Identity/biometrics/technology marketing and writing services
Imagine if we didn’t have identity verification and authentication.
I could walk into a luxury car dealership and buy a car, telling the salesperson that my name is Bill Gates. I could buy the car, and Gates would get the bill.
Sounds great…until someone impersonates YOU and gets YOUR money.
If you are asking “how do I use [COOL AI TOOL]”…
…you’re asking the wrong question.
Ask how you will solve a particular business problem.
Maybe you will use AI.
Maybe you won’t.
Maybe you will use Bredemarket.
I swear I’ve written about “MasterPrints” before, but I can’t find any such article. Maybe I just discussed it internally at IDEMIA when I worked there in 2018.
“Generative adversarial network produces a “universal fingerprint” that will unlock many smartphones“
“Researchers at NYU and U Michigan have published a paper explaining how they used a pair of machine-learning systems to develop a “universal fingerprint” that can fool the lowest-security fingerprint sensors 76% of the time (it is less effective against higher-security sensors).
“The researchers used “generative adversarial networks” (GAN) to develop their attack: this technique uses a pair of machine learning systems, a “generator” which tries to fool a “discriminator,” to produce a kind of dialectical back-and-forth in that creates fakes that are harder and harder to detect.”
While this happened over seven years ago and is probably harder to implement with today’s technology, I was reminded of this when I ran across this Biometric Update article.
“Voice morphing attack blends identities to bypass voice biometrics: study“
“A new research paper explores a signal-level approach to voice morphing attacks that exposes vulnerabilities in biometric voice recognition systems.
“The abstract describes Time-domain Voice Identity Morphing (TD-VIM) as “a novel approach for voice-based biometric morphing” which “enables the blending of voice characteristics from two distinct identities at the signal level.” TD-VIM allows for seamless voice morphing directly in the time domain, allowing “identity blending without any embeddings from the backbone, or reference text.””
So it, um, sounds like we not only have MasterPrints, but also MasterVoices.
While I’m currently concentrating on HUMAN identities (book on the way), the world is moving in a different direction.
“Everyone (I think?) agrees that defining your ICP (Ideal Customer Profile) is important….
“But there’s an assumption baked into all of this: Your user is human. I think that assumption is breaking.
“As agents begin to interact with products on our behalf – often via protocols like Model Context Protocol (MCP) – your ‘user’ may never actually touch your product.
“Which changes pretty much everything.”
Verna highlights how to market when your ideal “customer” is a bot, and what the bots look for.
“[Other products] will become almost entirely invisible. They exist as infrastructure. As a codified set of rules that is hard to reproduce. They are never opened directly, never explored, never ‘used’ in the traditional sense. They are just… there, powering outcomes. And you know what, I think most of the B2B will fall here.”
So I’m definitely concentrating on people for the next few days, but I haven’t forgotten my bot buddies.
Something you know…and that someone else knows. It can happen.
Many systems require more than one knowledge-based modality, which is why they sometimes ask for other things like your mother’s maiden name.
This of course is not foolproof. Your sister that hates your guts, for example, obviously knows your mother’s maiden name. And even complete strangers, especially those with nefarious intent, can deduce your personal information.
Let me introduce you to Doug.
Assume that Doug wants to hack Donna’s account but needs some personal information to do so. This is somewhat tough, since Donna’s Facebook account is private and can only be seen by her friends. Well, Doug knows that Belle is a friend of Donna’s, and Belle’s Facebook password is “password1.” Problem solved.
Doug uses Belle’s account to read Donna’s posts and finds some remarkably interesting ones. Not that she’s posting her Social Security Number or anything, but what did she post?
If you’re keeping score at home, Doug now knows the following information about Donna:
More than enough for Doug to impersonate Donna.
Something you know.
We know a lot of things, we can tell the system the things we know, and the system can confirm that the person accessing the system knows these same things.
Here are a few examples of knowledge-based information:
Some of these pieces of personally identifiable information (PII) are more commonly known than others. The, um, secret is to choose a piece of knowledge that ONLY YOU know.
But remember: anything that you know is potentially known by others.
Since I am not really a business-to-consumer guy, I tend to think of hungry people (target audiences) who number in the hundreds or thousands rather than millions. For example, if you want to sell your identity/biometric solutions to banks with total assets of over US$100 billion, there are only about 100 of them.
Marketing products in this environment requires a completely different mindset. Rather than hiring a Kardashian or Jenner as your influencer or spokesperson, you’d hire a Buffett. (If you could. You probably can’t, unless he owns the company.)
Therefore you need to concentrate on the players who make buying decisions, from the CxO level down to the users. That is the way to get your product into the enterprise.
But if enterprise penetration is your goal, you’re doomed to failure.
For example, enterprises usually don’t buy automated biometric identification systems. Government agencies do.
Believe me, I know. Many identity/biometric firms sell to the U.S. Department of Homeland Security, and their orders have been disrupted on and off since last October.
One acronym that I love to use is B2G—business-to-government. But I’ve learned the hard way that many people have never heard this acronym before. (Scan the job descriptions and spot the ones for marketing to government agencies that require “B2B” experience.)
