PlainID, global provider of Identity Security, introduces Policy Management for Agentic AI. Policy Management for Agentic AI enables organizations to define granular policies that control what data AI agents can access, how they process it, and which actions they may take—ensuring that every AI-driven workflow abides by corporate and regulatory mandates. Key capabilities include: Identity-aware control – Enforce access based on human and non-human identity (NHI). Dynamic, fine-grained policies – Apply adaptable controls to every AI Agent interaction with data, APIs and services. Centralized policy management – Manage and govern all policies in one unified, standardized interface. Seamless integration – With popular AI platforms and orchestration frameworks Zero Trust Alignment – Ensure AI operations align with enterprise security and compliance frameworks, by design. Auditability – Gain full visibility into AI decision chains, access attempts, and policy outcomes. “As enterprises accelerate AI initiatives, PlainID empowers teams to govern AI data and decisions without compromising innovation. Through policy management and access enforcement, we ensure every AI interaction is secure, compliant, and policy-aware,” said Gal Helemski, Chief Product Officer and Co-Founder of PlainID.
PayPal taps Mastercard’s One Credential feature to enable consumers to set preference whether to pay with debit, installments, prepaid or credit for online or in-store purchases depending on the transaction
Mastercard and PayPal have partnered to co-develop features using Mastercard’s One Credential, a solution that enables consumers to use a single credential when shopping online or in-store. The companies aim to use this solution to give consumers more choice and control over how they pay at checkout, allowing them to access multiple payment options. One Credential can also help PayPal users improve their creditworthiness and progress from debit to installments and other structured credit. “We both want to reduce friction for consumers and bring them more power over how they pay,” Chris Sweetland, senior vice president of partnerships at PayPal, said. Bunita Sawhney, chief consumer product officer at Mastercard, said that the partnership with PayPal will build on “our collective strength of global payments innovation. With One Credential, we’re delivering the personalized digital experiences that build consumer confidence and trust.” Mastercard’s One Credential will allow consumers to choose to pay with debit, installments, prepaid or credit. Users can set their preferences online or in an app. They can also set preferences based on transaction type and time. For example, users can specify their checking account for expenses under $100, their credit card for expenses over $100 and installments for occasional larger purchases. Mastercard is now rolling out One Credential as a network-level capability worldwide.
Android adds support for OpenID standards to make handling digital credentials easy and secure by allowing any app to potentially become a “credential holder” and perform additional due-diligence steps required to verify any digital document
Google has given Android an OpenID upgrade to make handling digital credentials like virtual driving licences much easier and more secure. With native support for OpenID standards, Android apps and services can talk the same language when it comes to verifying who you are digitally. This update uses Android’s DigitalCredential API to bring in support for OpenID4VP (for showing your credentials) and OpenID4VCI (for getting new ones issued). It’s all part of Android’s push towards using open standards to ensure you’re not locked into one company’s way of doing things for your digital identity. The most obvious use people are talking about is digital identity documents like driving licences, passports, or national ID cards. But the potential goes way further. Google expects developers to get creative, using this tech for all sorts of things you might need to prove digitally. We’re talking education certificates, insurance details, gym memberships, event tickets, work permits – you name it. And it’s not just about official ‘wallet’ apps like Google Wallet or Samsung Wallet holding these credentials. Any app can potentially become a “credential holder.” Once you’ve picked, say, your digital driving licence, Android securely passes the request over to the wallet app that holds that specific licence. That app finishes the process, showing the credential to the verifier. This method also gives the wallet app a chance to “perform any additional due-diligence steps it needs to perform prior to releasing the credential to the verifier,” adding an extra layer of checks if needed. Receiving and storing new digital credentials is also getting standardised using the OpenID4VCI protocol. When someone needs to issue you a digital credential they can use this standard. To make sure Android knows what’s where when it’s time to show a credential, wallet apps need to tell the Credential Manager a bit about the credentials they hold. This info helps Android quickly find the right options for you when a request comes in.
