Agentic AI – systems that can plan, take actions across tools, and adapt in real time – isn’t just accelerating productivity. It’s also lowering the skill and time needed to commit identity-based attacks that end in data breaches. When a synthetic “customer,” “patient,” or “student” can open accounts, reset passwords, or talk its way past […]
Decentralized Identity & Consent in Healthcare: From Portals to Patient-Controlled Credentials
Healthcare runs on trust – but today trust is mediated by passwords, paper forms, and siloed databases. Decentralized identity (DID) offers a better model: portable, cryptographically verifiable credentials that people control and can use anywhere, with only the minimum data disclosed. It’s a shift from institution-owned profiles to user-owned credentials, verified in seconds and reusable […]
Stop Asking for Selfies and ID Emails: Why Manual ID Checks Fail (and What to Do Instead)
If your team still asks customers, patients, or students to email or upload photos of an ID and a selfie for a human to eyeball – this post is for you. It feels simple. It’s familiar. But it’s also fragile, expensive, and increasingly dangerous in a world of AI-generated media and industrialized fraud. Below is […]
Beyond the Selfie: Why Liveness and Deepfake Detection Is Now Essential in Identity Verification
For years, the “selfie check” was the go-to method for remote identity verification. The process seemed simple enough: hold your ID next to your face, snap a picture, and let the system decide if you’re the same person. But in 2025, that approach is dangerously outdated.Why? Because fraudsters have upgraded their playbook—and the tools they’re […]
The MGM Breach and the Future of Helpdesk Security: Lessons Learned
In September 2023, MGM Resorts International—one of the world’s largest hospitality and entertainment companies—was brought to its knees. Guests couldn’t check in, slot machines went offline, and digital room keys failed. The culprit? A sophisticated social engineering attack targeting the company’s helpdesk. The breach didn’t require brute-force hacking or advanced malware. Instead, attackers exploited human […]
