In some cases, a customer’s purchase of a particular product or service indicates possible future interest in that same product or service.
But this indicator only goes so far.
If you just purchased an expensive item such as a refrigerator or a car or a house, chances are you’re not in the market for a second refrigerator or car or house.
People have lost patience with brands who send incorrect or inaccurate marketing materials. In fact, brands that do this are driving their customers away.
Of the 49% that say they were incorrectly targeted to in the last six months, 42% said they immediately unsubscribed from the brand’s marketing content. Another 24% chose to block the brand on social media!
43% said that they received marketing for a product they’d already bought.
Basically, I had gone through great trouble to document that Bredemarket would NOT take identity work, so I had to reverse a lot of pages to say that Bredemarket WOULD take identity work.
I may have found a few additional pages after June 1, but eventually I reached the point where everything on the Bredemarket website was completely and totally updated, and I wouldn’t have to perform any other changes.
You can predict where this is going.
Who I…was
Today it occurred to me that some of the readers of the LinkedIn Bredemarket page may not know the person behind Bredemarket, so I took the opportunity to share Bredemarket’s “Who I Am” web page on the LinkedIn page.
So yes, this biometric content marketing expert/identity content marketing expert IS available for your content marketing needs. If you’re interested in receiving my help with your identity written content, contact me.
Monroe County Sheriff’s deputies found eight debit cards and three driver’s licenses belonging to other people in (Jamal Denzel) Austin’s possession during a traffic stop for reckless driving and failing to maintain lane on Jan. 19, 2020. A subsequent investigation revealed that Austin, who worked at an Atlanta club, had used two stolen identities to register two separate fictious (sic) businesses with the Georgia Secretary of State’s Office to obtain two Capital One business credit cards with credit limits of $30,000 and $20,000.
The investigation, which also included participation by the United States Secret Service and other local, state, and federal agencies, also uncovered a stolen $49,000 check.
Well, Austin lost the stolen money and his freedom. He was sentenced to 48 months in federal prison.
Now I’ll grant the early stages of this investigation aren’t as sexy as other fraud detection methods, but it worked.
I know that I’m the guy who likes to say that it’s all semantics. After all, I’m the person who has referred to five-page long documents as “battlecards.”
But sometimes the semantics are critically important. Take the terms “factors” and “modalities.” On the surface they sound similar, but in practice there is an extremely important difference between factors of authentication and modalities of authentication. Let’s discuss.
What is a factor?
To answer the question “what is a factor,” let me steal from something I wrote back in 2021 called “The five authentication factors.”
Something You Know. Think “password.” And no, passwords aren’t dead. But the use of your mother’s maiden name as an authentication factor is hopefully decreasing.
Something You Have. I’ve spent much of the last ten years working with this factor, primarily in the form of driver’s licenses. (Yes, MorphoTrak proposed driver’s license systems. No, they eventually stopped doing so. But obviously IDEMIA North America, the former MorphoTrust, has implemented a number of driver’s license systems.) But there are other examples, such as hardware or software tokens.
Something You Are. I’ve spent…a long time with this factor, since this is the factor that includes biometrics modalities (finger, face, iris, DNA, voice, vein, etc.). It also includes behavioral biometrics, provided that they are truly behavioral and relatively static.
Something You Do. The Cybersecurity Man chose to explain this in a non-behavioral fashion, such as using swiping patterns to unlock a device. This is different from something such as gait recognition, which supposedly remains constant and is thus classified as behavioral biometrics.
Somewhere You Are. This is an emerging factor, as smartphones become more and more prevalent and locations are therefore easier to capture. Even then, however, precision isn’t always as good as we want it to be. For example, when you and a few hundred of your closest friends have illegally entered the U.S. Capitol, you can’t use geolocation alone to determine who exactly is in Speaker Pelosi’s office.
