The OpenID Foundation is bringing together governments, standards bodies, technology vendors, end-user organizations and technical experts for a demonstration that “proves” a secure, privacy-preserving identity is “ready for prime time.” OpenID believes the single biggest barrier to seamless user experiences is interoperability, but in its upcoming showcase three specifications – the OpenID Verifiable Presentation (OID4VP), the High Assurance Interoperability Protocol (HAIP) and the Digital Credentials API (DC API) – are unified. “It’s a real-world demonstration of cross-platform credential exchange, privacy-first architecture, and enterprise-grade security,” the foundation said. Groups participating in the demo will include the NIST NCCoE, Mattr, Spruce, Animo, and 1Password among 10 teams developing digital wallets and verification solutions. They will work with credentials based on the ISO mDoc format widely utilized by mobile driver’s licenses, and Selective Disclosure JWTs (SD-JWTs). NIST NCCoE’s mDL architecture for opening a bank account, which uses the OID4VP, DC API and HAIP specifications, will also be demonstrated during the event.
Visa describes upcoming EU digital identity wallet as ‘gamechanger’ for payments and banking by separating the identity process from banks but proof will still be shared with the financial institution
Marie Austenaa, the head of digital identity at Visa has described the upcoming EU Digital Identity Wallet (eID) is as a “gamechanger” for payments and banking, describing the move as a “present on a silver plate” for the sector, with the eID Wallet acting as a crucial new tool for regulatory compliant account opening. By 2026, each EU member state will need to deliver at least one version of the Wallet. The IDs are expected to be fully operational by 2027, with service providers mandated to accept them during the same year. Austenaa explained that the ID will make it much easier to open a bank account in another country and expand across borders. The head of digital identity said the upcoming ID will be used as an authentication credential in a person’s wallet, where a bank can rely on it rather than their banking app, while it can be presented to a merchant to perform authentication in “a way that everyone can trust.” She described it as an opportunity to separate the identity process from banks. The identification process will be done by another entity, she said, but proof will still be shared with the financial institution. Austenaa added that the eID would provide opportunities in other areas such as verification of IBAN, or proof of income, but she said that this is “going to take time”. “[It is an] opportunity for the banks, having a trusted digital identity that is fully digital with a great user experience, the member states taking responsibility for the identity itself, that’s kind of cool,” she continued, adding that the ID will create economic wealth all around the EU, with further opportunities around driving trust and innovation, and reducing fraud.
Capgemini unveils perpetual ‘Know-Your-Customer’ real-time continuous compliance sandbox automatically alerting firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer
Capgemini has launched a technology sandbox to help financial institutions transition from static Know-Your-Customer (KYC) processes to perpetual KYC (pKYC) and event-based reviews. The sandbox, a first of its kind, provides a secure environment for firms to test and demonstrate the effectiveness of pKYC processes. It allows firms to automatically alert firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer. Capgemini’s sandbox model is flexible and modular, allowing organizations to implement it across their cloud platforms and technologies. The sandbox is designed to meet regulatory requirements and demonstrate how financial institutions are mitigating inherent risk exposure more effectively. It also demonstrates the industry’s ability to demonstrate excellence in achieving real-time KYC requirements. Key benefits of Capgemini’s new pKYC sandbox include: A safe testing environment: a secure environment where new KYC processes, policies, or technologies can be tested without risking real customer data leakage or compliance failures. Best-of-breed solutions: integration of key components from best-of-breed RegTech solutions and accelerators. Real-time visualization: ability to visualize pKYC in action to gauge benefits and showcase the framework to regulators. Quantifiable business impact: rapid end-to-end testing of the tech stack and processes leading to much faster feasibility of the pKYC operating model and creation of the associated business case. Operational readiness: identifies operational bottlenecks and optimizes workflows to enable full-scale deployment with confidence.
