Brought to you by Identity Woman and Infominer.
Support this collaboration on Patreon!
The relentless creep of administrative privileges threatens the security of every organization. Here’s how to keep the sprawl in check.
The first edition of DIDcon gathered experts from various fields in Buenos Aires, Argentina, to explore how decentralized identity technology enhances security, privacy, and data interoperability in an increasingly digitalized world.
Table of Contents What is Decentralized Identity? Summary of Talks at DIDcon Welcome and Introduction Security and Decentralization The Future of Identity Trust Ecosystems: Use Cases Conclusion What is Decentralized Identity?Self-Sovereign Identity (SSI) redefines the concept of digital identity by managing and storing information in a decentralized manner, using technologies like blockchain. This model allows individuals to control their personal information without relying on centralized intermediaries, significantly improving data security and privacy.
Summary of Talks at DIDcon Welcome and Introductionhttps://www.os.city/Jesús Cepeda, CEO and co-founder of OS City, and Diego Fernández, Secretary of Innovation and Digital Transformation of GCBA, opened the event by emphasizing decentralized identity as an essential tool that returns control of information to users. They highlighted how this technology unlocks global economic potential and combats cybercrime and the frictions of less intuitive solutions. They also pointed to QuarkID as an innovative example of how Latin America is implementing decentralized identity to enhance citizen security and privacy.
Security and DecentralizationIn this talk moderated by Alfonso Campenni, Pablo Sabbatella, security researcher at SEAL and founder of Defy Education, emphasized how scams and cybercrimes have become more sophisticated. To combat this, he discussed how decentralization is an interesting path that strengthens the protection and security of information.
During the recent digital security panel, Pablo Sabbatella, an expert in the field, shared valuable recommendations for protecting our identities and data online. He stressed the importance of adopting safe practices in the digital age, especially in the context of increasing cyberattacks and vulnerabilities in the applications we use daily.
Main Security Recommendations by Pablo Sabbatella: Avoid Repeating Passwords: It’s crucial to have unique passwords for each service to prevent cross-access in case of data breaches. Use Two-Factor Authentication (2FA): Adding a second level of security is crucial. It is recommended to use code-generating apps instead of SMS or emails, which are less secure. Be Cautious with Personal Data: It is vital to limit the personal information shared online and in applications, especially the phone number, which is a sensitive piece of data. Avoid Downloading Pirated Software: Unofficial programs and applications can contain malware and seriously compromise personal and financial security.These guidelines not only increase individual security but also foster a culture of awareness about online safety, which is essential for navigating safely in today’s digital world.
He also mentioned new standards being built for the implementation of Account Abstraction through smart contracts, which enhance key management and user experience.
The Future of IdentityIn a panel moderated by Pablo Mosquella of Extrimian, experts such as Guillermo Villanueva, CEO and co-founder of Extrimian, Matthias Broner, Head of Growth LATAM at ZKsync, Mateo Sauton from Worldcoin, and Pedro Alessandri, Undersecretary of Smart City, debated how decentralized identity is transforming the digital landscape, creating a safer, more private, scalable, and interoperable environment. They also discussed the positive impact of QuarkID and its rapid expansion across Latin America, underscoring its potential to strengthen digital trust in the region.
Trust Ecosystems: Use CasesIn this session moderated by Lucas Jolías from OS City and Fabio Budris, Advisor to the Secretary of Innovation of the City of Buenos Aires, concrete use cases of decentralized identity were presented in managing procedures in Salta, at the National Technological University (UTN), and in pilot tests for organ transplant management at INCUCAI. These examples clearly illustrated the tangible impact of these technologies in key sectors such as government, education, and health.
ConclusionDIDcon – Identity Day underscored the transformative power of Decentralized Identity to revolutionize society and maximize value in the physical, digital, and hybrid worlds. Initiatives like QuarkID are driving Latin America toward a more secure and reliable digital future, overcoming barriers that have historically limited its technological potential.
The adoption of these technologies not only promises to improve security and privacy but is also building a solid digital trust ecosystem that will bring significant benefits to all the involved countries.
Keywords: decentralization, SSI, DID, VC, QuarkID, Extrimian, blockchain, trust, security, privacy, interoperability, technology, digital identity.
The post DIDcon: Advances in Self-Sovereign Identity in Latin America first appeared on Extrimian.
A crop of hackers were caught trying to steal money from the oldest profession in society.
Thales appoints Thomas Chatel as CEO and Country Director for Central Europe, Balkans and Moldova, covering Austria, Czech Republic, Hungary & Slovakia with effect from 1st of August 2024.
Thomas Chatel has been with Thales since 2018 and has held various positions within the Group. His roles count Regional Sales Manager, Land and Air Systems from 2018-2022 followed by Country Director for Balkans and Moldova from 2022-2024. Prior to joining Thales, Thomas Chatel held a position as Senior Manager for European and International Affairs at The French Aerospace Industry Association in Paris (GIFAS) from 2008-2018.
Thomas Chatel is a graduate from the Paris Institute of Political Studies (IEP – SciencesPo) and holds a Master of Armament Studies (Paris 2 Assas).
Alice Guitton, VP Thales Northern & Central Europe:
“I am very pleased to announce the extension of Thomas Chatel’s position to include Central Europe, hereunder Austria, Czech Republic, Hungary & Slovakia, in addition to his current position as Country Director, Balkans. Thomas Chatel has played a crucial role in the build-up of the Northern & Central Europe region and I very much look forward to extend our collaboration.”About Thales
Thales has 81,000 employees in 68 countries. In 2023, the Group generated sales of €18.4 billion.
/sites/default/files/database/assets/images/2024-09/New%20Group%20Key%20Visual.jpg Contacts Lynne Scott Walters, Communications Director, Northern & Central Europe 06 Sep 2024 Austria Hungary Czech - Republic Thales appoints Thomas Chatel as CEO and Country Director for Central Europe, Balkans and Moldova, covering Austria, Czech Republic, Hungary & Slovakia with effect from 1st of August 2024. Type News Hide from search engines OffGreetings from Amsterdam! We hope you had a wonderful summer holiday.
Recently, our global team gathered in this dynamic city, not just to build a stronger bond, but to align our vision and drive our mission forward. As we explored the charming streets and iconic canals, we strengthened our commitment to transforming finance.
Our Vision: We see a future where finance is modern, efficient, and accessible—where assets move as quickly as texts, transfers are instant, and cross-platform interactions are seamless. This is the promise of open finance, built on DLT infrastructures.
Our Mission: Our mission is to empower institutions with a no-code solution T-REX Platform and proven API solution T-REX Engine, along with our expertise and ecosystem, to upgrade to open finance seamlessly.
The Market’s Moment: We are at a crucial point in the journey of tokenization. According to Gartner’s latest report, tokenization is currently in the ‘trough of disillusionment’ stage, with mainstream adoption expected in the next 2-5 years. For institutions, this means there is a narrow window of opportunity. To be fully prepared for the market shift (when more assets will be tokenized than paper-based assets), in just two years, institutions must begin building their tokenization capabilities now.
This requires a proactive transformation of operational models, including the integration of a robust onchain operating system. Solutions like those offered by Tokeny can play a critical role in facilitating this transformation.
The risk of inaction is significant. Institutions that delay will struggle to keep up, risking their market position and potentially losing clients to more forward-thinking competitors. The time to act is now, or risk being left behind as the market rapidly evolves.
Our Growth: Our team is expanding fast, with talented new members from Luxembourg, Madrid, Bangkok, Paris, Sarajevo, Zaragoza, and Barcelona. Each of them brings fresh perspectives and skills to deliver products that address our partners’ needs to maintain a competitive advantage with our solutions.
The Road Ahead: With over 120 successful use cases globally, 42 talented builders, and more than 3 billion blockchain events happened on our platform, we are ready to make history together with you. Our time in Amsterdam has made us stronger, more aligned, and more motivated than ever to make open finance a reality. The future is limitless.
We’ve also updated our vision and mission on our landing page to reflect our journey over the past 7 years. You can check it out here.
Tokeny SpotlightPARTNERSHIP
ShipFinex and Tokeny revolutionize maritime asset tokenization.
Read MoreCONTRIBUTION
CCO, Daniel Coheur, contributed to Zodia Custody’s report.
Read MoreTEAM DAY
Our global team came together in the “gezellige” city of Amsterdam.
Read MoreMILESTONE
We celebrate our LinkedIn page has reached 10,000 followers!
Read MorePRODUCT NEWSLETTER
We dive into demand for onchain services and why API’s are the key to lead.
Read MoreINATBA
Discover our contribution to the tokenization section of the recent INATBA report.
Read More Tokeny EventsToken2049
September 18th-19th, 2024 | 🇸🇬 Singapore
Mainnet
September 30th-October 2nd, 2024 | 🇺🇸 USA
European Blockchain Convention
September 25th-26th, 2024 | 🇪🇸 Spain
DAW London
October 2nd-3rd, 2024 | 🇬🇧 United Kingdom
Bounty Challenge
Zama is organzaing another bounty challenge! To create a unique and confidential variant of the ERC-3643 security token standard using Zama’s fhEVM.
Subscribe NewsletterA monthly newsletter designed to give you an overview of the key developments across the asset tokenization industry.
Previous Newsletter Sep6 Amsterdam Teambuilding Fuels Our Mission for Open Finance May 2024 Amsterdam Teambuilding Fuels Our Mission for Open Finance Greetings from Amsterdam! We hope you had a wonderful summer holiday. Recently, our global team… Aug1 Transaction Privacy: The Last Blocker for Massive Open Finance Adoption July 2024 Transaction Privacy: The Last Blocker for Massive Open Finance Adoption Open finance is a new approach to financial services, characterized by decentralization, open… Jun28 Tokenized Securities Unaffected by MiCA, Utility Tokens and Stablecoins Face Stricter Rules June 2024 Tokenized Securities Unaffected by MiCA, Utility Tokens and Stablecoins Face Stricter Rules As the EU’s Markets in Crypto Assets (MiCA) regulation is set… May22 Institutional RWA Tokenization Needs Permissioned Cash Coins May 2024 Institutional RWA Tokenization Needs Permissioned Cash Coins Stablecoins are the killer use cases for the crypto space, with a market cap exceeding $160…The post Amsterdam Teambuilding Fuels Our Mission for Open Finance first appeared on Tokeny.
