seamless experiences  by creating “government-grade” digital identities that combine authenticated biometrics with Verifiable Credentials. 

Verifiable Credentials are tamper-proof digital credentials held in a digital wallet on a mobile device. They can be cryptographically verified — which is instantaneous. 

With Digital Passport Credentials, travelers  scan the electronic chips in their passports. Indicio’s software ingests the data and then checks the electronic image of the person against a liveness check to make sure that the person doing the scan is the same as the person the passport belongs to. The passport data is then cryptographically verified to make sure it was issued by a legitimate passport office, upon which the traveler receives a Digital Passport Credential. This credential follows the ICAO specifications for a DTC-1.

Alternatively, the Digital Passport Credential is issued directly by the passport office as a counterpart to a traveler’s physical passport. This credential follows the ICAO specifications for DTC-2.

The result is that travelers have digital identities that can be seamlessly authenticated, either through a face scan or a contactless corridor.

In effect, the traveler’s face becomes their boarding pass. Airlines, airports, and border authorities can trust that the person cleared at the start is the same person moving through each step, without requiring the passenger to repeatedly present paper documents or plastic cards.

Meeting immigration and transit requirements

IATA’s white paper also notes the strain on airlines from needing to confirm that every international traveler has been approved for entry. Manual checks slow down processing and errors can lead to costly delays and fines. 

Indicio solves this by making it possible to verify a passenger’s immigration status before they even arrive at the airport. 

Credentials that prove visa status or travel authorization can be issued and shared as Verifiable Credentials, and instantly authenticated by the airline and immigration control. 

 Airlines now have a secure way to stop inadmissible travelers from boarding and ensure smooth operations for carriers.

Why Indicio is the right partner

IATA’s call for an interoperable, end-to-end solution that transforms the passenger journey isn’t something in the distant future, it’s here today at Indicio with technology already in use by airports and governments worldwide.

Our technology gives travelers a consistent, reliable experience anywhere, while providing authorities and airlines the assurance they need everywhere.

The future of aviation depends on removing bottlenecks and maintaining security. Indicio Proven® makes that future possible today.

Get your free travel architecture consultation from one of our experts here.  

 

###

The post Answering IATA’s call: how Indicio solves the bottlenecks in air travel appeared first on Indicio.

Wednesday, 27. August 2025

Anonym

Rethinking Identity Insurance: From Payouts to Prevention  

For many insurers, identity insurance is still framed as a safety net. It’s only there if something goes wrong. For customers, that means help only arrives after fraud has already caused real problems. For insurers, it means bigger payouts.  This old way of doing things is expensive, and it’s quickly losing relevance.  The better way: […] The post Rethinking Identity Insurance: From Pa

For many insurers, identity insurance is still framed as a safety net. It’s only there if something goes wrong. For customers, that means help only arrives after fraud has already caused real problems. For insurers, it means bigger payouts. 

This old way of doing things is expensive, and it’s quickly losing relevance. 

The better way: Add proactive protection to your offerings.  

What is a proactive identity protection suite?  

A proactive identity protection suite has privacy and security tools that actively prevent fraud before it happens. These solutions work continuously, blocking threats in the background and seamlessly integrating safer tools into your customers’ daily lives.  

Key capabilities include: 

Credit freezes prevent criminals from opening fraudulent accounts.  Dark-web monitoring scans hacker forums for exposed data such as SSN and credit card details.  Personal data removal finds sensitive information from people-search and data broker sites.  Phishing and malware defense protect users with secure email and browser tools that block scams at the source.  Password manager creates and stores strong, unique passwords for every account, preventing credential theft and account takeover.  Private browser blocks ads, trackers, and cookies while keeping browsing history fully encrypted, ensuring no one can follow users online.  VPN (Virtual Private Network) encrypts internet connections on any network, protecting data and activity from hackers, snoops, or unsafe Wi-Fi. 

Why prevention works 

Credit monitoring, real-time alerts, and dark-web scanning allow insurers and customers to spot threats early. Stopping fraud at the source not only saves customers from stress but also reduces costly claims for insurers. The result is greater peace of mind for policyholders and stronger retention for providers. 

By catching suspicious activity quickly, these solutions prevent minor issues from turning into significant losses. Customers see the benefit every day, which keeps them engaged and feeling secure. And for insurers, that proactive approach means fewer claims to cover, lower costs, and stronger long-term relationships with policyholders. 

The dual benefit of proactive insurance 

Proactive identity protection turns a one-time claim process into a continuous service that builds trust and engagement. Better yet, this trust becomes a business advantage:  

Customer retention matters. Improving retention by just 5% can boost insurer profits by 25% to 95%. 

In the insurance sector, offering seamless digital engagement and proactive protection can significantly increase customer loyalty, resulting in more renewals and upsell opportunities. 

Prevention pays (literally) 

For insurers, prevention benefits customers and helps the bottom line. Every fraudulent incident avoided is a claim you don’t have to pay. At scale, that translates into substantial savings. Add in the fact that subscription-based identity protection creates recurring, high-margin revenue, and the business case becomes clear.  

A proactive model lowers overall risk exposure while generating consistent income, all while positioning your brand as a leader in trust and innovation. The end result is stronger financial performance and stronger customer relationships. 

Protect your customers and your bottom line  

The old way of handling identity theft, waiting until fraud happens and then covering the losses, isn’t enough anymore. Customers don’t just want reimbursement, they want protection. Proactive tools turn identity insurance into something customers use every day, not just in a crisis. 

The benefits flow both ways: 

Customers avoid the stress and frustration of fraud before it ever impacts their lives.  Insurers cut down on claim payouts, reduce operating costs, and strengthen long-term loyalty. 

With Anonyome Labs’ Digital Identity Protection suite, insurers can deliver these proactive tools under their own brand. It’s a simple way to move from reactive payouts to daily, trust-building protection by creating a win for both policyholders and your bottom line.  

Get a demo today!  

The post Rethinking Identity Insurance: From Payouts to Prevention   appeared first on Anonyome Labs.


ComplyCube

ComplyCube wins 2025 Tech Cares Award for Third Consecutive Year

In recognition of the IDV leader’s consistent efforts and innovative approach in the tech sector, ComplyCube has been presented with the Tech Cares Award by TrustRadius for Corporate Social Responsibility. The post ComplyCube wins 2025 Tech Cares Award for Third Consecutive Year first appeared on ComplyCube.

In recognition of the IDV leader’s consistent efforts and innovative approach in the tech sector, ComplyCube has been presented with the Tech Cares Award by TrustRadius for Corporate Social Responsibility.

The post ComplyCube wins 2025 Tech Cares Award for Third Consecutive Year first appeared on ComplyCube.


Aergo

House Party Protocol (HPP) Integrates with Orbiter Finance: Accelerating the AI-Native Future

The AI-native era is not a distant vision. It’s here today. A new class of infrastructure is emerging, designed to power real-time autonomous agents, verifiable off-chain inference, and multi-chain economies. In this movement, House Party Protocol (HPP) is excited to announce its integration with Orbiter Finance. Through this partnership, Orbiter becomes HPP’s official cross-chain bridge par

The AI-native era is not a distant vision. It’s here today. A new class of infrastructure is emerging, designed to power real-time autonomous agents, verifiable off-chain inference, and multi-chain economies. In this movement, House Party Protocol (HPP) is excited to announce its integration with Orbiter Finance.

Through this partnership, Orbiter becomes HPP’s official cross-chain bridge partner, enabling fast, low-cost, and secure transfers of $ETH, $USDC, and $HPP directly to the HPP Mainnet. This integration does more than connect assets. It opens a new gateway for developers, enterprises, and communities to build, deploy, and scale in the AI-native economy.

The HPP-Orbiter Vision

The HPP-Orbiter partnership goes beyond bridging — it lays the foundation for a new wave of possibilities in decentralized AI. By channeling liquidity into HPP, Orbiter enables AI-native DeFi through platforms like ArenAI, where autonomous agents can power next-generation trading and yield strategies.

Its interoperability also opens the door for cross-chain AI markets, allowing tokens, data, and intelligent agents from other ecosystems to seamlessly participate in HPP’s verifiable AI economy. As HPP expands its partner stack, Orbiter serves as the key connectivity hub, ensuring that liquidity, agents, and innovation flow freely across the broader Web3 and AI landscape.

Orbiter’s Role: Fueling Cross-Chain Agility

As HPP’s official bridge partner, Orbiter Finance plays a pivotal role in expanding accessibility to HPP’s ecosystem. By providing low-fee and near-instant bridging, Orbiter ensures that liquidity, developers, and users can flow seamlessly into HPP.

With Orbiter, participants gain:

Effortless onboarding from major chains into HPP. Trusted security with decentralized liquidity pathways. Frictionless access to HPP-native dApps, AI agents, DeFi protocols, and enterprise-grade integrations. About HPP and Orbiter Finance

About House Party Protocol (HPP)

House Party Protocol (HPP) is an AI-native Layer 2 network designed to power decentralized intelligence. Evolving from Aergo’s enterprise-grade legacy, HPP serves as the AI-native reactor for decentralized systems, transforming intelligence into energy and providing a scalable foundation for autonomous agents, verifiable off-chain inference, and multi-chain economies.

About Orbiter Finance

Orbiter Finance is a decentralized cross-rollup bridge that offers secure, low cost and almost instant transfer. It has supported transactions of assets over 70 networks including Ethereum, Arbitrum, Optimism, Base, Sonic, Starknet, Berachain, Solana, Sui, Movement and other ETH L2s & BTC L2s.

House Party Protocol (HPP) Integrates with Orbiter Finance: Accelerating the AI-Native Future was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.


FastID

Vibe Shift? Senior Developers Ship nearly 2.5x more AI Code than Junior Counterparts

Fastly’s survey shows senior developers trust gen AI tools enough to ship 2.5x more AI code, while juniors stick to traditional coding and caution.
Fastly’s survey shows senior developers trust gen AI tools enough to ship 2.5x more AI code, while juniors stick to traditional coding and caution.

Tuesday, 26. August 2025

Indicio

Build a better mDL with biometrics using Indicio Proven®

The post Build a better mDL with biometrics using Indicio Proven® appeared first on Indicio.
Don’t settle for basic when you can get portable, fraud-proof mDLs biometrically bound to the holder.

By: Helen Garneau

Mobile driver’s licenses (mDLs) are digital credentials that replace physical, plastic driver’s licenses. You hold them on your phone and present them for instant identity authentication. Many states in the U.S. have begun issuing them, but they don’t always make them easy to verify, which inhibits adoption. The European Union has made mDL adoption a goal of its digital identity and digital wallet rollout.

Still, the promise is strong. What makes an mDL useful is the ability to verify it and confirm that the person presenting it is the rightful holder — and other useful information, such as their age.

But in an age of increasing biometric fraud, mDLs already need an upgrade — authenticated biometrics.

By authenticating the image of the person on the license as the person holding the license and then binding both to their device, an mDL becomes a much more powerful form of digital identity — capable of defense against biometric identity fraud.  

With Indicio Proven®, you have the power to authenticate biometrics using facemapping and liveness checks, validate official documents and the information they contain, and bind them to their rightful owner by issuing a Verifiable Credential.

This is the process used to create Digital Passport Credentials (DTCs)— ”government-grade” digital identities for crossing a border seamlessly — and a similar process can be used to create mDLs with authenticated biometric benefits.

Advanced mDL verification

With authenticated biometrics, mDLs are much more powerful. For businesses, this level of assurance opens the door to workflows that were previously too risky or too expensive to conduct remotely. Businesses and government services can confirm a person’s identity at a distance with confidence. This saves money and reduces fraud by eliminating duplicate verification steps and cutting back on time consuming and faulty manual processes. 

For example, a bank can onboard a customer remotely, knowing that the individual on the other side of the screen is the same person to whom the mDL was issued. This cuts the cost of in-branch visits, prevents fraud, and accelerates account openings. 

A healthcare provider can verify a patient’s identity before a telemedicine appointment, reducing the risk of errors or misuse of insurance. 

Employers can complete I-9 or age-verification processes remotely, without waiting for physical documents.

In travel, an mDL with authenticated biometrics can streamline every stage of domestic travel. Airlines can verify identity at booking, security, and boarding without requiring multiple checks of physical documents. 

The TSA can process travelers more efficiently, confident that the person presenting the mDL matches the credential issued to them. The result is a smoother passenger experience and stronger security at the same time.

Every successful mDL verification builds trust and adoption, creating an ecosystem where identity works as seamlessly as swiping a card, but with stronger security and privacy.

The bigger mDL picture

The long-term value is clear. An mDL that is biometrically bound to its holder moves across use cases and industries for faster, simpler, and more secure experiences. For the governments that have invested in issuing mDLs, adoption means their investment in mDLs is paying off.

Contact us to see how Proven can help you turn mDLs into the foundation for a trusted digital identity infrastructure that your business can rely on.

###

The post Build a better mDL with biometrics using Indicio Proven® appeared first on Indicio.


Kin AI

The Kinside Scoop 👀 #12

A peek at release week

Hey folks 👋

Two weeks has gone by in a flash for us - and we’ve got a lot to show for it.

So much in fact, that this email is a day late!

Before all of that, though, we have a quick favour to ask:

Turning up the pressure 🔥

We’ve started digging into a big question:
How does Kin serve people in high-pressure environments?

Founders. Entrepreneurs. Elite athletes.

People who operate under constant stakes and stress.

We’re listening, learning, and seeing how Kin can evolve into a real edge for how they prepare, recover, and perform.

If that sounds like you, or someone you know, we’d love to hear your story.

Get in contact with us at hello@mykin.ai, or reach out to us on our Discord, to start a conversation.

Anyway, now on to the changes…

What’s new with Kin 🚀 Advisors enter the chat 🧑‍🏫

Starting this week, we’re introducing Advisors into Kin - a collection of independent specialist personas designed to give you sharper, more tailored support.

At launch, you’ll meet:

Thinking Partner → to bounce around ideas

Strategic Assistant → to cut through the noise and plan

Relationship Coach → to help you navigate the messy stuff between people

We did this because, instead of a one-size-fits-all model, Advisors allow Kin to feel more like the roundtables and podcasts that inspire so many of us.

It’s a cleaner way to consider conflicting viewpoints, and to provide you with a range of dedicated fresh perspectives on whatever choice you decide to take.

Hands-free is free to roam 🎙️🚴

If you’ve been trying to use Kin while biking to work (very Danish of us), driving around, or squeezing in a jog, we have some good news.

Our new, updated hands-free experience will roll out this week, so you can properly chat with Kin on the move.

This mode lets Kin enter those short, in-between moments when you don’t have time to sit down - but still want to clear your head or prep for the day ahead.

Memory that actually remembers 🧠✨

We’ve been talking about our memory upgrades for a while, and this week, one of the first is going out.

This update makes Kin’s Memory clearer and more comprehensive, so that it’s easier to control, easier to review, and easier to give feedback on. That means more accurate recall, fewer frustrations, and better conversations over time.

It also means we’ll get more feedback from you, so we can make it better faster.

Come chat with us 🔊

You can always reach out to the KIN team at hello@mykin.ai with anything, from feature feedback to a bit of AI discussion (though support queries will be better helped over at support@mykin.ai).

For something more interactive, the official Kin Discord is still the best place to talk to the Kin development team (as well as other users) about anything AI.

We regularly run three casual weekly calls, and you’re invited:

Monday Accountability Calls - 5pm GMT/BST
Share your plans and goals for the week, and learn tips about how Kin can help keep you on track.

Wednesday Hangout Calls - 5pm GMT/BST
No agenda, just good conversation and a chance to connect with other Kin users.

Friday Kin Q&A - 1pm GMT/BST
Drop in with any questions about Kin (the app or the company) and get live answers in real time.

Our current reads 📚

Article - OpenAI want future ChatGPT models to be more user-customisable
READ - CNBC

Article - Cloudfare begins their AI Week
READ - Cloudfare

Article - AI ‘Immune’ system for tech Phoebe lands Google backing
READ - Sky News

Article - Why the future of AI is collaboration, not automation
READ - The Atlantic

This week’s super prompt 🤖

This week’s super prompt is:
“How do I tend to approach situations?”

If you have Kin installed and up to date, you can tap the link below (on mobile!) to immediately jump into discussing how you personally approach difficult situations, an gaining an insight to which of our three new Advisors you most closely identify with.

As a reminder, you can do this on both iOS and Android.

Open prompt in Kin

Keep talking 🗣

We’re gearing up for some big changes and big releases, both this week and beyond.

More importantly, what we’re bringing to you isn’t fully fleshed out - we’re building this plane while we’re flying it.

Which means, your voices are as needed as ever.

So please - reply to this email, chat in our Discord, or even just shake the app to reach out to us.

Without knowing how you feel, we can’t make Kin the best app it can be for you.

With love,

The KIN Team


1Kosmos BlockID

The Silent Payroll Heist Hitting Universities

As campuses gear up for another academic year, a quieter — but equally damaging — threat is draining university budgets: direct deposit fraud. This isn’t ransomware that makes headlines by shutting down networks. Instead, it slips through unnoticed. Fraudsters steal credentials, log in like a legitimate user, and quietly reroute paychecks, stipends, and refunds to … Continued The post The Silent

As campuses gear up for another academic year, a quieter — but equally damaging — threat is draining university budgets: direct deposit fraud.

This isn’t ransomware that makes headlines by shutting down networks. Instead, it slips through unnoticed. Fraudsters steal credentials, log in like a legitimate user, and quietly reroute paychecks, stipends, and refunds to their own accounts. By the time faculty or students realize a payment is missing, the money is long gone.

Why Universities Are Prime Targets

Universities process millions in payments every semester:

Faculty and staff payroll Student worker wages Research and graduate stipends Tuition refunds and financial aid

The attack surface is huge. Thousands of new students and employees join each term, many with limited cybersecurity awareness. Add in multiple disconnected systems (HR, payroll, bursar) and self-service portals that let users update bank info with little verification, and it’s a fraudster’s dream.

Anatomy of a Campus Heist

The playbook is simple:

Compromise credentials – via phishing or stolen logins. Access payroll/portal – log in as the user. Change direct deposit info – update bank details to a mule account. Wait for payday – the next paycheck or refund flows to the fraudster. No malware. No alarms. Just stolen wages. The True Cost

Beyond the missing funds, universities are left scrambling:

Covering replacement paychecks Hours of admin and IT investigation Damaged credit and financial stress for victims Reputational hits that erode trust with faculty and students

Worse, once a fraudster succeeds at one campus, the same playbook spreads quickly to others.

The Identity Gap

The weakness isn’t the technology — it’s the assumption. Most systems trust that if you know the password, you must be the rightful owner. In today’s world of credential compromise, that assumption is broken.

How to Stop It: Three Layers of Protection

Universities can close the gap by verifying more than just passwords:

Verify the person Step-up identity checks at the moment of a bank account change — government ID scan + selfie match, or biometric re-authentication. Verify the account Use services like Plaid to confirm the bank account is actually owned by the verified user, not a money mule. Verify the risk Apply risk-based rules: if the request comes from a new device or unusual location, enforce stronger checks before approving changes.

Together, these controls stop fraudsters cold, even if they’ve stolen valid credentials.

The Path Forward

Direct deposit fraud may not make headlines, but it’s quietly siphoning millions from universities. The fix is both available and practical: add identity verification at the exact point where sensitive changes happen.

For faculty and students, it’s 30 seconds of extra security. For universities, it’s the difference between a secure paycheck and a stolen one.

Contact us to learn how to implement identity verification on your campus.

The post The Silent Payroll Heist Hitting Universities appeared first on 1Kosmos.


liminal (was OWI)

5 Takeaways from Our IAM Demo Day

IAM Demo Day 2025: What Buyers Need to Know When we set out to host the IAM Demo Day, the goal was not just to showcase products. It was to answer a bigger question: what does the future of identity access management actually look like in practice? On August 20, 12 leading vendors gave us […] The post 5 Takeaways from Our IAM Demo Day appeared first on Liminal.co.
IAM Demo Day 2025: What Buyers Need to Know

When we set out to host the IAM Demo Day, the goal was not just to showcase products. It was to answer a bigger question: what does the future of identity access management actually look like in practice? On August 20, 12 leading vendors gave us their answer. From adaptive authentication and orchestration layers to access governance and Zero Trust enforcement, what became clear is that IAM is no longer a background IT function. It has become the connective tissue between security, compliance, and user experience.

For buyers such as CISOs under pressure to reduce risk, product leaders balancing login friction with conversion, and compliance officers navigating new regulatory regimes, the demos were a reminder that vendor selection in IAM is not about comparing feature checklists, but choosing the architecture your organization will be living with for the next decade.

1. Adaptive Authentication Is the New Baseline

The age of static passwords and “MFA everywhere” is over. Nearly 90% of enterprises experienced an account takeover attempt last year, and the vendors on stage were unanimous: authentication must adapt dynamically to context. Device, location, behavioral signals — these are the new inputs to trust.

As Joe Palmer, CIO at iProov, explained: “Not all biometrics are equal. Device biometrics like Face ID prioritize convenience over security. Cloud biometrics, tied to a trusted ID, are what stop deepfakes.”

He then added, “You don’t need to force a face scan on every login. Zero Trust means you always authenticate, but when risk is high, that’s when biometrics shine.”

The takeaway is clear: if your authentication system treats a suspicious login attempt the same way it treats a low-risk returning user, you are already behind. And for product leaders, the stakes are even higher. Every unnecessary prompt is a drop in conversion, every extra click a lost customer. Adaptive authentication is parting away from being just a security control, and it’s becoming a growth strategy.

2. Identity Orchestration Is Becoming the Control Layer

If authentication is the frontline, orchestration is the command center. Time and again, vendors showcased orchestration layers that knit together logins, consent flows, and user data across disparate systems. Why? Because 74% of organizations still cite fragmented identity data as their biggest challenge.

Think about that. For all the talk of digital transformation, most enterprises are still piecing together identity flows that do not talk to each other. Orchestration platforms promise to end that.

As David Mahdi, CIO at Transmit Security, explained: “You bring in all these third-party solutions… it adds to the complexity. And frankly, attackers love this. That’s where orchestration comes in as the baseline — to unify identity and give you a single confident view of the user.”

Orchestration becomes the difference between weeks of custom integration and a few clicks. It ensures that consent and access policies are enforced consistently, no matter whether a customer logs in through an app, a website, or a third-party service.

But as orchestration stitches systems together, it also shines a light on the next pressing question: who has access, and can you prove it?

3. Access Governance Moves to the Forefront

Once upon a time, access governance was the unglamorous corner of IAM, more a compliance checkbox than a competitive differentiator. Not anymore. Workforce IAM demos leaned heavily on role-based access, privileged account management, and Zero Trust enforcement. The subtext was clear: governance is now make-or-break.

As Filip Verley, our CIO, reminded the audience:  “Zero Trust isn’t just about denying access, it’s about proving the right access. And proving it again and again, in ways that regulators can see.”

Least privilege is not a nice-to-have; it is the only defensible posture in a regulatory audit. The burden of proof is now squarely on the enterprise, and as governance rises in importance for the workforce, a parallel trend is reshaping the customer side of IAM. 

If IAM is splintering into so many dimensions, then buyers themselves must become more specific about what success looks like.

4. Customer IAM Is Becoming the Source of Truth

If there was one forward-looking theme cutting across the demos, it was the push for customer IAM to become the authoritative record of identity. Liminal research shows that 91% of businesses want CIAM solutions that integrate with MDM, and while vendors didn’t use the term “MDM,” they clearly pointed in that direction. Several positioned themselves not just as login providers, but as the backbone for a unified, trustworthy customer record.

As Brook Lovatt, CPO at SecureAuth, explained: “Identity is more than just people; it’s about agents, APIs, and systems that act on behalf of people. If you don’t extend IAM guardrails to them, you’re blind to half your attack surface.”

Why does this matter? Because fragmented identity data is more than a compliance risk; it is a drag on the business. Personalization fails when profiles are scattered, silos expand the attack surface, and regulators will not accept “we couldn’t reconcile the data” as an excuse. The takeaway is clear: IAM is evolving into the system of record for identity, spanning both human and non-human users.

5. Buyer Priorities Are Becoming Role-Specific

The final, and perhaps most important, takeaway is that IAM is no longer one market with one buyer. The demos underscored how fragmented the buyer landscape has become. CISOs want measurable threat reduction. Product leaders demand orchestration that accelerates, not slows, development. Compliance executives expect governance to be mapped cleanly to regulatory frameworks.

In other words, IAM vendors cannot win with generic pitches anymore. They have to prove value to each buyer persona on their terms. And for buyers, the lesson is just as stark: do not settle for “good enough across the board.” Choose the vendor that solves your highest-stakes problem, because IAM is now a competitive differentiator, not a background system.

Watch the Recording

Did you miss IAM Demo Day 2025? You can still catch the full replay of vendor demos and expert insights:
Watch the IAM Demo Day recording here

The post 5 Takeaways from Our IAM Demo Day appeared first on Liminal.co.


Spherical Cow Consulting

Bot or Not? Why Incentives Matter More Than Identity

Let’s start with a confession: I love bots. Or at least, I love the idea of them. They’re efficient, tireless, and, if designed well, can be downright helpful. (They can also be downright unhelpful, but that's a topic for a different blog post.) But the incentives around bot traffic are completely out of balance, and that makes things messy. The post Bot or Not? Why Incentives Matter More Than I

“Let’s start with a confession: I love bots. Or at least, I love the idea of them.”

They’re efficient, tireless, and, if designed well, can be downright helpful. (They can also be downright unhelpful, but that’s a topic for a different blog post.) But the incentives around bot traffic are completely out of balance, and that makes things messy.

Not all bots are bad, but they all cost someone something. Until we fix the incentives for identifying and managing automated traffic, we’ll keep having the same tired fight: block all bots and break useful functionality, or get overrun by them and save our content and services.

A Digital Identity Digest Bot or Not? Why Incentives Matter More Than Identity Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:09:35 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

What do we mean by “bot”?

Let’s clarify the terminology. “Bot” is a term that covers everything from benign automation to outright criminal activity. For the purposes of this post, we’re talking about non-human actors who interact with web services, some with permission and some without.

That includes:

Helpful bots: search crawlers, accessibility checkers, uptime monitors AI agents: tools that retrieve or generate content, often hitting your site through a third-party interface Enterprise automation: scripts and services performing integrations across APIs Malicious bots: scrapers, credential-stuffers, spam engines, DDoS zombies

Some are essential, some annoying, and some outright hostile. According to the 2025 Imperva Bad Bot Report, automated traffic now makes up 51% of all web traffic, with 37% of that classified as malicious. Cloudflare Radar data has its own stats that indicate bots account for approximately 30% of global web traffic.

Regardless of the type of bot, they all generate load at a rate faster than humans can manage on their own. And that’s where things get tricky.

Identity is only the first step

There’s been a lot of work recently on figuring out how bots can identify themselves in a standardized, trustworthy way. The Web Bot Authentication discussion at the IETF is a good example. More and more content and service providers are demanding the ability to identify and/or differentiate bot traffic from human. Fewer (but not zero) bot developers are eager to support that goal. A handful want to be good actors, to say clearly, “Hey, I’m not a human, but I’m not here to cause trouble either.”

It probably goes without saying (but I’m going to say it anyway): If you’re building a polite, well-behaved bot, the last thing you want is to be lumped in with attackers. But the other side of the equation is the cost to the site your bot is connecting to. Knowing a bot’s identity doesn’t change the fact that other organizations’ infrastructures are paying the price; they may want to block you to protect themselves.

Even a verified, well-meaning AI agent scraping a site to summarize its content for someone’s personalized feed still hits that site’s CDN, database, and cloud compute budget.

And if they’re not charging for that access—if there’s no business model that connects bot traffic to revenue—then the only thing that providing some form of identity to a bot does is to give that polite visitor a name tag before they raid the pantry.

Why incentives matter

The developers building these bots often say, “We just want access. Don’t block us.” And the site operators reply, “We just want you not to break our infrastructure.”

That’s not a disagreement. That’s a misaligned incentive.

From the bot developer’s perspective:

Self-identifying should reduce the risk of being blocked (though, for the moment, it doesn’t) A clear spec helps them integrate in good faith (if they can figure out where the spec is being developed) They’d rather focus on product, not evasion tactics (who wouldn’t rather make real progress than jump through hoops?)

From the service provider’s perspective:

Every request has a cost Authentication doesn’t offset bandwidth Good behavior still eats resources

Even well-behaved bots can DDoS you by accident. You can’t fix that with certificates or signatures.

Emerging ideas from the Web Bot Auth conversation

The Web Bot Auth mailing list had some smart commentary recently on what incentives actually look like:

Reputation and differentiation: Bot operators don’t want impostors ruining their good name. Self-identification helps create reputational trust. Better treatment through transparency: Authenticated bots could be treated as “allowed by default” rather than punished by default, which would flip the current anti-abuse script. Load management: Many sites are being overloaded, not just attacked. Infrastructure strain is forcing even friendly sites to take defensive measures. This opens the door to load-based incentives: service operators could offer higher rate limits or more reliable access to bots that self-identify and follow documented behavior guidelines. Rather than treating all automation as abusive, a tiered system could encourage cooperative bots to behave responsibly in exchange for stable access.

All of that leads to an observation: identity is useful, but it doesn’t answer the real question. Who decides if the bot is worth the load it brings? That’s a value judgment that falls outside the scope of identity systems. What it does highlight is that services can’t ignore that automated traffic is hitting their infrastructure, and they need tools, not just blind faith, to manage it.

What could a better system look like?

Imagine a world where bots:

Register and authenticate using open standards Earn a reputation score over time Get tiered access based on usage patterns and benefit to the service Pay—or pass value back—in proportion to their impact

This isn’t a fantasy. We already do this for humans via OAuth scopes, rate limiting, and usage tiers. The challenge is applying it to non-human actors in a way that scales.

(As an aside here, there are two people I recommend you follow if you’d like to dig into the gory, gory details of NHI taxonomy and the practical realities of NHI: Erik Wahlstöm and Pieter Kasselman.)

What you can do today

If you’re a product manager or DevOps lead, this doesn’t have to wait on a new IETF spec. You can start with:

Separate metrics for bot vs. human traffic – Understand where your resources are going and whether that automation is helping or hurting. This won’t be perfect. If it were, we wouldn’t need to figure out how to differentiate the traffic in the first place. But you can get a gross approximation to start, using things like user-agent parsing, request behavior patterns, or identity-aware proxies. That can help you make smarter decisions about rate limits, caching strategies, or whether to even allow certain types of traffic at all. Bot policy transparency – If you expect bots to authenticate, say so. If you want them to throttle, document it, ideally in machine-readable formats. That could include published API docs, robots.txt extensions, or structured metadata in your OpenAPI spec. You could also express bot policies via HTTP headers, usage dashboards, or identity-aware gateways. Don’t hide the rules in your EULA; bots don’t read fine print, but their developers might parse structured access guidance. Selective encouragement – Are there bots that drive value? Give them the green light, but with boundaries. Tools like API gateways (e.g., Kong, AWS API Gateway, Apigee) already support rate limiting and tiered access policies that can help enforce those boundaries. Standards such as OAuth 2.0 and mutual TLS (mTLS) can be used to verify identity and scope access. Emerging efforts like the Web Bot Authentication discussions and SPIFFE/SPIRE for workload identity also offer structured ways to manage and audit bot and automation access without resorting to total denial or blanket approval.

