Strata Identity has introduced a new product, Identity Orchestration for AI Agents. Built on Strata’s Maverics vendor-agnostic identity fabric and hybrid air-gap architecture, it provides identity guardrails and observability for AI agents without limiting identity provider (IDP) choice. Strata’s new product issues short-lived, scoped credentials at runtime; enforcing fine-grained, policy-as-code authorization, including human-in-the-loop approval for sensitive actions; and logging every agent decision and MCP-initiated API call for full auditability. Strata’s Maverics treats every AI agent as a first-class identity, governed by the same rigor as human users, to provide zero-trust governance for autonomous AI agents. This industry-first approach handles every agent action as a policy-enforced, observable, and auditable event in real time. Its identity-aware, MCP-native proxy enforces policy without requiring changes to existing apps or microservices. Key capabilities: Dynamic, runtime authentication for agents using delegated OAuth flows—supporting PKCE and SPIFFE/SVID to enable ephemeral, scoped trust without static credentials. Policy-driven, attribute- and context-aware authorization, through On-Behalf-Of (OBO) flows with optional human-in-the-loop verification to enforce step-up approvals for sensitive or high-risk actions. Just-in-time issuance/provisioning of agent identities into any cloud or on-premises IDP, including automatic credential rotation, lifecycle expiry, and ownership assignment. Full-stack observability through OpenTelemetry, providing near real-time, correlated traces of both human and agent interactions for forensic lineage, risk analysis, and audit through your existing reporting and analytics tools.
University of Pittsburgh’s mobile ID system allows students, faculty, and staff to download credentials via mobile wallets while offering the option to choose between digital ID and physical card
The University of Pittsburgh has launched a new mobile credentials system for students, faculty, and staff, launched on July 15, 2025. The system, facilitated by Transact, allows users to download credentials via Apple Wallet, Google Wallet, and Samsung Wallet. Users will have the option to choose between the Mobile Panther ID and the current physical contactless Panther Card. The mobile ID is part of a larger effort to modernize campus life, enhance security, and reduce plastic waste. However, mobile ID users will need to use the Pittsburgh Regional Transit app for public transit access. The system also addresses concerns about using the credential if a phone battery dies, with iPhone users able to use Express Mode with power reserve for up to five hours after a phone shuts down due to low battery, and Samsung users able to make up to 15 transactions within 24 hours. Existing students, staff, and faculty who choose the mobile credential can keep their physical Panther Card as a souvenir. Once activated, it functions everywhere the physical card does: Doors and Building Access; Laundry; Libraries; Dining Hall Turnstiles; Bookstore; All Pitt Eats locations; Student Recreation; Residence Hall Gyms; Guest Check-in; Cart Sign-Out; Parking Access.
Trulioo suggests “digital agent passport” to keep bots honest at checkout- a tamper-proof credential showing who built the agent, who it represents, and what permissions it has
Trulioo and PayOS recently published a white paper that advances the concept of Know Your Agent (KYA). At its core is the “Digital Agent Passport,” a tamper-proof credential showing who built the agent, who it represents, and what permissions it has. The passport includes five checkpoints: provenance, user binding, permission scope, real-time behavior telemetry, and continuous risk scoring—creating a verifiable chain of trust at machine speed. The white paper proposes independent Digital Passport Authorities to issue, sign, and revoke passports, much like SSL certificate authorities. A federated directory would ensure interoperability across borders and marketplaces, with real-time revocation lists. KYA would combine Trulioo’s identity graph and fraud detection with agent behavior monitoring. If an agent exceeds its permissions or behaves suspiciously, its passport could be flagged or revoked instantly. For merchants, KYA offers tighter audit trails and fewer manual exceptions. For FinTechs and retailers, it enables higher straight-through processing while guarding against fraud. Trulioo urges support for a federated directory of “white list agents,” ensuring payloads are signed and trusted. Each passport includes cryptographic proof of the developer’s identity and a hash of the latest code commit, giving merchants real-time visibility into agent behavior.