The post Amsterdam Teambuilding Fuels Our Mission for Open Finance appeared first on Tokeny.
Traditional access control methods, such as role-based access control (RBAC) and attribute-based access control (ABAC), have built the foundation for securing systems and managing user access.
However, they fail to provide the flexibility and enhanced security needed in today’s dynamic environment–especially for the financial services industry. As organizations navigate stringent compliance requirements and evolving security threats, they need a better alternative to make dynamic, context-aware access decisions–like policy-based access control (PBAC).
Below, we’ll explore PBAC in further detail, how it compares to other models, and how it benefits the financial services industry.
Account takeover (ATO) attacks have become a sophisticated and pervasive threat, with criminal organizations targeting businesses of all sizes and types. By gaining unauthorized access to company accounts, attackers can disrupt operations, steal sensitive data, and damage a company’s reputation.
The post Account Takeover Attack (ATO) Defense: A Guide to Protecting Your Company first appeared on Identity Verification Orchestration.In today's digital world, identity authenticity faces constant scrutiny, especially with the emergence of generative AI. However, modern tech provides innovative solutions. Chipped identity documents offer a trusted verification basis, embedding secure chips with verified data. Advancements like biometric authentication and blockchain-based verification ensure enhanced security and integrity. With these innovations, organizations can navigate identity verification confidently.
Join identity experts from KuppingerCole Analysts and InverID as they explore the pivotal role of chipped identity documents in reliable verification and their integration into eIDAS 2.0-compliant identity wallets. Discover strategies for establishing trust amidst faux realities, ensuring the integrity of digital identities.
Annie Bailey, Research Strategy Director at KuppingerCole Analysts, will discuss the implications of eIDAS 2.0 legislation and its impact on identity management. She will explain the concept of reusable verified identities and their significance in a multi-wallet ecosystem, as well as offer insights into preparing for a future with diverse credentials and the challenges it presents.
Wil Janssen, Co-founder and CRO of InverID, will explain the critical need for remote identity verification in today's digital landscape. He will illustrate how to leverage government-issued identity documents for secure verification, as well as highlight the importance of identity verification services in EU Wallets and beyond.
Giampiero Di Paolo succeeds Massimo Claudio Comparini, newly appointed Managing Director of Leonardo’s Space Business Unit and Chairman of Thales Alenia Space Supervisory Board
Cannes, September 5th, 2024 - Thales Alenia Space, a joint venture between Thales (67%) and Leonardo (33%), announces the appointment of Giampiero Di Paolo as Thales Alenia Space Deputy CEO and Senior Vice President Observation, Exploration and Navigation domain as well as CEO of Thales Alenia Space Italia, with immediate effect.
He succeeds Massimo Claudio Comparini, who has been appointed Managing Director of Leonardo’s Space Business Unit and Chairman of Thales Alenia Space Supervisory Board.
"On behalf of Thales Alenia Space, I want to thank Massimo Claudio Comparini for his strong dedication and leadership in his various roles in the company, and, in particular, for the excellent results achieved during these four years at the helm Observation, Exploration and Navigation domain, and as CEO of Thales Alenia Space Italia. In his role as Deputy CEO, his vision on the space market evolution has been very beneficial to the company and has positively impacted the global space ecosystem,” commented Hervé Derrey, CEO of Thales Alenia Space.
Giampiero Di Paolo © Thales Alenia Space
“I equally want to express my congratulations and full confidence in Giampiero di Paolo. His huge experience and reputation in the space industry combined with a deep understanding of our company will be key to manage successfully the challenges ahead of us and ensure Thales Alenia Space’s future successes" - added Derrey.
Since 2019, Giampiero Di Paolo has been at the helm of the Earth Observation and Navigation Domain in Thales Alenia Space Italia. He has strongly contributed to strategic European programs such as Copernicus and Galileo Second Generation. In 2016, he has played a key role in Toronto, Canada, to support the Engineering teams of Thales Ground Transportation Systems. He also has a long-lasting experience in satellite telecommunications, as illustrated by his successes at the head of Thales Alenia Space's Telecommunications Domain in Italy from 2016 to 2019.
Giampiero Di Paolo holds a degree in Electronic Engineering from Rome’s La Sapienza University.
ABOUT THALES ALENIA SPACE
Drawing on over 40 years of experience and a unique combination of skills, expertise and cultures, Thales Alenia Space delivers cost-effective solutions for telecommunications, navigation, Earth observation, environmental management, exploration, science and orbital infrastructures. Governments and private industry alike count on Thales Alenia Space to design satellite-based systems that provide anytime, anywhere connections and positioning, monitor our planet, enhance management of its resources and explore our Solar System and beyond. Thales Alenia Space sees space as a new horizon, helping to build a better, more sustainable life on Earth. A joint venture between Thales (67%) and Leonardo (33%), Thales Alenia Space also teams up with Telespazio to form the parent companies’ Space Alliance, which offers a complete range of services. Thales Alenia Space posted consolidated revenues of approximately €2.2 billion in 2023. Thales Alenia Space has around 8,600 employees in 9 countries, with 16 sites in Europe and a plant in the US.
THALES ALENIA SPACE – PRESS CONTACTS
Tarik Lahlou
Tel: +33 (0)6 87 95 89 56
tarik.lahlou@thalesaleniaspace.com
Catherine des Arcis
Tel: +33 (0)6 78 64 63 97
catherine.des-arcis@thalesaleniaspace.com
Cinzia Marcanio
Tel: +39 (0)6 415 126 85
cinzia.marcanio@thalesaleniaspace.com
Data Farming (DF) is Ocean’s incentives program. In DF, you can earn OCEAN rewards by making predictions via Ocean Predictoor.
Data Farming Round 105 (DF105) has completed.
DF106 is live today, Sept 5. It concludes on September 12. For this DF round, Predictoor DF has 37,500 OCEAN rewards and 20,000 ROSE rewards.
2. DF structureThe reward structure for DF106 is comprised solely of Predictoor DF rewards.
Predictoor DF: Actively predict crypto prices by submitting a price prediction and staking OCEAN to slash competitors and earn.
3. How to Earn Rewards, and Claim ThemPredictoor DF: To earn: submit accurate predictions via Predictoor Bots and stake OCEAN to slash incorrect Predictoors. To claim OCEAN rewards: run the Predictoor $OCEAN payout script, linked from Predictoor DF user guide in Ocean docs. To claim ROSE rewards: see instructions in Predictoor DF user guide in Ocean docs.
4. Specific Parameters for DF106Budget. Predictoor DF: 37.5K OCEAN + 20K ROSE
Networks. Predictoor DF applies to activity on Oasis Sapphire. Here is more information about Ocean deployments to networks.
Predictoor DF rewards are calculated as follows:
First, DF Buyer agent purchases Predictoor feeds using OCEAN throughout the week to evenly distribute these rewards. Then, ROSE is distributed at the end of the week to active Predictoors that have been claiming their rewards.Expect further evolution in DF: adding new streams and budget adjustments among streams.
Updates are always announced at the beginning of a round, if not sooner.
About Ocean, DF and PredictoorOcean was founded to level the playing field for AI and data. Ocean tools enable people to privately & securely publish, exchange, and consume data. Follow Ocean on Twitter or TG, and chat in Discord. Ocean is part of the Artificial Superintelligence Alliance.
In Predictoor, people run AI-powered prediction bots or trading bots on crypto price feeds to earn $. Follow Predictoor on Twitter.
DF105 Completes and DF106 Launches was originally published in Ocean Protocol on Medium, where people are continuing the conversation by highlighting and responding to this story.
The air transport industry has put in place a far-reaching plan to eliminate carbon emissions and achieve net zero by 2050. To support this environmental transformation in France, the French Civil Aviation Authority (DGAC) has launched the DECOR project, with funding from the France 2030 investment plan, to demonstrate eco-friendly flight operations.
Thales is leading the project, working in partnership with Airbus, Air France, Amelia, Atmosphere, CERFACS, CGX AERO, FRACS and ONERA, and sponsored by DSNA and supported by EUROCONTROL. The innovative DECOR project aims to develop and optimise new digital solutions by 2025 to reduce the environmental footprint of the air transport industry thanks to flight path optimisation and more efficient air traffic flow management.
Building on the Green Flag concept developed as part of the Provert study and on the results of the first two test flights conducted by the Octavie** project (supported by the Occitanie region), DECOR deploys the concept at scale by providing digital solutions that will enable air navigation service providers on the ground and pilots in the air to optimise flight paths and thereby reduce CO2 emissions and non-CO2-related effects. The project also benefits from Thales’s expertise in sustainable flight operations.
A range of simulation and decision-support solutions makes it easier for aircraft operators (dispatch and pilots), air navigation service providers (flow managers and controllers) to work together to implement lower-impact routes including the necessary network assessment. Tests are performed on several dozen regional and long-haul flights, paving the way for the avionics and air traffic management systems needed to reduce environmental impacts in the future.
“This latest illustration of Thales’s commitment to tackling climate change is a practical, large-scale demonstration of the French air transport industry’s efforts to reduce its environmental impact. The DECOR project is the next step towards achieving flight path optimisation and will help to reduce the CO2 impact of flight operations by 10% before the end of the decade.” Yannick Assouad, Executive Vice President Avionics, Thales
*Démonstration d’opérations ECO-Responsables / Demonstration of eco-responsible operations
**Optimisation Collaborative du Transport Aérien Vis-à-vis de l’Environnement / Collaborative decision-making for environmental optimisation of air transport
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies specialized in three business domains: Defence & Security, Aeronautics & Space, and Cybersecurity & Digital identity.
It develops products and solutions that help make the world safer, greener and more inclusive.