And if you’re building a bot:

Respect the load you place on services. Identify yourself if you want a long-term relationship. Assume you’re not entitled to the same treatment as a human user unless you bring similar value. Final thought

This isn’t about punishing bots or yelling at them to get off your lawn. Automation is here to stay. But if we want to coexist, we have to stop pretending that identification alone is the solution.

Identity without incentives is just surveillance.

Incentives without constraints are just spam.

Let’s aim for something better than either.

If you’d rather track the blog than the podcast, I have an option for you! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here

Transcript Bots, Incentives, and Identity

Hi, welcome back to A Digital Identity Digest. I’m Heather Flanagan, and today we’re talking about bots.

[00:00:36] Speaker A: Not the horror stories, not the buzzwords, but the real, practical tension that comes up when your system starts to feel the weight of automated traffic.

If you’re a product manager, DevOps lead, or identity architect managing automated requests—or even a bot developer or AI agent creator—this episode has insights for you.

Because here’s the challenge:

Not all bots are bad. But all bots cost someone something. What We Mean When We Say Bot

Bots cover a wide spectrum of activity. They can mean:

Helpful automation: search engine crawlers, uptime checkers, accessibility tools AI agents: fetching, generating, or summarizing content Enterprise scripts: internal automation and integrations Malicious actors: scrapers, spam bots, credential stuffers

Some are essential, some are annoying, and some are harmful. But regardless of intent, they all place a burden on infrastructure—and that cost usually lands on the target system.

Identity Is Only the First Step

Identity is one of my favorite topics, but identity alone doesn’t solve the bot challenge.

There is growing interest in creating standardized, trustworthy ways for bots to identify themselves. For example:

Efforts like the Internet Engineering Task Force (IETF) are exploring bot authentication. Bots could say, I’m not human, but I’m not here to cause trouble either. Some providers welcome this—they want visibility into what’s hitting their sites.

However, many bot developers aren’t eager to adopt these practices because:

Self-identification doesn’t currently bring them benefits. Even when they do identify, site operators still pay the cost in bandwidth, compute, and storage.

So the tension remains: without incentives for both sides, we’re stuck in the cycle of block everything or get overrun.

Why Incentives Matter

Bot developers want access without being mistaken for abusers.
Site operators want reliable service for their human users.

This isn’t pure conflict—it’s misalignment.

Developers want recognition as ecosystem contributors. Operators need to judge whether a bot’s value is worth its load.

Identity management can’t make that judgment. It requires a value framework.

Emerging Ideas for Bot Incentives

Public discussions around bot authentication highlight some promising concepts:

Legitimate bots want protection from imposters who could damage their reputation. Self-identification and adherence to published guidelines could be rewarded. Smaller site operators are overwhelmed and often default to blocking—even when bots aren’t malicious.

This points toward load-aware incentives. Imagine:

Anonymous bots: limited access Known bots: more access Trusted, valuable bots: highest access

In other words, an API-style approach with access tiers.

Designing a Smarter System

We already use systems like OAuth scopes, rate limits, and usage quotas for humans. Why not for bots?

A smarter system could include:

Open standards for bot registration and authentication Tiered access based on reputation, utility, and resource use Machine-readable policies that clearly define what’s allowed Monetization or resource-sharing models for high-impact bots

Companies like Cloudflare are already experimenting in this space, and it’s worth tracking their efforts.

What You Can Do Today

You don’t have to wait for global standards. There are steps you can implement right now:

Measure traffic: Separate bot and human activity with user agent parsing, behavioral analysis, or identity-aware proxies. Be transparent: Publish expectations in API specifications, robots.txt, or OpenAPI metadata. Avoid hiding them in user agreements. Encourage good bots: Support bots that drive value (like discoverability or user support) through API gateways, OAuth scopes, or mTLS.

By doing this, you’re not punishing automation—you’re designing for it, while keeping your infrastructure sustainable.

Closing Thoughts

At the end of the day:

Identity without incentives is just surveillance. Incentives without constraints are just spam.

The goal is something more useful—balanced systems where automation and infrastructure coexist productively.

Thank you for listening. You can find the full blog post with links and further reading at sphericalcowconsulting.com. Please share this with colleagues, encourage them to subscribe, and stay tuned for next week’s episode.

[00:08:59] Speaker B: And that’s it for this week’s Digital Identity Digest.

[00:09:03] Speaker A: If it made things a little clearer—or at least more interesting—share it with a friend or colleague.

[00:09:04] Speaker B: Connect with me on LinkedIn @hlflanagan. If you enjoy the show, subscribe and leave a rating wherever you listen.

Stay curious, stay engaged, and let’s keep these conversations going.

The post Bot or Not? Why Incentives Matter More Than Identity appeared first on Spherical Cow Consulting.


iComply Investor Services Inc.

Fintech and AML: How to Stay Fast, Compliant, and Scalable Across Markets

Fast-growing fintechs face rising AML obligations. This article shows how to build scalable, API-first compliance infrastructure with iComply across key regulatory jurisdictions.

Fintechs are reshaping finance—but AML expectations are intensifying. This article covers KYB, KYC, KYT, and AML requirements across the U.S., UK, EU, Australia, and Singapore, and shows how iComply helps automate compliance without sacrificing speed, security, or user experience.

Speed, scale, and seamless UX have defined the fintech revolution. But in 2024 and beyond, compliance is just as critical. Regulators worldwide are tightening scrutiny of digital finance—from embedded lending to neobanking, payments, crypto apps, and B2B platforms.

For fintechs serving global users, managing AML obligations across jurisdictions can become a scaling bottleneck—unless you have the right tools.

Changing AML Expectations for Fintechs by Jurisdiction United States Regulators: FinCEN, CFPB, OCC, state authorities Requirements: MSB licensing, BOI reporting, CDD rule compliance, SAR filing, and sanctions/PEP screening United Kingdom Regulator: FCA Requirements: AML registration, customer due diligence, transaction monitoring, and data protection (UK GDPR) European Union Regulators: National authorities + EU-wide AMLA Requirements: 6AMLD, MiCA (for tokenization), data privacy (GDPR), UBO transparency, and secure onboarding Australia Regulator: AUSTRAC Requirements: AML/CTF program, customer ID checks, PEP/sanctions screening, SMR reporting, and risk-based onboarding Singapore Regulator: MAS Requirements: AML risk assessments, transaction monitoring, UBO identification, and Travel Rule compliance for crypto Compliance Challenges for Fintechs

1. Velocity vs. Verification
Users expect real-time onboarding—regulators require thorough checks.

2. Multi-jurisdictional Complexity
Serving global clients means navigating overlapping, sometimes conflicting compliance rules.

3. Developer Disruption
Fragmented vendor stacks burden product teams and delay launches.

4. Trust and Brand Risk
Poor compliance not only invites fines but erodes customer confidence.

iComply: AML Infrastructure for Fast-Moving Fintechs

iComply offers a modular, developer-friendly platform that gives fintechs the power to build, scale, and prove compliance without slowing down.

1. KYC + KYB with Edge Security On-device ID and biometric checks for individuals KYB and UBO verification with registry and document data Reduce friction while protecting user privacy (PIPEDA, GDPR, etc.) 2. AML + KYT for Risk Monitoring Real-time transaction scoring, behaviour detection, and alerting Sanctions, PEP, and adverse media screening Automated SAR/STR triggers with full case traceability 3. Localization and Data Governance Support for 140+ languages and 14,000+ global ID types Localized workflows and data residency for U.S., UK, EU, AUS, and SG 4. API-First Integration REST APIs and developer docs SDKs and white-label options for fintech UX teams Webhooks and cloud/on-prem deployment options 5. Audit-Ready Case Management Centralized review, escalation, and reporting interface Export logs for regulators, banks, or investors Satisfy compliance diligence during fundraising or partnerships Case Insight: Embedded Finance Startup

A U.S.-based embedded payments app integrated iComply’s KYC and AML stack. In 90 days:

Onboarding speed improved by 40% KYC verification success rate increased to 93% Passed SOC2 and FinCEN diligence with full audit traceability Final Take

Compliance doesn’t need to compete with UX or product speed. Fintechs that embed smart AML tools can:

Scale faster across regulated markets Build trust with users and partners Avoid fines, audits, and reputational harm

Schedule a call with iComply to learn how we help fintechs move fast and stay compliant – without the trade-offs.


FastID

Fastly DDoS Protection wins SiliconANGLE TechForward Cloud Security Award

Fastly DDoS Protection wins SiliconANGLE TechForward Cloud Security Award after rigorous analysis by 32 industry peers.
Fastly DDoS Protection wins SiliconANGLE TechForward Cloud Security Award after rigorous analysis by 32 industry peers.

Monday, 25. August 2025

Ontology

THE ONTOLOGY NETWORK

The Blockchain That Could Reshape Global Finance The global financial system is at a turning point. For decades, centralized banking, legacy infrastructure, and opaque financial intermediaries have defined how money flows across borders. But the rise of blockchain technology is rewriting the rules, and among the networks leading this transformation is Ontology (ONT). Ontology is more t
The Blockchain That Could Reshape Global Finance

The global financial system is at a turning point. For decades, centralized banking, legacy infrastructure, and opaque financial intermediaries have defined how money flows across borders. But the rise of blockchain technology is rewriting the rules, and among the networks leading this transformation is Ontology (ONT).

Ontology is more than just another blockchain project it is an ecosystem designed to bring trust, identity, and data solutions to real world financial systems. Its potential to reshape the way we interact with money, identity, and institutions cannot be overstated.

1. Trust Without Middlemen

Traditional finance relies heavily on intermediaries like banks, brokers, and clearinghouses. These entities provide trust but at a cost slow transaction speeds, high fees, and limited access for billions of people worldwide.

Ontology introduces decentralized identity (DID) and data attestation, enabling users to prove their identity and ownership without relying on centralized authorities. In practice, this means that financial transactions can be conducted directly between individuals or institutions, reducing friction and costs while maintaining security.

2. Financial Inclusion for the Underserved

According to the World Bank, nearly 1.4 billion adults remain unbanked. Traditional banking systems often exclude people due to lack of documentation, geographical barriers, or high account maintenance fees.

Ontology’s DID system empowers individuals to create and control their digital identity, opening the doors to financial services such as lending, insurance, and cross border payments. By cutting down on paperwork and enabling trustless verification, Ontology can help bring billions of people into the global financial ecosystem.

3. Secure Data Sharing in Finance

Data is the new oil, and in finance, it determines everything from creditworthiness to fraud detection. Unfortunately, the way data is currently managed is fragmented and prone to abuse. Customers often have little control over their personal financial information.

Ontology enables secure, decentralized data sharing where users maintain ownership of their data and grant access selectively. This ensures both compliance with privacy laws (like GDPR) and better efficiency for financial institutions. Imagine a world where you can share your verified credit history instantly with a lender without exposing sensitive details unnecessarily.

4. Cross Border Transactions and DeFi Growth

Global remittances are projected to surpass $700 billion annually, yet fees remain painfully high, with an average of 6–8% per transaction. Ontology’s blockchain can cut down these costs drastically while ensuring instant settlement.

Moreover, Ontology supports DeFi (Decentralized Finance) applications that provide alternatives to traditional banking products loans, yield farming, staking, and more. This opens up new opportunities for individuals and businesses to grow wealth without being tied to centralized institutions.

5. A More Transparent Financial System

Trust in financial institutions has been eroded by crises, scandals, and mismanagement. Ontology’s transparent, tamper proof ledger ensures accountability, auditability, and fairness. Regulators and institutions alike can benefit from greater visibility into transactions without compromising user privacy.

Conclusion: Ontology’s Financial Revolution

The Ontology Network is positioning itself as a cornerstone of the new financial era one that is inclusive, secure, transparent, and globally accessible. By integrating decentralized identity, trusted data, and efficient transaction systems, Ontology could fundamentally reshape how money and trust move across the world.

In the next five years, we may see Ontology not just as a blockchain project, but as a key infrastructure layer for global finance, bridging the gap between traditional banking and the decentralized economy.

The world is moving toward a trustless, borderless, and more equitable financial system and Ontology is paving the way.

THE ONTOLOGY NETWORK was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


FinTech4Good

Certified Responsible AI Leaders Course- Oct 1- Dec 10, 2025

Program Overview: The Certified Responsible AI Leader Program is an immersive, high-energy program designed for AI professionals who are eager to lead in the rapidly evolving AI landscape. This program, developed by AI 2030, combines cutting-edge insights, hands-on activities, and interactive discussions with industry leaders to equip participants with the strategies and tools needed to […]

Program Overview:

The Certified Responsible AI Leader Program is an immersive, high-energy program designed for AI professionals who are eager to lead in the rapidly evolving AI landscape. This program, developed by AI 2030, combines cutting-edge insights, hands-on activities, and interactive discussions with industry leaders to equip participants with the strategies and tools needed to drive responsible AI innovation across industries.

Specifically tailored for senior AI leaders, the program offers the knowledge and practical tools required to address critical AI challenges such as privacy, transparency, fairness, and accountability. Participants will learn how to operationalize responsible AI practices while fostering innovation and ensuring ethical outcomes in their organizations.

Program Highlights:

Interactive Sessions: Engage in dynamic discussions, live simulations, and collaborative problem-solving exercises. Real-World Applications: Learn from real-world case studies and cutting-edge AI technologies. Expert-Led Workshops: Gain practical knowledge from industry leaders and AI regulators. Collaborative Networking: Build connections with top AI professionals, innovators, and thought leaders. Actionable Takeaways: Leave with a certification and actionable strategies to implement responsible AI in your organization.

 

Program Curriculum:

Module 1: Enterprise AI Strategy and Responsible AI Framework

Description:

This module focuses on the opportunities presented by AI, particularly Generative AI, along with global and industry trends and practical use cases. Participants will explore how to align AI strategies with business objectives while ensuring that responsible AI practices are deeply embedded into their organization’s broader strategy. The module covers key foundational principles of responsible AI, including transparency, accountability, fairness, privacy-preservation, safety, security, and sustainability.

 

Module 2: AI Risk Management

Description:

This module delves into the various risks associated with AI, from ethical and operational challenges to legal and regulatory concerns. Rather than just providing a generic framework, it dives deep into different AI risk management frameworks. Participants will explore global AI regulatory evolution, including trends in compliance and governance. The module will also share best practices for managing these risks in a rapidly evolving AI landscape, helping participants implement effective risk management strategies.

 

Module 3: Operationalizing Responsible AI

Description:

This module prepares senior leaders to operationalize responsible AI across their organizations, emphasizing responsible AI design, procurement, and implementation. Participants will learn how to embed responsible AI principles into AI systems, acquire AI solutions that meet ethical and regulatory standards, and deploy scalable, secure, and sustainable AI initiatives.

 

Module 4: Responsible AI Leaders Talk

Description:

In this module, participants will engage with thought leaders and industry experts to explore the challenges and opportunities of leading responsible AI initiatives. Through interactive discussions and real-world examples, they will gain valuable insights into effective AI leadership. Participants will also complete a capstone project, applying responsible AI principles to real-world challenges, ensuring practical learning and readiness to lead responsible AI efforts within their organizations.

 

Program Structure:

Duration: 8 Weeks (Oct 1 – Dec 10, 2025) Delivery: Weekly virtual sessions with one-day in-person optional conference.

Certification: Participants will receive the AI 2030 Certified Responsible AI Leader credential upon completion.

Featured Guest Lecturers

Marianna B. Ganapini, Associate Professor in Philosophy and Data Science, University of North Carolina at Charlotte

Usha Jagannathan, Director of AI ProductsDirector of AI Products, IEEE Standards Association

Soheil Feizi, Founder & CEO, RELAI.ai | CS Prof, UMD

James Gatto, AI Team Leader, Sheppard Mullin Richter & Hampton LLP

Phaedra Boinodiris, IBM Consulting’s Global Leader for Trustworthy AI

Nick Schmidt, Chief Technology and Innovation Officer, SolasAI

Arjun Ravi Kannan, Director, Data Science Research, Discover Financial Services

 

Program Benefits:

Cutting-Edge Knowledge: Stay ahead with insights into the latest trends, regulations, and practices in responsible AI. Practical Skills: Gain hands-on experience with tools and frameworks that you can apply directly to your projects. Professional Recognition: Earn a certification that highlights your expertise in responsible AI. Networking Opportunities: Build relationships with industry leaders, experts, and fellow AI professionals. Click here to Join the program: https://ai2030.circle.so/checkout/certified-responsible-ai-leadership-program-

AI 2030 Catalyst Portfolio Program

Welcome to the AI 2030 Catalyst Portfolio Application! We’re excited to learn more about your startup. This program supports early-stage and growth-stage responsible AI ventures with mentorship, product validation, GTM support, and strategic investor/partner activation. AI 2030 Catalyst Portfolio is a 4-month accelerator-style program supporting startups that are committed to building and scaling r

Welcome to the AI 2030 Catalyst Portfolio Application!


We’re excited to learn more about your startup. This program supports early-stage and growth-stage responsible AI ventures with mentorship, product validation, GTM support, and strategic investor/partner activation.
AI 2030 Catalyst Portfolio is a 4-month accelerator-style program supporting startups that are committed to building and scaling responsible AI solutions.

APPLY HERE

Program Duration: September 15 – December 31, 2025
Format: Hybrid (Virtual + Select In-Person Events)
Global Applicants Welcome
Eligibility Criteria

To be eligible, startups must:

Be building an AI-powered solution aligned with Responsible AI principles (e.g., transparency, fairness, accountability, privacy, security and safety, and sustainability) or AI for Good / Impact (e.g., climate, health, education, equity, global development) or AI for All, promoting inclusivity, accessibility, and equity in AI development or use
Have at least a Minimum Viable Product (MVP) or prototype.
Preferably have 5+ paying enterprise customers or 100 active users, or a comparable level of traction
Be committed to actively engaging in the program through mentorship sessions, workshops, and partner meetings.
Be open to global exposure through AI 2030 member portal, events, media, and partnerships.

AWS Credit Benefit: 

All of our portfolio startups will receive $25,000 in AWS credits, valid for use over the next two years.

Key Dates

September 15: Program Launch & Onboarding
Focus: Product Validation + Mentor Matching
September 24: AI 2030 Summit – NYC
October: Go-to-Market (GTM) Acceleration Month
October 15: DC Responsible AI Policy & GTM Summit
November: Investment & Capital Activation Month
November 5: Silicon Valley Investment Summit
December: Global Reach & Partnershi

 

APPLY HERE

 


myLaminin

Breaking Down the Essentials of HIPAA Compliance

Managing and protecting health information is both a legal and ethical obligation for healthcare and research institutions. HIPAA, the Health Insurance Portability and Accountability Act, sets federal standards to safeguard Protected Health Information (PHI). It gives individuals rights over their data, restricts disclosure, and requires safeguards. Covered entities and business associates, such as
Managing and protecting health information is both a legal and ethical obligation for healthcare and research institutions. HIPAA, the Health Insurance Portability and Accountability Act, sets federal standards to safeguard Protected Health Information (PHI). It gives individuals rights over their data, restricts disclosure, and requires safeguards. Covered entities and business associates, such as research platforms, must comply through privacy, security, and breach notification rules.

FinTech4Good

AI 2030 Global Fellow Program

AI 2030 Global Fellow Program-Application & Selection Timeline 📅 Application Period: Opens June 17, 2025, at the Chicago AI Week, and closes September 1, 2025 🔎 Selection Process: Evaluation by the AI 2030 selection committee 🎉 Global Fellow Announcement: September 24, 2025, at the AI 2030 Summit in New York APPLY HERE Background As AI […]
AI 2030 Global Fellow Program-Application & Selection Timeline

Application Period: Opens June 17, 2025, at the Chicago AI Week, and closes September 1, 2025
Selection Process: Evaluation by the AI 2030 selection committee
Global Fellow Announcement: September 24, 2025, at the AI 2030 Summit in New York

APPLY HERE

Background

As AI continues to reshape industries, societies, economies, and the environment there is an urgent need for ethical, responsible, and inclusive AI leadership. AI 2030 is committed to mainstreaming Responsible AI by fostering a global network of AI leaders who drive ethical innovation, industry best practices, and policy engagement. To achieve this mission, AI 2030 launched the  Global Fellow Program—a  highly selective initiative designed to recognize and empower top AI 2030 members who are shaping the future of AI.

In 2024, 50+ exceptional fellows from 10 countries were selected, representing diverse expertise across AI policy, research, corporate leadership, and entrepreneurship. These fellows played a pivotal role in high-impact initiatives, shaping global AI frameworks, driving responsible AI adoption in enterprises, and engaging in high-level dialogues with policymakers, business leaders, and investors at the world’s most influential forums like G20 Tech Sprint, the World Bank Group (WBG) and the International Monetary Fund (IMF) annual meeting, Dialogue of the Dialogue of Continents, AWS re:Invest, etc. They were featured at major AI events, including Chicago AI Week, the AI Governance Forum, and the AI 2030 Responsible AI Leaders Forum, amplifying their thought leadership and shaping industry conversations. Additionally, fellows contributed to some of AI 2030’s most transformative initiatives, such as the Responsible AI Marketplace, Global AI Regulation Index, and Responsible AI Design Labs, fostering practical solutions for ethical AI implementation. These outcomes demonstrate the power of global collaboration in advancing Responsible AI, setting a strong foundation for the 2025 cohort.

Program Objectives

AI 2030 Global Fellows will participate in a prestigious one-year leadership and engagement program, representing AI 2030’s highest-tier membership dedicated to shaping the future of Responsible AI. The Program aims to:

Recognize and elevate leaders and innovators in Responsible AI. Build a Trusted Network of AI Trailblazers – Create a high-impact community of visionary leaders, fostering collaboration, mentorship, and global influence to drive groundbreaking advancements in Responsible AI. Expand High-Impact Initiatives – Empower fellows to lead and collaborate on transformative AI 2030 initiatives Equip fellows with exclusive opportunities, resources, and networks to amplify their impact. Position AI 2030 Global Fellows as influential thought leaders driving the advancement of AI technology, governance, policy, ethical adoption, and industry best practices. AI 2030 Global Fellow Program Tiers

The program consists of three prestigious categories, recognizing individuals at different stages of leadership and influence in Responsible AI. To sustain the prestige, exclusivity, and high-impact opportunities of the AI 2030 Global Fellow Program, an annual membership fee will be introduced for each tier starting in 2025. However, as part of AI 2030’s commitment to fostering an inclusive, high-impact global community, all 2024 Fellows and Senior Fellows will receive a full membership fee waiver for 2025—but they must reapply to maintain their status in the program.

AI 2030 Fellow (Emerging Leaders & Rising Experts)

Annual Membership Fees: $1000 per year
Who Qualifies?

Early to mid-career professionals making significant contributions to Responsible AI. AI researchers, policymakers, and industry professionals driving responsible AI innovation. Entrepreneurs and corporate leaders advancing ethical AI solutions.

Key Benefits:
Recognition as an AI 2030 Global Fellow on our website, member portal, and social media channels.
Access to AI 2030 exclusive events, working groups, and leadership forums.
Opportunities to contribute and advance AI thought leadership (panel discussions, roundtables, and publications).
Collaboration with fellow experts and AI 2030 partners on Responsible AI initiatives.

AI 2030 Senior Fellow (Proven Leaders & Industry Influencers)

Annual Membership Fees: $2000 per year
Who Qualifies?

Established professionals with 10+ years of experience in AI, policy, ethics, or industry. Senior executives, researchers, or policymakers shaping AI governance and standards. Influencers in AI strategy, innovation, or regulation.

Key Benefits:
Recognition as an AI 2030 Senior Fellow on our website, member portal,AI 2030 Show, and social media channels.
Opportunities to mentor AI 2030 Fellows.
Exclusive invitations to closed-door policy roundtables and strategy meetings.
Eligibility to serve on the AI 2030 Advisory Board & Selection Committee.
High-profile speaking opportunities at AI 2030 Summits and industry events.

AI 2030 Distinguished Fellow (Global Visionaries & AI Trailblazers)

Annual Membership Fees: $5000 per year
Who Qualifies?

By invitation only; not open for applications. Visionary leaders who have demonstrated outstanding contributions to Responsible AI. Global AI policymakers, C-suite executives, leading academics, and industry pioneers. Individuals shaping the future of AI through policy, governance, research, or large-scale innovation.

Key Benefits:
Lifetime designation as an AI 2030 Distinguished Fellow.
Invitation to AI 2030 Leadership Council for high-impact strategy development.
Direct engagement with global policymakers and CEOs to shape AI’s future.
VIP access to AI 2030’s top-tier networking events, policy summits, and innovation forums.
AI 2030 Spotlight Feature – high-visibility thought leadership across AI 2030 platforms.

Selection Criteria

Selection Criteria: The selection committee will evaluate applicants based on:

Expertise & Impact – Proven contributions to AI research, industry, or policy. Leadership & Community Empowerment– Demonstrates strong leadership in AI while actively engaging and empowering communities through AI initiatives. Collaboration & Influence – Ability to drive cross-sector collaboration and industry-wide change. Innovation & Vision – Unique approaches to addressing AI’s ethical, regulatory, and technological challenges.

A selection committee of AI 2030 executive team members and esteemed AI leaders will evaluate applications and select fellows based on merit.

Conclusion

The AI 2030 Global Fellow Program is a game-changer in Responsible AI leadership. By recognizing, empowering, and mobilizing top AI professionals, this program will accelerate AI’s positive impact on society while addressing its risks.

Join us in shaping the future of Responsible AI. Apply now and become part of this exclusive leadership network.


1Kosmos BlockID

1Kosmos Ranked #1 in Workforce Product Score by Gartner

We’re proud to share that 1Kosmos has been recognized in the 2025 Gartner Magic Quadrant as a Challenger and for Identity Verification (IDV) — and we’ve earned the #1 Product Score for Workforce based on the Critical capability Matrix. This recognition reinforces what we’ve believed from the beginning: workforce identity isn’t just a productivity concern. … Continued The post 1Kosmos Ranked #1 i

We’re proud to share that 1Kosmos has been recognized in the 2025 Gartner Magic Quadrant as a Challenger and for Identity Verification (IDV) — and we’ve earned the #1 Product Score for Workforce based on the Critical capability Matrix.

This recognition reinforces what we’ve believed from the beginning: workforce identity isn’t just a productivity concern. It’s a frontline security imperative.

The Reality of Workforce Identity Today

Workforce identity isn’t just inefficient — it’s under active attack.

Employees still wrestle with password resets. Security teams drown in manual reviews. HR leaders lose valuable time onboarding talent. But the stakes have escalated far beyond productivity.

Groups like Scattered Spider and state-sponsored impersonators from North Korea are exploiting weak workforce identity systems with alarming success. According to recent reports, 1 in 5 organizations have already raised concerns about deepfake-driven fraud, synthetic identities, and credential-based attacks targeting their workforce.

This isn’t merely an optimization issue anymore. It’s a frontline security challenge. And without robust identity verification at the core of the workforce experience, enterprises remain exposed to attackers who can impersonate employees as easily as they once stole passwords.

We’ve seen the impact firsthand. A large Fortune 100 organization recently shared that they were struggling with impersonation attempts during onboarding, where fraudulent applicants were slipping past legacy checks. In one case, attackers even used synthetic identities to try and gain employee-level access.

After deploying 1Kosmos, the organization was able to verify identities in real time, flagging suspicious patterns and blocking bad actors before they entered the workforce. At the same time, legitimate new hires were onboarded in under 30 minutes instead of days, giving HR confidence in security without sacrificing speed.
That’s the impact we’re most proud of.

Proof Points from the Field

What sets 1Kosmos apart is that we don’t just verify identity once — we make that verification persistent and reusable through LiveID.

LiveID is our biometric credential recovery solution. Once an employee has been verified, they never need to go through repeated document checks or manual identity proofing again. If they forget a password, lose a device, or need to reset credentials, they can simply look into any camera — laptop, mobile, or kiosk — and recover access instantly. No helpdesk calls. No new onboarding cycles. And critically, no opportunity for attackers to impersonate them with stolen credentials.

Our customers are already seeing this difference:

Eliminated the need for repeat ID verification during credential resets at a global enterprise, saving IT teams thousands of hours per year. Cut helpdesk password reset requests by over 60%, thanks to employees recovering access through LiveID without intervention. Prevented synthetic identity attacks during onboarding at a financial services customer — LiveID established a trusted baseline and stopped fraudulent applicants before they got inside. Blocked impersonation attempts from advanced threat groups, including Scattered Spider-style social engineering, because attackers couldn’t replicate a live biometric identity check.

With LiveID, identity proofing becomes an always-on assurance mechanism. Employees are empowered with seamless recovery, and enterprises gain a durable defense against the most sophisticated impersonation threats.

Where We’re Heading Next

Recognition in Gartner’s Magic Quadrant is an important milestone. But our roadmap makes clear: we’re just getting started.

Smarter fraud detection – We’re piloting AI-driven pattern recognition with select customers today, helping them spot anomalies before they turn into incidents. Defending against deepfakes and synthetic IDs – Our liveness and biometric verification is evolving with AI to stay ahead of attackers who are weaponizing generative media. Natural language queries for identity data – Imagine asking, “Show me anomalies in remote access logins over the last 24 hours” and getting real-time insights. Early prototypes are already in testing. Developer-first flexibility – Our newest SDK release enables customers to customize verification workflows within minutes, making it easier to adapt identity flows to their unique business processes.

These aren’t aspirations — they’re real initiatives already underway with customers who are shaping the next generation of workforce identity with us.

Industry Context: Why Now

The stakes for workforce identity have never been higher. Attackers are outpacing legacy solutions, weaponizing AI to impersonate employees and create synthetic identities at scale. Passwords, static credentials, and bolt-on MFA simply don’t stand a chance.

Enterprises need more than incremental fixes. They need a frontline security control that delivers continuous verification, privacy by design, and frictionless usability at enterprise scale.

That’s where 1Kosmos stands apart. With innovations like LiveID, we’ve redefined workforce identity proofing into a durable, reusable assurance mechanism that blocks impersonation threats while empowering employees with effortless access.