Cognitiv AI personas transforms real-time consumer behavior data into dynamic audience profiles, revealing exactly which content triggers conversions to optimize targeting precision delivers 9X performance lift
Cognitiv announced AI Personas, a first-of-its-kind solution that transforms real-time consumer behavior data into dynamic audience profiles, revealing exactly which content triggers conversions to optimize targeting precision. Unlike traditional static segments, Cognitiv AI Personas evolve continuously with consumer behavior, built from each brand’s unique first-party data, rather than relying on off-the-shelf audience taxonomies used by competitors. While in beta, Cognitiv’s AI Personas has outperformed advertiser CPA goals by 9x, achieved 90% more efficient cost-per-action and outperformed CTR benchmarks by 60%. The offering allows advertisers to gain an unprecedented look “under the hood,” unlocking a holistic understanding of their consumers through the AI powering Cognitiv’s custom algorithms. This helps validate existing strategies while illuminating blind spots across display, social, and other channels. With these insights, advertisers can track the relationship between campaign lift and changes in audience engagement over time to refine creative messaging, audience strategies, and campaign optimization. Advertisers can also use AI Personas to reach audiences through ContextGPT, Cognitiv’s advanced contextual targeting solution. By knowing where high performing audiences are most likely to be online, ContextGPT helps advertisers better understand their target audience and reach them in the appropriate contexts.
The OpenID Foundation to demo a secure, privacy-preserving identity that supports cross-platform credential exchange, privacy-first architecture, and enterprise-grade securitycommunity to demo digital ID interoperability, DIF Labs taking proposals | Biometric Update
The OpenID Foundation is bringing together governments, standards bodies, technology vendors, end-user organizations and technical experts for a demonstration that “proves” a secure, privacy-preserving identity is “ready for prime time.” OpenID believes the single biggest barrier to seamless user experiences is interoperability, but in its upcoming showcase three specifications – the OpenID Verifiable Presentation (OID4VP), the High Assurance Interoperability Protocol (HAIP) and the Digital Credentials API (DC API) – are unified. “It’s a real-world demonstration of cross-platform credential exchange, privacy-first architecture, and enterprise-grade security,” the foundation said. Groups participating in the demo will include the NIST NCCoE, Mattr, Spruce, Animo, and 1Password among 10 teams developing digital wallets and verification solutions. They will work with credentials based on the ISO mDoc format widely utilized by mobile driver’s licenses, and Selective Disclosure JWTs (SD-JWTs). NIST NCCoE’s mDL architecture for opening a bank account, which uses the OID4VP, DC API and HAIP specifications, will also be demonstrated during the event.
Visa describes upcoming EU digital identity wallet as ‘gamechanger’ for payments and banking by separating the identity process from banks but proof will still be shared with the financial institution
Marie Austenaa, the head of digital identity at Visa has described the upcoming EU Digital Identity Wallet (eID) is as a “gamechanger” for payments and banking, describing the move as a “present on a silver plate” for the sector, with the eID Wallet acting as a crucial new tool for regulatory compliant account opening. By 2026, each EU member state will need to deliver at least one version of the Wallet. The IDs are expected to be fully operational by 2027, with service providers mandated to accept them during the same year. Austenaa explained that the ID will make it much easier to open a bank account in another country and expand across borders. The head of digital identity said the upcoming ID will be used as an authentication credential in a person’s wallet, where a bank can rely on it rather than their banking app, while it can be presented to a merchant to perform authentication in “a way that everyone can trust.” She described it as an opportunity to separate the identity process from banks. The identification process will be done by another entity, she said, but proof will still be shared with the financial institution. Austenaa added that the eID would provide opportunities in other areas such as verification of IBAN, or proof of income, but she said that this is “going to take time”. “[It is an] opportunity for the banks, having a trusted digital identity that is fully digital with a great user experience, the member states taking responsibility for the identity itself, that’s kind of cool,” she continued, adding that the ID will create economic wealth all around the EU, with further opportunities around driving trust and innovation, and reducing fraud.
Capgemini unveils perpetual ‘Know-Your-Customer’ real-time continuous compliance sandbox automatically alerting firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer
Capgemini has launched a technology sandbox to help financial institutions transition from static Know-Your-Customer (KYC) processes to perpetual KYC (pKYC) and event-based reviews. The sandbox, a first of its kind, provides a secure environment for firms to test and demonstrate the effectiveness of pKYC processes. It allows firms to automatically alert firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer. Capgemini’s sandbox model is flexible and modular, allowing organizations to implement it across their cloud platforms and technologies. The sandbox is designed to meet regulatory requirements and demonstrate how financial institutions are mitigating inherent risk exposure more effectively. It also demonstrates the industry’s ability to demonstrate excellence in achieving real-time KYC requirements. Key benefits of Capgemini’s new pKYC sandbox include: A safe testing environment: a secure environment where new KYC processes, policies, or technologies can be tested without risking real customer data leakage or compliance failures. Best-of-breed solutions: integration of key components from best-of-breed RegTech solutions and accelerators. Real-time visualization: ability to visualize pKYC in action to gauge benefits and showcase the framework to regulators. Quantifiable business impact: rapid end-to-end testing of the tech stack and processes leading to much faster feasibility of the pKYC operating model and creation of the associated business case. Operational readiness: identifies operational bottlenecks and optimizes workflows to enable full-scale deployment with confidence.