The Group invests close to €4 billion a year in Research & Development, particularly in key innovation areas such as AI, cybersecurity, quantum technologies, cloud technologies and 6G.
Thales has close to 81,000 employees in 68 countries. In 2023, the Group generated sales of €18.4 billion.
/sites/default/files/prezly/images/DECOR%20ENG.png Documents [Prezly] Thales to lead DECOR research project to test solutions for lowering the environmental impact of flight operations.pdf Contacts Alice Pruvot, Head of Media Relations, Aeronautics & Defense 05 Sep 2024 Type Press release Structure Aerospace The air transport industry has put in place a far-reaching plan to eliminate carbon emissions and achieve net zero by 2050. To support this environmental transformation in France, the French Civil Aviation Authority (DGAC) has launched the DECOR project, with funding from the France 2030 investment plan, to demonstrate eco-friendly flight operations. prezly_685497_thumbnail.jpg Hide from search engines Off Prezly ID 685497 Prezly UUID 5ce059e8-a1a4-40db-bd21-29e94e28a2c8 Prezly url https://thales-group.prezly.com/thales-to-lead-decor-research-project-to-test-solutions-for-lowering-the-environmental-impact-of-flight-operations Thu, 09/05/2024 - 10:00 Don’t overwrite with Prezly data OffWe use access tokens to request data and perform actions within our software systems. The client application sends a bearer token to the resource server. The resource server checks the validity of the access token before acting upon the HTTP request. What happens if the requesting party is malicious, steals your token, and makes a fraudulent API call? Would the resource server honor the HTTP request? If you use a bearer token, the answer is “yes.”
My teammate wrote that an access token is like a hotel room keycard. If you have a valid keycard, anyone can use it to access the room. If you have a valid access token, anyone can use it to access a resource server.
7 Ways an OAuth Access Token is like a Hotel Key CardLearn 7 things OAuth 2.0 access tokens have in common with a hotel key card.
Aaron PareckiBearer tokens (and static API keys) mean whoever presents the valid token to the resource server has access, which makes the token powerful and vulnerable. We can look at high-profile token thefts to see how prevalent and disastrous token theft is, so we want to ensure our applications aren’t vulnerable to similar attacks.
To protect tokens, we incorporate secure coding techniques into our apps, configure a quick expiration time on the token, and ensure only requests sent to allowed origins include the access token. Still, token attacks pose a risk to highly sensitive resources. What more can we do to secure requests?
This post describes a new OAuth 2.0 spec supported by Okta that makes access tokens less prone to misuse and helps mitigate security risks. If you want to refresh your OAuth knowledge, check out What the heck is OAuth.
Table of Contents
Bind OAuth 2.0 access tokens to client applications Demonstrate proof of possession (DPoP) using JWTs Incorporating DPoP into OAuth 2.0 token requests Use DPoP-bound access tokens in HTTP requests Extend the DPoP flow with an enhanced security handshake Validate DPoP requests in the resource server Learn more about OAuth 2.0, Demonstrating Proof-of-Possession, and secure token practices Bind OAuth 2.0 access tokens to client applicationsIf we go back to the hotel keycard analogy, we want a hotel keycard that only you can use and that links you as the rightful user of the hotel keycard.
In the OAuth world, ideally, we want to link the authorization server, the client, and the access token and limit token use to the client. In OAuth terminology, the sender and client application are the same entity. By linking these entities, external parties can’t misuse the access token.
OAuth 2.0 defines a few methods to bind access tokens.
🤐 Client secretThese methods apply only to confidential clients that can maintain secrets, not to public clients.
Public clients are apps that run authentication code within the user’s hardware, such as in Single-Page Applications (SPA) and mobile clients. Software applications use public client architecture but contain avenues for token security exploits without careful protection. Is there an alternative that works for confidential and public clients without incurring costly implementation and maintenance?
Demonstrate proof of possession (DPoP) using JWTsThere’s now a solution for all client types calling sensitive resources! The IETF published a new extension to OAuth 2.0: Demonstrating Proof of Possession (DPoP), targeted primarily for public client use. You may have heard of this idea before, as the concept has been around for a while. With a published spec, it’s now official, standardized, and supported!
The client and authorization server work together to generate tokens with proof of possession.
The client creates non-repudiable proof of ownership using asymmetric encryption The authorization server uses this proof when generating the tokenHow is this different from earlier methods that bind the caller to the access token? The big difference is this method happens at runtime across any client type. Confidential clients have cryptographic libraries supporting public/private key encryption, but a gap exists for public clients. Thanks to enhanced browser API capabilities such as the Web Crypto API and SubtleCrypto, modern browser-based JavaScript apps can also use DPoP.
🚨 You must protect the client from Cross-Site Scripting (XSS) and Remote File Inclusion (RFI) attacks to prevent exfiltration or unauthorized use of the keyset. 🚨
Store the keys in a storage format that someone can’t export and guard the app against attacks where an attacker’s code can run in the user’s context. Use up-to-date secure SPA frameworks, employ defensive coding practices, and add appropriate Content Security Policies (CSP) to protect the client. Apply secure header best practices and consider using the Trusted Types API if you can limit end-user browser usage to browsers that support it.
Incorporating DPoP into OAuth 2.0 token requests⚠️ Note
We will investigate DPoP proofs and inspect how the client constructs them. However, despite this knowledge, you should always use Okta SDKs or a vetted, well-maintained library with built-in DPoP support when making requests using DPoP.
When using DPoP, the client creates a “proof” using asymmetric encryption. The proof is a JWT, which includes the URI, the HTTP method of the request, and the public key. The client application requests tokens from the authorization server and includes the proof as part of the request. The authorization server binds a public key hash and the HTTP request information from the proof within the access token it returns to the client. This means the access token is only valid for the specific HTTP request.
A sequence diagram for the OAuth 2.0 Authorization Code flow with DPoP looks like this:
The proof contains metadata proving the sender and ways to limit unauthorized use by limiting the HTTP request, the validity window, and reuse. If you inspect a decoded DPoP proof JWT, you’ll see the header contains information proving the sender:
Thetyp
claim set to dpop+jwt
The public/private key encryption algorithm
The public key in JSON Web Key (JWK) format
Inspecting the decoded proof’s payload shows claims that limit unauthorized use, such as:
HTTP request info including the URI and HTTP method (such as/oauth2/v1/token
and POST
)
Issue time to limit the validity window for the proof
An identifier that’s unique within the validity window to mitigate replay attacks
Let’s inspect the /token
request a little further. When making the request, the client adds the proof in the header. The rest of the request, including the grant type and the code itself, remains the same for the Authorization Code flow.
POST /oauth2/v1/token HTTP/1.1
DPoP: eyJ0eXAiOiJkcG9w.....H8-u9gaK2-oIj8ipg
Accept: application/json
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code
code=XGa_U6toXP0Rvc.....SnHO6bxX0ikK1ss-nA
The authorization server decodes the proof and incorporates properties from the JWT into the access token. The authorization server responds to the /token
request with the token and explicitly sets the response header to state the token type as DPoP
.
HTTP/1.1 200 OK
Content-Type: application/json
{
"access_token":"eyJhbG1NiIsPOk.....6yJV_adQssw5c",
"token_type":"DPoP",
"expires_in":3600,
"refresh_token":"5PybPBQRBKy2cwbPtko0aqiX"
}
You now have a DPoP type access token with a possession proof. What changes when requesting resources?
Use DPoP-bound access tokens in HTTP requestsDPoP tokens are no longer bearer tokens; the token is now “sender-constrained.” The sender, the client application calling the resource server, must have both the access token and a valid proof, which requires the private key held by the client. This means malicious sorts need both pieces of information to impersonate calls into the server. The spec builds in constraints even if a malicious sort steals the token and the proof. The proof limits the call to a unique request for the URI and method within a validity window. Plus, your application system still has the defensive web security measures applicable to all web apps, preventing the leaking of sensitive data such as tokens and keysets.
The client generates a new proof for each HTTP request and adds a new property, a hash of the access token. The hash further binds the proof to the access token itself, adding another layer of sender constraint. The proof’s payload now includes:
HTTP request info including the URI and HTTP method (such ashttps://{yourResourceServer}/resource
and GET
)
Issue time to limit the validity window for the proof
An identifier that’s unique within the validity window to mitigate replay attacks
Hash of the access token
Clients request resources by sending the access token in the Authorization
header, along with proof demonstrating they’re the legitimate holders of the access token to resource servers using a new scheme, DPoP
. HTTP requests to the resource server change to
GET https://{yourResourceServer}/resource HTTP/1.1
Accept: application/json
Authorization: DPop eyJhbG1NiIsPOk.....6yJV_adQssw5c
DPoP: eyJhbGciOiJIUzI1.....-DZQ1NI8V-OG4g
The resource server verifies the validity of the access token and the proof before responding with the requested resource.
Extend the DPoP flow with an enhanced security handshakeDPoP optionally defines an enhanced handshake mechanism for calls requiring extra security measures. The client could sneakily create proofs for future use by setting the issued time in advance, but the authorization and resource servers can wield their weapon, the nonce. The nonce is an opaque value the server creates to limit the request’s lifetime. If the client makes a high-security request, the authorization or resource server may issue a nonce that the client incorporates within the proof. Doing so binds the specific request and time of the request to the server.
An example of a highly secure request is when making the initial token request. Okta follows this pattern. Different industries may apply guidance and rules for the types of resource server requests requiring a nonce. Since the enhancement requires an extra HTTP request, use it minimally.
When the authorization server’s /token
request requires a nonce, the server rejects the request and returns an error. The response includes a new header type, DPoP-Nonce
, with the nonce value, and a new standard error message, use_dpop_nonce
. The flow for requesting tokens now looks like this:
Let’s look at the HTTP response from the authorization and resource servers requiring a nonce. The authorization server responds to the initial token request with a 400 Bad Request
and the needed nonce and error information.