That’s why Gartner’s recognition matters. Ranking 1Kosmos #1 in Workforce Product Score validates what the market is already demanding: a shift away from fragmented, outdated tools to an integrated identity platform that makes workforce verification both secure and seamless.

Our recognition in the Gartner Magic Quadrant isn’t just about us. It’s about the customers and partners who have trusted us to protect their workforce identities. Together, we are proving that identity can be more than a checkpoint. It can be a foundation of trust, resilience, and innovation across the enterprise.

The post 1Kosmos Ranked #1 in Workforce Product Score by Gartner appeared first on 1Kosmos.


Dock

mDLs, Privacy, and User Tracking: What You Need to Know [Video and Takeaways]

Mobile driver’s licenses (mDLs) and mobile identity documents (mDocs) are rapidly moving from pilot projects to mainstream adoption. With more than five million mDLs already in circulation and half of U.S. states announcing plans to issue them, the identity community is asking an important question: what do

Mobile driver’s licenses (mDLs) and mobile identity documents (mDocs) are rapidly moving from pilot projects to mainstream adoption. With more than five million mDLs already in circulation and half of U.S. states announcing plans to issue them, the identity community is asking an important question: what do these standards really mean for privacy, interoperability, and real-world implementation?

To explore these issues, we hosted a live podcast featuring two leading experts. Andrew Hughes, VP of Global Standards at FaceTec, has spent more than a decade shaping international ISO standards for digital identity, credentials, and biometrics. Ryan Williams, Program Manager of Digital Credentialing at the American Association of Motor Vehicle Administrators (AAMVA), leads the subcommittee responsible for translating ISO standards into North American implementation guidelines.

Moderated by Richard Esplin, Head of Product at Dock Labs, the conversation offered a rare opportunity to connect the dots between how the ISO standards are written, how they are being interpreted in practice, and what identity practitioners need to know as mDLs roll out worldwide.


1Kosmos BlockID

From CISO to Startup Founder: The 1Kosmos Journey

The Early Days: A Security Obsession I’ve always been a security geek. Back before Information Security was a thing, I was figuring out ways to get into systems or keep people out. This goes all the way back to the days of dial-up modems, bulletin boards, and online services like CompuServe and AOL. A large … Continued The post From CISO to Startup Founder: The 1Kosmos Journey appeared first on
The Early Days: A Security Obsession

I’ve always been a security geek. Back before Information Security was a thing, I was figuring out ways to get into systems or keep people out. This goes all the way back to the days of dial-up modems, bulletin boards, and online services like CompuServe and AOL.

A large portion of my security career was spent building the Information Security program at Lehman Brothers. During that 12-year run, the focus was on perimeter security, endpoint protection, and network monitoring – the first forms of intrusion detection/prevention. We wrote our own tools to do what Splunk and CyberArk do today.

The Convergence Vision

I was not only engrossed in information security but also in physical security. I spent the last few years of my career at Lehman Brothers, before their bankruptcy, managing physical security technology. My vision was to someday position myself as a CISO who would manage both worlds, as there was considerable discussion back then about the unification of those two disciplines.

What I didn’t realize at the time was that the missing piece in my security toolkit wasn’t physical security but a verifiable digital identity. The issue was that it didn’t exist yet. Of course, we had usernames and passwords, which don’t confirm someone’s identity but only offer a guess or hope about who they are. I deployed the company’s first SecureID server with hardware tokens sometime in the late ’90s, adding more layers but not necessarily increasing the certainty of identity. We also had PKI, PGP, and other acronyms.

The Pivot to Startups

My aspirations of becoming a leader in physical and information security shifted after Lehman’s bankruptcy, prompting me to explore the venture-backed startup world. I partnered with Chris Rouland (former ISS, EndGame, Bastille, Phosphorous) on a journey at Bastille Networks. After Bastille’s successful launch and securing a total of $100 million in VC funding, I saw an opportunity to begin the process of founding 1Kosmos. While raising VC money isn’t a guarantee of ultimate success, it indicates a certain level of traction and confidence in our value proposition.

The Genesis Moment – 1Kosmos

But I’m here today to talk about digital identity and the genesis of 1Kosmos, and what led us down the path of creating the world’s first unified digital identity platform. For starters, there is the name: 1Kosmos. Kosmos means “universe” in Greek. I partnered with the

serial entrepreneur Hemen Vimadalal (Vaau, Simeio, Brinqa, Securonix, Saviynt, etc.) to launch the company. The idea we were kicking around was that someday you would own your own identity and be able to use it anywhere on the internet (or in the Cosmos!). Imagine a digital wallet that doesn’t just hold your credit cards, but your key identity information.

After early traction, we partnered with ForgePoint Capital for a Series A, and again with ForgePoint and now Oquirrh Ventures in our recent $57 million Series B.

I got really excited about identity when we first started 1Kosmos. Our CTO and fellow co-founder, Rohan Pinto, showed me how decentralized identity could be a real game-changer back in 2018.

I quickly realized, after only a few months of trying to tell this story, that the world wasn’t ready for this approach because of the classic chicken-and-egg problem with digital wallets: you need widespread adoption for it to be useful, but you also need it to be helpful to get widespread adoption. Without a major platform provider like Google, Apple, or perhaps a government player pushing it into the market, you won’t see broad-scale adoption from or for individual users.

The Strategic Pivot

So, we pivoted. The core principles of the product and decentralized identity stayed the same, but our go-to-market strategy changed. We became the first to combine verified digital identity with phishing-resistant, passwordless access, using the same proof that defines a digital wallet. When paired with biometrics, it provides a great user experience and significantly boosts security.

We didn’t realize at the time that this would become a key aspect of zero trust: knowing exactly who is accessing the data or service.

The Power of Decentralized Architecture

Because we are built on a decentralized identity model (and still operate on it), the user always controls their own identity and authentication. This allows us to offer employers, businesses, and governments a much better way to verify and demonstrate their users’ identities.

Market Validation and Evolution

As I refined the story in the early days of the company, I tested the solution with my friends in the industry, who are now CISOs of Fortune 100 companies. In those early days, it wasn’t

a top priority because there was so much else to focus on, with everyone concentrating on cloud and other hot topics of the moment.

But one thing they all agreed on was that passwords had to be eliminated. The methods to accomplish this would evolve over the years, but the core principles remained the same. They also agreed that verifying a user’s identity was vital for key access points into their organizations, such as calls to the service desk and confirming the identity of new hires.

The Perfect Storm

When the Scattered Spider attacks began, we were well positioned to capitalize on the increased focus on digital identity. Our competitors in the industry were only concentrating on passwordless solutions without verified identities, leaving them with ineffective, patchwork solutions. The surge in security incidents and breaches motivated us to go to market and test the waters for a Series B raise. This belief was shared by our entire team.

Betting on Our Vision: The Series B

When we secured our $57 million Series B funding, my leadership team and I invested a substantial portion of our own personal wealth. As I mentioned at the time, “We’re not just confident in our pitch deck and customer base. We’re betting our personal wealth on our vision.”

We are addressing the core flaw in traditional identity and access management. By linking biometrics to a verified identity, we are re-confirming a user’s identity at every login, not just verifying a credential. We are truly transforming authentication from being about “something you have” to “who you are.”

The AI Challenge and Opportunity

As we look ahead, the threat landscape continues to evolve. The next major challenge for every CISO is how AI will change business operations, attacks, and defenses. We’re observing AI being weaponized, but also leveraged for defensive opportunities.

Once again, we were lucky to be in the right place at the right time regarding how we verify human identities. We’ve been using deepfake mitigation tools for years and continuously improving them. Once again, we are years ahead of our competitors, and this will be our key to winning the AI arms race. I am confident in our ability to deliver this high level of assurance, which will be our main differentiator between leading and lagging identity platforms.

Coming Full Circle: The Decentralized Future

But returning to what Rohan showed me in 2018 with decentralized identity and verifiable credentials: I see this not as a competing technology because it’s been integrated into the platform from the start. Instead, I view it as the ultimate realization of the 1Kosmos vision—getting this form of identity into the hands of every person.

The original idea might have been years too early, but having this capability in the platform will be the fourth “right time at the right place” moment for 1Kosmos.

To recap, our four key timing moments have been:

1. Verified identity

2. Passwordless access

3. Unifying those two principles by linking them to a biometric

4. And now, decentralized identity is coming of age

Reflection

My journey from CISO to company founder has been truly remarkable. I’m very fortunate to be surrounded by great fellow founders, and I couldn’t be more excited about our journey and the path we’re creating for our customers.

The post From CISO to Startup Founder: The 1Kosmos Journey appeared first on 1Kosmos.

Sunday, 24. August 2025

Dock

How the Philippines Hit 73% Digital ID Adoption

73% of Filipinos now have a national digital ID. 🇵🇭 That’s 84 million registrations in a country of 115 million people. One of the highest adoption rates of digital ID systems globally. These credentials, issued through the Philippine Identification System (PhilSys), have already been

73% of Filipinos now have a national digital ID. 🇵🇭

That’s 84 million registrations in a country of 115 million people. One of the highest adoption rates of digital ID systems globally.

These credentials, issued through the Philippine Identification System (PhilSys), have already been used in over 100 million transactions across both public and private services. From national and local government agencies to banks and other financial institutions. 

Citizens can now verify their identity more quickly, securely, and conveniently.

One of the most impactful measures to boost adoption was linking ID issuance with birth registration. By assigning PhilSys numbers at birth, the government eliminated friction early and laid the foundation for lifelong identity coverage. 

The rollout also took a digital-first approach by providing citizens with an ePhilID, a digital version of the ID that can be stored on a phone. 

Saturday, 23. August 2025

Lockstep

Making cyberspace healthier

I was delighted and honoured to be invited by Professor Katina Michael to provide input to the Social Cyber Institute Australia-India consultation on Technology Impact Assessment (TIA). Katina and I had a wide-ranging discussion about technology, data protection and digital transformation. A video recording is posted on YouTube and I am writing a few blogs... The post Making cyberspace healthier

I was delighted and honoured to be invited by Professor Katina Michael to provide input to the Social Cyber Institute Australia-India consultation on Technology Impact Assessment (TIA).

Katina and I had a wide-ranging discussion about technology, data protection and digital transformation. A video recording is posted on YouTube and I am writing a few blogs to consolidate some of the topics we had fun traversing.

This first blog concerns the untapped potential of applying public health principles to cyber security.

In praise of public health

I have come to understand a little and appreciate a lot about public health through my extraordinary life partner, Dr Elizabeth (Lizzie) Denney-Wilson, a leading researcher in preventive health and Professor of Nursing at the University of Sydney. Through a bit of home office serendipity, Lizzie happened to meet Katina as we were warming up to record the TIA interview. This prompted me to share a few reflections on the differences I’ve observed between public health and cyber security professionals when it comes to human factors.

The thing is, people make bad decisions. People smoke and gamble; they eat too much but don’t exercise enough.

Human error is notoriously blamed for most cyber security problems. But in contrast to epidemiologists, information technologists have little sympathy for regular people and their bad decisions. We can’t fathom why users clicked on links and got phished. Or why they reused the same password across multiple sites. Or why people choose such stupid passwords to begin with!

In contrast, public health professionals long ago stopped blaming people for making harmful choices. “Bad decisions” isn’t even part of their frame of reference. Instead, preventive health researchers focus on human behaviour and working out the pathways to changing behaviour.

We need to stop the victim-blaming in cyber security. Regular folks are lumbered with complex, brittle, unforgiving Internet systems, designed by engineers, most often for engineers.

Security need not be difficult by design

Lizzie taught me the public health policy maxim, Make the best choice the easy choice.

Think about passwords. It’s not the users’ fault that they need passwords!

The password is a relic of 1960s computing, where it suited highly technical network administrators. In the good old days before global public networks, computers were only accessible from inside secure buildings, so single factor passwords were perfectly adequate.

The password must be the only piece of IT where effectiveness is inversely proportional to ease of use. That is, the harder a password is to use, the better it is! Technicians in data centres can deal with that, but the general public cannot, while they have come to use modern pocket-sized supercomputers for everything from home security to grocery shopping.

It wasn’t until the FIDO Alliance launched Passkeys that regular users’ easy choice of authenticator became the best choice.

Photo: The Pickle Guys, NYC, https://pickleguys.com. Image Copyright (c) Stephen Wilson 2022.

The post Making cyberspace healthier appeared first on Lockstep.

Friday, 22. August 2025

Spruce Systems

How VDCs Are Transforming Customer Experience

Verifiable digital credentials (VDCs) are reshaping how businesses interact with customers by reducing friction, building trust, and creating seamless digital experiences.

Every business strives to provide its customers with the best possible experience. A significant challenge, however, is identity friction. This issue does not stem from a lack of effort but rather from the fact that traditional identity systems were not designed for today’s digital-first environment.

There is encouraging news. Verifiable digital credentials (VDCs) are already helping organizations create seamless customer experiences. Below is an overview of how VDCs are addressing long-standing challenges and enabling business success.

Understanding the Customer Experience Challenge

Research consistently shows that identity friction is one of the largest barriers to customer satisfaction in the digital age. 70% of global shoppers abandon their online carts across the board, but when forced to create an account, 26% of U.S. shoppers specifically drop off due to that friction point. When businesses fail to reduce barriers at critical moments like onboarding, checkout, or account recovery, they risk not only losing immediate sales but also eroding long-term customer trust and loyalty. This is where verifiable digital credentials can make a measurable difference.

How VDCs Are Creating Better Customer Experiences

Verifiable digital credentials provide a fundamentally different approach to identity management. Instead of requiring users to repeatedly prove who they are, VDCs enable a single credential that can be used across services. This allows for instant verification without friction while giving users complete control over the information they share.

The technology behind VDCs offers cryptographic security for assurance, real-time verification capabilities, and interoperability across systems. Most importantly, VDCs are designed with user-friendly interfaces that make advanced security processes seamless and unobtrusive for end users.

How are VDCs Being Used in the Wild?

Age Verification at Checkout
When a shopper adds an age-restricted product to their cart, the system can instantly request proof of age via a verifiable digital credential. Instead of uploading an ID or typing in sensitive details, the customer shares only a simple confirmation - “Over 18” or “Over 21.” The purchase moves forward without unnecessary exposure of birthdate or address, keeping checkout fast and private.

Ticket and Booking Confirmation
During checkout for flights, concerts, or sporting events, customers can present a digital credential linked to their booking. At entry, that same credential confirms validity in seconds, no paper tickets or manual lookups needed. This reduces fraud, shortens wait times, and makes the overall customer flow smoother.

Insurance or Payment Eligibility
In a healthcare checkout or appointment booking flow, a patient can present a digital credential that proves both identity and insurance eligibility. This replaces lengthy form-filling and card uploads, allowing check-in and payment confirmation to happen in one click. The result: less administrative friction, faster processing, and a better overall experience.

The Customer Experience Transformation

These use cases highlight key areas where VDCs generate significant business value.

First, they eliminate friction through one-click authentication processes that replace password reset frustrations with instant verification. Second, VDCs build trust by ensuring security and empowering users with control over their data. Third, they increase conversion by reducing abandonment and accelerating onboarding, leading to higher completion rates and improved engagement. Finally, VDCs lower operational costs by reducing support overhead and automating verification, freeing resources for company growth initiatives. Explore VDCs for Your Brand

The customer experience opportunity is not only about fixing inefficiencies, but about unlocking new possibilities. VDCs improve security while enabling businesses to deliver seamless, trustworthy experiences that meet modern customer expectations.

The key question is not whether businesses can afford to implement VDCs, but how VDCs can strengthen customer experience and drive long-term success. Organizations that adopt VDCs are not simply solving technical challenges. They are building competitive advantages that will define the future of digital engagement.

If your organization is ready to explore how VDCs can transform customer experience and create opportunities for growth, SpruceID can help design and deploy systems that enhance customers' interactions with your brand.

Contact Us

About SpruceID: SpruceID is building a future where users control their identity and data across all digital interactions.


liminal (was OWI)

Link Index for Ransomware Prevention 2025

The post Link Index for Ransomware Prevention 2025 appeared first on Liminal.co.

uquodo

Ensuring Compliance: Optimizing PEP Screening Processes

The post Ensuring Compliance: Optimizing PEP Screening Processes appeared first on uqudo.

Ontology

Who Owns Web3’s Data? 7 Questions for the Community

Inspired by an article from Geoffrey Richards (Ontology’s Head of Community), let’s pressure-test our assumptions about data, identity, and reputation in Web3 👉 LinkedIn Geoff’s EthCC reflections spotlight a creeping habit: treating user data as a private moat. If Web3 is about user ownership, we need to design like we mean it — starting with decentralized identity and consented, privacy-pre

Inspired by an article from Geoffrey Richards (Ontology’s Head of Community), let’s pressure-test our assumptions about data, identity, and reputation in Web3 👉 LinkedIn

Geoff’s EthCC reflections spotlight a creeping habit: treating user data as a private moat. If Web3 is about user ownership, we need to design like we mean it — starting with decentralized identity and consented, privacy-preserving reputation.

7 questions for the community

Moats vs. Markets: If your competitive edge depends on locking in user data, are you building Web3 — or rebuilding Web2 with tokens? Consent by Design: Where — and how — do users grant, view, and revoke consent for every data use? Portability: Can users take their identity and reputation to another app today without losing status or access? Proofs, Not Dumps: Which flows can switch from raw data sharing to zero-knowledge proofs (prove X without revealing Y)? Agent-Age Identity: As AI agents arrive, what’s your plan for agent identity that’s transparently tied to a real user’s intent and permissions? LinkedIn Value Share: If data creates value (better matching, lower fraud), how do users capture a fair share? Exit Rights: What’s the one-click path for users to export, delete, or re-permission their footprint?

If we wouldn’t be proud to explain our data model to users, it’s the wrong model. Read Geoff’s original article and tell us how you’d implement user-owned identity and reputation in your corner of Web3. 👉LinkedIn

Who Owns Web3’s Data? 7 Questions for the Community was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


iComply Investor Services Inc.

Crypto Compliance in a Connected World: Aligning KYT, KYC, and AML Across Jurisdictions

Global regulators are tightening AML expectations for crypto firms. This guide explains how VASPs can streamline compliance using iComply’s edge-based KYC and blockchain-native KYT tools.

Crypto platforms must comply with tightening AML laws worldwide—from MiCA in the EU to Travel Rule enforcement in the U.S., UK, Singapore, and UAE. This article explores global KYT, KYC, and AML expectations for VASPs and how iComply helps automate screening, verification, and cross-chain compliance.

The crypto industry has grown from fringe innovation to a core component of global finance – but with that growth comes regulation. In every major market, Virtual Asset Service Providers (VASPs) are now expected to meet traditional financial crime standards. For crypto exchanges, custodians, token issuers, and wallets, this means embracing full-spectrum AML compliance: from real-time identity verification to transaction monitoring and data sharing protocols. The Global AML Landscape for Crypto European Union Frameworks: MiCA, AMLD6, and Travel Rule compliance Expectations: KYC for all users, KYB for corporate clients, transaction monitoring (KYT), and cross-border data sharing via TRP (Travel Rule Protocol) United States Regulators: FinCEN, SEC, CFTC, state regulators Requirements: MSB licensing, Travel Rule compliance, sanctions screening (OFAC), suspicious activity reporting (SARs), and BOI reporting for corporate accounts United Kingdom Regulator: FCA Requirements: Registration, AML risk assessment, PEP and sanctions screening, transaction monitoring, and Travel Rule data transfer Singapore Regulator: MAS Requirements: VASP licensing, CDD/EDD, KYT, and secure data transfer of originator/beneficiary details under the Travel Rule United Arab Emirates Regulators: VARA (Dubai), SCA (federal) Requirements: KYC, transaction monitoring, UBO reporting, and Travel Rule compliance for all virtual asset transfers Core Compliance Responsibilities for Crypto Firms KYC/KYB: Identity verification of users and business clients KYT: Monitoring of blockchain transactions for anomalies, structuring, and prohibited counterparties Sanctions + PEP Screening: Ongoing checks of users, addresses, and counterparties Travel Rule: Transmitting originator and beneficiary information securely and in real time Audit-Ready Documentation: Logging all decisions, escalations, and screening events Why Compliance Is Harder in Crypto

1. Pseudonymity: Wallet addresses lack inherent identity linkage

2. Cross-border complexity: Differing enforcement timelines and data localization laws

3. Fragmented tooling: Most tools only cover part of the AML process

4. User drop-off risk: Friction-heavy verification drives away users if poorly implemented

How iComply Helps VASPs Stay Compliant and Competitive

iComply delivers a modular, API-friendly platform tailored to VASPs across jurisdictions:

1. Edge-Based KYC + KYB Verify individuals and businesses using local devices before encryption Avoid transmitting raw PII or breaching GDPR or UAE data rules Supports 14,000+ global ID types in 140+ languages 2. KYT: Smart Blockchain Monitoring Monitor wallet behaviour and transaction patterns Score and escalate suspicious flows (e.g., tumblers, DEX swaps, sanctions exposure) Correlate blockchain data with user risk profiles 3. Travel Rule Compliance Integrate with TRISA, OpenVASP, or TRP Securely send and receive originator/beneficiary info Log data sharing and counterparty responses for audits 4. Sanctions + PEP Screening Screen individuals, addresses, and corporate entities Configure alerting thresholds and refresh cycles 5. Unified Case Management Assign investigators, log decisions, and export regulatory reports Full traceability across onboarding, transactions, and disposition Case Insight: US Crypto Exchange

A mid-sized US exchange adopted iComply’s full-stack compliance suite. Results:

Reduced onboarding drop-off by 35% Achieved KYB, KYC and Travel Rule readiness in under 60 days Improved screening accuracy and reduced processing time

Crypto compliance isn’t just about checking a box – it’s about building trust, enabling scale, and staying ahead of regulators. VASPs that embed KYT, KYC, and AML at the infrastructure level are best positioned for global growth.

Book a call with iComply to learn how our platform helps crypto firms stay secure, compliant, and customer-friendly – across jurisdictions and chains.


Aergo

Official Path to HPP: Portal and Bridge Opening Soon

The soon-to-be-released HPP Migration Portal and the Bridge will serve as the official gateways for transitioning from legacy tokens (AERGO and AQT) into the new HPP economy. Through the portal, holders will be able to seamlessly convert their tokens into the unified HPP Token, while the bridge guarantees integrity and security across chains. Both the portal and bridge will be rolled out pro

The soon-to-be-released HPP Migration Portal and the Bridge will serve as the official gateways for transitioning from legacy tokens (AERGO and AQT) into the new HPP economy. Through the portal, holders will be able to seamlessly convert their tokens into the unified HPP Token, while the bridge guarantees integrity and security across chains.

Both the portal and bridge will be rolled out progressively as the migration advances, ensuring a smooth and reliable transition for all participants.

The following is a preview of how the migration will be carried out, outlining the two-step process required to complete the transition into the HPP ecosystem.

https://portal.hpp.io/ Migration Steps

Step 1: Swap AERGO / AQT → HPP(Ethereum)

AERGO(both native and ERC-20) and AQT(ERC-20) are converted into HPP(Ethereum). Ratios: 1 AERGO = 1 HPP 1 AQT = 7.43026 HPP (only the whole number will be converted; decimal remainders will not carry over)

Why this step is required

Ethereum is the most liquid and interoperable base layer. Converting legacy tokens into HPP (Ethereum) ensures:

A unified token supply across chains Compatibility with existing exchange infrastructure Secure accounting and custody before moving into the new Layer 2

Step 2: Finalize HPP(Ethereum) → HPP(Mainnet)

Convert your HPP(Ethereum) to HPP(Mainnet) through the official portal. HPP(Mainnet) is for Exchange listings, DAO governance & rewards, and Ecosystem utilities

Why this step is required

HPP(Mainnet) is the execution layer optimized for AI-native workloads. To participate in governance, earn rewards, and access dApps, tokens must reside on the HPP Mainnet. Keeping Ethereum as an intermediate layer ensures smooth bridging, liquidity routing, and compliance.

Key Notes Both the portal and bridge will be rolled out as the migration advances. A detailed, step-by-step migration guide will be released concurrently with the launch of the portal. To fully participate in the HPP ecosystem, including governance, staking, rewards, and trading, it is essential to complete both steps of the migration.

Official Path to HPP: Portal and Bridge Opening Soon was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.


BlueSky

Our Response to Mississippi’s Age Assurance Law

A new Mississippi law requires us to block full access to Bluesky unless all users complete age checks. We have concerns about this law’s implementation.

Keeping children safe online is a core priority for Bluesky. We’ve invested a lot of time and resources building moderation tools and other infrastructure to protect the youngest members of our community. We’re also aware of the tradeoffs that come with managing an online platform. Our mission is to build an open and decentralized protocol for public conversation, and we believe in empowering users with more choices and control over their experience. We work with regulators around the world on child safety—for example, Bluesky follows the UK's Online Safety Act, where age checks are required only for specific content and features.

Mississippi's approach would fundamentally change how users access Bluesky. The Supreme Court’s recent decision leaves us facing a hard reality: comply with Mississippi’s age assurance law—and make every Mississippi Bluesky user hand over sensitive personal information and undergo age checks to access the site—or risk massive fines. The law would also require us to identify and track which users are children, unlike our approach in other regions. We think this law creates challenges that go beyond its child safety goals, and creates significant barriers that limit free speech and disproportionately harm smaller platforms and emerging technologies.

Unlike tech giants with vast resources, we’re a small team focused on building decentralized social technology that puts users in control. Age verification systems require substantial infrastructure and developer time investments, complex privacy protections, and ongoing compliance monitoring — costs that can easily overwhelm smaller providers. This dynamic entrenches existing big tech platforms while stifling the innovation and competition that benefits users.

We believe effective child safety policies should be carefully tailored to address real harms, without creating huge obstacles for smaller providers and resulting in negative consequences for free expression. That’s why until legal challenges to this law are resolved, we’ve made the difficult decision to block access from Mississippi IP addresses. We know this is disappointing for our users in Mississippi, but we believe this is a necessary measure while the courts review the legal arguments.

Here’s more on our decision and what comes next.

Why We’re Doing This

Mississippi’s HB1126 requires platforms to implement age verification for all users before they can access services like Bluesky. That means, under the law, we would need to verify every user’s age and obtain parental consent for anyone under 18. The potential penalties for non-compliance are substantial — up to $10,000 per user. Building the required verification systems, parental consent workflows, and compliance infrastructure would require significant resources that our small team is currently unable to spare as we invest in developing safety tools and features for our global community, particularly given the law's broad scope and privacy implications.

Our Concerns About Mississippi’s Approach

While we share the goal of protecting young people online, we have concerns about this law’s implementation:

Broad scope: The law requires age verification for all users, not just those accessing age-restricted content, which affects the ability of everyone in Mississippi to use Bluesky. Barriers to innovation: The compliance requirements disadvantage newer and smaller platforms like Bluesky, which do not have the luxury of big teams to build the necessary tooling. The law makes it harder for people to engage in free expression and chills the opportunity to communicate in new ways. Privacy implications: The law requires collecting and storing sensitive personal information from all users, including detailed tracking of minors. What We’re Doing

Starting today, if you access Bluesky from a Mississippi IP address, you’ll see a message explaining why the app isn’t available. This block will remain in place while the courts decide whether the law will stand.

How This Differs From Our Approach in Other Places

Mississippi’s new law and the UK’s Online Safety Act (OSA) are very different. Bluesky follows the OSA in the UK. There, Bluesky is still accessible for everyone, age checks are required only for accessing certain content and features, and Bluesky does not know and does not track which UK users are under 18. Mississippi’s law, by contrast, would block everyone from accessing the site—teens and adults—unless they hand over sensitive information, and once they do, the law in Mississippi requires Bluesky to keep track of which users are children.

Other Apps on the Protocol

This decision applies only to the Bluesky app, which is one service built on the AT Protocol. Other apps and services may choose to respond differently. We believe this flexibility is one of the strengths of decentralized systems—different providers can make decisions that align with their values and capabilities, especially during periods of regulatory uncertainty. We remain committed to building a protocol that enables openness and choice.

What’s Next

We do not take this decision lightly. Child safety is a core priority, and in this evolving regulatory landscape, we remain committed to building an open social ecosystem that protects users while preserving choice and innovation. We’ll keep you updated as this situation develops.

Thursday, 21. August 2025

Indicio

Make mobile driver’s licenses work everywhere, easily, with Indicio Proven®

The post Make mobile driver’s licenses work everywhere, easily, with Indicio Proven® appeared first on Indicio.
Indicio Proven® makes mobile driver’s licenses (mDLs) practical and interoperable, delivering secure, privacy-preserving identity verification across borders, platforms, and industries. By Helen Garneau

Mobile driver’s licenses (mDLs) are gaining traction worldwide as governments look for secure, digital alternatives to physical identity documents. The promise is clear: residents and citizens can carry a government-issued license on their phone, verify their identity, keep their privacy, and reduce reliance on physical cards.

But there’s a challenge to adoption. While it’s easy to issue an mDLs, verifying one across different systems, borders, and industries is not. Without an easy way to verify an mDL, its usefulness is limited.

This is what Indicio Proven® solves. Proven makes mDL verification simple, mobile, and cost-effective. With Proven, an mDL can be used and trusted at banks, airports, and businesses.

Closing the mDL verification gap

Proven bridges the verification gap in two ways.

For organizations that want integration at the system level, Proven provides APIs that can be embedded into existing workflows.

And for those who want to verify quickly, without system integrations, Proven provides a mobile verifier, downloadable as an app that is simple to use and cost-effective to adopt.

This makes it easy to verify an mDL: at a government agency, at a retailer for proof of age — anywhere, anyone needs to prove who they are.

Interoperability by design

With Proven, you have a system for digital identity that scales to your needs and meets the requirements for verifiable digital identity around the world. Proven enables you to issue, verify, and combine with Digital Travel Credentials (DTC), W3C Verifiable Credentials, SD-JWT VC, AnonCreds, and interoperate with the European Digital Identity Wallet. (EUDI).

Proven also allows you to combine authenticated biometrics with Verifiable Credentials to provide the highest level of digital identity assurance and mitigate the threats of biometric identity fraud and AI-generated deepfakes.

Through our partnership with Regula, Proven now provides access to document validation for 250-plus countries and territories — all of which can be combined with biometric authentication.

This breadth of options in Proven provides enterprises and governments with a range of innovative, easy-to-implement solutions that meet current and future document and identity authentication needs — all with the assurance of interoperability, privacy-by-design, and open-standard robustness.

Lower cost, increase revenue

Indicio Proven isn’t just about saving you on identity verification, fraud, and security costs, it provides a way to monetize verification. Very small fees for verification are imperceptible to users but soon add up when your solution scales. It’s a boon for government infrastructure — rapid deployment, user simplicity, immediate revenue.