(By the way, if you search the series of tubes for reading material on authentication factors, you’ll find a lot of references to only three authentication factors, including references from some very respectable sources. Those sources are only 60% right, since they leave off the final two factors I listed above. It’s five factors of authentication, folks. Maybe.)
The one striking thing about the five factors is that while they can all be used to authenticate (and verify) identities, they are inherently different from one another. The ridges of my fingerprint bear no relation to my 16 character password, nor do they bear any relation to my driver’s license. These differences are critical, as we shall see.
What is a modality?
In identity usage, a modality refers to different variations of the same factor. This is most commonly used with the “something you are” (biometric) factor, but it doesn’t have to be.
[M]any businesses and individuals (are adopting) biometric authentication as it been established as the most secure authentication method surpassing passwords and pins. There are many modalities of biometric authentication to pick from, but which method is the best?
After looking at fingerprints, faces, voices, and irises, Aware basically answered its “best” question by concluding “it depends.” Different modalities have their own strengths and weaknesses, depending upon the use case. (If you wear thick gloves as part of your daily work, forget about fingerprints.)
ID R&D goes a step further and argues that it’s best to use multimodal biometrics, in which the two biometrics are face and voice. (By an amazing coincidence, ID R&D offers face and voice solutions.)
The three modalities in the middle—face, voice, and fingerprint—are all clearly biometric “something you are” modalities.
But the modality on the left, “Make a body movement in front of the camera,” is not a biometric modality (despite its reference to the body), but is an example of “something you do.”
Passwords, of course, are “something you know.”
In fact, each authentication factor has multiple modalities.
For example, a few of the modalities associated with “something you have” include driver’s licenses, passports, hardware tokens, and even smartphones.
Why multifactor is (usually) more robust than multimodal
Modalities within a single authentication factor are more closely related than modalities within multiple authentication factors. As I mentioned above when talking about factors, there is no relationship between my fingerprint, my password, and my driver’s license. However, there is SOME relationship between my driver’s license and my passport, since the two share some common information such as my legal name and my date of birth.
What does this mean?
If I’ve fraudulently created a fake driver’s license in your name, I already have some of the information that I need to create a fake passport in your name.
If I’ve fraudulently created a fake iris, there’s a chance that I might already have some of the information that I need to create a fake face.
However, if I’ve bought your Coinbase password on the dark web, that doesn’t necessarily mean that I was able to also buy your passport information on the dark web (although it is possible).
Can an identity content marketing expert help you navigate these issues?
As you can see, you need to be very careful when writing about modalities and factors.
You need a biometric content marketing expert who has worked with many of these modalities.
Actually, you need an identity content marketing expert who has worked with many of these factors.
So if you are with an identity company and need to write a blog post, LinkedIn article, white paper, or other piece of content that touches on multifactor and multimodal issues, why not engage with Bredemarket to help you out?
If you’re interested in receiving my help with your identity written content, contact me.
While searching for a post-COVID article that discussed the use of biometrics in education (to supplement my existing educational identity information), I found an entire scientific paper on the topic.
Educational institutions are acquiring novel technologies to help make their processes more efficient and services more attractive for both students and faculty. Biometric technology is one such example that has been implemented in educational institutions with excellent results. In addition to identifying students, access control, and personal data management, it has critical applications to improve the academic domain’s teaching/learning processes. Identity management system, class attendance, e-evaluation, security, student motivations, and learning analytics are areas in which biometric technology is most heavily employed.
Hmm…I didn’t even think about class attendance. But a camera capturing faces that walk into the classroom or join the online webinar should do the trick.
(This post addresses something that I already announced last week to the Bredemarket mailing list. If you are already subscribed to the mailing list, then you can skip this post. If not, (1) subscribe via the http://eepurl.com/hdHIaT link, and (2) read the post below to catch up on what you missed last week.)
There are three ways that your firm can engage with your content creator.
On one extreme, your firm can hire the content creator as a full-time employee. This gives you the benefit of content creator availability at any time (or at least during office hours; don’t make TOO many 3:00 am calls to your employees).