HTTP/1.1 400 Bad Request
DPoP-Nonce: server-generated-nonce-value
{
"error": "use_dpop_nonce",
"error_description": "Authorization server requires nonce in DPoP proof"
}
When the resource server requires a nonce, the response changes. The resource server returns a 401 Unauthorized
with the DPoP-Nonce
header and a WWW-Authenticate
header containing the use_dpop_nonce
error message.
HTTP/1.1 401 Unauthorized
DPoP-Nonce: server-generated-nonce-value
WWW-Authenticate: error="use_dpop_nonce", error_description="Resource server requires nonce in DPoP proof"
We want that resource, so it’s time for a new proof! The client reacts to the error and generates a new proof with the following info in the payload:
HTTP request info including the URI and HTTP method (such ashttps://{yourResourceServer}/resource
and GET
)
Issue time to limit the validity window for the proof
An identifier that’s unique within the validity window to mitigate replay attacks
The server-provided nonce value
Hash of the access token
With this new proof, the client can remake the request.
Validate DPoP requests in the resource serverOkta’s API resources support DPoP-enabled requests. If you want to add DPoP support to your own resource server, you must validate the request. You’ll decode the proof to verify the properties in the header and payload sections of the JWT. You’ll also need to verify properties within the access token. OAuth 2.0 access tokens can be opaque, so use your authorization server’s /introspect
endpoint to get token properties. Okta’s API security guide, Configure OAuth 2.0 Demonstrating Proof-of-Possession has a step-by-step guide on validating DPoP tokens, but you should use a well-maintained and vetted OAuth 2.0 library to do this for you instead. Finally, enforce any application-defined access control measures before returning a response.
I hope this intro to sender-constrained tokens is helpful and inspires you to use DPoP to elevate token security! Watch for more content about DPoP, including hands-on experimentation and code projects. If you found this post interesting, you may also like these resources:
Why You Should Migrate to OAuth 2.0 From Static API Tokens How to Secure the SaaS Apps of the Future Step-up Authentication in Modern Application OAuth 2.0 Security Enhancements Add Step-up Authentication Using Angular and NestJSRemember to follow us on Twitter and subscribe to our YouTube channel for more exciting content. We also want to hear from you about topics you want to see and questions you may have. Leave us a comment below!
In the physical world, it’s relatively straightforward for banks, credit card issuers, and other institutions to verify a customer’s identity with a valid ID before they can access their accounts. But, when it comes to securing online accounts and payment services, it isn’t as cut and dry.
Single-factor authentication methods, like password-based security, no longer suffice in the modern landscape. It’s now the standard to use multiple authentication factors to ensure customers are who they claim to be.
Global regulators have taken notice of the rising threats to online account security and passed legislation to standardize and strengthen authentication requirements in the financial sector. This includes the introduction of strong customer authentication (SCA) requirements, which are now enforced throughout the EU and the UK.
Below, we’ll cover strong customer authentication, the SCA requirements set out in PSD2, and what to expect from new legislation PSD3 and PSR1.
Security pros say while side-channel attacks are difficult to pull off, the sheer volume of YubiKey devices in use makes the potential threat a real concern.
Cryptography is all about securing communications. Authentication, key exchange, token signing, digital signatures, zero-knowledge proofs, and so much more depend on cryptographic algorithms that no mere mortal (by which I mean me) will ever understand. The good news is that mere mortals do not need to understand these algorithms. Governments have the resources to truly dig into these algorithms and determine whether they are as secure and effective as intended. In the U.S., something called FIPS 140 sits at the heart of determining whether a cryptographic module—the actual hardware or software implementing these algorithms—is secure enough.
FIPS 140-3 is the latest iteration of the U.S. Federal Information Processing Standard (FIPS) that specifies the security requirements for cryptographic modules used by federal agencies and other organizations to protect sensitive information. If you have a cybersecurity company that does business with the U.S. Government, then you care about FIPS 140-3. If you don’t have a cybersecurity company but buy cybersecurity tools, knowing that the cryptographic modules they use to secure your data meet the FIPS 140-3 standards is a Very Good Thing.
If you aren’t involved in tech purchasing decisions for your company, this post will serve as interesting trivia for you to wow your geeky friends with over beverages. Apologies in advance for all the acronyms; they can’t be avoided if you’re in the world of tech.
DefinitionsFirst, let’s get a few definitions out there:
Cryptography: Refers to the broader field of securing communications through mathematical techniques. Cryptographic Algorithm: A specific method or procedure, like AES or RSA, used within the field of cryptography to encrypt or decrypt data, sign messages, or generate keys. Cryptographic Module: A hardware or software component that implements cryptographic algorithms and provides secure services like encryption, decryption, authentication, or key management. FIPS 140The first FIPS 140 was published thirty years ago (where has time gone???). The U.S. federal government realized it needed to get a handle on how the government as a whole needed to use cryptographic modules in its tech. Prior to that, it was something of a free-for-all. Each agency made its own decisions about what information and staff it had on hand. Not great.
The best thing about version 1 of anything is that it suddenly sparks all SORTS of discussion. There are new requirements, positive and negative feedback, and a desire to improve. That resulted in FIPS 140-2, published over 20 years ago in 2001. (I’m still feeling old here.) FIPS 140-2 provided clearer definitions and more detailed requirements. Just as well as the science of cryptography advanced and new cryptographic algorithms needed to be considered.
The U.S. Government obviously isn’t the only entity out there working out the best way to evaluate cryptographic algorithms. That’s where the International Organization for Standardization (ISO) came in. In 2012, ISO published ISO/IEC 19790:2012, “Information technology — Security techniques — Security requirements for cryptographic modules.” The U.S. National Institute of Standards and Technology (NIST) was a member of the team making that global standard. As it came time to yet again refresh FIPS 140, it made sense to point it to ISO/IEC 19790:2012. That’s now FIPS 140-3.
Cryptographic Module Validation Program (CVMP)So now there’s a standard, updated over time, that says, “Here are the requirements for cryptographic modules to be used by the federal government.” Great! How does the government ensure that those modules meet those requirements? That’s where the Cryptographic Module Validation Program (CVMP) comes in.
The CVMP is a joint effort between the NIST and the Canadian Centre for Cyber Security. It provides guidelines for accredited laboratories (Cryptographic and Security Testing Laboratories (CSTL). From those guidelines, the laboratories verify that a cryptographic module submitted by a vendor satisfies the requirements. The CSTL’s findings are submitted back to the program. If everything is copacetic, the module is added to the list of modules federal agencies can accept in their tools and services.
FIPS 140, the CVMP, and Digital IdentitySo, how does this all tie into the world of digital identity? I have a list!
There are two things in particular to remember. First, of course, is noting that cryptography is used in a variety of ways when it comes to digital identity. Encrypting tokens, signatures, keys, and more is a fundamental necessity. Second, the federal government spends a mind-boggling amount on cybersecurity. This means their requirements for cybersecurity—such as the cryptographic modules used in the tools and services they purchase—influence almost everything in the cybersecurity industry. While following the FIPS 140 guidelines is only _required_ for federal agencies, in practice, its reach is much broader.
Given those points, FIPS 140-3 helps lay the groundwork for secure digital identity by ensuring that the cryptographic modules used are not just good, but government-approved good. And if that isn’t enough, given that FIPS 140-3 now basically points to an internationally developed standard in the form of ISO/IEC 19790:2012, then you’re talking about something that has achieved consensus on a global scale. That’s a level of assurance that goes beyond just checking a box. It’s knowing that the systems managing your identity are backed by some of the best cryptographic practices in the world.
Wrap UpAs a regular consumer, you really don’t need to know about FIPS 140 and its associated validation program. As a cybersecurity practitioner, you should at least be aware that it’s there and its implications. And as an executive that has responsibility for the security of your company or what goes into your products, all of this should be familiar to you already.
This is going to be an area I learn more about over the next few months. And since I learn best through writing, you can expect more blog posts on the topic of how the U.S. Government thinks about cryptographic modules. Stay tuned!
I want to help you go from overwhelmed at the rapid pace of change in identity-related standards to prepared to strategically invest in the critical standards for your business. Follow me on LinkedIn or reach out to discuss my Digital Identity Standards Development Services.
The post Why FIPS 140-3 Matters for Cryptography and Digital Identity Security appeared first on Spherical Cow Consulting.
Clearview AI committed significant violations of the European Union’s General Data Protection Regulation after establishing the database without properly notifying individuals whose images were included, said the DPA, which could impose an additional $5.6 million fine on the firm should it continue GDPR nonadherence.
In today’s digital landscape, the rapid pace of technological innovation has brought us to a crossroads, where the ideals of privacy, autonomy, and freedom meet the very real challenges of regulation. While decentralized platforms promise a world free from the prying eyes of governments and corporations, they also pose significant challenges, particularly when they are used to facilitate illegal activities. Take, for example, the infamous cases of Silk Road, Tornado Cash, and Telegram — each a flashpoint in the ongoing battle between technological freedom and the need for regulation. But what if there were a way to strike a balance? A decentralized reputation system, paired with anonymous identities, could offer a middle ground, where freedom meets responsibility.
The Evolution of Privacy Platforms: Case Studies Silk Road: The Dark Web’s PioneerSilk Road was more than just an online black market; it was the first glimpse into a future where decentralized platforms could operate outside the reach of traditional law enforcement. Founded by Ross Ulbricht in 2011, Silk Road leveraged Bitcoin and the Tor network to create a truly global, anonymous marketplace. It was a hub for illegal activities — primarily drug trafficking — hidden from the watchful eyes of the law. The importance of Silk Road lies not just in its role as a market but in how it demonstrated the power of cryptocurrencies and decentralized platforms. It set a precedent, showing how these technologies could facilitate both freedom and crime on a massive scale.
Tornado Cash: Anonymizing Cryptocurrency TransactionsTornado Cash pushed the boundaries of financial privacy. This cryptocurrency mixer on the Ethereum blockchain provided users with the tools to anonymize their transactions, protecting their financial data from surveillance. But with great power comes great responsibility — or, in this case, irresponsibility. Tornado Cash became a haven for money laundering, exploited by criminals and even North Korean hackers. The arrest of Tornado Cash developer Alexey Pertsev by Dutch authorities in August 2022 sparked a heated debate about the balance between privacy and security, and whether developers should be held accountable for the misuse of their creations.