No other digital identity technology offers this benefit trifecta.

 Indicio Proven — your mDL solution

Talk to us about the emerging verification economy, and how Proven can power your mDL program and meet your document and identity authentication needs.

Learn about how our customers are using Proven to manage everything from account access to border crossing and what that means for your business or agency.

Or you can just deploy today. We’re here to drive your success — contact us.

The post Make mobile driver’s licenses work everywhere, easily, with Indicio Proven® appeared first on Indicio.


1Kosmos BlockID

A New Approach to Identity

Identity has become one of the most vulnerable parts of the digital world. Every week, we see headlines about new attacks: deepfakes tricking people into wiring money, social engineering scams bypassing help desks, and stolen credentials fueling large-scale breaches. Groups like Scattered Spider and North Korea’s “shadow IT” workers have shown just how easily attackers … Continued The post A New

Identity has become one of the most vulnerable parts of the digital world. Every week, we see headlines about new attacks: deepfakes tricking people into wiring money, social engineering scams bypassing help desks, and stolen credentials fueling large-scale breaches. Groups like Scattered Spider and North Korea’s “shadow IT” workers have shown just how easily attackers can manipulate outdated processes. These incidents reveal a simple truth: the old ways of handling identity are no longer enough.

Why Traditional Identity Falls Short

Most identity systems were built decades ago, around usernames, passwords, and static credentials stored in centralized databases. At the time, it made sense. But in today’s environment, this approach creates more risk than protection. Centralized stores are tempting targets, and when they fall, millions of records go with them. Meanwhile, adversaries are using AI to generate fake voices and faces, harvest credentials in real time, and run scams that outpace static security controls.

The human impact is also clear. People are asked to hand over personal information to countless organizations without knowing how it is stored or shared. They have almost no control, and when regulations tighten, enterprises end up scrambling to catch up.

Putting People Back in Control

At 1Kosmos, we believe the answer is not to add more layers to a broken model, but to rethink identity from the ground up. That is why we are building privacy-first, decentralized identity solutions that shift control back to the user.

The heart of this approach is the digital wallet. Instead of credentials living in a central database, they are stored securely on a person’s device. That means an individual can carry verified credentials, like a driver’s license, proof of employment, or a biometric factor, and choose exactly when and with whom to share them. Organizations, in turn, can instantly verify authenticity without holding sensitive data themselves.

The result is stronger privacy, reduced risk of mass breaches, and a much better experience. No more resets. No more risks. No more roadblocks. We’re already seeing the impact of this approach. Enterprises using 1Kosmos have cut fraud loss, reduced fraud losses by 90% and eliminated millions of password resets. For employees and customers, it means faster access, fewer frustrations, and stronger trust in every interaction.

Fueling the Shift with $57 Million

We’re already seeing strong traction with enterprises and governments embracing a privacy-first identity model. Our recent $57 million Series B funding is the catalyst to move even faster—expanding innovation, integrations, and global reach. The investment validates the market’s urgent need for identity modernization and accelerates our ability to deliver it.

With this funding, we are advancing AI-powered defenses against deepfakes and impersonation attempts, expanding enterprise-ready digital wallets, and strengthening integrations with IAM, CIAM, PAM, and zero-trust platforms. We are also growing our reach into new markets across North America, EMEA, and APAC.

These steps build on the momentum we have already achieved, including becoming the only full-service Kantara-certified credential service provider with FedRAMP High authorization, and winning a 10-year, $194.5 million Login.gov agreement to supply next-generation identity proofing.

Where We Go From Here

For too long, identity has been the weakest link. We see it as the foundation of trust—and the key to better digital experiences when built on privacy and user control.

That is the vision we are pursuing at 1Kosmos. By combining verified identity proofing, passwordless authentication, and blockchain-based privacy, we are giving organizations the tools to stop impersonation attacks before they start, while giving individuals more control over their digital lives.

The stakes have never been higher, but neither have the opportunities. With our Series B investment, we are moving faster toward a world where identity is no longer the first step in the kill chain, but the first line of defense.

The post A New Approach to Identity appeared first on 1Kosmos.


Datarella

Centralized and Decentralized Systems: A Symbiosis for Greater Prosperity – Insights from Organization Theory

Decentralized systems have been in vogue at least since the rise of Web3, particularly in Europe. Unlike in the USA or China, where centralized structures prevail, Europe consists of many […] The post Centralized and Decentralized Systems: A Symbiosis for Greater Prosperity – Insights from Organization Theory appeared first on DATARELLA.

Decentralized systems have been in vogue at least since the rise of Web3, particularly in Europe. Unlike in the USA or China, where centralized structures prevail, Europe consists of many comparatively small democratic nations that must coordinate in all areas of life to provide their citizens with a high quality of life.

Similar to participants in decentralized Web3 networks, individual citizens in Europe enjoy a high degree of autonomy, freedom, and self-determination. While this autonomy is inherently embedded in the software code of Web3, in Europe, national governments create the legal frameworks. Examples like eIDAS and Self-sovereign Identities (SSI) establish EU-wide standards that enable secure cross-border digital transactions.

At Datarella, we have actively participated in decentralized systems through our projects, most recently in the GAIA-X funding project moveID. The experiences gained lead to two key conclusions: The values and benefits of decentralized systems are recognizable and measurable, offering flexibility and innovation in dynamic environments. However, decentralized systems are not feasible or value-creating without a direct connection to centralized elements. This may sound contradictory at first, but it is not.

The Necessity of Centralized Elements in Decentralized Systems

Decentralized systems do not develop from within themselves; they always require a central idea or organization as the initial spark. Furthermore, a central entity must permanently handle tasks in governance, administration, and management. Without this, decentralized systems tend toward apathy or inactivity, as current incentive models do not ensure long-term constructive activity. A decentralized system remains active only as long as central functions provide the necessary incentives. Additionally, basic infrastructure must be created and operated – a task typically handled centrally, with costs distributed among participants.

From the perspective of organization theory, this aligns with contingency theory: There is no universally best structure; the choice between central and decentralized depends on the environment. In stable contexts, centralized systems provide efficiency and control, while decentralized ones promote agility in volatile markets. Henry Mintzberg describes in his organizational models that centralized structures (e.g., Machine Bureaucracy) are suitable for standardization, whereas decentralized ones (e.g., Adhocracy) foster innovations. Disadvantages of centralized systems include the lack of flexibility, while decentralized systems can lead to coordination issues.

Symbiosis as the Path to Success

In short, decentralized and centralized systems can form a beneficial symbiosis that compensates for the drawbacks of monolithic approaches and generates more prosperity for all participants. Hybrid models, as recommended in organization theory, combine stability with agility and are exceptionally sensitive in complex environments.

A necessary prerequisite for this symbiotic interplay is the ability and willingness of participants to understand the advantages and limitations of each system, along with the commitment to contribute to governance constructively. Only then do the positive outcomes emerge. Participants who see only the benefits of a monolithic structure should be excluded to maintain integrity.

At Datarella, we apply these insights in our data-driven solutions for health and sustainability, developing hybrid systems that link autonomy with reliable governance.

Do you have experience with such structures? Please share them in the comments!

The post Centralized and Decentralized Systems: A Symbiosis for Greater Prosperity – Insights from Organization Theory appeared first on DATARELLA.


Ontology

The Age of Digital Distrust

How ONT ID Can Restore Trust in the Face of Manipulative AI The rise of generative artificial intelligence has opened unprecedented technological horizons, but it has also raised a fundamental question: how can we distinguish truth from falsehood in a world where content text, images, videos, audio can be manipulated or entirely created by algorithms? AI-generated deepfakes and fake news threaten
How ONT ID Can Restore Trust in the Face of Manipulative AI

The rise of generative artificial intelligence has opened unprecedented technological horizons, but it has also raised a fundamental question: how can we distinguish truth from falsehood in a world where content text, images, videos, audio can be manipulated or entirely created by algorithms? AI-generated deepfakes and fake news threaten to undermine trust in the media, institutions, and even human interactions. In the face of this digital truth crisis, innovative solutions are needed. This article explores how ONT ID, Ontology’s decentralized identity solution, can serve as a robust verification mechanism to authenticate content and restore trust in the digital ecosystem.

The Trust Challenge in the Age of Generative AI

Generative AI, capable of producing text, images, sounds, and videos with striking realism, has transformed the content creation landscape. However, this capability comes with a major downside: the ease with which it can be used to generate misleading or outright false information. Deepfakes of public figures, AI-generated news articles spreading misinformation, and automated online comments manipulating public opinion have become tangible threats.

The problem goes beyond the technical detection of manipulated content, which is an endless race between creators and AI detectors. The real issue is the erosion of trust. If users can no longer distinguish authentic content from synthetic content, the value of information itself diminishes. This has profound implications for democracy, commerce, education, and social relationships. Developing mechanisms to prove the origin and integrity of content and restore trust in the digital ecosystem has become imperative.

ONT ID: An Anchor of Trust in a Sea of Content

This is where ONT ID, Ontology’s decentralized identity solution, comes into play. Built on blockchain technology and adhering to W3C standards for Decentralized Identifiers (DID) and Verifiable Credentials (VC), ONT ID provides a robust framework to establish the provenance and authenticity of digital content. Instead of relying on centralized platforms that can be compromised or manipulated, ONT ID allows content creators to digitally sign their work with their decentralized identity.

Imagine a content creator whether a journalist, artist, or researcher using their ONT ID to cryptographically link their identity to each piece of content they produce. This digital signature, recorded on the blockchain, becomes immutable proof of the content’s origin. Any consumer can then verify this signature using an ONT ID-compatible tool, confirming that the content genuinely comes from the claimed source and has not been altered since its creation.

Moreover, ONT ID can be used to attest to the nature of the content. For example, a creator could label content as “AI-generated” or “human-verified.” This transparency allows users to make informed decisions about the credibility and nature of the content they consume. By providing a verifiable and decentralized anchor of trust, ONT ID offers a powerful means to combat misinformation and restore confidence in the digital ecosystem.

Practical Implementation and Benefits

Applying ONT ID for content verification can take several forms:

Digital content signatures: Content creation platforms (news outlets, press agencies, digital art studios) could integrate ONT ID to allow authors and artists to digitally sign their work. These signatures would be visible and verifiable by the public, adding a layer of trust. Marking AI-generated content: Generative AI tools could be required to integrate ONT ID to indelibly mark the content they produce as AI-generated. This allows consumers to immediately know whether they are interacting with human or synthetic content. Source identity verification: In journalism and research, ONT ID could be used to verify the identity of information sources, ensuring that the information comes from legitimate people or organizations rather than bots or malicious entities. Digital reputation and credibility: Over time, content creators who regularly sign their work with ONT ID and are recognized for the reliability of their information could build a verifiable digital reputation on the blockchain. This would encourage the production of authentic, high-quality content.

The advantages of this approach are manifold: a significant reduction in misinformation, restoration of public trust in media and online information, increased protection against fraud and identity theft, and a more transparent and accountable digital ecosystem. By shifting the burden from detection to proof of authenticity, ONT ID offers a proactive and sustainable solution to the trust challenge in the AI era.

Conclusion

The rise of generative AI has created a digital landscape where truth is increasingly difficult to discern. In the face of proliferating manipulated content and deepfakes, restoring trust has become a top priority. Ontology’s ONT ID provides a powerful, decentralized solution to this challenge. By enabling creators to digitally sign their content and providing consumers with tools to verify authenticity and provenance, ONT ID can serve as an essential anchor of trust in the digital ecosystem.

By adopting decentralized identity technologies like ONT ID, we can not only fight misinformation but also build a more transparent, secure, and trustworthy digital future one in which truth can once again flourish.

The Age of Digital Distrust was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


paray

Banking’s Unwise Genius Act

For years now, stablecoins have quietly led the DeFi assault on the banking industry.  Given standard trading markets dwarf the miniscule numbers thrown by stablecoins, the banking industry never openly feared them.  Indeed, Big Banks chose to spin stablecoin buzz into PR by launching their own projects.  For example, J.P. Morgan launched its inter-bank JPM … Continue reading Banking
For years now, stablecoins have quietly led the DeFi assault on the banking industry.  Given standard trading markets dwarf the miniscule numbers thrown by stablecoins, the banking industry never openly feared them.  Indeed, Big Banks chose to spin stablecoin buzz into PR by launching their own projects.  For example, J.P. Morgan launched its inter-bank JPM … Continue reading Banking’s Unwise Genius Act →

Wednesday, 20. August 2025

Dark Matter Labs

Many-to-Many: From Abstract Ideas to a Living System

Welcome back to our series on building the Many-to-Many System. In our first two posts, we explored the project’s origins, the challenge of structuring our complex knowledge, and the human pace required to do it well. We left off discussing the need to create a digital “guide” to help people navigate the deep and interconnected learnings from our work. Over the past three months, that abstra

Welcome back to our series on building the Many-to-Many System. In our first two posts, we explored the project’s origins, the challenge of structuring our complex knowledge, and the human pace required to do it well. We left off discussing the need to create a digital “guide” to help people navigate the deep and interconnected learnings from our work.

Over the past three months, that abstract idea has become a tangible reality. We have been working in parallel on two major outputs: a linear, narrative-driven Field Guide and a modular, interactive website. These two pieces have been in constant conversation, shaping each other as they evolve. In this post, we, Arianna, Gurden, and Michelle, share our reflections on bringing this part of the system to life, the power of a good design process, and what it feels like to see emergence in action.

Arianna: Maybe I can start. The last three months have been a back-and-forth conversation between our two major outputs: the Field Guide and the website. We were working on them in parallel, so every new page or piece of content for the Field Guide would influence the website, and the website would influence the Field Guide. A really interesting part was categorising all the tools. For you too, Michelle, I imagine writing in the Field Guide and then seeing the first draft of the website that Gurden built really helped clarify what should remain in a linear format and what could become an interactive element.

Working on copy and storytelling on the website, it’s not easy to go from the Field Guide which has 80+ pages to a 3 paragraphs maximum format.

This double narration is key. The Field Guide is linear, so people can follow page by page, and we’ve put a lot of effort into diagrams that synthesise and distinguish each section clearly. On the website, we’re trying to simplify the experience with shortcuts and modular recalls so that everything is interconnected. That has been our core challenge and focus these last months.

Our two ways to discover and learn about the Many-to-Many System.

Gurden: Yeah, listening to you, Arianna, it’s really cool to watch this flow of content between the Field Guide and the website. We made these structural decisions months ago, sitting in a park during our workshop, and it’s a great feeling to see them validated now. We were a bit unsure at the time because we’re dealing with so much complexity: many, many, many things, as the name suggests! But we made a conscious decision to have both a linear and an interactive flow, and the process has proven that was the right call.

The Field Guide is not simply a PDF report, it has guiding elements, small interactive buttons, guiding diagrams, and visual elements to help navigate complexity.

As the Field Guide grew, the website structure grew with it. To make sure the website is structurally sound, I set up a skeleton database in Notion for the main content. To be honest, my expectations were a bit low when I asked Michelle and Annette to fill it, but big shoutout to Annette, her mind works just so quickly. She immediately got the object-oriented structure and filled it up, making the connections brilliantly. That gave me a distilled version of the content to populate our website via the Content Management System.

Screenshot from Sanity, our content management system, showing linkages between data.

I’m glad we didn’t try to perfect everything at once. We moved fast, built a rough first version, and brought it to life, which is now live internally. We’ve already done a few quick user tests. If we had just stayed in Figma, we’d still be there six months from now.

Michelle: I have so little to add because you’ve both covered most of it! My main addition is to highlight how everything has informed everything else. You’ve talked about the Field Guide and website, but they, in turn, provided enough structure for the database so Annette could go in and finish it. That process gave all of us a deeper understanding of our tools, examples, case studies and other assets we needed to create.

It’s a good example of real emergence. A lot of people talk about emergence when they’re really just describing chaos without enough boundaries. But here, we had pieces that genuinely formed the next piece, that formed the next piece. What was supposed to come out and what would be useful for other people was illuminated by going through this process. It gave birth to key assets we hadn’t yet imagined, like Angela’s “Experimenter’s Logbook”, which will be available soon on the website. I’m not sure that would have been conceived in the same way without this interplay. It’s a testament to what a good design process does, and even though we didn’t invent the design process, it was nice to be part of one that was so fruitful.

Index preview of the Field Guide, which will be avilable soon.

Gurden: I agree. The process exists, but I’ve seen so many teams not follow it well. And credit to you, Arianna, the interconnected diagrams you created are now coming to life. When you navigate the website, you see a problem and the related tools linked directly to it. These interlinkages are what make it a living system, not just a static page.

Of course, that’s also our next challenge: making sure the user experience works, that people don’t get lost. A website is a living organism, and new ideas will constantly come in. The hard part now is making conscious decisions about what we need to fix before launch versus what can wait for the next version.

Arianna: That brings me to another point: how we are all holding many hats. We aren’t a typical product team where each person has one defined role. The core team is tiny, and each of us holds three or four different roles. This has positives, we can communicate rapidly, and as designers and coders, we are deeply embedded in the content, thanks to the time Michelle and Annette took to teach us. But on the other side, by holding many roles, we have to compromise. We can’t excel at everything. So, for this first version, we might focus less on perfecting accessibility, for example, because our goal is to launch an alpha or beta version. When we have more time to focus, we can scale it and do it better.

Michelle: That’s a super good reflection on the human side of the process. So, to wrap up, we’ve now asked a set of close collaborators to give us feedback over the next month. Our hope is that the website, the core tools, and the Field Guide will be ready to share more widely in late September or mid-October. Then we’ll put it out into the world, get a wider set of feedback, and see what people think.

Our next step is to incorporate feedback from our close network before sharing it with all of you.

Thanks for following our journey. You can find our previous posts here and here and stay updated by joining the Beyond the Rules newsletter here.

And a big thanks, as always, to the other members of our team — Annette and Angela — who are key stewards of this work.

Many-to-Many: From Abstract Ideas to a Living System was originally published in Dark Matter Laboratories on Medium, where people are continuing the conversation by highlighting and responding to this story.


IDnow

IDnow becomes one of the first providers in Europe to achieve ETSI certification for eIDAS 2.0 compliance.

The certification reinforces IDnow’s role as a trusted, future-proof partner for regulated businesses and ensures that IDnow’s core solutions are fully aligned with current and upcoming EU compliance requirements, including EUDI Wallet readiness by 2027.  IDnow has become one of the first companies in Europe to receive certification under the latest ETSI standard for remote […]
The certification reinforces IDnow’s role as a trusted, future-proof partner for regulated businesses and ensures that IDnow’s core solutions are fully aligned with current and upcoming EU compliance requirements, including EUDI Wallet readiness by 2027. 

IDnow has become one of the first companies in Europe to receive certification under the latest ETSI standard for remote identity proofing, which is a key requirement for eIDAS 2.0 compliance and EUDI Wallet readiness by 2027. 

This milestone cements IDnow’s position as a trusted and future-proof partner for regulated industries and ensures its solutions are aligned with both current and upcoming EU compliance frameworks. 

Certified for the future of European Digital Identity 

The certification, developed by the European Telecommunications Standards Institute (ETSI) and officially endorsed by the European Commission, confirms that several of IDnow’s core products meet the strict biometric integrity, security, and assurance levels required for digital onboarding in highly regulated sectors. These solutions are now certified as compliant with eIDAS 2.0 at the Extended Level of Identity Proofing (LoIP) – the highest level defined under the revised regulation. 

The certified identity verification methods include: 

Expert-led video verification  Automated identity verification  NFC-based ID verification  eID (electronic ID) verification  EU Digital Identity (EUDI) Wallet verification  Why ETSI standards are so important for remote identity verification 

In achieving certification, IDnow demonstrated compliance with the following ETSI standards: 

ETSI TS 119 461 V2.1.1 – Identity proofing component requirements  ETSI EN 319 401 V3.1.1 – General policy requirements for Trust Service Providers  ETSI EN 319 411-1 V1.5.0 – Requirements for TSPs issuing certificates  ETSI EN 319 411-2 V2.6.0 – Requirements for TSPs issuing qualified certificates  ETSI EN 319 412-2 V2.3.1 – Certificate profiles for legal persons  ETSI EN 319 412-5 V2.4.1 – Certificate profiles for identity proofing  Addressing rising fraud with certified security 

With AI-powered fraud tactics like deepfakes and injection attacks growing rapidly in both sophistication and scale, IDnow’s certification arrives at a critical moment for digital security. According to a 2025 report by Pindrop, deepfake fraud attempts have surged urged by over 1300% in 2024, escalating from an average of one per month to seven per day. This alarming increase underscores the growing sophistication and frequency of AI-driven fraud, particularly targeting financial services and contact centers. The report also forecasts a 162% rise in deepfake-related fraud in 2025, highlighting the urgent need for robust verification solutions. 

The ETSI TS 119 461 standard provides essential safeguards through its strict requirements for features such as presentation attack detection (PAD), injection attack detection (IAD), biometric integrity assurance, and real-time fraud prevention – offering businesses and users protection at the highest level of assurance. 

Built for Europe’s regulatory future 

This certification reinforces IDnow’s commitment to providing secure, flexible and scalable identity verification solutions across Europe. The platform is uniquely positioned to support evolving compliance needs, including: 

eIDAS 2.0  Sixth Anti-Money Laundering Directive (AMLD6EU Digital Identity (EUDI) Wallet readiness 

“This latest certification confirms IDnow’s position as a trusted and future-proof technology partner for regulated businesses across Europe,” says Armin Berghaus, founder and Managing Director at IDnow. “It represents our intention for IDnow to continue to provide the most flexible and future-proof identity verification and fraud prevention platform for businesses navigating complex European compliance and customer experience demands.”  

By 2027, all banks operating in the EU will be required to work with providers certified under ETSI TS 119 461. This gives IDnow customers the confidence that their identity verification processes are not only secure and compliant today, but also ready for what’s next. 

By

Nikita Rybová
Customer and Product Marketing Manager at IDnow
Connect with Nikita on LinkedIn


Okta

How to Build a Secure iOS App with MFA

Modern mobile applications require robust security solutions, especially when handling sensitive user data or enterprise-level access. Okta offers a powerful identity platform, and with the BrowserSignIn module from its Swift SDK, adding secure login to your iOS app becomes scalable and straightforward. In this post, you’ll learn how to: Set up your Okta developer account Configure yo

Modern mobile applications require robust security solutions, especially when handling sensitive user data or enterprise-level access. Okta offers a powerful identity platform, and with the BrowserSignIn module from its Swift SDK, adding secure login to your iOS app becomes scalable and straightforward.

In this post, you’ll learn how to:

Set up your Okta developer account Configure your iOS app for authentication using best practices Customize the authentication experience with MFA policies Create an AuthService testable protocol Showcase a SwiftUI example on how to integrate the AuthService

Note: This guide assumes you’re comfortable working in Xcode with Swift.

If you want to skip the tutorial and run the project, you can follow the instructions in the project’s README.

Table of Contents

Use Okta for OAuth 2.0 and OpenID Connect (OIDC) Prefer phishing-resistant authentication factors Create an iOS project with Okta’s mobile libraries for authentication Creating your Xcode project Authenticate your iOS app using OpenID Connect (OIDC) and OAuth 2.0 with Okta Add the OIDC configuration to your iOS app Manage authentication actions for your iOS app using the Okta Swift SDK Add handling for OAuth 2.0 and OIDC tokens and the authenticated session Use the auth service in your Swift app Add backend authorization using a custom resource server Set up a customer resource server for your mobile app Make authorized API requests from your iOS app Check out these resources about iOS, building secure mobile apps, and Okta mobile SDKs Use Okta for OAuth 2.0 and OpenID Connect (OIDC)

The first step is registering your app in Okta as an OpenID Connect (OIDC) client using Authorization Code Flow with Proof Key for Code Exchange (PKCE), the most secure and mobile-friendly OAuth 2.0 flow. PKCE is a best practice for mobile apps to prevent authorization code interception attacks.

Before you begin, you’ll need an Okta Integrator Free Plan account. To get one, sign up for an Integrator account. Once you have an account, sign in to your Integrator account. Next, in the Admin Console:

Go to Applications > Applications Click Create App Integration Select OIDC - OpenID Connect as the sign-in method Select Native Application as the application type, then click Next

Enter an app integration name

Configure the redirect URIs: Redirect URI: com.okta.{yourOktaDomain}:/callback Post Logout Redirect URI: com.okta.{yourOktaDomain}:/ (where {yourOktaDomain}.okta.com is your Okta domain name). Your domain name is reversed to provide a unique scheme to open your app on a device. In the Controlled access section, select the appropriate access level Click Save

NOTE: When using a custom authorization server, you need to set up authorization policies. Complete these additional steps:

In the Admin Console, go to Security > API > Authorization Servers Select your custom authorization server (default) On the Access Policies tab, ensure you have at least one policy: If no policies exist, click Add New Access Policy Give it a name like “Default Policy” Set Assign to to “All clients” Click Create Policy For your policy, ensure you have at least one rule: Click Add Rule if no rules exist

Give it a name like “Default Rule”

Set Grant type is to “Authorization Code”

Set User is to “Any user assigned the app” Set Scopes requested to “Any scopes” Click Create Rule

For more details, see the Custom Authorization Server documentation.

Where are my new app's credentials?

Creating an OIDC Native App manually in the Admin Console configures your Okta Org with the application settings.

After creating the app, you can find the configuration details on the app’s General tab:

Client ID: Found in the Client Credentials section Issuer: Found in the Issuer URI field for the authorization server that appears by selecting Security > API from the navigation pane. Issuer: https://dev-133337.okta.com/oauth2/default Client ID: 0oab8eb55Kb9jdMIr5d6

NOTE: You can also use the Okta CLI Client or Okta PowerShell Module to automate this process. See this guide for more information about setting up your app.

Replace {yourOktaDomain} with your Okta domain.

Prefer phishing-resistant authentication factors

Every new Integrator Free Plan admin account must use the Okta Verify app by default to set up MFA (multi-factor authentication). We’ll retain the default settings for this project, but you can tailor the authentication policy for your organization’s needs. We recommend phishing-resistant factors, such as Okta Verify with biometrics and FIDO2 with WebAuthn. These configurations help defend against credential theft and phishing and align with Okta’s Secure Identity Commitment, standards like NIST SP 800-63, and industry regulations like SOC 2 or HIPAA.

Prefer MFA or phishing-resistant factors for real users Tailor policies based on risk level, environment (dev vs prod), and user behavior

Thoughtfully configuring your authentication policies protects your users while maintaining a seamless login experience.

Create an iOS project with Okta’s mobile libraries for authentication

Before diving into integration, ensure you have the following prerequisites:.

Xcode version 15.0 or later. This guide assumes you’re comfortable working in Xcode and building iOS apps in Swift. Swift - This guide uses Swift 5+ features. Swift Package Manager (SPM) - We’ll use Swift Package Manager for managing dependencies. Ensure it’s available in Xcode. Node and npm installed locally to run the backend server Creating your Xcode project

If you are starting from scratch, create a new iOS app:

Open Xcode Go to File -> New -> Project Select iOS App and select Next Enter the name of the project Set the Interface to SwiftUI or UIKit, depending on your preference

In this post, we will be using SwiftUI

Select Next and save your project locally

You’re now ready to add Okta’s SDK into your project.

Authenticate your iOS app using OpenID Connect (OIDC) and OAuth 2.0 with Okta

To integrate the Okta SDK into your iOS app, follow these detailed steps using Swift Package Manager (SPM), the recommended and modern way to manage dependencies in Xcode.

Follow these steps:

Open the project if it’s not already open Select File → Add Package Dependencies In the search bar at the top right of the window that appears, add the https://github.com/okta/okta-mobile-swift repository and select Enter. Xcode will fetch the package details. Choose the latest version available (recommended) or the version you prefer. When prompted to choose the products to add, make sure to select your project next to BrowserSignin in the Add to Target column Select Add Package

This package provides the full login UI experience and token handling utilities for OAuth 2.0 with PKCE. It’s the core component for authentication in your iOS app.

Once added, you’ll see the Okta SDK listed under your project’s Package Dependencies.

Add the OIDC configuration to your iOS app

To use the OktaBrowserSignin flow, initialize the shared client with your specific app credentials.

The cleanest and most scalable way to manage configuration is to use a property list file for Okta stored in your app bundle.

Create the property list for your OIDC and app config by following these steps:

Right-click on the root folder of the project Select New File from Template (New File in legacy Xcode versions) Ensure you have iOS selected on the top picker Select Property List template and select Next Name the template Okta and select Create to create a Okta.plist file

You can edit the file in XML format by right-clicking and selecting Open As -> Source Code. Copy and paste the following code into the file.

<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>scopes</key> <string>openid profile offline_access</string> <key>redirectUri</key> <string>com.okta.{yourOktaDomain}:/callback</string> <key>clientId</key> <string>{yourClientID}</string> <key>issuer</key> <string>{yourOktaDomain}/oauth2/default</string> <key>logoutRedirectUri</key> <string>com.okta.{yourOktaDomain}:/</string> </dict> </plist>

Replace {yourOktaDomain} and {yourClientID} with the values from your Okta org.

If you use something like this now in code, you can directly access the BrowserSignin shared object, which will already be allocated and ready for use.

Manage authentication actions for your iOS app using the Okta Swift SDK

We’ll build the core authentication layer for our app, the AuthService. This service handles login, logout, token refresh, and user info retrieval using the OktaBrowserSignin module.

Create a new folder named Auth under your project’s folder structure. We’ll use this folder to organize our authentication code. Inside that folder, create a new Swift file named AuthService.swift and define the protocol and class:

import BrowserSignin protocol AuthServiceProtocol { var isAuthenticated: Bool { get } var idToken: String? { get } func tokenInfo() -> TokenInfo? func userInfo() async throws -> UserInfo? func signIn() async throws func signOut() async throws func refreshTokenIfNeeded() async throws } final class AuthService: AuthServiceProtocol { // Implementation will go here }

After doing this, you will get an error message saying that the AuthService does not conform to protocol AuthServiceProtocol because we haven’t implemented the functions yet. We will implement the functions as we progress.

Create a folder named Models inside the Auth folder. Within the Models folder, create a new file named TokenInfo.swift, and add the code shown:

struct TokenInfo { // we will add properties in the next section }

Next, we will add the signIn and signOut methods inside the AuthService class. With the Okta Swift SDK, handling user authentication is straightforward and secure – thanks to the built-in signIn and signOut methods in the BrowserSignin client. Let’s break down how to build these methods in your AuthService.