Proton’s open-source authenticator app lets users log in to services using dynamically generated two-factor authentication codes, automatically backs up codes, allows syncing codes and accounts across devices and can work in offline mode
Privacy-focused productivity tool company Proton released a new authenticator app today, allowing users to log in to services using dynamically generated two-factor authentication codes. The free app is available on all platforms starting today, including iOS, Android, Windows, macOS, and Linux. The app allows users to sync codes and accounts across devices. The company said that just like its other products, Proton Authenticator is open source and uses end-to-end encryption to protect user data. Users can easily import login codes from other authentication apps. Plus, the app automatically backs up codes and also works without any internet connection. “Two-factor authentication is essential for everyone – not just those who care about their privacy. Proton Authenticator is built for anyone who wants a secure, transparent, and convenient way to protect their accounts,” Eamonn Maguire, head of Account Security at Proton, said. “We believe strong security should never come at the cost of your convenience or privacy. That’s why we’ve developed Proton Authenticator: to give users peace of mind that their 2FA codes are available wherever they need them, without relying on Google or Microsoft. We’re putting users firmly in control not only over their data, but the way they access their online accounts,” he added.
Handwave’s tech uses a combination of surface palm imaging and near-infrared vein mapping to enable secure, frictionless authentication of payments, age verification and loyalty programs “with one wave of a hand” and without the need for devices, apps or wallets
Handwave has raised $4.2 million in a seed round to launch its palm-based authentication method across Europe and the United States. The company’s technology enables payments, age verification and loyalty programs to be done “with one wave of a hand.” “Using a combination of surface palm imaging and near-infrared vein mapping, Handwave creates an encrypted biometric template that never leaves your control,” Handwave said. “The result? Secure, frictionless authentication with a single gesture — no devices, apps or wallets required.” Handwave said palm biometrics provides users with greater control than facial recognition and greater security than face scans or fingerprints. While facial recognition can be triggered passively, palm biometrics requires users to extend their hand and confirm the action. Plus, the palm’s “unique network of veins, geometry and motion” is difficult to replicate and can be verified with liveness detection. The early-stage venture capital firm focused on Baltic founders said Handwave’s biometric payments and identification platform “is redefining how we pay and prove who we are — with just a palm.” “The idea that you can securely pay or verify your identity with nothing but your palm—without even taking out a phone—is not just futuristic, it’s imminently practical,” Practica Capital Partner Arvydas Bloze said.
Key for banks to offer scalable and easy onboarding for SMBs are- automated data and document workflows with configurable KYC/KYB “decision waterfalls,” digital signatures, adaptive due diligence with dynamic checklists and API-driven verification
Businesses value local connections and bespoke advice from traditional financial institutions, but busy proprietors really want easy, scalable onboarding. FOUR CAPABILITIES THAT ACTUALLY SCALE ONBOARDING 1. Automated data and document workflows Replace email chains and paper packets with configurable KYC/KYB “decision waterfalls,” digital signatures, timestamped audit logs and structured exception handling. Automation shortens cycle time and creates an auditable trail for compliance teams. 2. Adaptive due diligence SMB onboarding is not one-size-fits-all. Requirements should expand or contract in real time based on entity type, ownership structure, geography, or risk flags. Dynamic checklists prevent over-collecting (and frustrating low-risk sole proprietors) while ensuring thoroughness for complex entities. 3. API-driven verification Rather than mailing documents back and forth, tap public records, government registries, and best-in-class data providers to verify ownership, good standing, identity, and watchlists instantly. Done right, this lowers fraud and manual review without sacrificing accuracy. 4. Treat the branch as a strategic asset Empower staff to confidently onboard business accounts in-branch, while using digital tools to streamline workflows and turn both channels— online and in-branch—into profit centers.
