Google has introduced Zero-Knowledge Proof (ZKP) technology to its Google Wallet service, allowing users to verify their age without sharing personal information. This cryptographic technology is a significant turning point for online privacy protection, as it eliminates the risk of privacy violations and identity theft. The system uses blockchain technology to process the condition (age) in encrypted form, generating a proof that can be verified by an external service through public keys. Unlike traditional methods, the ZKP system maintains total control over users’ information. Bumble, a popular dating app, will use digital IDs issued through Google Wallet to verify their age, while the confirmation will be managed through the ZKP system. This will improve the user experience and increase trust in the platform. The adoption of ZKP technology by Google could mark a decisive turning point, attracting attention from developers, companies, and investors in the decentralized privacy sector. The future of age verification and digital identity could be marked by a greater balance between security and privacy. If successful, the adoption of systems based on ZKP could lead to a safer and more respectful internet for individuals.
Agree.com’s AI-powered e-signature platform is different from competitors because it includes invoicing generation and payment processing
Agree.com says its AI-powered e-signature platform is different from competitors because it includes invoicing and payment processing. That’s why the company might have a shot at tackling the industry Goliath, Docusign. Because the startup makes its money from transaction fees for any money movement facilitated by its platform, Agree.com has made e-signatures free to all users. Agree.com uses AI on top of optimal character recognition (OCR) software so that it can auto-detect and label all of a contract’s input fields and signature blocks. Its technology can also identify and extract “any and all” payment terms to dynamically generate invoices. Because of its multitasking approach, Agree.com can potentially replace traditional e-signature software and invoicing and accounts receivable tools such as Bill.com. Agree extracts every character, indentation, semicolon, and hyphen to not only understand the type of contract being signed, but make it fully editable and collaborative with commenting, redlining, and version control. Agree’s “business model is truly unique: free software, monetized through invoicing and payments.”
Android adds support for OpenID standards to make handling digital credentials easy and secure by allowing any app to potentially become a “credential holder” and perform additional due-diligence steps required to verify any digital document
Google has given Android an OpenID upgrade to make handling digital credentials like virtual driving licences much easier and more secure. With native support for OpenID standards, Android apps and services can talk the same language when it comes to verifying who you are digitally. This update uses Android’s DigitalCredential API to bring in support for OpenID4VP (for showing your credentials) and OpenID4VCI (for getting new ones issued). It’s all part of Android’s push towards using open standards to ensure you’re not locked into one company’s way of doing things for your digital identity. The most obvious use people are talking about is digital identity documents like driving licences, passports, or national ID cards. But the potential goes way further. Google expects developers to get creative, using this tech for all sorts of things you might need to prove digitally. We’re talking education certificates, insurance details, gym memberships, event tickets, work permits – you name it. And it’s not just about official ‘wallet’ apps like Google Wallet or Samsung Wallet holding these credentials. Any app can potentially become a “credential holder.” Once you’ve picked, say, your digital driving licence, Android securely passes the request over to the wallet app that holds that specific licence. That app finishes the process, showing the credential to the verifier. This method also gives the wallet app a chance to “perform any additional due-diligence steps it needs to perform prior to releasing the credential to the verifier,” adding an extra layer of checks if needed. Receiving and storing new digital credentials is also getting standardised using the OpenID4VCI protocol. When someone needs to issue you a digital credential they can use this standard. To make sure Android knows what’s where when it’s time to show a credential, wallet apps need to tell the Credential Manager a bit about the credentials they hold. This info helps Android quickly find the right options for you when a request comes in.