The signIn method

The signIn method redirects the user to authenticate using Okta, handles the PKCE flow, and retrieves the authentication tokens upon successful login. Open the AuthService class, find the comment Implementation will go here, replace the comment with the following code:

@MainActor func signIn() async throws { BrowserSignin.shared?.ephemeralSession = true let tokens = try await BrowserSignin.shared?.signIn() if let tokens { _ = try? Credential.store(tokens) } }

Let’s unpack this:

BrowserSignin.shared?.ephemeralSession = true

This property controls the type of browser session used for authentication:

If set to true, it forces an ephemeral browser session, meaning no cookies or session state will persist across authentication attempts. It’s like opening a private/incognito window for each login attempt. If set to false, it shares the browser state with the system browser, allowing Okta to remember the user’s login state across sessions (for example, for single sign-on across apps).

In our demo, we set ephemeralSession = true to treat each login as a fresh authentication, which is ideal for testing.

signIn(from: window) This function launches the Okta-hosted sign-in page. The window parameter provides context for where to present the login UI, typically your app’s current window if building in UIKit. Credential.store(tokens) After login, we store the tokens securely (e.g., access token, ID token, and refresh token) using Okta’s built-in Credential storage helper. The signOut method

Signing out is also straightforward. We will proceed by adding it immediately below the signIn method in the AuthService class:

@MainActor func signOut() async throws { guard let credential = Credential.default else { return } try await BrowserSignin.shared?.signOut(token: credential.token) try? credential.remove() }

Here’s what happens:

We check if there’s a current credential by calling Credential.default. We call signOut on the shared BrowserSignIn instance, passing the current token for session revocation. After a successful logout, we remove the credential from secure storage.

This ensures the user’s session is entirely revoked and cleared from the app and Okta’s backend.

Add handling for OAuth 2.0 and OIDC tokens and the authenticated session

Once we’ve set up authentication flows, we must handle token management and session state. This step ensures that your app knows when the user is authenticated, how to access their tokens, and how to refresh tokens when needed.

The protocol requires implementing two computed variables and three functions to help us manage the tokens and the session.

Add the following code in the implementation of the AuthService class right above the signIn method:

var isAuthenticated: Bool { return Credential.default != nil }

Let’s go through the code.

The isAuthenticated computed property checks whether there’s a valid token stored in the app:

It uses Credential.default, a singleton that securely stores the user’s tokens. If a valid token exists, the user is considered authenticated; otherwise, they are not.

Next, we’ll add the second helper computed property, which we will use to retrieve the user’s ID token. In the AuthService class, under the isAuthenticated property, add the following code:

var idToken: String? { return Credential.default?.token.idToken?.rawValue }

The idToken property retrieves the raw value of the ID token from the stored credential:

The ID token is a signed JSON Web Token (JWT) containing user identity information, such as the user’s email, name, and subject (sub).

We successfully implemented the computed properties required by the protocol. Next, we’ll add the implementation for the three helper functions.

Tokens always expire, which means that at some point, they are no longer valid, and we must refresh them. Lucky, Okta’s SDK provides us with a solution for this need. We can leverage the refresh function, which is part of the Credential object.

Inside the AuthService class, right after the signOut method, add the refreshTokenIfNeeded() function:

func refreshTokenIfNeeded() async throws { guard let credential = Credential.default else { return } try await credential.refresh() }

The refreshTokenIfNeeded method ensures that tokens are up-to-date by attempting a token refresh when necessary:

It calls the Credential.refresh() method, which uses the refresh token (if available) to get a new access token and ID token. This helps avoid token expiration issues that could interrupt the user’s session.

At this point, we’ll add an empty implementation to the other two functions, which will help us get some information about the token and the user. In our case, we will present some data on the screen. Add the following code after the refreshTokenIfneeded() function:

func tokenInfo() -> TokenInfo? { return nil } func userInfo() async throws -> UserInfo? { return nil }

With this added, we resolved the errors we saw in AuthService, and you’ll be able to build the project successfully.

Use the auth service in your Swift app

Now that we’ve built the AuthService to handle sign in, sign out, token management, and user info retrieval, let’s see how to integrate it into your app’s UI.

Use AuthService in your views

Since this app is about authentication, rename the auto-generated view ContentView to AuthView and rename the file to match. Don’t forget to rename all the existing and auto-generated references to ContentView and use AuthView instead.

Next, in the same folder as the AuthView, we will create the AuthViewModel. The AuthViewModel handles all user actions and authentication:

import Foundation import Observation import BrowserSignin @Observable final class AuthViewModel { // MARK: - Dependencies /// This is the service that handles all the sign-in, sign-out, token, and user info logic. private let authService: AuthServiceProtocol // MARK: - UI State Properties /// True if the user is currently logged in. var isAuthenticated: Bool = false /// The user's ID token (used for secure backend communication). var idToken: String? /// Shows a loading spinner while something is happening in the background. var isLoading: Bool = false /// If something goes wrong (e.g., login fails), the error message will show in the UI. var errorMessage: String? /// This holds a message returned from the resources server. var serverMessage: String? // MARK: - Initialization /// Create the view model and immediately update the UI with the current authentication status. init(authService: AuthServiceProtocol = AuthService()) { self.authService = authService updateUI() } // MARK: - UI State Management /// Updates the `isAuthenticated` and `idToken` values from the authentication service. func updateUI() { isAuthenticated = authService.isAuthenticated idToken = authService.idToken } // MARK: - Authentication /// Called when the user taps the "Sign In" or "Sign Out" button. /// Signs the user in or out, updates the UI, and handles any errors. @MainActor func handleAuthAction() async { setLoading(true) defer { setLoading(false) } do { if isAuthenticated { // User is signed in → sign them out try await authService.signOut() } else { // User is signed out → sign them in try await authService.signIn() } updateUI() } catch { errorMessage = error.localizedDescription } } // MARK: - Token Handling /// Refreshes the user's token if it's about to expire. /// Keeps the user logged in longer without needing to manually sign in again. @MainActor func refreshToken() async { setLoading(true) defer { setLoading(false) } do { try await authService.refreshTokenIfNeeded() updateUI() } catch { errorMessage = error.localizedDescription } } // MARK: - User Info /// Requests user information (like name, email, etc.) from the authentication service. @MainActor func fetchUserInfo() async -> UserInfo? { do { let userInfo = try await authService.userInfo() return userInfo } catch { errorMessage = error.localizedDescription return nil } } // MARK: - Token Info /// Retrieves token metadata like expiry time or claims. /// Returns nil if no token is available. func fetchTokenInfo() -> TokenInfo? { guard let tokenInfo = authService.tokenInfo() else { return nil } return tokenInfo } // MARK: - Helpers /// Sets the loading state (used to show/hide a spinner in the UI). private func setLoading(_ value: Bool) { isLoading = value } }

Next, we must extend the AuthView to use the view model and all the properties and functions we added. This view will change depending on whether the user is authenticated and will incorporate displaying the ID token and a button to refresh the token. Open AuthView.swift and replace the code with the following.

import SwiftUI import BrowserSignin /// The main authentication screen that shows the current login state, /// allows the user to sign in or out, and access token/user info and server message. struct AuthView: View { // View model manages all auth logic and state @State private var viewModel = AuthViewModel() // Presentation control flags for full-screen modals @State private var showTokenInfo = false // Holds the fetched user info data when available // And presents the UserInfoView when assigned value @State private var userInfo: UserInfoModel? var body: some View { VStack(spacing: 20) { statusSection tokenSection authButton if viewModel.isAuthenticated { refreshTokenButton } if viewModel.isLoading { ProgressView() } } .padding() .onAppear { // Sync UI state on view load viewModel.updateUI() } .alert("Error", isPresented: .constant(viewModel.errorMessage != nil)) { Button("OK", role: .cancel) { viewModel.errorMessage = nil } } message: { // Show error message if available if let message = viewModel.errorMessage { Text(message) } } } } private extension AuthView { /// Displays "Logged In" or "Logged Out" depending on current state. var statusSection: some View { Text(viewModel.isAuthenticated ? "✅ Logged In" : "🔒 Logged Out") .font(.system(size: 24, weight: .medium)) .multilineTextAlignment(.center) } /// Shows the user's ID token in small text (only when authenticated). var tokenSection: some View { Group { if let token = viewModel.idToken, viewModel.isAuthenticated { Text("ID Token:\n\(token)") .font(.system(size: 12)) .multilineTextAlignment(.center) } } } /// Main login/logout button. Text and action change based on login state. var authButton: some View { Button(viewModel.isAuthenticated ? "Sign Out" : "Sign In") { Task { await viewModel.handleAuthAction() } } .buttonStyle(.borderedProminent) .disabled(viewModel.isLoading) } /// Opens the full-screen view showing token info. var refreshTokenButton: some View { Button("🔄 Refresh Token") { Task { await viewModel.refreshToken() } } .font(.system(size: 14)) .disabled(viewModel.isLoading) } } struct UserInfoModel: Identifiable { let id = UUID() let user: UserInfo }

With this in place, you can run the application and test the authentication. Currently, we are not using the TokenInfo and the UserInfo from the ViewModel because we will expand the view in the next section.

Read token info

After successfully authenticating a user, it’s helpful to extract meaningful details from the ID token and present them in a user-friendly format. For this purpose, we created a TokenInfo model in the previous sections. It will be initialized from the ID token and includes a toString() function to generate a nicely formatted description of the token data for display in the UI.

Open TokenInfo.swift and add the code shown.

import Foundation import BrowserSignin struct TokenInfo { var idToken: String var tokenIssuer: String var preferredUsername: String var authTime: String? var issuedAt: String? init?(idToken: JWT) { guard let idToken = Credential.default?.token.idToken else { return nil } self.idToken = idToken.rawValue self.tokenIssuer = idToken.issuer ?? "No Issuer found" self.preferredUsername = idToken.preferredUsername ?? "No preferred_username found" let formatter = DateFormatter() formatter.dateStyle = .medium formatter.timeStyle = .medium if let authTime = idToken.authTime { self.authTime = formatter.string(from: authTime) } if let issuedAt = idToken.issuedAt { self.issuedAt = formatter.string(from: issuedAt) } } func toString() -> String { var result = "" result.append("ID Token: \(idToken)") result.append("\n") result.append("Preffered username: \(preferredUsername)") result.append("\n") result.append("Token Issuer: \(tokenIssuer)") result.append("\n") if let authTime { result.append("Auth time: \(authTime)") result.append("\n") } if let issuedAt { result.append("Issued at: \(issuedAt)") result.append("\n") } return result } }

In the previous sections, we introduced two methods for fetching information about the token and the authenticated user. However, we left their implementation empty. It’s now time to implement those functions, and we will start by implementing the tokenInfo() function.

Navigate to your AuthService class and in there find the tokenInfo() function, which should look something like this:

func tokenInfo() -> TokenInfo? { return nil }

To initialize our TokenInfo modal view, we need the ID token. Okta’s Swift SDK lets us fetch the ID token directly from the Credential.default. Remove the return nil from the function implementation and add the following code:

func tokenInfo() -> TokenInfo? { guard let idToken = Credential.default?.token.idToken else { return nil } return TokenInfo(idToken: idToken) }

This implementation extracts the ID token from the default Credential and tries to instantiate the TokenInfo object.

Next, we must implement the second empty function introduced in the previous sections, userInfo(). We’ll use the SDK’s UserInfo model to pass the data around. Replace the existing implementation of userInfo() with the code shown.

func userInfo() async throws -> UserInfo? { if let userInfo = Credential.default?.userInfo { return userInfo } else { do { guard let userInfo = try await Credential.default?.userInfo() else { return nil } return userInfo } catch { return nil } } }

If your Okta setup includes them, you could extend this method to extract more claims, such as email, given name, family name, or custom claims.

With this code in place, we need to display the information to the user somehow in the UI. First, we’ll create a TokenInfoView to display all the information we fetched previously. Create a new Swift file in the root folder of your application and name it TokenInfoView.swift. After creating the file, add the following code:

import SwiftUI struct TokenInfoView: View { let tokenInfo: TokenInfo @Environment(\.dismiss) var dismiss var body: some View { ScrollView { VStack(alignment: .leading, spacing: 20) { Button { dismiss() } label: { Image(systemName: "xmark.circle.fill") .resizable() .foregroundStyle(.black) .frame(width: 40, height: 40) .padding(.leading, 10) } Text(tokenInfo.toString()) .font(.system(.body, design: .monospaced)) .padding() .frame(maxWidth: .infinity, alignment: .leading) } } .background(Color(.systemGroupedBackground)) .navigationTitle("Token Info") .navigationBarTitleDisplayMode(.inline) } }

Proceed with adding one more Swift file named UserInfoView.swift. This view displays previously fetched information about the User. In your newly created file, add the following code:

import SwiftUI import BrowserSignin struct UserInfoView: View { let userInfo: UserInfo @Environment(\.dismiss) var dismiss var body: some View { ScrollView { VStack(alignment: .leading, spacing: 20) { Button { dismiss() } label: { Image(systemName: "xmark.circle.fill") .resizable() .foregroundStyle(.black) .frame(width: 40, height: 40) .padding(.leading, 10) } Text(formattedData) .font(.system(size: 14)) .frame(maxWidth: .infinity, alignment: .leading) .padding() } } .background(Color(.systemBackground)) .navigationTitle("User Info") .navigationBarTitleDisplayMode(.inline) } private var formattedData: String { var result = "" result.append("Name: " + (userInfo.name ?? "No Name set")) result.append("\n") result.append("Username: " + (userInfo.preferredUsername ?? "No Username set")) result.append("\n") if let updatedAt = userInfo.updatedAt { let dateFormatter = DateFormatter() dateFormatter.dateStyle = .medium dateFormatter.timeStyle = .short let date = dateFormatter.string(for: updatedAt) result.append("Updated at: " + (date ?? "")) } return result } }

Finally, we need to add some actions to the AuthView to see the views we just created. In the AuthView class at the end of the file, you will find the private extension that we previously defined. After the refreshTokenButton in the private extension of AuthView, add the following buttons:

/// Opens the full-screen view showing token info. var tokenInfoButton: some View { Button { showTokenInfo = true } label: { Image(systemName: "info.circle") .foregroundColor(.blue) } .disabled(viewModel.isLoading) } /// Loads user info and presents it full screen. var userInfoButton: some View { Button("👤 User Info") { Task { if let user = await viewModel.fetchUserInfo() { await MainActor.run { userInfo = UserInfoModel(user: user) } } } } .font(.system(size: 14)) .disabled(viewModel.isLoading) }

Now that we have the buttons implemented, we need to add them to the body of AuthView so that the user can see them and click them. Scroll to the top of the file and find struct AuthView:View. Add both buttons right after refreshTokenButton, and then the VStack in your body should look like this:

VStack(spacing: 20) { statusSection tokenSection authButton if viewModel.isAuthenticated { refreshTokenButton tokenInfoButton // tokenInfoButton added here userInfoButton // userInfoButton added here } if viewModel.isLoading { ProgressView() } }

Within the definition for body, we need to call two view modifiers to be able to see the TokenInfoView and UserInfoView. You’ll add the following code right after the closing brace of the message: {} property:

// Show Token Info full screen .fullScreenCover(isPresented: $showTokenInfo) { if let tokenInfo = viewModel.fetchTokenInfo() { TokenInfoView(tokenInfo: tokenInfo) } } // Show User Info full screen .fullScreenCover(item: $userInfo) { info in UserInfoView(userInfo: info.user) }

Now, if you run the application, you should be able to click on the Info button to get the token information and the User Info button to get the user information.

And there you have it! 🎉 We built a sample app from scratch using Okta’s new Swift SDK and the BrowserSignin module to show the authenticated user’s ID claims. By following these steps, you’ve learned how to:

✅ Configure Okta and set up your application ✅ Implement a robust AuthService to handle login, logout, and token management ✅ Build a SwiftUI interface that displays user info and handles authentication flows seamlessly

With just a few lines of code, you have a fully functional, secure login flow integrated into your iOS app – no more OAuth headaches or token handling nightmares.

Authentication is the first step in an app, but we want to display data from a backend resource securely.

Add backend authorization using a custom resource server

If you want to go beyond authentication and add authorization checks for your APIs, we can experiment using Okta’s Node.js Resource Server example as a starting point.

Here’s how to connect your iOS app to a backend that validates access tokens:

Set up a customer resource server for your mobile app

Clone the example Node.js resource server:

git clone https://github.com/okta/samples-nodejs-express-4.git cd samples-nodejs-express-4 npm ci

Open the project in an IDE like Visual Studio Code. I like Visual Studio Code because it has a built-in terminal, but you can make the required code changes directly to the file. Open resource-server/server.js. Look for the configuration block where oktaJwtVerifier is initialized. Update it like this:

const oktaJwtVerifier = new OktaJwtVerifier({ issuer: '/oauth2/default', clientId: '{yourClientID}', });

Replace the {yourOktaDomain} with your Okta org domain, and replace the {yourClientID} with the client ID of your iOS project.

Serve the resource server by running the following command in the terminal.

npm run resource-server

You should see your server running locally at: http://localhost:8000/

This server will validate incoming access tokens and respond with two messages if the token is valid:

{ "messages":[ { "date":"2025-07-03T19:06:59.799Z", "text":"I am a robot." }, { "date":"2025-07-03T18:06:59.799Z", "text":"Hello, world!" } ] }

Let’s create the model conforming to this payload.

Create a file named MessagesResponse.swift in the Auth/Models folder and add the code.

import Foundation struct MessageResponse: Codable { let messages: [Message] } struct Message: Codable { let date: String let text: String } Make authorized API requests from your iOS app

To call the resource server API from our iOS code, we must first implement a function inside our AuthService to fetch messages.

Open the AuthService file and add one more function at the end of the AuthServiceProtocol:

protocol AuthServiceProtocol { var isAuthenticated: Bool { get } var idToken: String? { get } func tokenInfo() -> TokenInfo? func userInfo() async throws -> UserInfo? func signIn() async throws func signOut() async throws func refreshTokenIfNeeded() async throws func fetchMessageFromBackend() async throws -> String // added }

Because we introduced a new function to the protocol, it requires an implementation. In the AuthService class, immediately after the implementation of userInfo(), add the following code:

@MainActor func fetchMessageFromBackend() async throws -> String { guard let credential = Credential.default else { return "Not authenticated." } var request = URLRequest(url: URL(string: "http://localhost:8000/api/messages")!) request.httpMethod = "GET" await credential.authorize(&request) let (data, _) = try await URLSession.shared.data(for: request) let decoder = JSONDecoder() let response = try decoder.decode(MessageResponse.self, from: data) if let randomMessage = response.messages.randomElement() { return "\(randomMessage.text)" } else { return "No messages found." } }

With this, you will get an error message that some classes aren’t found. That’s because we must import Foundation into our AuthService.swift file just below import BrowserSignIn.

import BrowserSignin import Foundation // added

Okta’s iOS SDK provides a handy method for automatically adding your access token as an Authorization header on a URL request.

We need to go back to the AuthViewModel and add a function to call fetchMessageFromBackend() and set the server message to our serverMessage property of the viewModel. Add the following code right after fetchTokenInfo():

// MARK: - Server Messages /// Asks the backend for a message and saves it for display in the UI. @MainActor func fetchMessage() async { setLoading(true) defer { setLoading(false) } do { let message = try await authService.fetchMessageFromBackend() serverMessage = message } catch { errorMessage = error.localizedDescription } }

We need to extend the AuthView to use this function and show the fetched server message as an alert to the user. For this purpose, go to the AuthView file and in the extension just below the userInfoButton, we will add one more button like this:

/// Requests a message from the backend and shows it in the UI. var getMessageButton: some View { Button("🎁 Get Message") { Task { await viewModel.fetchMessage() } } .font(.system(size: 14)) .disabled(viewModel.isLoading) }

Next, we need to present this button to the view. In the bodyof AuthView, let’s add getMessageButton and the body will look like this:

VStack(spacing: 20) { statusSection tokenSection authButton if viewModel.isAuthenticated { refreshTokenButton tokenInfoButton userInfoButton getMessageButton // getMessageButton added here } if viewModel.isLoading { ProgressView() } }

Lastly, we’ll alert the user with the message contents received from our backend if the authentication is successful. To do so, we need to add the .alert view modifier to the body of AuthView after the final fullScreenCover closing bracket, like this:

// Show Alert with the fetched message .alert("Message Response", isPresented: .constant(viewModel.serverMessage != nil)) { Button("OK", role: .cancel) { viewModel.serverMessage = nil } } message: { // Show message if available if let message = viewModel.serverMessage { Text(message) } }

With all this in place, you’ll see a message alert when pressing the Get Messages button.

This is the recommended approach for securely connecting your mobile app to backend APIs using OAuth 2.0 and JWT validation. You can find the completed project in a GitHub repo.

🎉 And that’s it! Your iOS app now has authentication and calls a backend API with the access token for fully integrated authorization verification.

Check out these resources about iOS, building secure mobile apps, and Okta mobile SDKs

If you found this post interesting, you may want to check out these resources:

Introducing the New Okta Mobile SDKs A History of the Mobile SSO (Single Sign-On) Experience in iOS

Follow OktaDev on Twitter and subscribe to our YouTube channel to learn about secure authentication and other exciting content. We also want to hear from you about topics you want to see and questions you may have. Leave us a comment below!


Recognito Vision

Understanding the Advantages and Disadvantages of Facial Recognition Technology

Facial recognition technology has become increasingly common in our daily lives. From unlocking phones to airport security, it is changing the way we identify and verify people. This technology uses advanced software to analyze facial features and match them with existing databases, making many tasks faster and more secure. While facial recognition offers convenience and...

Facial recognition technology has become increasingly common in our daily lives. From unlocking phones to airport security, it is changing the way we identify and verify people. This technology uses advanced software to analyze facial features and match them with existing databases, making many tasks faster and more secure.

While facial recognition offers convenience and improved safety, it also comes with challenges. Privacy concerns, accuracy issues, and ethical questions are important factors to consider before adopting this technology. Understanding the advantages and disadvantages of facial recognition can help businesses and individuals make informed choices.

 

What Is Facial Recognition Technology?

Facial recognition technology is a type of software that identifies or verifies a person by analyzing their facial features. Cameras with facial recognition capture images or video of faces. The software then compares these images to a database to identify a match.

It is widely used in security, banking, law enforcement, and even marketing. While it offers convenience, it also raises concerns about privacy and accuracy.

 

Advantages of Facial Recognition Technology

Facial recognition technology offers several important benefits. Here are some of the key advantages:

1. Enhanced Security

One of the main advantages of facial recognition is improved security. It can identify individuals in crowded places, detect unauthorized access, and prevent fraud. For businesses, this technology can help protect sensitive areas.

Banks use facial recognition to verify clients for online transactions. Airports and government buildings use it to control access and ensure safety.

By providing a layer of security beyond passwords or ID cards, facial recognition technology reduces the risk of theft and unauthorized entry.

 

2. Convenience and Speed

Facial recognition can make daily tasks faster and easier. Unlike traditional authentication methods, it does not require remembering passwords or carrying cards.

Phones and laptops can be unlocked instantly. Airports can speed up boarding with automated facial scans. Offices can track attendance without manual checks.

This convenience saves time for both individuals and organizations.

 

3. Contactless Identification

In the era of health concerns and pandemics, contactless systems have become essential. Facial recognition is a non-intrusive, touch-free technology. It reduces the need for physical contact, which is safer in public spaces and healthcare environments.

This feature makes it ideal for hospitals, banks, airports, and retail stores.

 

4. Law Enforcement and Public Safety

Facial recognition technology can assist law enforcement agencies in tracking and identifying suspects. It is useful for finding missing persons, preventing crimes, and investigating incidents.

Cameras with facial recognition can scan crowds in real time, alerting authorities to potential threats.

 

5. Integration with Other Systems

Facial recognition can work with other technologies, such as security cameras, mobile apps, and access control systems. This integration allows for smarter solutions. For example, smart home systems can use facial recognition to unlock doors for family members but restrict access to strangers.

Platforms like Recognito make it easy to integrate facial recognition into existing systems efficiently.

 

Disadvantages of Facial Recognition Technology

Despite its advantages, facial recognition technology has limitations and potential risks. Here are some of the main disadvantages:

1. Privacy Concerns

One of the biggest disadvantages of facial recognition is the potential invasion of privacy. Constant surveillance can make people feel watched and uncomfortable.

Data collected through facial recognition can be misused if not properly secured. Some governments and companies have faced criticism for using this technology without consent.

 

2. Risk of Misidentification

Facial recognition is not 100% accurate. Lighting, camera quality, facial expressions, and changes in appearance can affect results. Misidentification can lead to wrongful accusations or denied access.

This is a serious concern, especially in law enforcement and security applications.

 

3. High Costs

Facial recognition requires good cameras, software, and secure storage, which can be expensive. Maintenance and upgrades also add to the cost. Tools like Recognito offer cost-effective solutions, making it easier for businesses to adopt without overspending.

 

4. Ethical and Legal Issues

Facial recognition raises ethical questions. How and where should the technology be used? What limits should be set? Different countries have different laws regarding the use of facial recognition, making compliance challenging.

Improper use could lead to legal penalties or public backlash.

 

5. Potential for Bias

Some facial recognition systems have shown bias against certain ethnic groups or genders. This can result in unfair treatment, especially in hiring processes, law enforcement, or financial services.

Developers are working to reduce bias, but it remains a concern.

 

Balancing the Pros and Cons

When considering this technology, it is essential to carefully weigh the advantages and disadvantages of facial recognition. For example, businesses may benefit from enhanced security and convenience. However, they must also address privacy, accuracy, and ethical concerns.

Public awareness, transparency, and regulations play a key role in ensuring facial recognition is used responsibly.

 

The Future of Facial Recognition

Facial recognition technology continues to evolve. Advances in artificial intelligence and machine learning are improving accuracy and reducing bias. We are likely to see more industries adopt this technology for secure, efficient, and contactless operations.

However, its future will also depend on legal frameworks and public acceptance. Companies must use it responsibly and prioritize the protection of user data.

 

Conclusion

The advantages and disadvantages of facial recognition highlight both its strengths and limitations. Facial recognition technology offers many advantages, including better security, convenience, and integration with modern systems. At the same time, it comes with risks such as privacy concerns, misidentification, and ethical challenges.

For businesses or developers looking for facial recognition solutions, platforms like Recognito provide advanced facial recognition SDKs. These tools allow companies to integrate secure and accurate facial recognition into their applications while focusing on privacy and compliance.

By understanding the pros and cons of facial recognition, individuals and organizations can make smarter decisions about adopting this technology in a safe and responsible way.

 

Frequently Asked Questions

 

1. Can facial recognition technology invade personal privacy?

Yes, facial recognition can raise privacy concerns since it involves surveillance and data collection. If misused, it may track people without consent. Strong regulations and secure data storage are vital to protect privacy.

 

2. Is facial recognition technology 100% accurate?

No, it isn’t fully accurate. Lighting, camera quality, or changes in appearance can cause errors. AI has improved accuracy, but misidentifications still occur, especially in law enforcement.

 

3. Can facial recognition be integrated with smart home devices?

Yes, facial recognition integrates well with smart homes. It can unlock doors for family members, restrict strangers, and personalize settings.

 

4. Can facial recognition technology be fooled by photos or masks?

Sometimes. Older systems may be tricked by photos or masks. Modern solutions use liveness detection and 3D imaging, making it much harder to bypass.

 

5. How Much Does It Cost to Implement a Facial Recognition System?

Costs vary by scale. Small setups may cost a few thousand dollars, while large projects can reach hundreds of thousands. Hardware, software, and maintenance all influence the total price.


FastID

Why Paying Copyright Holders for AI Training is Essential

AI and creator rights don’t need to clash. A fair, consent-based model can drive innovation without exploiting creative work.
AI and creator rights don’t need to clash. A fair, consent-based model can drive innovation without exploiting creative work.

Tuesday, 19. August 2025

Indicio

Governments can now directly issue Digital Passport Credentials using Indicio Proven

The post Governments can now directly issue Digital Passport Credentials using Indicio Proven appeared first on Indicio.
Indicio Proven adds Digital Passport Credentials aligned to ICAO DTC-2 Specifications

SEATTLE / AUGUST 19, 2025 — Governments are now able to issue Digital Passport Credentials directly to their citizens using Indicio Proven. These credentials align with the International Civil Aviation Organization’s (ICAO) specifications for Digital Travel Credentials (DTC-2) that are government issued. 

Indicio developed and successfully deployed the world’s first Digital Passport Credential which involved travelers deriving a Verifiable Credential from the electronic chip in their passport and combining it with face-mapping, liveness check, and document validation. This Digital Passport Credential aligned with ICAO DTC-1 specifications and allowed for preauthorized travel and seamless border crossing.

By combining authenticated biometrics in Verifiable Credentials, Indicio transformed portable digital identity and provided a simple way to mitigate the growing risks of biometric and AI-identity fraud. In recognition, Acuity Market Intelligence’s 2024 Prism Report described Indicio’s solution as “masterful.” 

Indicio has now developed the next step in “government-grade” digital identity technology — Digital Passport Credentials that are issued directly by governments to accompany physical passports. These credentials follow the DTC-2 specifications outlined by ICAO.

A traveler is now able to carry a cryptographically secure digital passport on their smartphone, smartwatch, or fob linked to their existing physical passport. This can be instantly verified with simple software when crossing borders or presented anywhere across the travel ecosystem, including bookings, check-in, boarding, and hotel arrival.

“Our mission is to create digital identities that make life easier, safer, and more streamlined for everyone,” said Heather Dahl, CEO of Indicio. “We’ve  shown how easy it is to create privacy-preserving, government-grade digital identity. We’ve shown the kinds of transformation this can achieve — the benefits to airlines, airports, and travelers that follow from having a fast and reliable way to streamline identity authentication. Now, we’re making it easy for governments to issue interoperable Digital Passport Credentials, secure borders, and welcome tourists.” 

Indicio Proven is the world’s most advanced system for creating and deploying decentralized identity and Verifiable Credentials in interoperable workflows. It allows users to select from SD-JWT VC, AnonCreds, and mdoc/mDL credential types, customizable schemas, mobile SDK for Android and IoS, a white-label digital wallet, field-leading mediation to handle issuance and verification at any scale, and a global ledger network to support deployments. 

For Digital Passport Credentials, Indicio Proven’s Issuer software is easy to implement into existing systems and combine with biometric infrastructure and vendors. Verifier software is available in server or mobile configurations. Implementation is rapid, scale is simple, and compliance with data protection easy. Above all, Indicio Proven provides highly cost-effective ways to create both enterprise and public sector digital infrastructure that meets current and evolving business, consumer, and traveler needs.

To see a demonstration of Indicio Proven’s Digital Passport Credentials and to learn more about our government and border solutions, contact our team here.

 

###

The post Governments can now directly issue Digital Passport Credentials using Indicio Proven appeared first on Indicio.