Startup AuthZed ‘s open-source permissions system can scale to trillions of access control lists and millions of authorization checks per second to support RAG and agentic AI systems with real-time permissioning
Permissions management startup AuthZed announced new support for retrieval-augmented generation and agentic artificial intelligence systems, expanding its authorization infrastructure to address security challenges in enterprise AI. The expanded support is designed to give engineering teams the tools they need to ensure that AI systems respect permissions, prevent data leaks and maintain complete audit trails. AuthZed uses its open-source permissions system, SpiceDB, to support RAG and agentic AI. SpiceDB, based on Google’s internal permission system, Zanzibar, was built for scale and complexity and can scale to trillions of access control lists and millions of authorization checks per second. AuthZed says that supporting AI is a natural evolution for the system. AuthZed ensures that only authorized data is retrieved, embedded and displayed to users throughout the RAG process. Using AuthZed, teams can enforce access control by filtering documents before embedding them, post-filtering vector search results to exclude restricted content, and synchronizing permissions in real time with platforms such as Google Workspace and SharePoint. The controls allow organizations to build secure, high-performance RAG systems that minimize the risk of data leaks. On the agentic AI front, AuthZed’s Agentic AI Authorization Model is designed to manage what agents can do by aligning their capabilities with the permissions of the users they act on behalf of.
Capgemini unveils perpetual ‘Know-Your-Customer’ real-time continuous compliance sandbox automatically alerting firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer
Capgemini has launched a technology sandbox to help financial institutions transition from static Know-Your-Customer (KYC) processes to perpetual KYC (pKYC) and event-based reviews. The sandbox, a first of its kind, provides a secure environment for firms to test and demonstrate the effectiveness of pKYC processes. It allows firms to automatically alert firms to changes in a customer’s circumstances that could affect their risk profile, enabling them to re-assess their risk exposure to the customer. Capgemini’s sandbox model is flexible and modular, allowing organizations to implement it across their cloud platforms and technologies. The sandbox is designed to meet regulatory requirements and demonstrate how financial institutions are mitigating inherent risk exposure more effectively. It also demonstrates the industry’s ability to demonstrate excellence in achieving real-time KYC requirements. Key benefits of Capgemini’s new pKYC sandbox include: A safe testing environment: a secure environment where new KYC processes, policies, or technologies can be tested without risking real customer data leakage or compliance failures. Best-of-breed solutions: integration of key components from best-of-breed RegTech solutions and accelerators. Real-time visualization: ability to visualize pKYC in action to gauge benefits and showcase the framework to regulators. Quantifiable business impact: rapid end-to-end testing of the tech stack and processes leading to much faster feasibility of the pKYC operating model and creation of the associated business case. Operational readiness: identifies operational bottlenecks and optimizes workflows to enable full-scale deployment with confidence.
Cyolo’s platform lets organizations enforce access policies and gain real-time visibility over vendor-managed VPNs and direct connections without requiring changes to existing production infrastructure or vendor workflows
Remote privileged access management company Cyolo Ltd. announced a major update to its Cyolo PRO, or Privileged Remote Operations, platform, introducing new capabilities designed to improve visibility, security and operational agility in industrial and cyber-physical system environments. Leading the list of new features is Third-Party VPN Control, a capability that allows organizations to enforce access policies and gain real-time visibility over vendor-managed virtual private networks and direct connections without requiring changes to existing production infrastructure or vendor workflows. The new version of Cyolo PRO also introduces Instant Collaboration Link, a browser-based, onetime-use secure link that allows session owners to invite external participants, such as vendors, auditors and engineers, into live Remote Desktop Protocol, Secure Shell or Virtual Network Computing sessions. Another new feature, called Secure Remote Assistance, allows organizations to deliver secure technical support for both user-initiated and helpdesk-initiated sessions, all while maintaining operational governance and control. Cyolo Pro also now includes a new Asset Access Hub that presents a unified, contextual view of assets based on both business and technical attributes.