The OpenID Foundation to demo a secure, privacy-preserving identity that supports cross-platform credential exchange, privacy-first architecture, and enterprise-grade securitycommunity to demo digital ID interoperability, DIF Labs taking proposals | Biometric Update
The OpenID Foundation is bringing together governments, standards bodies, technology vendors, end-user organizations and technical experts for a demonstration that “proves” a secure, privacy-preserving identity is “ready for prime time.” OpenID believes the single biggest barrier to seamless user experiences is interoperability, but in its upcoming showcase three specifications – the OpenID Verifiable Presentation (OID4VP), the High Assurance Interoperability Protocol (HAIP) and the Digital Credentials API (DC API) – are unified. “It’s a real-world demonstration of cross-platform credential exchange, privacy-first architecture, and enterprise-grade security,” the foundation said. Groups participating in the demo will include the NIST NCCoE, Mattr, Spruce, Animo, and 1Password among 10 teams developing digital wallets and verification solutions. They will work with credentials based on the ISO mDoc format widely utilized by mobile driver’s licenses, and Selective Disclosure JWTs (SD-JWTs). NIST NCCoE’s mDL architecture for opening a bank account, which uses the OID4VP, DC API and HAIP specifications, will also be demonstrated during the event.
Capgemini unveils perpetual ‘Know-Your-Customer’ real-time continuous compliance sandbox automatically alerting firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer
Capgemini has launched a technology sandbox to help financial institutions transition from static Know-Your-Customer (KYC) processes to perpetual KYC (pKYC) and event-based reviews. The sandbox, a first of its kind, provides a secure environment for firms to test and demonstrate the effectiveness of pKYC processes. It allows firms to automatically alert firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer. Capgemini’s sandbox model is flexible and modular, allowing organizations to implement it across their cloud platforms and technologies. The sandbox is designed to meet regulatory requirements and demonstrate how financial institutions are mitigating inherent risk exposure more effectively. It also demonstrates the industry’s ability to demonstrate excellence in achieving real-time KYC requirements. Key benefits of Capgemini’s new pKYC sandbox include: A safe testing environment: a secure environment where new KYC processes, policies, or technologies can be tested without risking real customer data leakage or compliance failures. Best-of-breed solutions: integration of key components from best-of-breed RegTech solutions and accelerators. Real-time visualization: ability to visualize pKYC in action to gauge benefits and showcase the framework to regulators. Quantifiable business impact: rapid end-to-end testing of the tech stack and processes leading to much faster feasibility of the pKYC operating model and creation of the associated business case. Operational readiness: identifies operational bottlenecks and optimizes workflows to enable full-scale deployment with confidence.
Capgemini unveils perpetual ‘Know-Your-Customer’ real-time continuous compliance sandbox automatically alerting firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer
Capgemini has launched a technology sandbox to help financial institutions transition from static Know-Your-Customer (KYC) processes to perpetual KYC (pKYC) and event-based reviews. The sandbox, a first of its kind, provides a secure environment for firms to test and demonstrate the effectiveness of pKYC processes. It allows firms to automatically alert firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer. Capgemini’s sandbox model is flexible and modular, allowing organizations to implement it across their cloud platforms and technologies. The sandbox is designed to meet regulatory requirements and demonstrate how financial institutions are mitigating inherent risk exposure more effectively. It also demonstrates the industry’s ability to demonstrate excellence in achieving real-time KYC requirements. Key benefits of Capgemini’s new pKYC sandbox include: A safe testing environment: a secure environment where new KYC processes, policies, or technologies can be tested without risking real customer data leakage or compliance failures. Best-of-breed solutions: integration of key components from best-of-breed RegTech solutions and accelerators. Real-time visualization: ability to visualize pKYC in action to gauge benefits and showcase the framework to regulators. Quantifiable business impact: rapid end-to-end testing of the tech stack and processes leading to much faster feasibility of the pKYC operating model and creation of the associated business case. Operational readiness: identifies operational bottlenecks and optimizes workflows to enable full-scale deployment with confidence.