1Kosmos BlockID

Why I’m More Bullish Than Ever on 1Kosmos

As CMO of 1Kosmos, I’ve had a front-row seat to watch this company evolve over the past five years. When we founded the company, the cybersecurity world was still obsessed with building bigger walls around the perimeter. Password managers were the hot solution. Multi-factor authentication was cutting edge. We saw something different coming. Identity would … Continued The post Why I’m More Bullis

As CMO of 1Kosmos, I’ve had a front-row seat to watch this company evolve over the past five years. When we founded the company, the cybersecurity world was still obsessed with building bigger walls around the perimeter. Password managers were the hot solution. Multi-factor authentication was cutting edge.

We saw something different coming. Identity would become the new perimeter. Passwords would become the liability, not the solution. And users would demand authentication that was both more secure and more convenient than anything available.

The market needed time to catch up to our vision. But it has, in a big way.

The Market Caught Up

Our recent $57 million Series B brings our total funding to over $72 million. This isn’t just validation of our technology. It’s proof that the market has fundamentally shifted. Our recent $194.5 million agreement for Login.gov through Carahsoft shows that enterprise buyers are ready for what we’ve been building.

The timing makes sense. Every week brings news of another devastating breach, another ransomware attack, another company targeted by AI-generated deepfakes. Traditional passwords and even SMS-based two-factor authentication aren’t cutting it anymore. We’re seeing North Korean operatives deepfake their way into US companies through remote interviews and social engineers extract hundreds of millions in losses through the IT Service Desk.

What We Built

Instead of adding another layer to broken systems, we rebuilt the foundation with a platform that verifies you are who you say you are, every single time you log in. No more checking passwords – we verify actual identity.

We use biometrics tied to verified credentials on a private, permissioned ledger. The technology is sophisticated, but the user experience is intuitive: biometric authentication replaces passwords entirely. Users authenticate once with their identity, then access digital and in-person services seamlessly.

The results speak for themselves – millions of daily users, zero successful account takeovers on our platform, and deployment times measured in hours instead of months. Our customers routinely tell us their users prefer our authentication to anything they’ve used before. Business efficiency improves.

The Certifications That Matter

We’re the only platform with full service NIST 800-63-3, FIDO2, and iBeta certifications – and that’s more than alphabet soup. These certifications prove our solution has the highest level of interoperability and works at the highest levels of government security requirements, which is why FedRAMP gave us High Authorization for national security applications.

Where We Go From Here

I’ve been in this industry long enough to know that technology alone doesn’t win markets, but when your technology solves a real problem that’s only getting worse and major enterprises are making significant commitments to deploy it, you know you’re onto something.

The identity verification market is exploding because every organization needs to know their users are who they claim to be – not just once during onboarding, but every time they log in.

Seven years ago, we bet that the future of cybersecurity would be identity-first, passwordless, and privacy-preserving. Today, that future is here, and we’re leading it.

Ready to see what passwordless looks like in practice? Let’s talk.

The post Why I’m More Bullish Than Ever on 1Kosmos appeared first on 1Kosmos.


Tokeny Solutions

SkyBridge Capital Partners with Tokeny to Tokenize $300Min Hedge Funds on Avalanche

The post SkyBridge Capital Partners with Tokeny to Tokenize $300Min Hedge Funds on Avalanche appeared first on Tokeny.
Tokeny–recently acquired by leading global financial services provider Apex Group–is set to tokenize two of SkyBridge’s funds on the Avalanche blockchain network.

NEW YORK, 19th August 2025 – Skybridge Capital today announced it will tokenize $300 million of its flagship hedge funds on the Avalanche blockchain network. This landmark initiative represents a collaboration with enterprise-grade tokenization leader Tokeny and its parent company, Apex Group Ltd., a global financial services provider servicing over $3.5 trillion in assets.

Tokenizing our funds on Avalanche, supported by the technology and operational infrastructure of Tokeny and Apex Group, represents a significant step forward in modernizing the alternative
investment landscape. We look forward to bringing our hedge funds into the digital, on-chain era, improving transparency, liquidity, and accessibility for our investors, and demonstrating how traditional finance and blockchain can work together to create smarter, more efficient investment solutions. Anthony ScaramucciFounder & CEO of SkyBridge Capital

A former Goldman Sachs executive and White House Communications Director, Scaramucci has long been a prominent voice in alternatives and digital assets, with deep networks across pensions, sovereign wealth funds, and family offices.

Under the agreement, SkyBridge will tokenize its Digital Macro Master Fund Ltd and Legion Strategies Ltd leveraging the proven ERC-3643 standard with operational infrastructure delivered through Apex Group’s Digital 3.0 platform. The platform offers a single-source solution for the entire investment lifecycle, enabling institutional clients to seamlessly transition their funds to blockchain-based rails with integrated capabilities for creation, issuance, administration, and distribution.

This milestone shows how Apex Group and Tokeny are breaking down the operational and technology barriers that have historically slowed institutional tokenization. SkyBridge’s tokenization on Avalanche proves that with the right technology, trusted operators, and regulatory clarity, tokenization at scale is not just possible, it’s happening. Daniel CoheurGlobal Head of Digital Assets at Apex Group and Co-Founder of Tokeny

Avalanche was selected for its institutional-grade architecture, offering the transaction speed and near-instant finality required for large-scale tokenization. As a leading blockchain for real-world assets (RWAs), Avalanche’s rapidly expanding institutional ecosystem already hosts regulated offerings in tokenized money market funds, private credit, and more. The network’s EVM compatibility and scalability make it an ideal foundation for bringing traditional assets on chain to unlock new distribution channels, utility, and blockchain-naive products and services.

Our work with Tokeny, Apex Group, and SkyBridge marks a pivotal moment for institutional adoption and serves as a powerful market signal that tokenization has entered the mainstream. SkyBridge Capital’s leadership and network within the allocator community makes this a strong validation of Avalanche's position as the premier platform for connecting capital. John WuPresident of Ava Labs.

This collaboration brings together next-generation technology, enterprise-grade infrastructure, and institutional credibility, a critical combination for accelerating the adoption of RWAs across hedge funds, private credit, and multi-strategy vehicles.

About Apex Group

Apex Group is dedicated to driving positive change in financial services while supporting the growth and ambitions of asset managers, allocators, financial institutions, and family offices. Established in Bermuda in 2003, the Group has continually disrupted the industry through its investment in innovation and talent. Today, Apex Group sets the pace in fund and asset servicing and stands out for its unique single-source solution and unified cross asset-class platform which supports the entire value chain, harnesses leading innovative technology, and benefits from cross-jurisdictional expertise delivered by a long-standing management team and over 13,000 highly integrated professionals.

Apex Group leads the industry with a broad and unmatched range of services, including capital raising, business and corporate management, fund and investor administration, portfolio and investment administration, ESG, capital markets and transactions support. These services are tailored to each client and are delivered both at the Group level and via specialist subsidiary brands. The Apex Foundation, a not-for-profit entity, is the Group’s passionate commitment to empower sustainable change.

Website

About Tokeny

The award-winning fintech provides compliant tokenization with the open-source ERC-3643 token standard and advanced white-label software solutions for financial institutions. The enterprise-grade platform and APIs unify fragmented onchain and offchain workflows,integrating essential services to eliminate silos. It enables seamless issuance, transfer, and management of tokenized securities. By automating operations, offering innovative onchain services, and connecting with any desired distributors, Tokeny helps financial actors attract more clients and improve liquidity. Trusted globally, Tokeny has successfully executed over 120 use cases across five continents and facilitated 3 billion onchain transactions and operations.

Website | LinkedIn | X/Twitter

About SkyBridge Capital

SkyBridge Capital is a global alternative investment firm specializing in financial technology, digital assets, venture capital and multi-manager solutions. The firm, founded by Anthony Scaramucci in 2005, has allocated over half of SkyBridge’s assets under management to digital assets, an emerging asset class that is reshaping the future of finance.

About Avalanche

Avalanche is an ultra-fast, low-latency blockchain platform designed for builders who need high performance at scale. The network’s architecture allows for the creation of sovereign, efficient and fully interoperable public and private layer 1 (L1) blockchains which leverage the Avalanche Consensus Mechanism to achieve high throughput and near-instant transaction finality. The ease and speed of launching an L1, and the breadth of architectural customization choices, make Avalanche the perfect environment for a composable multi-chain future. Supported by a global community of developers and validators, Avalanche offers a fast, low-cost environment for building decentralized applications (dApps). With its combination of speed, flexibility, and scalability, Avalanche is the platform of choice for innovators pushing the boundaries of blockchain technology.

The post SkyBridge Capital Partners with Tokeny to Tokenize $300Min Hedge Funds on Avalanche appeared first on Tokeny.


Spherical Cow Consulting

Working Group Chair Skills: Standards Work Isn’t Just for Coders

This one’s for everyone who’s ever said, "I’m not technical enough to participate in standards development." If you’ve wondered what working group chair skills actually matter, I have news for you: you don’t need to be a spec-writing wizard to be effective. I do get it, though. The post Working Group Chair Skills: Standards Work Isn’t Just for Coders appeared first on Spherical Cow Consulting.

“This one’s for everyone who’s ever said, ‘I’m not technical enough to participate in standards development.'”

If you’ve wondered what working group chair skills actually matter, I have news for you: you don’t need to be a spec-writing wizard to be effective.

I do get it, though. I chair working groups, and I still can’t read specs the way implementers do. Half the time I open a technical specification, my eyes glaze over after the abstract. I couldn’t code myself out of a wet paper bag. (Unless that wet paper bag happens to include m4 and sendmail rulesets. Those, I can do.)

That said, if you take nothing else away from this post, take this and embed it in your brain: you don’t have to be a spec-writing wizard to be an effective contributor, or even to chair a working group.

In fact, some of the most valuable skills in standards work have nothing to do with writing code.

A Digital Identity Digest Working Group Chair Skills: Standards Work Isn’t Just for Coders Play Episode Pause Episode Mute/Unmute Episode Rewind 10 Seconds 1x Fast Forward 30 seconds 00:00 / 00:13:35 Subscribe Share Amazon Apple Podcasts CastBox Listen Notes Overcast Pandora Player.fm PocketCasts Podbean RSS Spotify TuneIn YouTube iHeartRadio RSS Feed Share Link Embed

You can Subscribe and Listen to the Podcast on Apple Podcasts, or wherever you listen to Podcasts.

And be sure to leave me a Rating and Review!

What a chair actually does (and doesn’t do)

There’s a misconception that working group chairs must be the ultimate subject-matter experts, the kind of person who can answer any question off the cuff. I used to believe that too. *buzzer sound* Wrong, try again! The job is about facilitation and neutrality, not encyclopedic knowledge.

A good chair brings the right working group chair skills to the table:

Manages time, the agenda, and the meeting queue. Keeps the room neutral and separates their “chair hat” from their personal opinions. Tests for consensus and documents objections. Guides the group back to its charter when things start to sprawl.

What a chair doesn’t do:

Decide the technical design. “Win” arguments on the mic. Gatekeep new contributors.

Yes, a baseline of knowledge helps, mainly to keep the group on track and ask the right questions. But if you’re the loudest voice in the room or the person with the most opinions? That’s a red flag.

The Madrid moment

This post was inspired by a moment at the recent IETF meeting in Madrid.

I was sitting in a session (not one I was running) feeling wildly inadequate. The chair of that meeting seemed to know everything: answering questions without pause, bouncing ideas around, and generally radiating expertise. I thought, I can’t do that. I’ll never be that person.

Later, I mentioned my self-doubt to a friend who’s been in standards work since Gandalf was a baby (i.e., a very long time). They said something that stuck:

“That kind of deep subject-matter expertise isn’t what makes a good chair. The job is to be neutral, help the group come to consensus, and keep the process fair. If you’re too invested in the outcome, you can’t do that well.”

And they were right. In a session I chaired the next day, I reminded myself of that. Instead of getting pulled into the details, I paused, restated the questions we were debating, and asked for commitments to review from experts in the room. We left the meeting with clear decisions and action owners. Go, team!

No wizard-level technical knowledge required.

Where non‑coders shine

Even if you’re not a chair, these are the same skills that make you a great contributor and help you develop working group chair skills if you want to take that step later. Non‑coders are often the ones who:

Turn pain points into crisp user stories. “We need X because Y breaks if we don’t.” Write readable summaries for product managers, lawyers, and execs. Triage issues on GitHub—label them, close duplicates, line up proposals for meetings. Spot interoperability gaps. Help set up test plans, track what passes/fails, and document blockers. Herd the cats. Draft pre-reads, take notes, and make sure decisions actually get written down.

These are the unglamorous but critical pieces that keep work moving forward. Without them, groups stall, meetings get repetitive, and good ideas die in the noise. Groups well and truly need someone brave enough to ask “stupid” questions (that are never actually stupid) about how it all works.

How to start if you’re “not technical enough”

If you want to get involved but don’t know where to start, try this:

Read the charter of the group and two or three recent GitHub issues. Introduce yourself on the mailing list with a sentence about what you can help with (e.g., “I’m a PM and can help with use cases or meeting notes”). Volunteer once. Scribe a meeting, write a summary, or draft a use-case doc. Ask the chairs: “What would unblock you this week that doesn’t require coding?” Shadow a consensus call and notice how the chair phrases questions and records outcomes.

These small steps get you known as someone who adds value quickly. That reputation goes a long way.

For managers: send the right people

If you lead a team, the worst thing you can do is assume only senior engineers belong in standards groups. You should be sending:

PMs, solution architects, and analysts. Tech writers who can make decisions and docs accessible. Support or operations leads who know what customers actually need.

Give them specific assignments: draft use cases, clean up issues, track interop progress. And measure their impact by outcomes that matter: fewer rehashed meetings, clearer issues, faster consensus.

Common traps (and how to avoid them)

Even experienced chairs and contributors stumble into these:

Wearing the company hat too heavily. Remember: your job is to move the group’s work forward. Turning meetings into tutorials. Save deep dives for dedicated docs or issues. Letting the loudest voice set direction. Ask for explicit “can live with it” signals from the room. Treating silence as consent. It usually isn’t.

A simple chair’s checklist helps: agenda posted in advance (see the Important Dates page for IETF meetings) → pre‑reads linked → scribe/timekeeper assigned → decisions written down → minutes posted within 48 hours.

Why this matters

Standards work touches every part of the identity world—federation, digital credentials, browsers, payments. These decisions shape products and policies your teams will live with for years. I mentioned this a while back in Standards Versus Reality with how even well‑intentioned technical choices can clash with deployment realities, which is why diverse voices are so important.

But the process isn’t self-sustaining. If only engineers and spec authors show up, important perspectives get lost. And that hurts interoperability, usability, and deployment.

You don’t need to be the smartest engineer in the room to develop strong working group chair skills. You need to listen, ask questions, and help the group get to a decision.

Your turn

If you’ve thought, standards aren’t for me, try showing up once. Scribe a meeting. Draft a use-case doc. Or if you lead a team, send someone who can listen, write, and keep things moving.

If you’d rather track the blog than the podcast, I have an option for you! Subscribe to get a notification when new blog posts go live. No spam, just announcements of new posts. [Subscribe here

Transcript Introduction

[00:00:26] Let’s get into it.

[00:00:29] Hi everyone, and welcome back to the Digital Identity Digest.

[00:00:33] Today I want to talk about something I hear often from people who are curious about standards work but never take the leap to participate.

[00:00:42] It’s that feeling of “I’m not technical enough. Standards are for engineers, so I’ll just sit this one out.”

[00:00:50] If that’s you, this episode is for you.

[00:00:54] The truth is, standards work is not just for coders. Some of the most important roles in working groups don’t involve writing a single line of code.

*** Why Standards Work Isn’t Just for Engineers

[00:01:04] I want to pull back the curtain on my own experience as a working group chair. I’ll share:

The skills that actually make standards work successful How non-coders can contribute How to build the confidence to jump in

[00:01:24] Here’s my confession: I chair groups in the Internet Engineering Task Force (IETF) and the World Wide Web Consortium (W3C).

[00:01:33] But if you handed me a technical specification to implement — I couldn’t do it. I can’t code my way out of a wet paper bag.

[00:01:42] I can read the text of a specification.
[00:01:48] I can follow the arguments and track design decisions.
[00:01:53] But I don’t read specs like implementers do.

And that’s okay. Because being a chair is not about being the ultimate expert — it’s about facilitating process, guiding discussion, and keeping the group focused.

*** What a Working Group Chair Actually Does

[00:02:16] So what does a chair really do?

[00:02:24] On a good day, you’re:

Setting the agenda and keeping discussions on track Managing the queue so everyone knows when it’s their turn Listening carefully and testing for consensus Making sure objections are heard and documented Guiding the group back to its agreed charter

[00:03:06] Importantly, chairs do not decide technical design. They don’t win arguments or gatekeep contributors.

[00:03:14] Yes, technical knowledge helps — but being the loudest, most opinionated person in the room? That’s a liability for a chair.

*** Lessons from Experience

[00:03:30] This all came to mind recently at an IETF meeting in Madrid.

[00:03:36] I was sitting in a session I wasn’t chairing and felt completely inadequate. The chair was brilliant — answering every question instantly and recalling years of history.

[00:04:06] I shared my self-doubt with a long-time standards veteran. Their advice stuck: A good chair isn’t about deep expertise. It’s about neutrality and guiding consensus.

[00:04:28] The very next day, while chairing my own session, I leaned on that advice. Instead of diving into debate, I paused, restated the question, and asked the group to continue the discussion asynchronously.

[00:05:09] The result? We left the room with clear decisions and owners for next steps.

*** Why Non-Coders Are Essential

[00:05:19] Here’s the truth: non-coders bring incredible value to standards development.

[00:05:31] Examples include:

Turning pain points into crisp user stories Writing clear summaries for product managers, executives, and legal teams Triage work: labeling GitHub issues, closing duplicates, organizing proposals Spotting interoperability gaps between specifications Setting up test plans and documenting blockers “Herding cats” by taking notes and tracking decisions

[00:06:44] None of these require writing code — but all are vital to progress.

*** How to Get Started in Standards Work

[00:06:58] If you’re wondering where to begin, here are practical steps:

Read the group’s charter and skim recent issues to understand scope Introduce yourself on the mailing list — even a short message offering to scribe is welcome Ask the chairs directly what one thing you could do this week to help Observe consensus calls to learn how experienced chairs guide groups

[00:08:20] These small steps build confidence and help you learn core chairing skills: listening, documenting, and facilitating decisions.

*** Advice for Managers

[00:08:31] If you lead a team, don’t assume only senior engineers should join standards groups.

Send your:

Product managers Solution architects Analysts Technical writers

[00:08:56] Give them specific assignments like drafting use cases, cleaning up issues, or tracking interoperability progress. Measure outcomes such as:

Fewer rehash meetings Closed issues and pull requests Documented progress

[00:09:23] This builds institutional knowledge in your organization while helping the group succeed.

*** Common Traps to Avoid

[00:09:31] Even experienced chairs fall into these traps:

Wearing your company hat too heavily Turning meetings into tutorials that eat time Letting the loudest voice set direction instead of true consensus Treating silence as consent instead of seeking explicit signals

[00:11:04] A simple checklist can help avoid these pitfalls:

Post agendas in advance Share pre-reads Assign a scribe and timekeeper

It’s basic, but it works.

*** Why This Matters

[00:11:30] Standards work touches every part of digital identity — from federation to credentials, browsers to payments.

[00:11:46] But if only engineers show up, critical perspectives are lost. That hurts usability, interoperability, and adoption.

[00:11:57] You don’t need to be the smartest engineer in the room to contribute. You just need to listen, ask questions, and help the group reach decisions.

*** Final Thoughts

[00:12:10] If you’ve thought “standards development isn’t for me,” I challenge you to reconsider.

Show up once.
Scribe a meeting.
Draft a use case.
Or, if you lead a team, send someone who can write, listen, and help keep things moving.

[00:12:26] These are the skills that keep standards work healthy.

[00:12:30] So ask yourself: What non-coding skill could you bring into a working group this month?

[00:12:48] Thank you for listening to the Digital Identity Digest.

[00:12:59] If this episode helped make standards clearer — or at least more interesting — share it with a friend. You can connect with me on LinkedIn @hlflanagan.

And don’t forget to subscribe, leave a rating, and find the full written post at sphericalcowconsulting.com.

Stay curious, stay engaged, and let’s keep these conversations going.

The post Working Group Chair Skills: Standards Work Isn’t Just for Coders appeared first on Spherical Cow Consulting.


Ontology

The Brutal Truth About Stablecoin Adoption: Speed is Solved. Identity Isn’t.

Trust Crisis in Stablecoins The biggest challenge in scaling stablecoin payments isn’t speed. It’s trust. Stablecoins are everywhere. They’re powering remittances, cross-border commerce, crypto payroll, and even merchant checkout systems. From Stripe to Shopify to major exchanges, stablecoin adoption is accelerating. But while blockchains have solved the problem of speed and cost, they’ve qu
Trust Crisis in Stablecoins

The biggest challenge in scaling stablecoin payments isn’t speed. It’s trust.

Stablecoins are everywhere. They’re powering remittances, cross-border commerce, crypto payroll, and even merchant checkout systems. From Stripe to Shopify to major exchanges, stablecoin adoption is accelerating.

But while blockchains have solved the problem of speed and cost, they’ve quietly ignored the biggest bottleneck in real-world use: identity.

If stablecoins are going to scale globally, across regions, merchants and users, they need more than fast rails. They need a decentralized identity layer.

The Problem With Stablecoin Compliance Today

Most stable coins weren’t built with compliance in mind. And now that they’re being used in payments, cracks are showing.

Merchants don’t know who they’re accepting money from Platforms are duct-taping KYC providers into apps Users go through verification again and again There’s no standard for crypto KYC that works across wallets, bridges, and dApps

The result? A fragile trust layer built on centralized data silos and repetitive identity checks. The exact same problems crypto was supposed to solve.

Stablecoin Payments Need Verifiable Identity, Not Just Wallets.

Verifiable Identity is the missing layer in the stablecoin stack.

As governments push for stablecoin regulation such as MiCA in the EU and the GENIUS Act in the US, platforms are scrambling to become compliant.

But compliance doesn’t have to mean surveillance.

With decentralized identity, users can hold their own credentials, verify once, and move between apps and services without repeating KYC. This is the foundation for self-sovereign identity, where users control their data and platforms remain compliant without storing sensitive information.

What’s Needed: A Portable, Privacy-First Trust Layer

Stablecoin adoption at scale will only happen if three things become possible:

Users prove who they are without exposing everything Merchants can verify transactions without handling private data Developers can plug into identity infrastructure that works cross-chain

That’s what Ontology is building. A modular identity and privacy framework that makes stablecoin payments secure, compliant, and user-controlled.

Ontology: The Identity Infrastructure for Stablecoin Adoption

Unlike issuers, Ontology isn’t creating another dollar-pegged token. We’re building the trust infrastructure that makes stablecoins usable in the real world.

Here’s what that looks like:

DID-based KYC that users control Zero Knowledge Proofs to verify facts without revealing data Reusable identity credentials for wallets, dApps, and fiat on-ramps Cross-border compliance without centralized trust

This infrastructure goes beyond payments. The next era of Web3 relies on a rebuilding of the crypto identity infrastructure.

The Future of Stablecoin Compliance is User-Controlled

If stablecoins want to compete with traditional infrastructure, they can’t just be faster. They have to be trusted. And that trust can’t be outsourced to centralized APIs or third party data silos.

It has to be built into the protocol layer and embedded in how users verify themselves, how dApps authorize transactions, and how compliance gets done in a decentralized world.

Speed is solved. Identity isn’t. Ontology is solving it.

About Ontology

Ontology is a high-performance, open-source blockchain specializing in decentralized identity and data infrastructure. Built to power the next generation of Web3 applications, Ontology provides developers with the tools to build secure, privacy-preserving systems through Decentralized Identifiers (DIDs) and Verifiable Credentials. With a focus on self-sovereign identity, compliance-ready infrastructure, and cross-chain interoperability, Ontology enables trust in every transaction, without sacrificing user control. Whether you’re building for payments, DeFi, or real-world digital identity, Ontology offers the modular trust layer Web3 has been missing.

Connect with Us

Stay up to date on decentralized identity, privacy infrastructure, and everything Ontology is building:

LinkedIn X (Twitter) Telegram

Have questions or want to collaborate? Drop us a message, we’re always open to building with developers, creators, and partners shaping the future of Web3.

The Brutal Truth About Stablecoin Adoption: Speed is Solved. Identity Isn’t. was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.


iComply Investor Services Inc.

AML in Capital Markets: Global Controls in a Borderless Sector

Capital markets face complex cross-border AML demands. This article explores regulatory expectations and shows how iComply streamlines compliance from onboarding to audit.

Capital markets firms face unique AML challenges across jurisdictions due to their cross-border activity and high-risk products. This article outlines key KYB, KYC, KYT, and AML expectations in the U.S., UK, EU, and other financial centre – and how iComply helps automate compliance workflows with speed and precision.

Global capital markets are fast, fluid, and increasingly regulated. Broker-dealers, custodians, exchanges, and asset managers operate across jurisdictions where expectations for AML, sanctions screening, and beneficial ownership verification continue to grow.

In high-risk sectors like trading, custody, private placements, and tokenization, regulators want more than just client onboarding—they expect continuous monitoring, automated escalation, and clear audit trails.

AML Frameworks Shaping the Sector United States Regulators: SEC, FINRA, FinCEN Requirements: CDD Rule, ongoing customer due diligence, transaction monitoring, suspicious activity reporting, sanctions screening (OFAC) United Kingdom Regulator: FCA Requirements: CDD/EDD, transaction monitoring, PEP screening, audit logs, and AML controls under MLR 2017 European Union Regulators: ESMA, local NCAs Requirements: 6AMLD, MiCA (for tokenized assets), UBO verification, and harmonized AML rules under AMLA (in progress) Switzerland & Luxembourg Regulators: FINMA, CSSF Requirements: KYC/AML for securities and fund transactions, strong data protection, and beneficial ownership transparency Key Compliance Tasks

Capital markets participants must:

Verify legal entities and individuals across onboarding and lifecycle events Monitor transactions for anomalies or regulatory breaches Screen all clients against sanctions, PEP, and adverse media lists Capture beneficial ownership for institutional and private placements Log decisions and escalate based on internal risk policies Industry-Specific Challenges

1. Cross-border account flows → Require localized data handling and multilingual tools

2. Institutional onboarding → Often slow due to document-heavy workflows and complex UBO structures

3. Layered due diligence → Multiple parties, custodians, and intermediaries complicate audit trails

4. Tokenized and digital assets → Face rapidly evolving rules under MiCA, AMLD, and SEC guidance

How iComply Accelerates AML for Capital Markets

iComply provides a secure, modular platform that streamlines compliance from onboarding to monitoring:

1. KYB + UBO Automation Validate entities using public and commercial registries Map complex ownership and nominee structures Generate audit-ready UBO reports 2. Edge-Based Identity Verification Fast, private KYC flows for individuals across global jurisdictions On-device processing for secure and compliant identity checks 3. Transaction Monitoring (KYT) Score trades and transactions by geography, frequency, value, and behavioural anomalies Custom rules for escalations and risk segmentation 4. Centralized Case Management Combine onboarding, AML, and due diligence into a unified audit trail Assign reviews, manage escalations, and export regulatory reports 5. Flexible Deployment On-premise, private cloud, or hybrid environments Data localization and language support for global operations Case Insight: Cross-Border Broker-Dealer

A multinational brokerage integrated iComply across its onboarding and compliance ops. Key results:

Cut entity onboarding time by 60% Streamlined UBO discovery for global accounts Improved internal SAR processing and response tracking The Takeaway

Capital markets compliance is high-stakes and high-volume. Firms that embrace AML automation can:

Reduce onboarding friction Catch risk signals faster Satisfy multi-jurisdictional requirements from day one

Talk to iComply today to learn how we help capital markets firms eliminate compliance bottlenecks and stay ahead of global regulations.


Aergo

[Aergo Talks #21] Public Mainnet, buybacks, and ArenAI

1. Why are AergoTalks in English and not Korean? English is used as the international community language. While Aergo has its roots in Korea, the project has expanded globally and is listed on major international exchanges, including Coinbase. Korean subtitles are provided as a nod to Aergo’s origins, but not for other languages. 영어는 글로벌 커뮤니티가 공통으로 사용하는 언어입니다. Aergo는 한국에서 시작되었지만 현재는 글로벌로 확장
1. Why are AergoTalks in English and not Korean?

English is used as the international community language. While Aergo has its roots in Korea, the project has expanded globally and is listed on major international exchanges, including Coinbase. Korean subtitles are provided as a nod to Aergo’s origins, but not for other languages.

영어는 글로벌 커뮤니티가 공통으로 사용하는 언어입니다. Aergo는 한국에서 시작되었지만 현재는 글로벌로 확장되었고, Coinbase를 포함한 주요 해외 거래소에도 상장되어 있습니다. 한국어 자막은 Aergo의 기원을 존중하는 차원에서 제공되지만, 다른 언어는 지원하지 않는 점 확인 부탁드립니다.

2. When is the Public Mainnet? Will we meet the Q3 deadline?

“Hell yeah, we are.” The team is on track for Q3, with strong progress. No specific date is provided — as with all digital products, launch occurs when everything is ready.

The public mainnet is now live! Please check the full article for more details: https://medium.com/aergo/house-party-protocol-public-mainnet-is-live-29be91574da4

물론입니다. 팀은 3분기 목표를 향해 순조롭게 진행 중입니다. 다만 구체적인 날짜는 공개하지 않았습니다. 모든 디지털 제품과 마찬가지로, 준비가 완벽히 끝났을 때 출시하기 위함입니다.

퍼블릭 메인넷이 공식 런칭됐습니다! 자세한 내용은 전체 공지를 확인해 주세요: https://medium.com/aergo/house-party-protocol-public-mainnet-is-live-29be91574da4

3. Why don’t we give a specific schedule/date?

Digital releases don’t require fixed launch dates like physical products (e.g., movies, retail). Avoids pressure that can lead to mistakes, citing the Columbia Shuttle disaster as an example of deadline-driven risk. Launch will be announced when ready, ensuring fairness and transparency to all participants simultaneously.

출시 일자는 유연하게 설정하여 충분히 준비가 완료된 후에 진행하는 것이 무엇보다 중요합니다. NASA 콜롬비아호 사고 역시 일정 압박이 한 원인이 된 사례로 자주 언급됩니다. HPP는 모든 준비가 철저히 마무리된 시점에, 모든 참여자에게 공정하고 투명하게 동시에 출시 사실을 알리는 방식으로 진행됩니다.

4. Are we going to do buybacks?

Buybacks are usually done by companies with revenue or exchanges tied to trading volume. HPP is performing strongly compared to the CMC100, even in a tough market.