Startup AuthZed ‘s open-source permissions system can scale to trillions of access control lists and millions of authorization checks per second to support RAG and agentic AI systems with real-time permissioning
Permissions management startup AuthZed announced new support for retrieval-augmented generation and agentic artificial intelligence systems, expanding its authorization infrastructure to address security challenges in enterprise AI. The expanded support is designed to give engineering teams the tools they need to ensure that AI systems respect permissions, prevent data leaks and maintain complete audit trails. AuthZed uses its open-source permissions system, SpiceDB, to support RAG and agentic AI. SpiceDB, based on Google’s internal permission system, Zanzibar, was built for scale and complexity and can scale to trillions of access control lists and millions of authorization checks per second. AuthZed says that supporting AI is a natural evolution for the system. AuthZed ensures that only authorized data is retrieved, embedded and displayed to users throughout the RAG process. Using AuthZed, teams can enforce access control by filtering documents before embedding them, post-filtering vector search results to exclude restricted content, and synchronizing permissions in real time with platforms such as Google Workspace and SharePoint. The controls allow organizations to build secure, high-performance RAG systems that minimize the risk of data leaks. On the agentic AI front, AuthZed’s Agentic AI Authorization Model is designed to manage what agents can do by aligning their capabilities with the permissions of the users they act on behalf of.
Capgemini unveils perpetual ‘Know-Your-Customer’ real-time continuous compliance sandbox automatically alerting firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer
Capgemini has launched a technology sandbox to help financial institutions transition from static Know-Your-Customer (KYC) processes to perpetual KYC (pKYC) and event-based reviews. The sandbox, a first of its kind, provides a secure environment for firms to test and demonstrate the effectiveness of pKYC processes. It allows firms to automatically alert firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer. Capgemini’s sandbox model is flexible and modular, allowing organizations to implement it across their cloud platforms and technologies. The sandbox is designed to meet regulatory requirements and demonstrate how financial institutions are mitigating inherent risk exposure more effectively. It also demonstrates the industry’s ability to demonstrate excellence in achieving real-time KYC requirements. Key benefits of Capgemini’s new pKYC sandbox include: A safe testing environment: a secure environment where new KYC processes, policies, or technologies can be tested without risking real customer data leakage or compliance failures. Best-of-breed solutions: integration of key components from best-of-breed RegTech solutions and accelerators. Real-time visualization: ability to visualize pKYC in action to gauge benefits and showcase the framework to regulators. Quantifiable business impact: rapid end-to-end testing of the tech stack and processes leading to much faster feasibility of the pKYC operating model and creation of the associated business case. Operational readiness: identifies operational bottlenecks and optimizes workflows to enable full-scale deployment with confidence.
Cyolo’s platform lets organizations enforce access policies and gain real-time visibility over vendor-managed VPNs and direct connections without requiring changes to existing production infrastructure or vendor workflows
Remote privileged access management company Cyolo Ltd. announced a major update to its Cyolo PRO, or Privileged Remote Operations, platform, introducing new capabilities designed to improve visibility, security and operational agility in industrial and cyber-physical system environments. Leading the list of new features is Third-Party VPN Control, a capability that allows organizations to enforce access policies and gain real-time visibility over vendor-managed virtual private networks and direct connections without requiring changes to existing production infrastructure or vendor workflows. The new version of Cyolo PRO also introduces Instant Collaboration Link, a browser-based, onetime-use secure link that allows session owners to invite external participants, such as vendors, auditors and engineers, into live Remote Desktop Protocol, Secure Shell or Virtual Network Computing sessions. Another new feature, called Secure Remote Assistance, allows organizations to deliver secure technical support for both user-initiated and helpdesk-initiated sessions, all while maintaining operational governance and control. Cyolo Pro also now includes a new Asset Access Hub that presents a unified, contextual view of assets based on both business and technical attributes.