Telegram: A Platform for Secure CommunicationTelegram’s commitment to privacy and encryption has made it the go-to app for nearly 1 billion users seeking secure communication. From activists to journalists, many rely on Telegram to protect their privacy in the face of government surveillance. However, while Telegram is not decentralized, its strong encryption and anonymity features have also made it attractive to criminal organizations, coordinating everything from drug trafficking to child exploitation. The recent arrest of Telegram’s CEO, Pavel Durov, in France has intensified the debate about the role of tech platforms in moderating content and their accountability for illegal activities.
The Regulatory Response: Challenges and ConsequencesThe arrests of figures like Ulbricht, Pertsev, and Durov are part of a broader governmental push to regulate decentralized and privacy-focused platforms. But this raises some tough questions: Are we stifling innovation and free speech in the process? The legal complexities of regulating these platforms, especially when it comes to holding developers accountable, highlight the difficulty in balancing privacy with security.
Proposed Solution: Decentralized Identity and Reputation SystemsSo, how do we move forward? One potential solution lies in the development of decentralized reputation systems paired with anonymous identities. Imagine a world where users can maintain their privacy while building a reputation based on their actions within the community. Such a system could empower communities to self-regulate, reducing the need for external oversight.
Anonymous Identity SystemsAnonymous identity systems could be the key to balancing privacy with accountability. These systems would allow users to engage with decentralized platforms without revealing their true identities, while still being held accountable for their actions.
Decentralized Reputation SystemsA decentralized reputation system could serve as a form of self-regulation. Users would build reputations based on their behavior, with ethical actions rewarded and illegal activities flagged or excluded. This could mitigate the need for heavy-handed regulation while preserving the core values of decentralization.
Practical Considerations and ChallengesOf course, implementing such systems won’t be without challenges. From technical limitations to potential exploitation, these solutions require careful design and community buy-in. But with transparency and engagement, we could create a system that balances freedom with responsibility.
ConclusionThe stories of Silk Road, Tornado Cash, and Telegram underscore the dual-edged sword of privacy-focused technology. While these platforms offer unprecedented privacy and autonomy, they also create new avenues for crime. A balanced approach, using decentralized reputation systems and anonymous identities, could offer a path forward. As we continue to navigate the digital age, it’s essential that we foster dialogue between innovators, regulators, and users to ensure that technology serves the greater good, protecting both freedom and security in this brave new world.
Decentralized Identity and Reputation: Balancing Freedom and Regulation in Digital Platforms was originally published in OntologyNetwork on Medium, where people are continuing the conversation by highlighting and responding to this story.
Que semana! Nos últimos dias mais de 2.6 milhões de usuários se registraram na plataforma, sendo que mais de 85% são Brasileiros. Sejam muito bem vindos, estamos muito contentes por tê-los aqui!
Qual o diferencial do Bluesky?Por base, o Bluesky te prioriza e te dá mais controle. Aqui você pode escolher a experiência social que mais te agrada.
Nossa comunidade cresceu organicamente e está cheia de autores, artistas, jornalistas, políticos, entre outros. Os usuários brasileiros que já usam a plataforma notam que eles têm uma qualidade de engajamento com muito mais qualidade do que em qualquer outra plataforma.
Além disso, o Bluesky é um ecossistema aberto. Nós criamos uma rede social aberta para que qualquer desenvolvedor seja capaz de modificá-la através do AT Protocol (o nome dele é Atmosphere). Essa abertura diz respeito ao fato do Bluesky ser um projeto colaborativo, diferente de outras redes sociais que são controladas por uma única empresa. Qualquer um pode construir feeds, moderar e até criar aplicativos completamente novos usando a nossa plataforma.
Quando o Bluesky vai liberar vídeos e trending topics?Os vídeos já estarão disponíveis na nossa próxima grande atualização, e nós também já estamos trabalhando nos trending topics. Estamos ligados nos feedbacks de vocês e super contentes com essa animação.
Quais são as particularidades do Bluesky? Feeds CustomizadosAlém do cronológico feed Seguindo e o clássico Discover, você pode experimentar feeds novos! Por exemplo, caso você queira ver postagens dos seus amigos que não postam muito — tente Quiet Posters. Caso queira ver o conteúdo mais postado no dia anterior em toda a plataforma, experimente o Catch Up.
Qualquer um pode criar e se inscrever nos feeds. Ao invés de providenciarmos apenas um algoritmo, nós deixamos nossos usuários escolherem. Você está no controle. Dessa forma a ideia é promover discussões mais saudáveis mesmo porque não incentivamos esquemas para aumentar engajamento, desinformação, fake news ou qualquer tipo de abuso.
Nomes de UsuárioCaso você seja dono de um site, pode usar o nome dele como nome de usuário. Por exemplo, a Folha de S. Paulo escolheu usar @folha.com como nome. Ah, mas não esqueça que você só pode usar o nome de usuário de um site que seja seu, pois essa é uma forma de mostrar que, por exemplo, você é a Folha de S. Paulo real. Esse é um jeito de se provar legítimo.
Você pode brincar e se divertir inventando! Por exemplo, muitas Swifties escolheram nomes de usuário que terminam com “swifties.social,” coisa que você pode configurar usando essa ferramenta aqui.
Caso tenha interesse em comprar e gerenciar um site através do nosso parceiro Namecheap, você pode fazer isso aqui.
Estou cansado de criar contas novas em redes sociais! É garantia que o Bluesky vai continuar vivo?Nós sabemos, compreendemos profundamente essa sua preocupação. Mas o Bluesky está aqui para ficar.
Quando uma plataforma como o X fecha você perde contato com todos os seus amigos de lá. Mas como o Bluesky é uma rede cujo código é aberto você consegue levar seus seguidores com você. Dessa forma você sempre será capaz de manter contato com seus amigos. (caso esteja interessado em detalhes técnicos, tem mais informações sobre a portabilidade de contas aqui.)
E digo mais! Por ser uma rede social aberta, desenvolvedores independentes podem construir aplicativos inteiramente novos e promover outras experiências a vocês. Imagine uma plataforma de blog ou um aplicativo de fotos nessa mesma rede com todos os seus amigos já conectados. Você não vai precisar se inscrever em outro aplicativo social desta vez — estará criando uma identidade social online que é apenas sua.
Como o Bluesky lida com liberdade de expressão e moderação de conteúdo?Segurança e promoção de espaços saudáveis para conversas é uma questão central para o Bluesky. Nosso time de moderação está de pé 24/7 e consegue responder a maioria das denúncias em poucos dias. Para denunciar uma postagem ou uma conta, simplesmente clique no menu indicado com três pontinhos e em “Denunciar Postagem” ou “Denúnciar Conta”.
Ao mesmo tempo, nós entendemos que não existe uma única forma que sirva para moderar todos os espaços. Então, além da base sólida em relação às políticas de moderação do Bluesky, vocês podem se inscrever em outras organizações que confiem, ou mesmo em outras comunidades que tenham algum conhecimento específico e que podem adicionar regras de moderação. (Leia mais sobre formas de acrescentar regras de moderação aqui.)
Como vocês planejam lidar com as fake news eleitorais?Aaron Rodericks, o cabeça do time de segurança e promoção de saúde na plataforma, já teve que lidar com essas questões no Twitter e trouxe sua experiência para cá. Nosso time de moderação revisa o conteúdo ou a conta em busca de desinformação, coisa que os usuários podem denunciar diretamente do aplicativo. Em caso de violações severas como risco de boicotes a votação ou as eleições oficiais nós poderemos remover o conteúdo ou até a conta. Na maioria dos casos nós revisamos as reivindicações de que um conteúdo é falso buscando informações em fontes confiáveis e nos reservamos o direito de classificar postagens como desinformação.
Jornalistas podem entrar em contato através do press@blueskyweb.xyz. Para o nosso kit de media, que é onde você encontra nosso logo e fotos, clique aqui.
What a week! In the last few days, Bluesky has grown by more than 2.6 million users, over 85% of which are Brazilian. Welcome, we are so excited to have you here!
What makes Bluesky different?By design, Bluesky gives users more control and prioritizes you. Here, you can customize your social experience to fit you.
Our community has grown organically, and is full of creators, artists, journalists, politicians, and more. Brazilian users on Bluesky have noticed that they receive much higher quality engagement on Bluesky than on any other platform.
In addition, Bluesky is an open ecosystem. We’re built on an open network that developers can freely build upon called the AT Protocol (and the ecosystem is called the Atmosphere). This openness means that Bluesky is a collaborative project, unlike other social networks that are controlled by a single company. Anyone can build feeds, moderation services, and even entirely new apps on top of our network.
What are some unique features on Bluesky? Custom FeedsOutside of your chronological Following feed and the default Discover feed, you can try out some new feeds! Maybe you want to see posts from your friends who don’t post as often — try Quiet Posters. If you want to see the top posts across the whole network from the last day, try Catch Up.
Anyone can create and subscribe to feeds. Instead of providing only a single algorithm, we let users choose. You’re in control. This promotes healthier discussion because we do not incentivize engagement baiting, misinformation, or harassment.
UsernamesYou can set your username to be a website that you own. For example, Folha de S. Paulo set their Bluesky username to @folha.com. You can only set your username to a website that you own, so this shows you that the real Folha de S. Paulo owns this account. It’s one form of self-verification.
There’s lots of room to have fun with this! For example, many Swifties are using usernames that end in “swifties.social,” which you can set up with this community tool here.
If you’d like to purchase and manage a website through Bluesky’s partnership with Namecheap, you can do that here.
I’m tired of creating accounts on new social apps! Will Bluesky stick around?We know, we’ve been there too. Bluesky is here to stay.