YouTube is rolling out a new AI system that will determine whether users are 18 or not and to let users verify their age if it gets wrong by uploading a government ID, taking a verification selfie, or uploading a credit card
Youtube is rolling out a new AI system that will determine whether users are 18 or not, and it’s being put in place next week. One of the main reasons some users are heavily concerned about the new age verification system comes down to the method of determination. The content wall is still set at 18, but instead of self-reporting, users won’t have a say in how old Google’s AI model thinks they are. YouTube’s AI will likely be pretty good at guessing based on a few factors, but it’s not going to be 100% accurate. That’s where users are getting worried. If YouTube determines you’re under 18, whether that’s true or not, there will be a few changes made to the account. First, personalized ads will be turned off. This is likely one of the driving factors for the new system, as selling personalized ads for minors isn’t allowed in many regions. As most minors lie about their age on YouTube, the company could face legal trouble if it were found to be doing so. YouTube is going a step further past the legal protections, noting that digital wellbeing tool will be enabled by default. That includes “take a break” messages and bedtime reminders. The app will also warn users about privacy concerns when they comment or upload a video. Users could verify their age via other means if the AI model deemed them to be underage. That includes uploading a government ID, taking a verification selfie, or uploading a credit card. The latter option seems to be the least invasive, and most users are accustomed to linking their cards to just about any online service that asks. The former, however, are two very controversial options, and users with security concerns would like to avoid these options if possible. In reality, your options come down to letting the AI determine your age, and if it’s wrong, verifying via a method you deem acceptable. If those options aren’t reasonable to you, YouTube doesn’t seem to offer any other verification methods.
iDenfy’s API-based tool helps businesses instantly connect and verify company information such as registration details, legal status, entity type, tax ID and registered address across all 50 U.S. states using official Secretary of State records
iDenfy Secretary of State tool is the newest addition to the company’s KYB platform, offering automated access to official state records for verifying business registration and status. This new feature helps businesses instantly connect and verify company information across all 50 U.S. states using official Secretary of State records. The new API solution will strive to help high-risk companies, such as fintechs and banks, improve KYB onboarding accuracy and ensure compliance across different states. According to Domantas Ciulde, the CEO of iDenfy, streamlining access to SOS filings helps save time, as manually checking all these databases can be a hassle: “Our SOS lookup system connects to all U.S. SOS office portals and extracts relevant information about another company in seconds, which is vital for B2B partnerships and KYB compliance. Otherwise, analysts need to look up all portals manually, and it can be confusing, as some companies are registered in one state, while they actually operate in another location.” Currently, iDenfy’s SOS business search tool simplifies what has traditionally been a fragmented and time-consuming process. The system is able to automatically receive official data from the Secretary of State and compile a short but very detailed PDF report which summarizes the company’s registration details, legal status, entity type (such as LLC or Corporation), tax ID, registered address, and if any governing person or stakeholder is involved. iDenfy’s SOS tool also helps to identify potential threats such as inactive entities, missing or inconsistent registration data, and past bankruptcies. These red flags often signal shell companies and suspicious activity. By identifying these risks early, businesses can protect themselves from reputational damage or regulatory fines. Additionally, once a business’s legal data is pulled from the SOS database, it’s automatically cross-checked against other KYB criteria, including sanctions lists, adverse media, and tax ID verification directly from IRS records. For high-risk industries like crypto, this extra layer of security is essential in order to avoid bad actors from unclear companies.
Worldpay teams with Trulioo to integrate dynamic KYC and real-time risk monitoring, enabling secure agent-enabled transactions and protecting businesses in automated agentic commerce environments
Worldpay is partnering with Trulioo to introduce new safeguards for AI-powered agent-led commerce. At the core of this collaborative effort is the Know Your Agent (KYA) framework, powered by a Digital Agent Passport. This tamper-proof credential bundle will enable merchants to assess whether an AI agent is legitimate, authorized and acting with proper consent. The KYA framework will lay out structured guidelines for verification of the developer’s identity, code integrity, user consent and the ongoing trustworthiness of the agent in real time. Worldpay will empower merchants to leverage the KYA framework, enabling them to trust shopping agents by validating consumer intent and the authority granted to those agents. This innovation can help merchants grow sales while safeguarding against fraud and unauthorized purchases. The collaboration will help merchants and platforms unlock new experiences, from smarter checkout flows to real-time fraud detection, without sacrificing safety or visibility. Instead of blocking AI agents by default, the partnership will introduce smart controls where verified agents gain access, unknown agents encounter friction, and malicious bots are blocked. This approach will deliver measurable benefits across the entire ecosystem, including reduced fraud, smarter agent detection, and improved checkout conversion for merchants. Consumers will gain confidence that their AI assistants are acting with proper permission, while the broader commerce landscape will benefit from a shared, interoperable layer of trust that supports ongoing innovation and meets regulatory and evolving risk standards.