On the other extreme, your firm can contract with the content creator for a single project. Maybe a blog post. Maybe a white paper. Maybe a tweet. Maybe a proposal responding to a Request for Proposal (RFP).
These extremes satisfy most firms. But a few firms—perhaps yours—need something between these two extremes.
The Drawbacks of Per-Project Content Creation
There are three potential issues with engaging content creators on a per-project basis.
The first issue is work flexibility. If you engage a content creator to write a blog post for you, you get that work done easily. But when you need something else, you need to re-engage the content creator under a separate project.
The second issue is budget predictability. Sure, only engaging content creators on a project-by-project basis helps you save costs (to some extent), but it’s very hard to predict what your future costs will be. Do you think you’ll need two new white papers four months from now, or five months from now.
The third issue is consultant accessibility. You may approach a content creator for a project that you need, only to find that the content creator is completely booked for the next few weeks.
Is there a way to ensure work flexibility, budget predictability, and consultant accessibility—short of hiring the consultant as a full-time employee?
Announcing the Bredemarket 4444 Partner Retainer
My new offering, announced last week to the Bredemarket mailing list, is a retainer offering that allows you to use Bredemarket for ANY writing task, up to a set number of hours per month. In effect, I’m embedded in your organization to serve you as needed.
Within the hours you select in the partner retainer contract, Bredemarket can create any content you need—blogs, case studies / testimonials, data sheets, e-books, proposals, social media posts / Xs (or whatever tweets are called today), white papers, or anything.
In addition, the retainer hours are discounted from my usual rate, so you save money that you would have spent if you contracted with me separately for multiple projects.
How can you learn more?
To learn more how the Bredemarket 4444 Partner Retainer works,
Years ago, I joked that Printrak/Motorola/MorphoTrak/IDEMIA’s research and development group shouldn’t be researching fingerprint algorithms, but should REALLY be researching human cloning. This would allow the company to have multiple “Peter Lo” entities researching and developing new fingerprint algorithms.
Today the jokes are becoming reality. Not for biometric scientists (yet), but for online gamers.
What (or who) is Kwebbelkop AI?
The Publish Press’ most recent daily newsletter begins with the article “Kwebbelkop Turns to VTubing.” I can forgive you if two of the four words in that article are puzzling; I hadn’t heard of Kwebbelkop or “VTubing” either.
(Before I proceed to explain Kwebbelkop and VTubing, I’d like to encourage you to subscribe to The Publish Press yourself, via my link. You get an informative daily newsletter focused on creators, while I get stickers and stuff.)
“The Digital Kwebbelkop,” as the new character is known, was developed at Van Den Bussche’s company, JVDBStudios. The gamer and his team have revealed several new tools: They are training VTubers to mimic specific creators (Kwebbelkop, in this case) and using AI technology to streamline the video production process. The result, at least in the first Digital Kwebbelkop video, is a character who looks like Van Den Bussche, sounds like him, and plays Minecraft like him.
It’s important to differentiate between VTubers, where a person controls the animated appearance of the avatar (a la our old friend Max Headroom), and an AI VTuber, where AI controls all the actions of the avatar.
Kwebbelkop AI is not the first AI VTuber. In fact, this is the second AI VTuber that Kwebbelkop has created himself; his first one is Bloo.
Another AI VTuber is Neuro-sama. This Live3D article discusses the “AI” part of Neuro-sama:
Deep Learning: Deep learning endows AI avatar with the ability to understand viewers chats in stream. It uses large text database training to enable AI vtuber to have the ability to understand and answer questions.
It is a very tough problem to create an AI VTuber who can appear to play video games in a realistic manner, and even converse with people watching it (them) play.
It’s an even tougher problem to to create an AI entity that can create accurate biometric algorithms.
“Relevant security, financial services and data protection agencies have commenced inquiries and investigations to establish the authenticity and legality of the aforesaid activities, the safety and protection of the data being harvested, and how the harvesters intend to use the data,” read part of the statement.