When an app like X shuts down, you lose touch with all your friends there. But because Bluesky is built on an open network, you can easily take your followers with you. You will always be able to stay in touch with your friends. (If you’re interested in the technical details, you can read more about account portability here.)
Additionally, because of the open network, independent developers can build entirely new apps and experiences. Imagine a blogging platform or a photo app built on this same network, with all of your friends already connected. You’re not just signing up for another social app this time — you’re creating a social identity online that you own.
When will Bluesky have video and trending topics?Video will be available in the next major app release, and we’re working on trending topics too. We’re paying close attention to your feedback and appreciate everyone’s excitement.
How does Bluesky handle content moderation?Trust and safety is core to Bluesky, and we value spaces for healthy conversation. Our moderation team provides 24/7 coverage and responds to most reports within a few days. To report a post or an account, simply click the three-dot menu and click “Report post” or “Report account.”
At the same time, we recognize that there’s no one-size-fits-all approach to moderation. So, on top of Bluesky's strong foundation, users can subscribe to additional moderation decisions from more organizations they trust with industry-specific or community-specific knowledge. (Read more about our stackable approach to moderation here.)
What is your plan for election misinformation?Aaron Rodericks, Bluesky's Head of Trust & Safety, formerly led election integrity efforts at Twitter and has brought his experience here. Our moderation team reviews content or accounts for misinformation, which users can report directly within the app. In the case of severe violations such as a risk to polling places or election officials, we may remove content or accounts. In most cases, we review claims against credible sources and fact checkers, and may label posts as misinformation.
Journalists can reach us with inquiries at press@blueskyweb.xyz. For our media kit, where you can find our logo and headshots, click here.
A judge approved a restraining order to prevent the researcher from downloading and disseminating the data.
Thales, globalny lider w obszarze Obronności i Bezpieczeństwa, Technologii Lotniczych oraz Kosmicznych, a także technologii z zakresu Identyfikacji i Bezpieczeństwa Informacji oraz PIT RADWAR wchodzący w skład Grupy PGZ będący wiodącym dostawcą sprzętu wojskowego dla Polskich Sił Zbrojnych podpisały Porozumienie o Współpracy (MOU) w obszarze współpracy strategicznej, podczas tegorocznych targów MSPO, Międzynarodowego Salonu Przemysłu Obronnego, które odbyły się w Kielcach w dniach 3-6 września 2024 r.
Porozumienie mówi o eksplorowaniu różnych możliwości wspólnych działań technicznych, technologicznych oraz biznesowych w zakresie szeroko pojętych technologii radarowych.
Zarówno Grupa Thales, jak i PGZ PIT-RADWAR mają wieloletnie doświadczenie w zakresie radarów i technologii radiolokacyjnych, z wieloma sukcesami we wdrażaniu tych technologii dla klientów wojskowych i cywilnych.
Połączenie możliwości pozwoli na wzmocnienie możliwości obu firm oraz na stworzenie nowych technologii o unikalnych cechach dla klientów.
O Thales
Thales (Euronext Paris: HO) jest światowym liderem zaawansowanych technologii w trzech obszarach: Obrona i bezpieczeństwo, Lotnictwo i przestrzeń kosmiczna oraz Tożsamość cyfrowa i bezpieczeństwo. Opracowuje produkty i rozwiązania, które pomagają uczynić świat bezpieczniejszym, bardziej ekologicznym i bardziej inkluzywnym.
Grupa inwestuje blisko 4 miliardy euro rocznie w badania i rozwój, szczególnie w kluczowych obszarach, takich jak technologie kwantowe, przetwarzanie brzegowe, 6G i cyberbezpieczeństwo.
Thales zatrudnia 81 000* pracowników w 68 krajach. W 2023 roku Grupa osiągnęła sprzedaż w wysokości 18,4 miliarda euro.
O PIT-RADWAR
PIT-RADWAR S.A. jest jednym z wiodących dostawców profesjonalnego sprzętu elektronicznego dla Sił Zbrojnych Rzeczypospolitej Polskiej.
Od dziesięcioleci Spółka prowadzi działalność badawczo-rozwojową w dziedzinie technologii radarowej, wsparcia i środków elektronicznych, systemów C2 i powiązanych systemów uzbrojenia, w szczególności systemów obrony powietrznej. Produkty PIT-RADWAR S.A. wykorzystywane są przez wszystkie rodzaje Sił Zbrojnych RP, a także za granicą.
Linki do strony internetowej
Défense et Sécurité | Thales Group
ŁĄCZNOŚĆ
Thales
Director Communications
Northern & Central Europe
Lynne Scott Walters
+45 21191441
lynne.scott-walters@thalesgroup.com
Thales Group, Media Relations
Land and Naval Defence
Camille Heck
+33 6 73 78 33 63
camille.heck@thalesgroup.com
/sites/default/files/prezly/images/Banner_4.jpg Contacts Cédric Leurquin 03 Sep 2024 Type Press release Structure Poland Thales, globalny lider w obszarze Obronności i Bezpieczeństwa, Technologii Lotniczych oraz Kosmicznych, a także technologii z zakresu Identyfikacji i Bezpieczeństwa Informacji oraz PIT RADWAR wchodzący w skład Grupy PGZ będący wiodącym dostawcą sprzętu wojskowego dla Polskich Sił Zbrojnych podpisały Porozumienie o Współpracy (MOU) w obszarze współpracy strategicznej, podczas tegorocznych targów MSPO, Międzynarodowego Salonu Przemysłu Obronnego, które odbyły się w Kielcach w dniach 3-6 września 2024 r. prezly_685433_thumbnail.jpg Hide from search engines Off Prezly ID 685433 Prezly UUID 4e64bc3c-0cb7-49ac-8d1a-2d8724943908 Prezly url https://thales-group.prezly.com/thales-i-pit-radwar-grupa-pgz-podejma-wspolprace-w-zakresie-technologii-radarowych Tue, 09/03/2024 - 20:02 Don’t overwrite with Prezly data Off
Thales, a global leader in Defence & Security, Aeronautics & Space, and Digital Identity & Security, and PIT RADWAR, a company of the PGZ Group and a leading supplier of military equipment for the Polish Armed Forces, have signed a Memorandum of Understanding (MOU) on Strategic Cooperation at this year’s MSPO International Defence Industry Exhibition, taking place in Kielce, Poland on 3-6 of September 2024.
The agreement aims at exploring and undertaking common technical, technological and business activities to address a broad range of radar technologies.
Both companies share many decades of experience in radars and radiolocation technologies, including multiple successes in implementation for both military and civil clients.
Joining capabilities will enable both companies to multiply their strengths, offering superior performance parameters and unique features for clients in both domestic and international markets.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies within three domains: Defence & Security, Aeronautics & Space, and Digital Identity & Security. It develops products and solutions that help make the world safer, greener and more inclusive.
The Group invests close to €4 billion a year in Research & Development, particularly in key areas such as quantum technologies, Edge computing, 6G and cybersecurity.
Thales has 81,000* employees in 68 countries. In 2023, the Group generated sales of €18.4 billion.
About PIT-RADWAR
PIT-RADWAR S.A. is one of the leading suppliers of professional electronic equipment for the Armed Forces of the Republic of Poland.
For decades, the Company has conducted research and development activities in the field of radar technology, electronic support and measures, C2 systems and related armament systems, especially air defence systems. The products of PIT-RADWAR S.A. are used by all types of the Armed Forces of the Republic of Poland, as well as abroad.
WEB LINKS
Défense et Sécurité | Thales Group
CONTACTS
Thales
Director Communications
Northern & Central Europe
Lynne Scott Walters
+45 21191441
lynne.scott-walters@thalesgroup.com
Thales Group, Media Relations
Land and Naval Defence
Camille Heck
+33 6 73 78 33 63
camille.heck@thalesgroup.com
/sites/default/files/prezly/images/Banner_3.jpg Contacts Cédric Leurquin 03 Sep 2024 Type Press release Structure Defence and Security Defence Poland Thales, a global leader in Defence & Security, Aeronautics & Space, and Digital Identity & Security, and PIT RADWAR, a company of the PGZ Group and a leading supplier of military equipment for the Polish Armed Forces, have signed a Memorandum of Understanding (MOU) on Strategic Cooperation at this year’s MSPO International Defence Industry Exhibition, taking place in Kielce, Poland on 3-6 of September 2024. prezly_685338_thumbnail.jpg Hide from search engines Off Prezly ID 685338 Prezly UUID 985e295f-b16d-4e5c-a374-d428ca82a774 Prezly url https://thales-group.prezly.com/thales-and-pit-radwar-pgz-group-to-cooperate-on-radar-technologies Tue, 09/03/2024 - 20:00 Don’t overwrite with Prezly data Off
As cyberattacks become increasingly frequent, sophisticated, and damaging, safeguarding your digital assets has never been more critical. In October 2024, Microsoft will begin enforcing mandatory multifactor authentication (MFA) for the Microsoft Entra admin center, Microsoft Azure portal, and the Microsoft Intune admin center.
We published a Message Center post (MC862873) to all Microsoft Entra ID customers in August. We’ve included it below:
Take action: Enable multifactor authentication for your tenant before October 15, 2024
Starting on or after October 15, 2024, to further increase your security, Microsoft will require admins to use multifactor authentication (MFA) when signing into the Microsoft Azure portal, Microsoft Entra admin center, and Microsoft Intune admin center.
Note: This requirement will also apply to any services accessed through the Intune admin center, such as Windows 365 Cloud PC. To take advantage of the extra layer of protection MFA offers, we recommend enabling MFA as soon as possible. To learn more, review Planning for mandatory multifactor authentication for Azure and admin portals.
How this will affect your organization:
MFA will need to be enabled for your tenant to ensure admins are able to sign into the Azure portal, Microsoft Entra admin center, and Intune admin center after this change.
What to do to prepare:
If you have not already, set up MFA before October 15, 2024, to ensure your admins can access the Azure portal, Microsoft Entra admin center, and Intune admin center. If you are unable to set up MFA before this date, you can apply to postpone the enforcement date. If MFA has not been set up before the enforcement starts, admins will be prompted to register for MFA before they can access the Azure portal, Microsoft Entra admin center, or Intune admin center on their next sign-in.