Google Wallet deploys Zero-Knowledge Proof age verification technology uses blockchain to process the condition (age) in encrypted form, generating a proof that can be verified by an external service through public keys
Google has introduced Zero-Knowledge Proof (ZKP) technology to its Google Wallet service, allowing users to verify their age without sharing personal information. This cryptographic technology is a significant turning point for online privacy protection, as it eliminates the risk of privacy violations and identity theft. The system uses blockchain technology to process the condition (age) in encrypted form, generating a proof that can be verified by an external service through public keys. Unlike traditional methods, the ZKP system maintains total control over users’ information. Bumble, a popular dating app, will use digital IDs issued through Google Wallet to verify their age, while the confirmation will be managed through the ZKP system. This will improve the user experience and increase trust in the platform. The adoption of ZKP technology by Google could mark a decisive turning point, attracting attention from developers, companies, and investors in the decentralized privacy sector. The future of age verification and digital identity could be marked by a greater balance between security and privacy. If successful, the adoption of systems based on ZKP could lead to a safer and more respectful internet for individuals.
1Password’s secrets syncing integration with AWS allows organizations to consolidate secrets management and embed secure credential handling directly into AI development workflows and CI pipelines
1Password announced a strategic collaboration agreement with AWS that puts the firm in position to capitalize on surging enterprise demand for security tools designed for AI and cloud-native environments. Monica Jain, 1Password’s head of go-to-market partnerships, told that the AWS collaboration has delivered explosive growth over the past 18 months. Contracts sold through AWS average four times larger than typical deals, with win rates exceeding 50 percent across all customer segments from small businesses to large enterprises. As part of the expanded partnership, 1Password introduced a new secrets syncing integration with AWS Secrets Manager. The integration allows organizations to consolidate secrets management, enforce role-based access controls, and embed secure credential handling directly into development workflows including command-line interfaces, continuous integration pipelines, and AI-powered automation. The technical integration addresses a critical pain point for developers who traditionally have struggled to manage secrets securely without slowing down development velocity. By embedding secure access directly into existing workflows, the platform eliminates the trade-off between security and productivity that has plagued many organizations. 1Password now secures more than 165,000 businesses and millions of consumers, with 75 percent of revenue coming from business customers compared to just 25 percent from consumers — a dramatic shift from the company’s consumer origins. The AWS partnership accelerates 1Password’s evolution from a password manager into what the company calls an Extended Access Management platform. This new category addresses security gaps that traditional identity and access management, identity governance and administration, and mobile device management tools cannot reach.
Google Wallet deploys Zero-Knowledge Proof age verification technology uses blockchain to process the condition (age) in encrypted form, generating a proof that can be verified by an external service through public keys
Google has introduced Zero-Knowledge Proof (ZKP) technology to its Google Wallet service, allowing users to verify their age without sharing personal information. This cryptographic technology is a significant turning point for online privacy protection, as it eliminates the risk of privacy violations and identity theft. The system uses blockchain technology to process the condition (age) in encrypted form, generating a proof that can be verified by an external service through public keys. Unlike traditional methods, the ZKP system maintains total control over users’ information. Bumble, a popular dating app, will use digital IDs issued through Google Wallet to verify their age, while the confirmation will be managed through the ZKP system. This will improve the user experience and increase trust in the platform. The adoption of ZKP technology by Google could mark a decisive turning point, attracting attention from developers, companies, and investors in the decentralized privacy sector. The future of age verification and digital identity could be marked by a greater balance between security and privacy. If successful, the adoption of systems based on ZKP could lead to a safer and more respectful internet for individuals.
Persona and Yardstik’s solution melds ID verification and background screening into a unified system to enable enterprises to defend against fraud at the pre-hire, onboarding, and post-hire stage of the user journey
Persona and Yardstik announced their partnership to deliver the first jointly integrated identity verification and background screening solution. This collaboration enables organizations to verify workers are who they say they are and whether they pose a risk, all in one seamless system—addressing the dual challenges of sophisticated fraud and a competitive hiring landscape. The partnership enables organizations to defend against fraud and bad actors at every stage of the user journey: pre-hire, onboarding, and post-hire, while providing faster, smoother access to work and coordinated data systems for organizations to manage risk. The integration unites Persona’s identity verification and Yardstik’s full suite of screening products—including criminal checks, MVR checks, drug screening, continuous monitoring, and more. With the Persona-Yardstik integration now live, organizations can streamline risk management and speed up onboarding—unlocking key benefits such as: Unified onboarding system for faster time to value; Centralized risk decisioning; and Conversion optimized flows for end-users.