Additional Context

Buybacks are more of a market signal than a sustainable growth strategy. They are often tied to short-term campaigns or exchange-driven burn mechanisms, which can create only temporary price support without strengthening the fundamentals. The reality is that their impact tends to be limited and short-lived, making them less effective for long-term ecosystem growth. Our approach is different. We aim to ensure that value stems from genuine fundamentals and usage, rather than from market engineering.

바이백은 보통 매출을 내는 기업이나 거래량과 연결된 거래소에서 진행합니다. HPP는 어려운 시장 환경 속에서도 CMC100 대비 강한 성과를 내고 있습니다.

추가 설명

바이백은 장기적 성장 전략보다는 시장에 “신호”를 주는 성격이 강합니다. 단기 캠페인이나 거래소 주도의 소각 메커니즘과 연결되는 경우가 많으며, 일시적인 가격 지지 효과를 내지만 근본적인 가치 강화에는 기여하지 못합니다. 즉, 효과는 제한적이고 단명하는 경우가 대부분입니다. HPP의 접근 방식은 다릅니다. 우리는 인위적인 시장 개입이 아니라, 토큰의 실제 사용성·펀더멘털·생태계 확장을 통해 지속적인 가치를 만들어가고 있습니다.

5. Why doesn’t HPP pump with other tokens?

HPP has outperformed the CMC100 over 12 months and the past 5 months. Movement doesn’t always align with BTC/ETH, which are influenced by ETFs and macro flows.

HPP는 지난 12개월과 최근 5개월 동안 CMC100보다 우수한 성과를 보여왔습니다. 단, 움직임이 항상 BTC/ETH와 일치하지는 않습니다. BTC와 ETH는 ETF나 거시경제 자금 흐름 등 외부 요인에 더 큰 영향을 받습니다.

6. What are cryptocurrency investment agents (on the roadmap)?

The specific product details are not disclosed yet. However, the vision and target direction have already been introduced under ArenAI. ArenAI will serve as an intelligent, AI-driven trading and asset management layer, enabling users to interact with DeFi and exchange platforms through natural language, agent automation, and portfolio optimization.

For more background and context, please refer to our previous article on ArenAI, which outlines the concept and future potential of this product: https://medium.com/aergo/arenai-the-ai-powered-command-center-for-intelligent-asset-management-d6910742bad2

구체적인 제품 내용은 아직 공개되지 않았습니다. 하지만 방향성은 이미 ArenAI를 통해 제시되었습니다. ArenAI는 AI 기반의 지능형 자산 관리 및 트레이딩 레이어로, 사용자들이 자연어 인터페이스, 자동화된 에이전트, 포트폴리오 최적화를 통해 DeFi 및 거래소와 상호작용할 수 있도록 설계됩니다.

자세한 내용은 ArenAI에 관한 이전 아티클을 참고해 주세요: https://medium.com/aergo/arenai-the-ai-powered-command-center-for-intelligent-asset-management-d6910742bad2

7. Updates on Upleat collaboration and stablecoin?

Aergo(HPP) provides tech infrastructure to Blocko and enterprise clients. No direct connection to the referenced stablecoin announcement.

Additional Context

Stablecoins are more than just blockchain-based technology. They interface directly with monetary policy tools, such as M1 (currency in circulation plus demand deposits) and M2, meaning their issuance may affect the real-world money supply and economic dynamics. That is why any project launching a stablecoin without operating within the bounds of formal governmental frameworks, such as Korea’s K-BTF (Korea-Blockchain Trust Framework), runs the risk of being inconsequential. These frameworks are crucial for establishing trust, gaining legal recognition, and integrating with national payment systems.

Without adherence to such regulatory and policy frameworks, a stablecoin project may technically function, but it will lack the necessary legitimacy, operational resilience, and broader institutional acceptance. To be meaningful, stablecoins must not only run on code but also align with economic infrastructure and compliance standards.

Aergo(HPP)는 Blocko와 엔터프라이즈 클라이언트들에게 기술 인프라를 제공합니다. 하지만 이번에 언급된 스테이블코인 발표와 직접적인 연결은 없습니다.

추가 설명

스테이블코인은 단순한 블록체인 기술이 아니라 통화정책 도구(M1, M2 등)와 직접 연결됩니다. 즉, 발행은 실제 화폐 공급과 경제 역학에 영향을 줄 수 있습니다. 그렇기 때문에 한국의 K-BTF(Korea-Blockchain Trust Framework) 같은 정부 주도의 제도적 틀 안에서 운영되지 않는 스테이블코인 프로젝트는 실질적 의미가 크게 제한될 수밖에 없습니다.

이러한 제도적·정책적 프레임워크는 신뢰 확보, 법적 인정, 국가 결제 시스템과의 통합을 위해 반드시 필요합니다. 이런 기반이 없다면 스테이블코인은 기술적으로는 작동할 수 있어도 제도적 정당성, 운영 회복력, 기관 차원의 수용성을 확보하지 못합니다. 진정한 의미의 스테이블코인은 코드만으로 존재하는 것이 아니라, 경제 인프라와 규제 준수 기준에 맞추어야 합니다.

Closing

The session closed with reminders that no universal solution exists to “make a token pump.” The team continues to deliver milestones on time, with the imminent launch of the Public Mainnet.

이번 세션은 “토큰 가격을 펌핑시킬 수 있는 보편적 해법은 없다”는 점을 다시 확인하며 마무리되었습니다. 팀은 퍼블릭 메인넷을 비롯한 주요 마일스톤을 계획대로 달성해나가고 있습니다.

[Aergo Talks #21] Public Mainnet, buybacks, and ArenAI was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.


FastID

The Truth About Blocking AI, And How Publishers Can Still Win

Many AI crawlers aren’t following the rules, and robots.txt can’t stop them. Blocking Google’s AI means killing your SEO, but publishers aren’t completely out of options. Edge control is becoming their last real defense.
Many AI crawlers aren’t following the rules, and robots.txt can’t stop them. Blocking Google’s AI means killing your SEO, but publishers aren’t completely out of options. Edge control is becoming their last real defense.

AI Bots in Q2 2025: Trends from Fastly's Threat Insights Report

Fastly's Q2 2025 Threat Insights Report uncovers how Meta, OpenAI, and others are shaping web traffic and what organizations need to do to stay in control.
Fastly's Q2 2025 Threat Insights Report uncovers how Meta, OpenAI, and others are shaping web traffic and what organizations need to do to stay in control.

Monday, 18. August 2025

Dock

Will The Future of Cross-Company Access Be Federated?

One of the most insightful moments in our recent live session with Tim Cappalli (Okta) and Henrique Teixeira (Saviynt) came from a discussion about one of IAM’s most persistent pain points: cross-company access. For decades, the standard approach has been federation: establishing direct, trusted connections between

One of the most insightful moments in our recent live session with Tim Cappalli (Okta) and Henrique Teixeira (Saviynt) came from a discussion about one of IAM’s most persistent pain points: cross-company access.

For decades, the standard approach has been federation: establishing direct, trusted connections between organizations so users can securely access each other’s systems.

But here’s the truth: federation, as it is, doesn’t scale.

Setting it up is time-consuming and rigid:

You need technical integrations for each partner. You need legal agreements. You need alignment between IT teams on both sides. And you need to repeat the process for every new identity provider.

That works if you're collaborating with a few long-term vendors. But it completely breaks down when you’re dealing with hundreds of external users—freelancers, contractors, suppliers, or ecosystem partners—who need access today, not after a three-week firewall security review.


Safle Wallet

Safle x Concordium

Bringing Privacy First Identity and CCD to Your Wallet In a space where trust is often promised but rarely proven, Concordium has been quietly solving one of Web3’s hardest problems proving who is behind a transaction without exposing everything about them. Now, through our latest integration, you can create and manage Concordium accounts natively in the Safle Mobile Wallet bringing ve
Bringing Privacy First Identity and CCD to Your Wallet

In a space where trust is often promised but rarely proven, Concordium has been quietly solving one of Web3’s hardest problems proving who is behind a transaction without exposing everything about them.

Now, through our latest integration, you can create and manage Concordium accounts natively in the Safle Mobile Wallet bringing verifiable on-chain identity and CCD transactions to your fingertips, without compromising privacy.

Whether you’re an everyday crypto user or a developer building the next generation of decentralized apps, this partnership opens the door to secure, compliant, and user-friendly blockchain interactions.

1. What is Concordium?

Think of Concordium as a blockchain with a built-in ID card system except your “ID card” is cryptographically secure and only revealed when absolutely necessary.

Privacy-focused — Your personal details aren’t public, but can be verified when required by law or regulation. Compliance-ready — Businesses and regulated platforms can operate on-chain without fear of violating KYC/AML rules. On-chain identity — Every wallet is linked to an identity verified by trusted providers, ensuring accountability without sacrificing decentralization. Native token (CCD) — Used for transactions, delegation, and interacting with Concordium-based apps.

In short: Concordium bridges the gap between Web3 privacy and Web2 accountability.

2. Why This Partnership Matters

Identity in Web3 is usually either:

Fully anonymous (great for privacy, bad for regulation) Fully public (great for compliance, bad for privacy)

Concordium finds the sweet spot. And now, with Safle’s secure,
non-custodial wallet and Safle Vault SDK, both users and developers can:

Store their identity-linked accounts securely Access Concordium features with the same ease as other chains Build applications that require trust without reinventing the identity wheel 3. New Features in Safle Wallet

With our latest update on iOS and Android, you can:

Create Concordium accounts directly inside the Safle app Send & receive CCD instantly View balances and transaction history for complete visibility Delegate to validators and earn rewards Enjoy native Concordium functionality without needing a separate wallet

All powered by the Safe Vault SDK, now updated to handle Concordium interactions for developers.

4. Benefits for Everyday Users One wallet, more chains — Manage your Concordium accounts alongside your existing assets Privacy without compromise — Verified identity stays private unless disclosure is required Easy setup — Create an account in just a few taps Earn rewards — Delegate your CCD and participate in the network 5. Benefits for Developers SDK-ready — The Safe Vault SDK now supports Concordium, so you can integrate CCD transactions and account creation directly into your apps Identity assurance — Build dApps that require verifiable users without handling KYC data yourself Cross-chain experience — Tap into Safle’s multi-chain capabilities while leveraging Concordium’s compliance-first architecture 6. How to Get Started

For users:

Update your Safle Wallet on iOS or Android Open the app and select Create Concordium Account Start sending, receiving, and delegating CCD instantly

For developers:

Request the updated Safle Vault SDK documentation here Integrate Concordium account creation and CCD transfers into your app Build privacy-first, compliance-ready Web3 experiences Final Word

This isn’t just another chain integration it’s a step toward a Web3 where privacy and accountability can co-exist.

With Concordium inside Safle, you can trust your wallet to keep you secure, compliant, and ready for whatever the decentralized future holds.

Update your Safle Wallet today and start exploring Concordium.

Best,

Team Safle ✨


Aergo

House Party Protocol Public Mainnet Is Live

On the Starting Grid of the AI-Native Era, Ready to Go Full Throttle. Today marks a historic milestone: the official launch of the HPP Public Mainnet, the evolution of Aergo. This AI-native network fuses over a decade of enterprise-grade blockchain expertise with AI-native Layer 2 infrastructure, purpose-built for the AI era to power real-time autonomous agents, verifiable off-chain inference, an

On the Starting Grid of the AI-Native Era, Ready to Go Full Throttle.

Today marks a historic milestone: the official launch of the HPP Public Mainnet, the evolution of Aergo. This AI-native network fuses over a decade of enterprise-grade blockchain expertise with AI-native Layer 2 infrastructure, purpose-built for the AI era to power real-time autonomous agents, verifiable off-chain inference, and a thriving multi-chain economy.

Note: Updates regarding token-related matters, including the TGE, exchange listings, and other migration announcements, will be released progressively as we move forward.

Key Features

1. AI-Native Infrastructure
Purpose-built for agent economies, modular AI services, and verifiable off-chain inference:

ArenAI: Intelligent, autonomous DeFi trading and portfolio management portal. Noösphere: Secure, verifiable off-chain inference for heavy AI tasks, simulations, and multi-source aggregation.

Together, these components transform HPP into an AI operating system for Web3.

2. Multi-Chain Utility
A single, unified token economy operating seamlessly across HPP Mainnet, Ethereum, and the legacy Aergo Mainnet with no supply fragmentation.

3. Security First
Institutional-grade protections with BitGo custody, Fraud Detection Systems, and a canonical bridge architecture ensuring supply integrity across all chains.

A Connected, Verifiable Ecosystem Execution Layer: HPP Mainnet (Arbitrum Orbit-based L2) — Primary home for AI agents, dApps, and DAO governance. Settlement Layer: HPP Ethereum (L1) — High-security finality and deep liquidity. Legacy Layer: HPP (AERGO Mainnet) — Preserves enterprise and public sector deployments while connecting them to the AI-native economy.

Canonical bridges ensure frictionless, secure movement between all layers without compromising integrity.

HPP Partners

HPP unites with a network of strategic partners whose infrastructure and domain expertise form the backbone of our AI-native ecosystem. These collaborators bring battle-tested technology, proven real-world deployments, and deep vertical specialization.

Foundational Partners Aergo: The enterprise-grade blockchain backbone powering compliance-ready smart contracts, secure data exchange, and verified pipelines for mission-critical deployments in both public and private sectors. AQT (Alpha Quark): An asset intelligence platform delivering blockchain-based RWA and NFT valuation, price discovery, and on-chain analytics to bring transparency and trust to digital asset markets. Booost: A human and synthetic data layer offering personhood verification, Sybil-resistant identity tools, and curated datasets that underpin trustworthy agent economies. W3DB: A decentralized trust layer providing model and dataset certification through Verification-as-a-Service (VaaS), enabling AI agents to operate on verifiably accurate and authenticated data. Ecosystem Partners BitGo: Institutional-grade custody securing HPP treasury and reserves with multi-sig control, insured protection, and regulatory compliance. Arbitrum: High-performance Layer 2 rollup powering HPP’s scalable, low-cost infrastructure for verifiable AI and smart contract execution. Conduit: Infrastructure platform for deploying and scaling rollups, enabling HPP’s Arbitrum Orbit Layer 2 environment to achieve high throughput, security, and reliability without sacrificing flexibility. EigenLayer: Ethereum’s leading restaking and data availability protocol, providing HPP with decentralized data availability through EigenDA and enhancing cross-chain security guarantees for verifiable off-chain inference. Orbiter Finance: Cross-chain bridge for HPP, enabling low-fee, fast asset transfers to major blockchains.

Together, these partners extend HPP’s capabilities far beyond what a single network could achieve, creating a unified AI-blockchain infrastructure that seamlessly connects real-world data, verifiable off-chain inference, and autonomous agent execution.

What’s Next Migration Portal: Swap your AERGO tokens to HPP (HPP Mainnet ERC-20) at a 1:1 ratio, or swap your AQT tokens to HPP at a 1 AQT = 7.43026 HPP ratio. Exchange Integrations: HPP will prioritize securing listings on all exchanges that currently support AERGO. This effort is essential to maintaining liquidity continuity, minimizing migration friction, and ensuring institutional-grade market accessibility. MVP Rollout: Launch of the Noösphere SDK, ArenAI portal, and partner integrations to equip developers with the core tools for building the AI-native economy. Governance Transition: Migration of DAO governance to the HPP Mainnet with optimized voting mechanics, lower gas fees, and community participation incentives. Ecosystem Expansion: Incentive programs for builders, early adopters, and community contributors to accelerate adoption across DeFi, DeSci, RWA, and AI-native applications.

HPP Public Mainnet marks not the end, but the moment the lights go out and we push full throttle into the AI-native era. The entire team is now preparing to push into full throttle, building the foundations for a decentralized AI economy.

Please visit our newly renovated official website for the latest updates, key resources, and the soon-to-be-released migration guides: https://www.hpp.io/

House Party Protocol Public Mainnet Is Live was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.

Sunday, 17. August 2025

Ockam

What Two Years of Bootstrapping an AI Startup in India Taught Us

Lessons from building YourGPT with a small team and a vision. Back in 2023 it was just us (Rohit and Sahil) starting. When we started in 2023, our mission was simple: help businesses build with AI. Our first product was a fine-tuning tool for businesses to customise AI models. At the time, fine-tuning was resource-heavy & challenging. Fine-tuning required preparing datasets (and ev
Lessons from building YourGPT with a small team and a vision. Back in 2023 it was just us (Rohit and Sahil) starting.

When we started in 2023, our mission was simple: help businesses build with AI.

Our first product was a fine-tuning tool for businesses to customise AI models. At the time, fine-tuning was resource-heavy & challenging.

Fine-tuning required preparing datasets (and even synthetic data generation was not as highly feasible as today), running heavy compute, and testing multiple iterations to avoid issues like overfitting or underfitting. In practice, this meant months of work and high costs—something only big tech firms could manage.

We saw this gap. Instead of making everyone rebuild models, we introduced advanced RAG-based AI chatbots that could train on a company’s own data while using existing models. RAG allowed companies to use powerful existing models while still grounding answers in their own data—giving them customisation without the cost of fine-tuning.

As we worked with more customers it became clear that most businesses did not want multiple tools. They wanted one solution that could handle conversations, support teams, help them grow, and actually grow with them.

We realised many teams face the same challenge: managing multiple disconnected systems slows them down. We combined our fine-tuning capabilities with the YourGPT Chatbot for enterprise users who still need customised models, while also building a single platform for conversations, training, and automation so teams no longer have to juggle separate tools.

We are a small, fast-moving team bootstrapped from day one. We learn by shipping, watching, and listening. Over time every feature we built, from the action-oriented Copilots builder to AI Agents to AI Studio, Helpdesk, Voice Agents was brought together in one product: YourGPT.

It’s been a pleasure building our product from Mohali, India.

Mohali, where our story began

With a lean, customer-focused team, we help businesses unlock value and maximize innovation. One big lesson: hire for mindset. India has incredible talent, and we now prioritize curiosity, passion, and ownership over resumes—skills can be taught, but hunger to solve problems can’t.

We also learned that partnerships matter as much as technology. As developers we love to build, but growing a business is more than code. Relationships with customers, vendors, and other startups help keep the momentum going. If someone has ideas or wants to discuss potential collaborations, they can reach us at pr@yourgpt.ai.

For other bootstrapped builders, here is one thing I wish I had known earlier, and I am sharing it in case it helps you too:Focus on one strong product. Do not get distracted by vibe coding, which will scatter your efforts across too many directions. Grow one vertical well and then expand it horizontally. This creates more value for your users and makes your product journey clearer.

Two years in, our focus is clear: help businesses automate support, sales, and operations, and scale with AI.

Real progress comes from building, shipping, and learning.

Bootstrapping taught us this: momentum matters more than money. Keep building.

These are lessons we continue to learn every day. If you are building something now, what is the one challenge slowing you down the most?


Ontology

THE ONTOLOGY NETWORK

Unlocking Africa’s Digital Identity and Web3 Future Africa is standing on the brink of a digital revolution. With a youthful population, rising smartphone adoption, and a fast growing blockchain ecosystem, the continent is well positioned to leapfrog traditional systems into the decentralized future. Yet, one major challenge persists: trust, identity, and access. This is where Ontology
Unlocking Africa’s Digital Identity and Web3 Future

Africa is standing on the brink of a digital revolution. With a youthful population, rising smartphone adoption, and a fast growing blockchain ecosystem, the continent is well positioned to leapfrog traditional systems into the decentralized future. Yet, one major challenge persists: trust, identity, and access.

This is where Ontology Network (ONT) steps in.

Ontology is a high-performance, open-source blockchain specializing in decentralized identity (DID) and data management solutions. Unlike many blockchains that focus only on transactions, Ontology is designed to empower individuals and businesses with ownership and control over their data, all while enabling trust across borders.

Why the Ontology Network is important for Africa

1. Solving the Digital Identity Gap

Across Africa, millions remain unbanked or underserved due to the lack of reliable identity systems. Traditional ID infrastructures are often fragmented, slow, or inaccessible in rural areas. Ontology’s ONT ID solution provides a blockchain based identity that is secure, verifiable, and user controlled.

This means a young entrepreneur in Nigeria, a farmer in Kenya, or a freelancer in Ghana can create a trusted digital identity without relying on centralized institutions. With ONT ID, they can access banking, healthcare, education, and even global job opportunities.

2. Empowering Financial Inclusion

Blockchain has long been seen as a gateway to financial freedom in Africa. Ontology takes this further by enabling cross-border payments and DeFi (Decentralized Finance) applications with lower costs and faster processing compared to traditional systems.

By combining digital identity with financial tools, Ontology makes it easier for Africans to build credit histories, secure micro-loans, and engage with the global digital economy without being excluded by legacy systems.

3. Data Ownership in the Web3 Era

In the Web2 world, users give up their data for free while tech giants profit. Ontology flips this model. With its self sovereign data framework, Africans can own, control, and monetize their data.

Imagine a student in South Africa who shares academic records with universities abroad, or a healthcare worker in Uganda who securely exchanges medical credentials across borders all on their own terms, without third party exploitation.

4. Building Trust in Governance and Trade

Trust remains a key challenge in African governance, business, and cross border trade. Ontology’s blockchain infrastructure makes it possible to verify supply chains, authenticate documents, and increase transparency in governance.

For example, farmers can prove the authenticity of their produce in export markets, while governments can use tamper-proof systems to reduce fraud and corruption.

5. A Bridge Between Web2 and Web3

Ontology is not just about the future it is building bridges to the present. Its technology integrates easily with existing systems, meaning African startups, SMEs, and governments can adopt Web3 without completely abandoning current tools. This makes the transition smoother, faster, and more inclusive.

Final Thoughts

Africa’s future is digital, and the Ontology Network provides the infrastructure to make that future more inclusive, trustworthy, and empowering. By addressing challenges like identity, financial exclusion, data ownership, and trust, Ontology positions itself as a game changer for the continent’s growth in the Web3 era.

THE ONTOLOGY NETWORK was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.

Friday, 15. August 2025

FastID

DDoS in July

July 2025 DDoS attack trends: Fastly's report reveals infrequent but massive enterprise attacks & insights on attack volume, industries targeted, and company size.
July 2025 DDoS attack trends: Fastly's report reveals infrequent but massive enterprise attacks & insights on attack volume, industries targeted, and company size.

Thursday, 14. August 2025

HYPR

The Cost of NYDFS Cybersecurity Noncompliance: What You Need to Know in 2025

The New York State Department of Financial Services (NYDFS) has long been a leader in setting cybersecurity standards for the financial services and insurance sectors. Under 23 NYCRR Part 500, regulated entities are required to implement a comprehensive cybersecurity program that addresses governance, access controls, incident response, and ongoing risk management.

The New York State Department of Financial Services (NYDFS) has long been a leader in setting cybersecurity standards for the financial services and insurance sectors. Under 23 NYCRR Part 500, regulated entities are required to implement a comprehensive cybersecurity program that addresses governance, access controls, incident response, and ongoing risk management.

As we move through 2025, NYDFS has signaled that enforcement is accelerating. The recent $2 million settlement with Healthplex, Inc., announced on August 14, 2025, underscores the steep cost of falling short. This case serves as a timely reminder for all covered entities: compliance is not a once-a-year paperwork exercise; it is a continuous obligation with real financial stakes.

What you need to know about NYDFS Cybersecurity Regulations

Part 500 applies to most banks, insurers, and financial service providers operating in New York. At its core, the regulation mandates that each covered entity maintain a written cybersecurity policy approved by the board, conduct periodic risk assessments, limit access to sensitive systems and data, and implement robust security measures such as phishing-resistant multi-factor authentication (MFA).

Equally important is the incident reporting requirement, which mandates that breaches meeting certain criteria must be reported to NYDFS within 72 hours of determination. In addition, every covered entity must file an annual certification of compliance, or acknowledgment of noncompliance, by April 15 each year.

What are the Key Requirements & Upcoming Deadlines?

In 2025, several deadlines and requirements should be top-of-mind for compliance teams. The annual compliance certification for the 2024 calendar year must be submitted by April 15, 2025. Before that filing, organizations must ensure their risk assessment is current and documented.

MFA enforcement is also a major focus for NYDFS this year. Covered entities are expected to have phishing-resistant MFA in place not only for remote network access but also for certain internal systems that handle sensitive information. The expectation is clear: email-only MFA or weaker second factors like SMS one-time codes no longer meet the standard.

Finally, the 72-hour breach reporting requirement remains one of the most critical obligations. Delays in reporting can lead to enforcement actions - even if the breach itself could not have been prevented.

Healthplex Case Study - A $2 Million Lesson

The Healthplex enforcement action provides a clear example of what can happen when these requirements are not met. In this case, a service representative at Healthplex clicked on a phishing email, giving an attacker access to sensitive consumer data stored in the employee’s Outlook 365 account.

Several compliance failures compounded the incident. First, Healthplex had not deployed MFA for its email system, leaving it vulnerable to credential-based attacks. Second, the company lacked an email retention policy, meaning that sensitive data remained in mailboxes far longer than necessary, increasing exposure. Finally, Healthplex failed to notify NYDFS of the breach until more than four months after discovery – well beyond the mandated 72-hour reporting window.

The result was a $2 million penalty, mandatory remediation measures, and a requirement for independent cybersecurity audits focused on MFA deployment. The costs extended far beyond the fine itself, including reputational damage and the operational burden of implementing corrective actions under regulatory scrutiny.

The True Cost of Noncompliance

While the $2 million fine is headline-grabbing, the broader impact of NYDFS noncompliance is often far greater. Legal costs, remediation expenses, internal resource strain, and lost customer trust can quickly escalate. Regulatory investigations can also distract leadership and IT teams from strategic priorities, creating a sustained operational drag.

For regulated entities, noncompliance can also lead to increased cyber liability insurance premiums - or difficulty obtaining coverage at all. And reputational harm, especially in the financial and insurance sectors, can have lasting effects on customer acquisition and retention.

How to Stay Ahead of NYDFS

Proactive compliance requires more than simply meeting the bare minimum. Covered entities should:

Implement phishing-resistant MFA such as FIDO2 hardware keys or device-bound passkeys across all systems that store or process sensitive information. Automate breach detection and reporting to ensure the 72-hour notification rule is met without exception. Establish clear data retention policies to limit the amount of information that could be exposed in the event of a breach. Conduct annual independent audits to validate that cybersecurity controls meet or exceed NYDFS expectations.

By integrating these measures into their cybersecurity programs, organizations not only reduce enforcement risk but also strengthen overall resilience against evolving threats.

Conclusion

NYDFS has made one thing clear in 2025: compliance with 23 NYCRR Part 500 is not optional, and the cost of failure is steep. The Healthplex settlement illustrates how a single phishing email, combined with gaps in MFA, data retention, and reporting, can spiral into a multi-million-dollar regulatory penalty.

For financial and insurance organizations, the message is simple – treat NYDFS compliance as an ongoing operational imperative. Investing in phishing-resistant authentication, robust governance, and disciplined reporting processes can save millions and protect hard-earned reputations.

Learn how HYPR helps financial and insurance organizations exceed NYDFS requirements with passwordless, phishing-resistant MFA. 

 

Key Takeaways NYDFS is aggressively enforcing 23 NYCRR Part 500, and penalties are climbing. Annual compliance certification is due April 15, 2025; phishing-resistant MFA and timely breach reporting are top priorities. Healthplex’s $2 million fine shows the financial and reputational risks of noncompliance. Proactive, continuous compliance strengthens both security posture and business trust.

Extrimian

The Future of University Credentials: Secure, Transparent, and User-Friendly

For university leaders, registrars, student services, IT/security, and anyone who wants fewer emails, faster checks, and clearer truth—backed by cryptographic credentials. TL;DR: What do you actually get—and how does it run on campus? How can a university stop fake diplomas and identity theft What problem are we solving—right now, in your inbox? PDFs and screenshots […] The post The Future of Un

For university leaders, registrars, student services, IT/security, and anyone who wants fewer emails, faster checks, and clearer truth—backed by cryptographic credentials.

TL;DR: What do you actually get—and how does it run on campus? Issuance that’s controlled and auditable: Admins authenticate, prepare credential templates, and issue individually or in bulk from CSV, with a two-person approval policy you define. The portal logs who did what and when, so corrections are clean and traceable. A single verification page you can host or embed: Verifiers scan a QR or use a public URL and get a clear result (Valid / Revoked / Incorrect/Unknown), with the option to copy/embed verifier HTML in your own site. Admin UX that matches real registrar work: Backoffice lists admins and entities with statuses (Sent, Active, Revoked), invitation resend, disable/revoke with reason, and a guided “Alta de Administrador y Entidad” flow that emails the invite with wallet links, QR, and deep link. Extrimian AI-First company: Even if AI agent Micelya is internal-only this help us to build and deliver a more accurate product for our clients and final users; it improves our delivery speed and consistency (knowledge hub, handoffs, SOPs), which you feel as better support and final product experience. How can a university stop fake diplomas and identity theft What problem are we solving—right now, in your inbox? Stop fake diplomas with crypto tamper-proof digital credentials and a one-page verifier. Students scan a QR; employers get answers in seconds.

PDFs and screenshots look official but aren’t proof. Every week, employers and partner schools ask for confirmations; staff forward attachments; someone “just checks quickly,” and doubt lingers. Extrimian moves trust from appearance to cryptographic proof: students share a link/QR; your public verifier (hosted or embedded) returns Valid / Revoked / Unknown issuer in seconds—no inbox ping-pong, no guesswork.

What’s the solution in plain words (no acronym soup)?

Give each important proof a tamper-proof, shareable version—and give the world one official place to check it.

1) Issue credentials with control and clarity Backoffice setup for admins & entities: list admins with status (Sent, Active, Revoked), resend invites, revoke/disable with reason. This keeps who-can-issue under tight control. Admin invites by email: your portal sends a welcome email with wallet links (iOS/Android), a QR to issue the admin credential, and a deep link for mobile. This is the clean onramp to wallet-based admin auth. ID Wallet sign-in for admins (Login con credential): admins authenticate by presenting the admin credential’s QR, then land in their Home. Projects and points: the Admin Home shows your default Project and two panels: Issuing Points, and Verification Points, with quick actions to create/edit each. This mirrors how registrars think about “where we issue” and “where we verify.” 2) Design and issue the right credential (one-off or at scale) Types & templates: for each Point of Emission, you manage Credential Types with editable name, description, hero, icon, background, plus attributes you can enable/disable or add. You also get a live preview before saving, which reduces surprises at graduation time. Individual issuance: pick a template, fill recipient name/email, complete the dynamic attributes required by that template, preview, and Issuewhen everything’s correct. Bulk issuance (CSV): select a template, upload .CSV, preview, and Issue Credentials when all fields validate. This is designed for large cohorts and reduces manual entry risk. Safe edit/copy flows: you can only edit a type before issuing; you can also duplicate a type to iterate safely without touching live cohorts. 3) Give the world a one-page verifier (hosted or embedded) Create aVerification Point: name it, choose the credential type, optionally set the issuer DID, add a webhook for events, and generate it. Publish & embed: copy the verifier HTML for your site and/or copy the public verifier URL hosted by Extrimian—both are provided at creation. What verifiers see: your public verifier shows your university name, verifier name, and QR; when a presentation arrives, it updates the status to Successful Verification or Incorrect Verification—plain language for third parties.