“Further, it will be critical that assurances of public safety and the integrity of the financial transactions involving such a large number of citizens be satisfactorily provided upfront.”
And even the iris image data that Worldcoin DOES collect isn’t retained unless people request it.
Since no two people have the same iris pattern and these patterns are very hard to fake, the Orb can accurately tell you apart from everyone else without having to collect any other information about you — not even your name.
Importantly, the images of you and your iris pattern are permanently deleted as soon as you have signed up, unless you opt in to Data Custody to reduce the number of times you may need to go back to an Orb. Either way, the images are not connected to your Worldcoin tokens, transactions, or World ID.
Ah, but Worldcoin does retain…an iris code. A lot of good THAT’S gonna do a scammer.
Your biometric data is first processed locally on the Orb and then permanently deleted. The only data that remains is your iris code. This iris code is a set of numbers generated by the Orb and is not linked to your wallet or any of your personal information. As a result, it really tells us — and everyone else — nothing about you. All it does is stop you from being able to sign up again.
Since you are not required to provide personal information like your name, email address, physical address or phone number, this means that you can easily sign up without us ever knowing anything about you.
And no, you cannot reverse engineer an iris image from the iris code. In fact, you can’t reverse engineer any biometric image from its biometric template.
And even if you could reverse engineer an iris image, what are you going to do with it? You don’t know who owns it. It probably doesn’t belong to Bill Gates. It probably belongs to an impoverished Kenyan. (Good luck getting that person’s US$2.00. Which they probably already sold.)
Because—and here’s the thing that people forget about Worldcoin—”Worldcoin’s World ID emphasizes privacy so much that it does not conclusively prove a person’s identity (it only proves a person’s uniqueness).” (Link)
Companies could pay Worldcoin to use its digital identity system, for example if a coffee shop wants to give everyone one free coffee, then Worldcoin’s technology could be used to ensure that people do not claim more than one coffee without the shop needing to gather personal data, Macieira said.
Yup, that’s the use case. To allow 8 billion people to each claim one cup of coffee.
Not just the people who are members of the coffee company’s rewards club.
Not just the people who have purchased a certain amount of coffee.
Not just the people in the United States and Colombia.
Worldcoin can’t do those things, because even Worldcoin doesn’t know anything about its users.
Which means, by the way, that the World ID can’t be used in elections or national/state government welfare benefits distribution.
Sure it can be used to prove that someone hasn’t voted twice, or received benefits under two different names.
But it has no way of knowing whether the individual is qualified to vote or receive benefits. Maybe the person doesn’t live in the local jurisdiction. For voting, maybe the person lives there but is not a citizen. For benefits, maybe the person has too much income to qualify. Worldcoin doesn’t have a clue if any of these things are true.
So apparently the Kenyan authorities are worried that Worldcoin is gathering too much data.
I’m worried that Worldcoin is gathering not enough data for most practical use cases.
The Bredemarket blog has previously considered how private companies like Samsung and Adobe use generative AI. Government use is similar, yet differs in some ways. Let’s see how San Jose, California approaches it.
Privacy is also a concern, and IT advises generative AI users to assume any information entered will be exposed to the public. Materials unready for publication shouldn’t be entered, nor should private emails. Employees looking for help drafting emails should avoid copy-pasting messages into generative AI, instead prompting the tools to write a generic message they can fact-check or augment with personalized details. The guidelines advise users to fact-check with multiple credible sources, including peer-reviewed journals and official documents.
This is a big concern for private companies, also.
But there are also issues that governments need to consider that private companies may not need to address.
One consideration is that government writing requires a particular style. Senate bills, for example, are written with a certain structure and formality. The city also uses gender-neutral language and the term “resident” rather than “citizen.”
Of course private companies have their own writing styles, but the world won’t come to an end if the IBM memorandum includes the word “gnarly.” But the wrong word in a Senate bill, or the use of the term “citizen” in a blue state, could be catastrophic.