Google Wallet deploys Zero-Knowledge Proof age verification technology uses blockchain to process the condition (age) in encrypted form, generating a proof that can be verified by an external service through public keys
Google has introduced Zero-Knowledge Proof (ZKP) technology to its Google Wallet service, allowing users to verify their age without sharing personal information. This cryptographic technology is a significant turning point for online privacy protection, as it eliminates the risk of privacy violations and identity theft. The system uses blockchain technology to process the condition (age) in encrypted form, generating a proof that can be verified by an external service through public keys. Unlike traditional methods, the ZKP system maintains total control over users’ information. Bumble, a popular dating app, will use digital IDs issued through Google Wallet to verify their age, while the confirmation will be managed through the ZKP system. This will improve the user experience and increase trust in the platform. The adoption of ZKP technology by Google could mark a decisive turning point, attracting attention from developers, companies, and investors in the decentralized privacy sector. The future of age verification and digital identity could be marked by a greater balance between security and privacy. If successful, the adoption of systems based on ZKP could lead to a safer and more respectful internet for individuals.
Meta detects underage Instagram users with AI tools that analyze contextual clues, such as birthday wishes or tip-offs from other users
Meta is using artificial intelligence tools to identify underage Instagram users who may have lied about their age to bypass platform safeguards. The company has announced that suspected underage users will be automatically placed into restricted “Teen Accounts” even if their account lists them as adults. Teen Accounts offer a controlled experience tailored for users under 16, limiting who can interact with them and restricting certain types of content. Meta claims the shift is designed to protect younger users and promote safe online behavior. Techniques include analyzing contextual clues, such as birthday wishes or tip-offs from other users, and comparing them with the stated age. Users will have the option to contest the AI’s decision and adjust their settings if misclassified. Meta will begin notifying parents directly, offering guidance on how to talk to teens about providing accurate age information online and encouraging them to verify their child’s listed birthday on Instagram.
No-code IAM platform offers developers a secure, scalable way to connect AI agents to external tools without having to manually manage and store tokens, scopes, and permissionsNo-code IAM platform offers developers a secure, scalable way to connect AI agents to external tools without having to manually manage and store tokens, scopes, and permissions
Descope, the drag & drop external IAM platform, launched the Agentic Identity Hub, an industry-first platform that helps organizations solve authentication and authorization challenges for AI agents, systems, and workflows. The Descope no / low code external IAM platform helps organizations easily create, modify, and manage journeys for their consumers, business customers, partners, and APIs / AI agents using visual workflows. Capabilities announced include: 1) Inbound Apps, which provide every application an easy way to become its own identity provider using the OAuth standard. This allows AI agents to securely authenticate, access authorized user data, and take scoped actions on behalf of users with their explicit consent. 2) Outbound Apps, which provide every AI agent builder a secure, scalable way to connect AI agents to external tools without having to manually manage and store tokens, scopes, and permissions. Developers can choose from over 50 out-of-the-box tool integration templates including Gmail, HubSpot, GitHub, Snowflake, Slack, Notion, and Shopify. 3) MCP Auth SDKs and APIs that help developers building and managing remote MCP servers secure their systems with robust authorization controls as well as extend the MCP servers’ functionality by connecting them with multiple OAuth-based services.
BlackCloak’s ID verification tech combats deepfake-powered phishing and other impersonation attacks targeted at high-profile executives by enabling users to verify the authenticity of suspicious communications
BlackCloak has launched an industry-first Identity Verification solution to combat deepfake-powered and other impersonation attacks, targeting high-profile executives and individuals. BlackCloak’s new Identity Verification offering is the first to address this rapidly emerging cybersecurity issue by enabling customers who receive a suspicious email to verify the sender’s identity and ensure the message is authentic. Integrated into its Digital Executive Protection platform, this feature enables users to verify the authenticity of suspicious communications, providing vital protection for executives, families, and businesses. BlackCloak’s new Identity Verification feature targets phishing campaigns, such as deepfakes, by allowing the user to prompt the sender to validate that they are who they claim to be through the BlackCloak mobile app. The new feature can combat the impact of deepfakes containing the following attributes: Synthetic Media, Facial Manipulation, Voice Cloning:, and Behavioral Mimicry.