Important clarity: Verification uses digital signatures and status (cryptography). We don’t run AI to “guess” authenticity. Your result is deterministic and transparent.

How does this look in real university life (concrete, day-to-day use)? Diplomas without drama: students receive a digitally signed diploma they can share as link/QR. Employers use your verifier once and get a clear result, not a long thread. If a typo slips through, registrar follows revoke → re-issue → notify; the public link always shows the latest truth. (Flows supported by individual/bulk issuance, revocation controls, and public verifier.) Enrollment status that respects privacy: most checks just need “enrolled this term.” You issue a minimal credential and point verifiers to your page. If status changes, the old one is Revoked, the new one is Valid, and external parties naturally see the right answer at the right time. (Backed by verifier status and revocation model.) Transfers & course recognition without email chains: shareable course completion credentials replace scans that go stale. The link stays constant while the truth stays current. (Template attributes + preview reduce errors before they happen.) Career fairs & outreach with momentum: students show a QR; recruiters scan at your public verifier URL and see Successful verification right there. (Easy to host or embed.) Alumni support that actually helps: years later, alumni can request a re-issue; you revoke the old and issue the new. Anyone using the old link sees Incorrect/Reversed verification and requests the updated proof. (Admin list and actions maintain control.) Who does what so this runs smoothly (roles mapped to the portal) Registry & Academic Records: Designs templates (name/description/hero/icon/background), sets attributes (on/off or new), and previews before saving; runs individual or bulk issuance; performs revocations and re-issues when needed; documents reasons for changes. IT & Security: Controls admin authentication (credential-based login via QR), configures/verifies Verification Points (webhook, optional issuer DID), and embeds verifier HTML or publishes the public verifier URL; ensures backups and uptime. Student Services & Comms: Educates students to share link/QR using the digital wallet on their mobiles, instead of PDFs and guides employers/partners to the official verifier URL; keeps a short FAQ aligned with the page’s Valid/Revoked/Incorrect outcomes. Leadership (Provost, CIO/CTO, Risk & Compliance): Endorses the one-page policy: “Verify here; PDFs aren’t official proof,” and monitors adoption (usage of the public verifier vs. email requests). (Policy and messaging are supported by the portal’s embed/public URL model.)

See a real live demo here from UAGRO, one of our succesfull cae studies: UAGRO – Students Credentials & Digital ID Wallet Demo

How do we handle privacy, consent, and accessibility—without slowing anyone down?

Minimum disclosure by design: verifiers see exactly what’s needed to trust a result—no more. The public verifier returns a status and human-readable guidance, not full records. (This is inherent to the verifier’s status model.)

Consent that makes sense: students control when to present their credential (via link/QR). Because the verification lives on your official page, the experience is consistent and auditable across departments and partners.

Clear language and supportability: outcomes are stated plainly (e.g., Successful verification), and you can embed the verifier into familiar web contexts to reduce friction for external parties.

Where does “AI-first” fit—and why should you care if it isn’t inside verification?

We keep AI out of the verification path. Your truth is based on cryptography and status, not AI guesses. Where AI helps is inside Extrimian, through our agent Micelya:

Shared Knowledge Hub: policies, templates, integration notes, and client context live in a role-based, searchable space so our teams respond with consistent, up-to-date answers. Faster handoffs and fewer do-overs: Micelya suggests next steps for our internal tasks (who approves, which template, what changed), so corrections move faster and communication is aligned. Continuous improvement that sticks: when we learn a better placement for the verifier link or a clearer outcome message, it enters our playbook and stays there—even as teams change.

You feel Micelya in response times, consistency, and smoother rollouts—not in your verifier stack.

FAQs about Extrimian Identity Verification Solution for Universities

Do you use AI to verify credentials?
No. Verification uses digital signatures and status checks only. The public verifier returns a deterministic result (Successful/unsuccessful verification) that doesn’t depend on AI.

Can we embed the verifier into our website?
Yes. When you create a Verification Point, the portal gives you HTML to embed and the public verifier URL. You can copy either—or both—depending on your deployment.

How do admins authenticate?
Through credential presentation (QR) on the Admin Login, which takes them to their Home. The initial admin credential is issued via the invitation email with wallet links, QR, and deep link.

How do we issue a whole cohort?
Use Mass Issuance: pick a template, upload CSV, preview, and Emitir when checks pass. For single cases, use Individual Issue with dynamic attributes and preview.

How do partners verify?
They scan your QR or open your public verifier URL. The page shows university name, verifier name, and a status (Successful/unsuccessful verification) when a presentation arrives.

Contact us to avoid diploma and data fraud

Let’s map your flow and harden it—without slowing anyone down.
In one session, we’ll share a demo on how you can issue diplomas, and how the verification process works, identify quick wins, and hand you a short, clear plan: which credentials to start with, how your verification page should look, the approval steps to lock in, and the four KPIs you’ll track.

Not jargon. Not heavy lift. Just a safer, calmer way to run credentials in the AI era, with Extrimian as your AI-first partner for security and trust.

Further reading & internal links Fundamentals of SSI (plain-English intro): https://academy.extrimian.io/fundamentals-of-ssi/
Integrate Solution (connect issuer/verifier to SIS/LMS): https://academy.extrimian.io/integrate-solution/
Masterclass (training for registrar & IT/security): https://academy.extrimian.io/masterclass/

Contact Extrimian (book a 30-minute review): https://extrimian.io/contact-us

 

The post The Future of University Credentials: Secure, Transparent, and User-Friendly first appeared on Extrimian.


Holochain

Holochain Horizon: Foundation Forward

Blog

We recently hosted what will be the first of many livestream events for everyone in our community, a series we’re calling Holochain Horizon (for those who want to go to the primary source, here’s a link to that conversation).

Here, I want to do three things:

Provide both context for, and a summary of, this first conversation – especially as it gave an opportunity for many of you to hear directly from Madelynn Martiniere for the first time, who recently joined our board and is providing direct support to the leadership team and broad community as we move forward and build out our ecosystem Identify where we are right now as an organization – we’ve been working hard, for years, on an incredibly ambitious project: finding a path to building out open-source tech in a way that's actually viable in the world. While significant challenges remain, we benefit from having a clear picture of the often hard choices we have to make in order to make good on the promises we’ve made to both our community, and ourselves And finally, having first written directly about the organizational shifts needed to provide our developers and community with the time, and space, necessary to deliver on our commitments (here) in November 2024, I want to offer some specifics about what lies ahead – which, while I am admittedly biased, I am genuinely excited about

ONE: Foundation Forward 

I began the call by characterizing myself – accurately – as a little nervous, partially because it was our first such event as the Foundation, and partially because I was and remain genuinely excited about the direction these key decisions have led us to.

At the highest level, as I’ve said, it means operationalizing the Holochain Foundation itself – a shift from IP stewardship to active and direct involvement and management.   This allows the Foundation to hold coherence for all our stakeholders, internal and external, to benefit from a strategic allocation of resources so that we can accelerate toward appropriately phased delivery.

Back in November I wrote that “part of our coming of age is realizing that we can’t do everything we might like. Focus matters.” From a technology infrastructure perspective, that means strategically advancing the capability, and durability, of Holochain. 

As Madelynn and I discussed on the call, we clearly recognize the need to engage with our community and like-minded partners via formalized processes that will migrate one-off engagements to defined projects that benefit everyone by advancing the infrastructure itself. 

Madelynn has a lifetime of experience in building healthy and robust technology ecosystems, and practically speaking, that means much of her role is to continuously iterate on improving surface-areas of engagement for all types of folks adopting Holochain, from individual developers, to enterprises and organizations looking for robust decentralized solutions to tough problems. A big part of that is engagement and communication, and as Madelyn herself said, her role is to ask, “how do we create processes and pathways for the community to be in deeper dialogue with us about what it is that they're building? How can we best support that? How do we engage them in actual development?”

So far, the concrete steps we’ve taken in bringing the Foundation forward include strengthening the technical team, along with a corresponding improvement in release structure and quality, and enhanced transparency, as embodied by our operational roadmap (which you can see here) to provide the community with a clearly delineated roadmap showing the scoping, planning, and evolution of our ongoing work.

For our community, the takeaway should be clear: the Foundation’s leadership, and the organization itself, are orienting around proactive engagement to move us – all of us – from the strategic to the tactical. 

TWO: Where Are We Now?

On the call, I made a plain but accurate observation: “to build out open-source tech in a way

that's actually viable in the world… is a hard problem.” 

From an organizational perspective, we’re evolving to meet the world as it is becoming. As I previously wrote, this means operationalizing the Foundation to ensure that while we’re always mindful of our ambitions, we remain connected and committed to action. In turn, that means constant and deliberate self-interrogation, making sure we have the right resources delivered to solve for the most important problems.

We talked about it at length in the livestream, but a clear example and core initiative for us is the continued build-out of our “Wind Tunnel” performance testing framework. One of the conundrums of technology is that while it sometimes appears there is unlimited capital to build out certain ideas (it is hard to observe without jealousy the trillions of dollars that have been dumped into AI), there is proportionately much less patience. Distributed technologies, by their nature, demand economic patience as they’re a half step slower to commercialize as the very decentralization creates different economic incentive structures.  From a performance perspective, decentralized systems also have a different profile due to their architecture. 

This is what makes Wind Tunnel so important: we want (and developers need) to be able to verify that Holochain’s operating envelope will meet the demands of Holochain applications. And that's what Wind Tunnel can do. It allows developers to create a scenario to drive a network of Holochain nodes, see what happens, record the rates at which data is synchronized (or any other parameter they want to measure, like DHT synchronization speeds, CPU usage, bandwidth usage across different nodes, etc.) and have the metrics reported. 

THREE: Where We’re Going

Having shifted the structure of our organization, and as we continue to evolve and direct our resources at our highest-priority opportunities, you can expect to see some exciting developments in the near term. 

In particular, in our past configuration we spent a significant amount of time working on developing the Holochain app and infrastructure necessary to support HoloFuel. Effecting the conversion of HOT into HoloFuel – a mutual credit currency anchored in the value created by Holo hosting - has, from the beginning, been a stated goal

Though we already knew the concept of HoloFuel had a much broader application as a pattern, we also realized that we could implement a generalized version for mutual credit currencies that other decentralized infrastructure projects could use, while also creating more value for current HOT holders. 

Accounting for value flow and creating a fabric for establishing rules and systems to support and govern these flows, enables networks, communities, economies and cultures to grow and thrive. Recognizing this opportunity led to our strategic decision to create Unyt, a separate subsidiary organization designed to implement a generalized version for mutual credit currencies that decentralized infrastructure projects could use, while also creating more value for current HOT holders. 

While Unyt is in its early days, they’re getting close to being able to launch beta versions of their multi-unit accounting framework and open them to our community for testing via a scavenger hunt. I won’t say too much more here about Unyt, but expect to hear more from them soon. 

More broadly, we’re working hard on supporting this and other key initiatives at the Foundation that we believe will not only represent significant milestones, but genuinely put us on a path to delivering on the vision we’ve had, and shared, since Holochain’s inception.

Thanks to everyone for your continued support, and confidence.

Eric 


Aergo

Stablecoins built the bridge for money. Noosphere builds the bridge for AI.

TL;DR Stablecoins bridge traditional finance and the crypto-native world, enabling payments, global liquidity, and Web3 growth. In the AI economy, that bridge is native off-chain computation and verifiable inference, directly linking AI workloads to blockchain trust. HPP’s Noosphere delivers this at the protocol level, unlocking scalable, trustworthy AI integration. Today, many of Korea’s largest
TL;DR
Stablecoins bridge traditional finance and the crypto-native world, enabling payments, global liquidity, and Web3 growth. In the AI economy, that bridge is native off-chain computation and verifiable inference, directly linking AI workloads to blockchain trust. HPP’s Noosphere delivers this at the protocol level, unlocking scalable, trustworthy AI integration.

Today, many of Korea’s largest companies, including Naver, Toss, and Kakao are preparing to launch their own stablecoins.

Why? Because stablecoins are the essential entry point for entering and expanding into the crypto-native ecosystem.

In traditional finance, value transfer is limited by banking rails, operating hours, and jurisdictional boundaries. Stablecoins remove those barriers, enabling:

Frictionless on/off-ramps between fiat and crypto 24/7, borderless settlement for payments, remittances, and commerce Direct integration into DeFi, GameFi, NFT, and RWA markets without requiring volatile assets Programmable money that can be embedded into smart contracts, loyalty programs, and digital marketplaces

Beyond domestic use, these tokens also position Korean tech giants for global Web3 expansion, enabling them to directly integrate into international crypto liquidity, DeFi protocols, and cross-chain payment networks.

In short, stablecoins are not just a payment tool; they serve as a strategic bridge from Web2 scale to Web3 opportunities.

If so, what is the essential gateway to the AI economy?

In the same sense, off-chain computation and inference are a must for AI-native infrastructures. Just as stablecoins serve as a bridge between traditional finance and the crypto-native ecosystem, off-chain computing acts as a bridge between AI workloads and blockchain trust.

If a blockchain project claims to be “AI-powered” but lacks AI-native infrastructure, such as native off-chain computation, verifiable inference, governance over AI agents, and protocol-level integration, it is merely a marketing label and not a genuine AI platform.

On-chain environments are excellent for verification, consensus, and transparency, but they are not optimized for heavy computation or real-time AI inference. That’s why it must be natively implemented at the protocol level, not added later through an oracle.

This is the design principle behind HPP’s Noosphere:

Protocol-native off-chain AI execution for inference, data aggregation, and simulation On-chain verification to ensure results are correct and tamper-proof Scalability for enterprise-grade and consumer-facing applications without congesting the main chain

Potential Use Cases:

Enterprise: Fraud detection in financial services, medical diagnostics in healthcare, real-time logistics optimization in supply chain networks DeFi: AI-driven trading strategies, dynamic risk assessment, predictive yield optimization Identity & Security: Instant biometric verification, decentralized KYC/AML checks RWA & NFTs: Dynamic NFTs that change with market or environmental data, real-time asset valuation for tokenized real-world assets

By embedding Noosphere directly into HPP, developers gain a built-in, verifiable AI execution layer, not a fragile add-on dependent on external services.

Just as stablecoins open the door to Web3 adoption, Noosphere unlocks scalable, trustworthy AI integration for blockchain ecosystems.

Stablecoins built the bridge for money. Noosphere builds the bridge for AI. was originally published in Aergo (HPP) on Medium, where people are continuing the conversation by highlighting and responding to this story.


BlueSky

Updated Terms and Policies

We’re updating the language in our terms and policies to better explain our approach and provide more detail.

Since launching Bluesky two years ago, we’ve grown tremendously. As our community has expanded, feedback on our terms of service, community guidelines, copyright, and privacy policies has surfaced opportunities to improve clarity. With more experience under our belt and an evolving regulatory landscape, we’re updating the language in our terms and policies to better explain our approach and provide more detail.

For our Community Guidelines, we’re asking for input from the community. The proposed guidelines enhance clarity, add user safety details, and provide more transparency around moderation. You’ll have until August 28th to submit comments, and then they’ll go into effect on October 15th. You can view our updated Community Guidelines on our Support Page.

Our Terms of Service have been updated to reflect new legal requirements and give users more control in case of disagreements. Changes include clarifying eligibility and age assurance to comply with new regional regulations, as well as introducing a formal appeals process. We’ve also expanded our dispute resolution section to prioritize informal resolution.

The new Terms of Service, Privacy Policy, and Copyright Policy will go into effect on September 15th. You can view these updated policies on our Support Page.

Below is an overview of what’s being updated:

1. Community Guidelines

We believe the best policies are created in partnership with the people they serve. Our draft Guidelines incorporate lessons from our community's growth and feedback, and your input will help us ensure they're ready to support Bluesky's future. We started by creating a draft that we think improves on our current Guidelines. Below are some of the updates we’ve proposed; here is the form to use for feedback.

Clearer Structure: Organized around four key principles—Safety First, Respect Others, Be Authentic, and Follow the Rules—with specific examples of allowed and prohibited content under each. Harm Categories Clarified: Updated with more examples, to align with the UK Online Safety Act (OSA), the EU Digital Services Act (DSA), and the US TAKE IT DOWN Act. Enforcement Procedures: Introduced progressive enforcement model and clarified content moderation logic as required by the OSA and DSA. Appeals & Redress: Aligned with the DSA and now includes out-of-court and judicial remedy guidance for EEA users. 2. Terms of Service (ToS) Eligibility and Age Assurance Section: Updated to clarify compliance with online safety laws and regulations (e.g., US Children's Online Privacy Protection Act [COPPA], OSA, DSA) and to require age assurance where necessary. Moderation and Illegal Content: Added detail on proactive moderation and illegal content responses to comply with the DSA. Complaints and Appeals: Introduced detailed appeals process to comply with the DSA. Dispute process: We have provided users with greater control in the event that we have a disagreement. We’ve added details about using the informal dispute resolution process, including an agreement that we will talk on the phone before proceeding to any formal dispute process. This is because we think most disputes can be resolved informally. We’ve added a specific detail around liability: if a user makes a claim that we did something wrong that caused certain types of harm, they can choose to resolve that claim in court rather than through arbitration. We are giving users a choice when it comes to any dispute we must resolve through arbitration. That means users choose one arbitrator, Bluesky chooses one arbitrator, and those two arbitrators choose a third. 3. Privacy Policy User Rights: Enhanced transparency around data subject rights under the EU and UK General Data Protection Regulation (GDPR) and other global privacy laws. International Data Transfers: Updated to explain safeguards used for transfers outside EU and UK. Retention and Deletion: Strengthened clarity on deletion limitations due to decentralized architecture; consistent with DSA and data minimization requirements. Jurisdiction-Specific Sections: Added information that applies to some of our users based on the jurisdiction where they live. 4. Copyright Policy Streamlined Takedown Procedure: Ensures compliance with US Digital Millennium Copyright Act (DMCA), DSA, and similar laws. Abusive Reporting Clause: Added mechanisms to deter fraudulent takedown misuse, compliant with the DSA. Transparency Reporting: Aligned with the DSA by clarifying that we will include required information in transparency reports.

FastID

Request Collapsing Demystified

Boost website performance with request collapsing! Learn how it improves efficiency, reduces origin load, and optimizes caching for a snappy user experience.
Boost website performance with request collapsing! Learn how it improves efficiency, reduces origin load, and optimizes caching for a snappy user experience.

Wednesday, 13. August 2025

1Kosmos BlockID

How 1Kosmos Became the Reference Architecture for Modern Digital Identity

On the cusp of our series B funding, and as I look ahead to many big and bright developments for our company and for Identity and Access Management at large, I can’t help but look back at the vision and design intent behind the 1Kosmos platform and how it became reality. Eight years ago, we … Continued The post How 1Kosmos Became the Reference Architecture for Modern Digital Identity appeared fi

On the cusp of our series B funding, and as I look ahead to many big and bright developments for our company and for Identity and Access Management at large, I can’t help but look back at the vision and design intent behind the 1Kosmos platform and how it became reality.

Eight years ago, we had a simple but audacious goal: fix digital identity once and for all. Not with incremental improvements, but by rebuilding the entire foundation from scratch. Looking back now, our early design decisions have become the blueprint that the entire industry follows.

The vision was clear. People were drowning in passwords, companies were struggling with ransomware and breaches, and personal data was being treated as a corporate asset rather than a fundamental right. We knew that any real solution would need to solve identity verification and passwordless authentication simultaneously, not as separate problems but as two sides of the same coin.

What we didn’t anticipate was how quickly our architectural approach would become the standard. Today, when industry analysts discuss “best practices” in digital identity, they’re describing the principles we built into 1Kosmos from day one.

Identity Verification: Inclusion Was Always the Goal

When we designed our verification system, we made a controversial decision. While everyone else bet everything on smartphone-first experiences, we insisted on building multiple pathways that would work for everyone. The mobile experience had to be exceptional, but it couldn’t be the only option.

That decision proved prescient. Organizations discovered that when you make identity verification truly accessible, adoption rates soar. Our verification architecture combines real document authentication with live biometric matching across multiple platforms.

Looking ahead, this foundation is proving essential for the digital wallet revolution. As governments and enterprises begin issuing verified credentials, the ability to verify identity anytime, anywhere and with or without a mobile phone proves to be a core requirement, not just a nice-to-have feature.

Authentication: The Distributed Biometric Breakthrough

The breakthrough that really set us apart came from our approach to biometric authentication. Everyone else was building bigger central databases. We asked a fundamental question: what if we could authenticate users without ever storing their biometric data centrally?

The answer was distributed biometric verification across a private blockchain. Your face or fingerprint gets distributed and encrypted in ways that neutralize threats from centralized breaches. You can authenticate anywhere in our network, but your biometric data never leaves your control.

This architecture has become what security experts call the gold standard for biometric authentication. The user experience is seamless—your face becomes your password—but there’s simply no central target for attackers because there’s no central database to breach.

Privacy: Building What We Couldn’t See

Perhaps our most important early decision was to architect the entire platform around data we couldn’t access ourselves. This wasn’t just about compliance—it was a fundamental design constraint that shaped every technical choice we made.

We built zero-knowledge proof capabilities into the core platform. We could verify that someone was over 21 without knowing their exact birthdate or confirm employment status without accessing salary information.

This privacy-first architecture seemed radical when we first deployed it. Now it’s becoming a requirement. As verified credentials become mainstream, the ability to selectively disclose information through zero-knowledge proofs will transform everything from border crossings to loan applications.

Verified Credentials: The Network Effect We Envisioned

When we started building support for verified credentials, we were betting on something that didn’t quite exist yet. The standards were emerging, use cases were theoretical, and most organizations had never heard the term. But we could see where things were heading.

Today, verified credentials are transforming how organizations think about identity and access. The employee badge, professional license, customer verification—all can now exist as cryptographically signed digital credentials that work across platforms and organizations.

Our early investment is paying dividends! Organizations using 1Kosmos can issue credentials to employees that work seamlessly with partners’ systems. Customers get verified once and use that verification across multiple services. The network effects we envisioned are becoming reality.

Decentralized Identity: The Vision Realized

The most ambitious part of our original vision was true decentralized identity—putting users in complete control while maintaining the security that organizations require. Users own their identity information completely. Organizations get stronger security and easier compliance. The system becomes more resilient as it grows.

The decentralized approach has proven essential as digital wallets evolve from concept to reality. When your identity isn’t locked in corporate databases, you can present it anywhere, anytime, for any purpose you authorize. The wallet becomes truly portable because the identity itself is truly yours.

As we look ahead, this foundation supports use cases we’re only beginning to explore. International travel with digital passports. Seamless access across different countries. Professional credentials that work globally. Age verification that protects privacy completely.

The Reference Platform: Looking Forward

What started as our vision for fixing digital identity has become the reference architecture that defines how modern identity platforms should work. When analysts evaluate new solutions, they measure them against capabilities we pioneered. When enterprises set requirements, they’re describing features we built years ago.

Looking forward, the most exciting applications are just beginning. Digital wallets that work across borders and platforms. Verified credentials that enable instant, private verification of any attribute. Zero-knowledge proofs that let you prove exactly what you need without revealing anything else.

The next chapter is already being written. Your digital wallet will soon hold not just payment cards but professional licenses, educational credentials, government documents, and membership cards—all cryptographically verified and completely under your control.

The 1Kosmos architecture is ready for this future because we built it into the foundation from the beginning.

The infrastructure is built. The standards are emerging. The future of digital identity isn’t coming—it’s here, working, and ready to transform how we interact with the digital world.

Ready to see how the 1Kosmos reference architecture can transform your organization’s approach to identity and access? Let’s talk about what’s possible.

The post How 1Kosmos Became the Reference Architecture for Modern Digital Identity appeared first on 1Kosmos.


liminal (was OWI)

Link Index for AI Data Governance 2025

The post Link Index for AI Data Governance 2025 appeared first on Liminal.co.

Okta

Find the intersection of security, AI, IAM, and fun at Oktane

AI is taking over the world by storm! This year, AI is our focus at Oktane. We want to ensure you have the tools, the know-how, and solutions to keep your software systems secure, from traditional user apps to AI agents. We can’t wait to meet you and hear about your application needs and challenges. Join us at Caesars Forum in Las Vegas, NV, on September 24-26, 2025, for Oktane, and let’s nerd

AI is taking over the world by storm! This year, AI is our focus at Oktane. We want to ensure you have the tools, the know-how, and solutions to keep your software systems secure, from traditional user apps to AI agents.

We can’t wait to meet you and hear about your application needs and challenges. Join us at Caesars Forum in Las Vegas, NV, on September 24-26, 2025, for Oktane, and let’s nerd out on security, AI, and identity. Throw in a dash of fun for good measure!

We planned engaging events to help you navigate the evolving world of AI and identity. Stop by and chat with us at these activities:

Stop by the Oktane Developer Lounge

Find our lounge in the Oktane Expo Hall, where you’ll discover the ways Okta can help you create secure applications with human and non-human identities. 🤖

Learn more about securing AI with Cross App Access, and hear lightning talks about on-point security and identity topics!

You’ll also have a chance to connect with identity experts from our friends on the Developer Support teams. Do you have a question about your Okta implementation? The Developer Support team is here to help!

We want your feedback on our documentation! Visit our booth’s interactive games and tell us how you learn about identity concepts. Your input will help us organize and present our docs in a clearer, more intuitive way.

We’ll also have more going on in the Developer Lounge. You won’t want to miss out on the action.

Check out the Oktane hands-on labs for interactive learning opportunities

Roll up your sleeves and get your coding on. This is your chance to build code using Okta solutions and network with like-minded developers. Sign up for admin and developer labs and save your spot for great hands-on experiences such as:

Secure Your Enterprise AI with the new OAuth Extension Protocol Cross App Access (XAA) and Model Context Protocol (MCP)
Secure AI access to enterprise applications using the new OAuth Cross App Access (XAA) extension and Model Context Protocol (MCP)

Terraform 101: Automating Okta
Learn the basics of Terraform and get hands-on using it to manage an Okta tenant

Use Okta Identity Governance to Replace Standing Admin Access with Time-Bound Requests
Get more out of Okta Identity Governance and reduce your attack surface by leveraging Workflows to enhance streamlining least privilege access for administrative permissions

Use Possession-proof Tokens to Protect Your Apps with Okta
Leverage the OAuth 2.0 Demonstrating Proof of Possession (DPoP) spec to add an extra protection mechanism on access tokens. This lab upgrades a Single Page Application (SPA) – using an OAuth 2.0 Bearer access token – into a more secure DPoP token.

Okta Workflows community meetup

Join the Okta Workflows community meetup during Oktane 2025 in Las Vegas. Meet Workflows community members, colleagues, and friends over drinks and delicious appetizers.

Find resources, solutions, and networking opportunities at Oktane

We’re excited to connect with you and learn about your application needs! Please find us at Oktane, and feel free to comment if you have any questions or requests in the meantime.

Remember to follow us on Twitter and subscribe to our YouTube channel for exciting content.


FastID

Maximizing Compute Performance with Log Explorer & Insights

Monitor and troubleshoot Fastly Compute services with Log Explorer & Insights. Gain granular insights, optimize performance, and debug faster for efficient applications.
Monitor and troubleshoot Fastly Compute services with Log Explorer & Insights. Gain granular insights, optimize performance, and debug faster for efficient applications.

Tuesday, 12. August 2025

Trinsic Podcast: Future of ID

Thomas Mayfield – Building Interoperable Web3 Identity with the Veridian Platform

In this episode of The Future of Identity Podcast, I’m joined by Thomas Mayfield, Head of Decentralized Trust & Identity Solutions at the Cardano Foundation. Thomas leads the development of the Veridian Wallet, an open-source digital identity platform built on the KERI (Key Event Receipt Infrastructure) protocol and funded by the Foundation. Our conversation explores the rapidly evolving Web3

In this episode of The Future of Identity Podcast, I’m joined by Thomas Mayfield, Head of Decentralized Trust & Identity Solutions at the Cardano Foundation. Thomas leads the development of the Veridian Wallet, an open-source digital identity platform built on the KERI (Key Event Receipt Infrastructure) protocol and funded by the Foundation.

Our conversation explores the rapidly evolving Web3 digital identity ecosystem—and how Veridian aims to bridge Web2 and Web3 with universal interoperable identifiers that cut through today’s fragmented identity landscape. We also dig into the growing urgency to rebuild digital trust as data breaches, ransomware, and AI-powered threats escalate.

In this episode we explore:

Why interoperability—across Web2, Web3, and beyond—is essential to breaking down identity “walled gardens.” How the KERI protocol enables quantum-proof, tamper-evident, and recoverable identifiers for individuals, organizations, and AI agents. Real-world adoption: how the United Nations is using Veridian for organizational identity and passwordless authentication. The potential for verifiable IoT and AI agent identities to transform trust in machine-to-machine and human-to-machine interactions. How developers can leverage Veridian’s open-source infrastructure, sandbox environments, and tooling to build secure, compliant identity solutions faster. The role of regulation in driving adoption—and why future-proofing identity systems now could save billions in breach-related costs.

This episode is essential listening for anyone working on decentralized identity—whether you’re building infrastructure, integrating identity into products, or shaping policy. Thomas offers a rare, in-depth look at how to design for both future-proof security and real-world interoperability.

Enjoy the episode, and don’t forget to share it with others who are passionate about the future of identity!

Learn more about the Cardano Foundation.

Reach out to Riley (@rileyphughes) and Trinsic (@trinsic_id) on Twitter. We’d love to hear from you.

Listen to the full episode on Apple Podcasts or Spotify, or find all ways to listen at trinsic.id/podcast.


ComplyCube

How to Compare KYC Platforms: A Feature-by-Feature Checklist

Comparing leading KYC platforms can help firms effectively evaluate and decide the right provider. However, knowing how to compare KYC providers effectively may look different for each company, depending on their unique case. The post How to Compare KYC Platforms: A Feature-by-Feature Checklist first appeared on ComplyCube.

Comparing leading KYC platforms can help firms effectively evaluate and decide the right provider. However, knowing how to compare KYC providers effectively may look different for each company, depending on their unique case.

The post How to Compare KYC Platforms: A Feature-by-Feature Checklist first appeared on ComplyCube.