Banks lose 50% of applicants from complex onboarding and poor flow visibility; streamlined data capture, autofill tools, and device-switch support, raise account openings and portfolio growth
More than half of consumers who start a digital bank account application never finish it. One reason the problem persists is that many institutions lack visibility and control. They don’t know how many applications are started, where drop-offs occur, or which follow-up efforts are effective. Just as often, banks and credit unions don’t have the flexibility they need to effectively manage the information-capture sequence: what must be collected before the account is opened versus what can be deferred until after. Asking for too much, too soon — or “questionnaire creep” — can be a major source of friction — requiring applicants to complete more steps than necessary before account opening is completed. The instinct is understandable: In an effort to populate CRM systems or future-proof compliance needs, many institutions request nonessential information. The result is a longer, more cumbersome process at the very point when speed and simplicity matter most. In FICO study, nearly one-in-five respondents said they would drop out if asked five or more questions. Some steps in account opening must be completed up front — KYC, identity verification, and initial funding are required. Others, such as choosing overdraft protection or setting up companion accounts, can wait until after the account is active, when trust is higher and the customer is more likely to engage. By deferring these steps, some institutions have seen a significant increase in new accounts – upwards of up to 150% in new accounts. Giving institutions control over this sequencing allows them to front-load only what’s necessary and ultimately move applicants to completion faster. Prefill capabilities can also help streamline the experience, ensuring that every step of the workflow is as efficient as possible. Integrated scanning tools can extract and populate information directly from a driver’s license or phone number, while payment integrations can auto-fill fields using data the institution already holds. Each small efficiency matters, especially during funding. Requiring customers to verify microdeposits or complete multiple extra steps can derail momentum. To minimize friction, limit visible data entry to only what’s required and automate the rest through well-chosen integrations. Tools for identity verification, document scanning, and instant funding can eliminate redundant steps without compromising security. Unclear process flows are another culprit. Without clear visibility or a roadmap, applicants get discouraged early, especially when they’re asked for sensitive information without knowing what’s coming next. All of this compounds uncertainty. Awkward or inconsistent user interfaces can exacerbate the problem. Basic design issues — text that doesn’t wrap, buttons that don’t render properly, pages that require too much scrolling — signal to users that the institution is behind the times. And once a digital experience feels awkward, trust starts to erode. Device switching introduces another layer of friction. A user might begin the process on their phone and plan to finish later on a laptop. But if progress isn’t saved or the system can’t hand off seamlessly, they’ll have to start from scratch. In some cases, even reentering information triggers new validation errors. The customer might also wonder whether they will end up with two conflicting records in the system, leading to future errors. Some institutions may see this as a niche problem, but it can be a showstopper, especially when consumers perceive Amazon- or Apple-quality experiences as the norm. A well-executed application should offer true omnichannel support, allowing users to pause and resume across devices — or even pick up where they left off with a banker in the branch or call center. Progress saved at the field level prevents rework and confusion. When done right, these capabilities can support remarkable portfolio growth. Some institutions have reported 37% increases in loan portfolios and 35% increases in deposit portfolios since launching a more modernized application platform. The account opening workflow may span multiple platforms that weren’t built to work together. In some cases, the online application doesn’t connect to the institution’s core system in real time, requiring manual review or re-entry. Perhaps most surprising of all, many banks and credit unions simply lack visibility into where and why drop-offs occur. Without that data, continuous improvement is impossible.