One thing is clear: San Jose Chief Information Officer Khaled Tawfik doesn’t think that general-purpose generative AI will cut it.
San Jose has talked with several vendors about the possibility of AI trained on data from government, potentially restricted to San Jose data only.
As I noted in my post about Writer.com, this also allows implementation of privacy restrictions that could help avert problems if an employee inputs confidential information into the tool.
For the moment, San Jose is asking employees and contractors to log all use of generative AI. This will be referenced as the city develops its guidelines and policies in the future. As the city says:
Generative Artificial Intelligence (AI) is a new branch of AI technology that can generate content—such as stories, poetry, images, voice, and music— at the request of a user. Many organizations have banned Generative AI, while others allow unrestricted usage. The City recognizes the opportunity for a controlled and responsible approach that acknowledges the benefits to efficiency while minimizing the risks around AI bias, privacy, and cybersecurity.
This is the first step in a collaborative process to develop the City’s overall AI policy. Registered users will be invited to join the Information Technology Department in a working group to share their experience and co-develop the City’s AI policies.
I didn’t either. Frankly, I didn’t even work in biometrics professionally until I was in my 30s.
If you have a mad adult desire to become a biometric content marketing expert, here are five topics that I (a self-styled biometric content marketing expert) think you need to understand.
Topic One: Biometrics
Sorry to be Captain Obvious, but if you’re going to talk about biometrics you need to know what you’re talking about.
The days in which an expert could confine themselves to a single biometric modality are long past. Why? Because once you declare yourself an iris expert, someone is bound to ask, “How does iris recognition compare to facial recognition?”
And there are a number of biometric modalities. In addition to face and iris, the Biometrics Institute has cataloged a list of other biometric modalities, including fingerprints/palmprints, voice, DNA, vein, finger/hand geometry, and some more esoteric ones such as gait, keystrokes, and odor. (I wouldn’t want to manage the NIST independent testing for odor.)
As far as I’m concerned, the point isn’t to select the best biometric and ignore all the others. I’m a huge fan of multimodal biometrics, in which a person’s identity is verified or authenticated by multiple biometric types. It’s harder to spoof multiple biometrics than it is to spoof a single one. And even if you spoof two of them, what if the system checks for odor and you haven’t spoofed that one yet?
Topic Two: All the other factors
In the same way that I don’t care for people who select one biometric and ignore the others, I don’t care for some in the “passwords are dead” crowd who go further and say, “Passwords are dead. Use biometrics instead.”
Although I admire the rhyming nature of the phrase.
If you want a robust identity system, you need to use multiple factors in identity verification and authentication.
Something you know.
Something you have.
Something you are (i.e. biometrics).
Something you do.
Somewhere you are.
Again, use of multiple factors protects against spoofing. Maybe someone can create a gummy fingerprint, but can they also create a fake passport AND spoof the city in which you are physically located?
It’s not enough to understand the technical ins and outs of biometric capture, matching, and review. You need to know how biometrics are used.
One-to-one vs. one-to-many. Is the biometric that you acquire only compared to a single biometric samples, or to a database of hundreds, thousands, millions, or billions of other biometric samples?
Markets. When I started in biometrics, I only participated in two markets: law enforcement (catch bad people) and benefits (get benefit payments to the right people). There are many other markets. Just recently I have written about financial identity and educational identity. I’ve worked with about a dozen other markets personally, and there are many more.
Use cases. Related to markets, you need to understand the use cases that biometrics can address. Taking the benefits example, there’s a use case in which a person enrolls for benefits, and the government agency wants to make sure that the person isn’t already enrolled under another name. And there’s a use cases when benefits are paid to make sure that the authorized recipient receives their benefits, and no one else receives their benefits.