For more information, refer to: Planning for mandatory multifactor authentication for Azure and admin portals.
Jarred Boone
Senior Product Marketing Manager, Identity Security
Read more on this topic
Planning for mandatory multifactor authentication for Azure and other administration portals
Learn more about Microsoft Entra
Prevent identity attacks, ensure least privilege access, unify access controls, and improve the experience for users with comprehensive identity and network access solutions across on-premises and clouds.
Microsoft Entra News and Insights | Microsoft Security Blog Microsoft Entra blog | Tech Community Microsoft Entra documentation | Microsoft Learn Microsoft Entra discussions | Microsoft Community
Podczas targów MSPO w Kielcach Polska Amunicja Sp. z o. o. podpisała umowę ze spółkami z Grupy Thales na wspólną produkcję rakiet 70mm (2,75”).
Po pierwszym MoU podpisanym podczas Eurosatory 2024 pomiędzy Thales Belgium, WB Electronics i jej spółką zależną AREX w sprawie wspólnego opracowania nowych systemów dla platform lądowych z zastosowaniem ww. amunicji rakietowej, Thales i Polska Amunicja - spółka zależna WB Electronics, idą teraz o krok dalej.
Wykorzystując potencjał obu podmiotów, umowa ta stwarza możliwości budowy dodatkowych kompetencji w Polskiej Amunicji, Grupie WB, PONAR Wadowice S.A. i Thales Belgium. Celem jest opracowanie konkurencyjnego i wydajnego produktu, który partnerzy wspólnie wprowadzą na rynek.
Niniejsze porozumienie stanowi ważny krok dla Thales w Polsce, będący punktem wyjścia do studium wykonalności w zakresie przeniesienia produkcji niektórych elementów systemu rakietowego 70 mm produkowanego obecnie przez Thales Belgium. Projekt ten obejmuje komponenty zarówno do rakiet niekierowanych, jak i kierowanych kal. 70 mm.
Niniejszy nowy list intencyjny wpisuje się także w wysiłki podejmowane przez przemysł zbrojeniowy na rzecz wzmocnienia europejskich zdolności obronnych.
Thales Belgia
Thales w Belgii, spółka zależna w 100% od francuskiej międzynarodowej grupy Thales, działa ponad 50 lat, aby służyć swoim klientom w Belgii i za granicą w trzech głównych obszarach: obrona i bezpieczeństwo, przemysł lotniczy i tożsamość cyfrowa. Jej zespół opracowuje i dostarcza rozwiązania, które przyczyniają się do uczynienia świata bezpieczniejszym i bardziej otwartym.
Thales Belgium zatrudnia ponad 1200 pracowników w 9 lokalizacjach (Herstal, Tubize, Bruxelles, Charleroi, Hasselt, Leuven, Zaventem i Hasselt)
Thales Belgium uczestniczy rokrocznie w projektach R&D, prowadzonych w Belgii w kluczowych sektorach technologicznych, takich jak kwantowość, sztuczna inteligencja, elektromagnetyzm i cyberbezpieczeństwo.
Polska Amunicja
Polska Amunicja Sp. z o.o została utworzona przez trzy podmioty prywatne: WB Electronics, Ponar Wadowice i TDM Electronics, działające wspólnie i reprezentujące obecnie 100% udziałów w spółce holdingowej – WPT Holding, która z kolei posiada 49% akcji Polska Amunicja. Większościowy pakiet udziałów w Spółce (51%) należy do spółki portfelowej Agencji Rozwoju Przemysłu – Aranda sp. z o.o.
LIENS WEB
Défense et Sécurité | Thales Group
CONTACTS
Thales Belgium
Directrice Stratégie et Marketing
Lou Uniack
lou.uniack@thalesgroup.com
Thales Group, Media Relations
Land and Naval Defence
Camille Heck+33 6 73 78 33 63
camille.heck@thalesgroup.com
/sites/default/files/prezly/images/Banner_2.jpg Contacts Cédric Leurquin 03 Sep 2024 Type Press release Structure Poland Podczas targów MSPO w Kielcach Polska Amunicja Sp. z o. o. podpisała umowę ze spółkami z Grupy Thales na wspólną produkcję rakiet 70mm (2,75”). prezly_685504_thumbnail.jpg Hide from search engines Off Prezly ID 685504 Prezly UUID c78b6648-5f22-4389-b026-6f076d1801e2 Prezly url https://thales-group.prezly.com/thales-belgium-i-polska-amunicja-podpisaly-list-intencyjny-o-wspolpracy-przy-produkcji-rakiet-70-mm Tue, 09/03/2024 - 19:55 Don’t overwrite with Prezly data Off
Leveraging on their respective competencies, this agreement creates opportunities to build additional capabilities in Polska Amunicja, Grupa WB, PONAR Wadowice S.A. and Thales Belgium. As a result of this teaming, the companies will combine their technical skills and capacity to develop a competitive and efficient product that they will jointly commercialize.
This MoU is an important step for Thales in Poland, being the starting point of the feasibility study for the transfer of production of certain components of the 70mm rocket system manufactured by Thales in Belgium. This project involves components for both unguided and guided 70 mm rockets.
This new Memorandum of Understanding is in line with the efforts made by these industries to reinforce the European defense capabilities.
About Thales Belgium
Thales in Belgium, a 100% affiliate of the French multinational Thales Group, has been present for more than 50 years to serve its customers in and from Belgium on three main domains: Defence & Security, Aerospace and Digital Identity. Its team develops and produces solutions contributing in making the world safer and more inclusive.
Thales Belgium counts more than 1200 employees in 9 sites (Herstal, Tubize, Bruxelles, Charleroi, Hasselt, Leuven, Zaventem and Hasselt).
Every year, Thales Belgium contributes to the R&D in Belgium in key technological sectors such as Quantum, AI, Electromagnetism and Cybersecurity.
About Polska Amunicja
Polska Amunicja Sp. z o.o. was established by three private entities: WB Electronics, Ponar Wadowice and TDM Electronics, operating jointly and currently representing 100% of the shares in the holding company - WPT Holding, which in turn holds 49% of the shares in Polska Amunicja. The majority stake in the Company (51%) belongs to the portfolio company of the Industrial Development Agency - Aranda sp. z o.o.
LIENS WEB
Défense et Sécurité | Thales Group
CONTACTS
Thales Belgium
Directrice Stratégie et Marketing
Lou Uniack
lou.uniack@thalesgroup.com
Thales Group, Media Relations
Land and Naval Defence
Camille Heck+33 6 73 78 33 63
camille.heck@thalesgroup.com
/sites/default/files/prezly/images/Banner_1.jpg Contacts Cédric Leurquin 03 Sep 2024 Type Press release Structure Defence and Security Defence Belgium Poland During the MSPO fair in Kielce, Polska Amunicja Sp. Z o.o signed an agreement with Thales on the joint production of 70mm (2.75”) rockets. After a first MoU signed during Eurosatory 2024 between Thales Belgium, WB Electronics and its subsidiary AREX to develop new rocket systems for land applications, Thales and Polska Amunicja, a subsidiary of WB Electronics, are going a step further. prezly_685458_thumbnail.jpg Hide from search engines Off Prezly ID 685458 Prezly UUID ced13589-ee29-4edb-a9ca-79bc3983d9aa Prezly url https://thales-group.prezly.com/thales-in-belgium-and-polska-amunicja-sign-a-mou-to-collaborate-on-the-production-of-70mm-rockets Tue, 09/03/2024 - 19:50 Don’t overwrite with Prezly data Off
Wchodzące w skład GRUPY WB spółki WB Electronics S.A. i RADMOR S.A. podpisały z THALES porozumienie o współpracy. Obejmuje powołanie, w oparciu o uzgodnione zasady, struktury koordynującej relacje między stronami, której zadaniem będzie eksplorowanie różnych możliwości wspólnych działań biznesowych.
W ramach porozumienia o współpracy spółki będą podejmowały wspólne działania na rynku obronnym, w tym w domenach powietrznej, lądowej, kosmicznej i bezpieczeństwa technologii informatycznych.
RADMOR i Thales od wielu lat współpracują w rozwoju systemów radiokomunikacji wojskowej. Podmioty dzielą udziały w europejskiej spółce a4ESSOR rozwijającej najnowocześniejsze interoperacyjne waveformy ESSOR (European Secure SOftware defined Radio) dla sił zbrojnych Sojuszu Północnoatlantyckiego (NATO), które stały się standardami tej organizacji obronnej (STANAG). Współpracowały również przy produkcji radiostacji plecakowych i pojazdowych opartych na rozwiązaniach technologicznych Thales.
„Thales zobowiązuje się do budowania silnej współpracy przemysłowej i zaufanych lokalnych partnerstw na korzyść naszych międzynarodowych klientów. Wraz z WB Electronics, Thales wykorzysta swoją wyjątkową wiedzę specjalistyczną i know-how w zakresie obronności, kosmosu i cyberprzestrzeni, aby dalej wzmacniać i rozwijać polski sektor obronny”, mówi Magdalena Nizik, dyrektor krajowy na Polskę i kraje bałtyckie, Thales.
„Doskonała wieloletnia współpraca polskiej i francuskiej spółki specjalizującej się w radiokomunikacji wojskowej to doskonały przykład europejskiej synergii przemysłu obronnego, zwiększania bezpieczeństwa w ramach Unii Europejskiej i NATO w tak trudnej technicznie dziedzinie, jaką jest zaawansowana łączność dla sił zbrojnych”, powiedział Bartłomiej Zając, prezes spółki RADMOR.
Wykorzystując swoje kompetencje, przedsiębiorstwa mogą wykorzystać własne doświadczenia
i specjalistyczną wiedzę, aby wspólnie oferować na konkurencyjnym rynku najnowocześniejsze rozwiązania w branży obronnej.