So Bredemarket doesn’t seek clients that only sell to enterprises. I seek those that sell to organizations, both private and public.
If your identity/biometric or technology company markets products to organizations and you need strategic and tactical assistance, talk go Bredemarket.
There are all sorts of apocalyptic literature: apes taking over the world is but one example. But the scariest thing I’ve read lately was published by Factonic.
“Imagine waking up one morning and realizing that every password you’ve ever created has suddenly stopped working. Your bank account, social media profiles, and even your email are either completely locked or frighteningly exposed. There’s no reset option, no backup plan—just instant confusion and panic.”
Factonic believes that massive hacks, quantum computing power, and other catastrophic events could eliminate password protections.
“In the first 24 hours after passwords stop working, the digital world would slip into chaos.
“Banking systems could either freeze to prevent unauthorized access or come under heavy attack as bad actors try to exploit the sudden vulnerability, leaving people unable to access their money or complete transactions.
“Social media accounts would be rapidly hijacked, spreading misinformation, scams, or malicious content as users lose control of their profiles.
“Meanwhile, businesses would likely shut down access to their platforms entirely in an attempt to contain the damage, halting operations and cutting off services to millions of users.”
But before you say that the passwords are finally dead and we can move on to other factors of identity verification and authentication…
…those same hacks and power could also affect all the other factors. Imagine quantum computing power that could generate matching fingerprints, faces, behaviors, and identity documents in seconds. As I said in 2021:
“But wait a minute. Isn’t it possible to spoof biometrics? And when a biometric is compromised, you can’t change your finger or your face like you can with a compromised password. And the Internet tells me that biometrics is racist anyway.
“So I guess “biometrics are dead” too, using the “passwords are dead” rationale.
“And we obviously can’t use secure documents or other “something you have” modalities either, because “something you have” is “something that can be stolen.” And you can’t vet the secure document with biometrics because we already know that biometrics are spoofable and racist and all that.
“So I guess “secure documents are dead” too.“
So much for protection. Have a good day.
Let’s revisit analysis, comparison, evaluation, and verification.
You may recall my post about a collection of judicial decisions, one of which included the following:
“The term “scientific” to describe his opinion “arguably verged on suggesting that the ACE-V process is more scientific than warranted,” and there was one instance in which Dolan testified without using the term “opinion.” The court concludes that there was no error because, “viewed as a whole,” his testimony was largely expressed in terms of an “opinion” and his testimony did not claim that the ACE-V process was infallible or absolutely certain.”
For those who aren’t familiar with the acronym ACE-V, here is how the U.S. National Institute of Standards and Technology defines it:
“The friction ridge examination process is commonly referred to as ACE‐V: Analysis, Comparison, Evaluation, and Verification.
“Analysis: An initial information‐gathering phase in which the examiner studies the unknown print to assess the quality and quantity of discriminating detail present. The examiner considers information such as substrate, development method, various levels of ridge detail, and pressure distortions. A separate analysis then occurs with the exemplar.
“Comparison: The side‐by‐side observation of the friction ridge detail in the two impressions to determine the agreement or disagreement in the details
“Evaluation: The examiner assesses the agreement or disagreement of the information observed during Analysis and Comparison and forms a conclusion.
“Verification: In some agencies is a review of an examiner’s conclusions with knowledge of those conclusions; in other agencies, it is an independent re‐examination by a second examiner who does not know the outcome of the first examination.”
To make things easier for latent examiners, some automated biometric identification system (ABIS) software packages incorporate ACE-V either as a separate module or as an integrated part of their workflow. I know that IDEMIA and Thales include it, and it appears that CSIpix, Eviscan, Noblis, and ROC also include it.
But I’m going to talk about Innovatrics in this post.
“Innovatrics is expanding ACE-V capabilities in ABIS for Criminal Investigation with new features that help forensic teams manage examinations more clearly, support different review models, and keep unresolved latent evidence active as investigations move forward….
“ACE-V is widely used in forensic work, but the way it is applied can vary across agencies, regions, and countries, often shaped by local legislative requirements. Some agencies require clear separation between roles, while others rely on smaller teams with a more flexible way of dividing work. Innovatrics is shaping the workflow to support different use cases and agency ACE-V policies, from small teams to large departments, without forcing agencies to change the established workflows they already rely on.”
More here.
I previously noted that electronic health records serve the billers. Perhaps EHRs serve the billers a little too much.
From the Petersen Health Technology Institute:
“Though we are still in the early stages of administrative AI adoption, it has become clear that rapid AI deployment by both providers and health plans to support prior authorization and medical billing transactions risks increasing levels of system activity without reducing costs. Under existing incentive structures, AI automation could increase the volume of prior authorization back-and-forth, rather than making the process more efficient. AI-assisted coding tools could accelerate coding intensity and charge capture, which—even if accurate—would have an inflationary impact on healthcare costs.”
Regarding prior authorization:
“AI may reduce the cost for individual organizations to execute prior authorizations, but it has not reduced overall system-level costs.”
And regarding medical billing:
“Provider deployment of AI is increasing billing intensity and inflating medical spending.”
This was not what we intended. Or maybe it was.
Bredemarket