Legal and privacy issues. It is imperative that you understand the legal ramifications that affect your chosen biometric use case in your locality. For example, if your house has a doorbell camera that uses “familiar face detection” to identify the faces of people that come to your door, and the people that come to your door are residents of the state of Illinois, you have a BIG BIPA (Biometric Information Privacy Act) problem.
Any identity content marketing expert or biometric content marketing expert worth their salt will understand these and related issues.
Topic Four: Content marketing
This is another Captain Obvious point. If you want to present yourself as a biometric contet marketing expert or identity content marketing expert, you have to have a feel for content marketing.
The definition of content marketing is simple: It’s the process of publishing written and visual material online with the purpose of attracting more leads to your business. These can include blog posts, pages, ebooks, infographics, videos, and more.
But content marketers need to be comfortable with creating at least one type of content.
Topic Five: How L-1 Identity Solutions came to be
Yes, an identity content marketing expert needs to thoroughly understand how L-1 Identity Solutions came to be.
I’m only half joking.
Back in the late 1990s and early 2000s (I’ll ignore FpVTE results for a moment), the fingerprint world in which I worked recognized four major vendors: Cogent, NEC, Printrak (later part of Motorola), and Sagem Morpho.
And then there were all these teeny tiny vendors that offered biometric and non-biometric solutions, including the fierce competitors Identix and Digital Biometrics, the fierce competitors Viisage and Visionics, and a bunch of other companies like Iridian.
Wel, there WERE all these teeny tiny vendors.
Until Bob LaPenta bought them all up and combined them into a single company, L-1 Identity Solutions. (LaPenta was one of the “Ls” in L-3, so he chose the name L-1 when he started his own company.)
So around 2008 the Big Four (including a post-FpVTE Motorola) became the Big Five, since L-1 Identity Solutions was now at the table with the big boys.
But then several things happened:
Motorola started selling off parts of itself. One of those parts, its Biometric Business Unit, was purchased by Safran (the company formed after Sagem and Snecma merged). This affected me because I, a Motorola employee, became an employee of MorphoTrak, the subsidiary formed when Sagem Morpho de facto acquired “Printrak” (Motorola’s Biometric Business Unit). So now the Big Five were the Big Four.
Make that the Big Three, because Safran also bought L-1 Identity Solutions, which became MorphoTrust. MorphoTrak and MorphoTrust were separate entities, and in fact competed against each other, so maybe we should say that the Big Four still existed.
Oh, and by the way, the independent company Cogent was acquired by 3M (although NEC considered buying it).
A few years later, 3M sold bits of itself (including the Cogent bit) to Gemalto.
Then in 2017, Advent International (which owned Oberthur) acquired bits of Safran (the “Morpho” part) and merged them with Oberthur to form IDEMIA. As a consequence of this, MorphoTrust de facto acquired MorphoTrak, ending the competition but requiring me to have two separate computers to access the still-separate MorphoTrust and MorphoTrak computer networks. (In passing, I have heard from two sources, but have not confirmed myself, that the possible sale of IDEMIA is on hold.)
Why do I mention all this? Because all these mergers and acquisitions have resulted in identity practitioners working for a dizzying number of firms.
As of August 2023, I myself have worked for five identity firms, but in reality four of the five are the same firm because the original Printrak International kept on getting acquired (Motorola, Safran, IDEMIA).
And that’s nothing. One of my former Printrak coworkers (R.M.) has also worked for Digital Biometrics (now part of IDEMIA), Cross Match Technologies (now part of ASSA ABLOY), Iridian (now part of IDEMIA), Datastrip, Creative Information Technology, AGNITiO, iTouch Biometrics, NDI Recognition Systems, iProov, and a few other firms here and there.
The point is that everybody knows everybody because everybody has worked with (and against) everybody. And with all the job shifts, it’s a regular Peyton Place.
Not sure which one is me, which one is R.M., and who the other people are.
Do you need an identity content marketing expert today?
Do you need someone who not only knows biometrics and content marketing, but also all the other factors, their uses, and even knows the tangled history of L-1?
Bredemarket 