Thales
Thales (Euronext Paris: HO) jest światowym liderem zaawansowanych technologii w trzech obszarach: Obrona i bezpieczeństwo, Lotnictwo i przestrzeń kosmiczna oraz Tożsamość cyfrowa i bezpieczeństwo. Opracowuje produkty i rozwiązania, które pomagają uczynić świat bezpieczniejszym, bardziej ekologicznym i bardziej inkluzywnym.
Grupa inwestuje blisko 4 miliardy euro rocznie w badania i rozwój, szczególnie w kluczowych obszarach, takich jak technologie kwantowe, przetwarzanie brzegowe, 6G i cyberbezpieczeństwo.
Thales zatrudnia 81 000* pracowników w 68 krajach. W 2023 roku Grupa osiągnęła sprzedaż w wysokości 18,4 miliarda euro.
GRUPA WB jest zatrudniającym ponad dwa tysiące pracowników polskim producentem nowoczesnych rozwiązań dla wojska i służb mundurowych. Firma, której udziałowcem jest Polski Fundusz Rozwoju, działa globalnie na rynku systemów łączności, zarządzania kryzysowego, bezpieczeństwa publicznego, transportu, energoelektroniki i obronności. Jest jednym z największych producentów systemów bezzałogowych.
CONTACTS
Thales
Director Communications
Northern & Central Europe
Lynne Scott Walters
+45 21191441
lynne.scott-walters@thalesgroup.com
Thales Group, Media Relations
Land and Naval Defence
Camille Heck
+33 6 73 78 33 63
camille.heck@thalesgroup.com
WB Group
Remigiusz Wilk+\
+48 605 122 755
/sites/default/files/prezly/images/Banner_0.jpg Contacts Cédric Leurquin 03 Sep 2024 Type Press release Structure Poland Thales i WB Group podpisały umowę ramową o współpracy strategicznej podczas tegorocznych targów MSPO, Międzynarodowego Salonu Przemysłu Obronnego, które odbyły się w Kielcach w dniach 3-6 września 2024 r. Porozumienie dotyczy wspólnych działań na rynku obronnym, w domenach powietrznej, lądowej, kosmicznej i bezpieczeństwa technologii informatycznych. prezly_685510_thumbnail.jpg Hide from search engines Off Prezly ID 685510 Prezly UUID cd0e4be5-9691-4806-a258-8011b03d6c6e Prezly url https://thales-group.prezly.com/thales-i-wb-group-podpisaly-ramowe-porozumienie-o-wspolpracy-strategicznej-w-sektorze-obronnym Tue, 09/03/2024 - 19:43 Don’t overwrite with Prezly data Off
Under the terms of a Memorandum of Understanding, the purpose of the agreement is to establish a structure to manage the relationship between the two parties, based on mutually agreed principles governing the exploration of business opportunities across business units, with the ultimate goal to benefit the parties’ customers.
The Agreement aims at exploring and undertaking common business and technology activities aiming at addressing the overall defence domain including land, aerospace, space and cyber markets.
As part of the long-lasting cooperation between the two groups, WBE/RADMOR has manufactured around 12,000 PR4G radios under a transfer of production from Thales. The two groups are now strengthening this cooperation with the joint development of a Polish certified SDR Radio, interoperable with existing fleet of WBE/RADMOR Radio to ease its adoption by Polish Armed forces, and ensuring coalition interoperability solution with ESSOR capacities. This unique SDR V/UHF solution will embark Polish security assets, including COMSEC, and will be locally produced & maintained by WBE/RADMOR. At MSPO Exhibition, WBE/Radmor and Thales are proud to unveil the 1st version of this SDR solution.
“Thales is committed to building strong industrial collaborations and trusted local partnerships to the benefit of our international customers. Together with WB Electronics, Thales will leverage on its unique expertise and know-how within the Defence, Space and Cyber domains to further strengthen and develop the Polish defence sector”, says Magdalena Nizik, Country Director for Poland & Baltics, Thales.
Thales Belgium and WBE/AREX, based on the MoU signed at this year’s EUROSATORY, are deploying a mockup of AREX remote weapon station equipped with Thales launcher of 70 mm. rockets (FZ602) during MSPO.
This 70mm weapon system is already onboard AW149 helicopters purchased by the Polish Air Forces.
Leveraging on their respective competencies, the two companies can capitalize on their synergies and expertise to market together.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies within three domains: Defence & Security, Aeronautics & Space, and Digital Identity & Security. It develops products and solutions that help make the world safer, greener and more inclusive.
The Group invests close to €4 billion a year in Research & Development, particularly in key areas such as quantum technologies, Edge computing, 6G and cybersecurity.
Thales has 81,000* employees in 68 countries. In 2023, the Group generated sales of €18.4 billion.
About WB Group
GRUPA WB is a Polish manufacturer of modern solutions for the military and uniformed services employing over two thousand people. The company, whose shareholder is the Polish Development Fund, operates globally in the market of communication systems, crisis management, public safety, transport, power electronics and defense. It is one of the largest manufacturers of unmanned systems.
CONTACTS
Thales
Director Communications
Northern & Central Europe
Lynne Scott Walters
+45 21191441
lynne.scott-walters@thalesgroup.com
Thales Group, Media Relations
Land and Naval Defence
Camille Heck+33 6 73 78 33 63
camille.heck@thalesgroup.com
/sites/default/files/prezly/images/Banner.jpg Contacts Cédric Leurquin 03 Sep 2024 Type Press release Structure Defence and Security Defence Poland Thales and WB Group, signed a Frame Agreement on Strategic Cooperation at this year’s MSPO, International Defence Industry Exhibition, taking place in Kielce, Poland on 3-6 of September 2024. prezly_685507_thumbnail.jpg Hide from search engines Off Prezly ID 685507 Prezly UUID 37c9a289-6cf7-44c3-adb6-ef3548f39dd1 Prezly url https://thales-group.prezly.com/thales-and-wb-group-sign-a-frame-agreement-on-strategic-cooperation-in-the-defense-sector Tue, 09/03/2024 - 19:30 Don’t overwrite with Prezly data Off
Luxembourg, 3rd September 2024 – ShipFinex, a leading innovator in maritime finance, and Tokeny, the pioneering onchain finance operating system for tokenized securities, are proud to announce a strategic partnership aimed at transforming the way maritime assets are tokenized and managed.
This collaboration brings together two industry pioneers with a shared vision of enhancing transparency, security, and compliance in the tokenization of maritime assets. By joining forces, ShipFinex and Tokeny are poised to set a new standard in the digital finance landscape, particularly within the multi-billion-dollar maritime sector.
Elevating Maritime FinanceShipping and Maritime Finance have been an exclusive asset class/sector due to limited access in public equity markets and significant initial capital requirements to invest in assets, making it challenging for many to participate despite the Shipping market consistently outperforming many other asset classes.
ShipFinex and Tokeny are committed to democratizing access to maritime investments. Through this partnership, ShipFinex will leverage Tokeny’s cutting-edge technology to ensure that all tokenized maritime assets on its platform meet the highest standards of regulatory compliance and security, using the ERC-3643 standard. This integration not only enhances investor confidence but also positions both companies as leaders in the digital transformation of maritime finance.
Strategic AlignmentThe partnership between ShipFinex and Tokeny is a strategic alignment that amplifies the strengths of both companies. ShipFinex’s expertise in maritime finance, combined with Tokeny’s proven track record in tokenized securities infrastructure, creates a powerful synergy that is expected to accelerate the growth and adoption of tokenized maritime assets globally.
Following ShipFinex’s recent announcement of receiving initial approval from VARA in the UAE, this partnership underscores the company’s commitment to adopting world-class solutions to enhance its platform’s security and compliance. This collaboration highlights robust infrastructure and innovative regulated approach underpinning ShipFinex’s operations.
Looking AheadThis strategic partnership sets the stage for future growth and expansion, as both ShipFinex and Tokeny continue to innovate and lead in their respective fields. The integration of their capabilities will facilitate the broader adoption of tokenized maritime assets, offering investors a secure and efficient marketplace.
About ShipFinexShipFinex is revolutionizing maritime finance by providing a secure, transparent, regulated and efficient marketplace for tokenized maritime assets, enabling global investors to access and trade these assets like never before.
About TokenyTokeny is a leading onchain finance operating system. Tokeny has pioneered compliant tokenization with the open-source ERC-3643 standard and advanced white-label software solutions. The enterprise-grade platform and APIs unify fragmented onchain and offchain workflows, integrating essential services to eliminate silos. It enables seamless issuance, transfer, and management of tokenized securities. By automating operations, offering innovative onchain services, and connecting with any desired distributors, Tokeny helps financial actors attract more clients and improve liquidity. Trusted globally, Tokeny has successfully executed over 120 use cases across five continents and facilitated 3 billion onchain transactions and operations.
Website | LinkedIn | X/Twitter
The post ShipFinex and Tokeny Forge Strategic Partnership to Revolutionize Maritime Asset Tokenization first appeared on Tokeny.
The post ShipFinex and Tokeny Forge Strategic Partnership to Revolutionize Maritime Asset Tokenization appeared first on Tokeny.
If you're in the government space, you know how crucial it is to balance robust security and access with a seamless digital experience. We're thrilled to announce some major updates to Ping Government Identity Cloud that'll make your lives a whole lot easier. These capabilities are crucial for hitting essential security benchmarks, especially for DoD agencies and the Defense Industrial Base (DIB).
We are excited to announce that the Dock and cheqd tokens and blockchains are merging to form a Decentralized ID alliance.
By harnessing the combined strengths of two industry pioneers, Dock and cheqd will accelerate the global adoption of decentralized identity and verifiable credentials, empowering individuals and organizations worldwide with secure and trusted digital identities.
Existing $DOCK tokens will be converted into $CHEQ tokens (pending governance approval from token holders in both communities). This will mark a new chapter of opportunity for our token holders who will benefit from all the Web3 resources cheqd has at their disposal.
Full article: https://dock.io/post/dock-and-cheqd-form-alliance-to-accelerate-global-adoption-of-decentralized-id