Uncategorized – Page 146

Can There Be Too Much Encryption and Age Verification Regulation?

Approximately 2,700 years ago, the Greek poet Hesiod is recorded as saying “moderation is best in all things.” This applies to government regulations, including encryption and age verification regulations. As the United Kingdom’s House of Lords works through drafts of its Online Safety Bill, interested parties are seeking to influence the level of regulation.

The July 2023 draft of the Online Safety Bill

On July 25, 2023, Richard Allan of Regulate.Tech provided his assessment of the (then) latest draft of the Online Safety Bill that is going through the House of Lords.

House of Lords chamber, Palace of Westminster, London. By UK government – https://civilservicelocal.blog.gov.uk/2015/02/26/learning-about-the-workings-of-parliament/, OGL 3, https://commons.wikimedia.org/w/index.php?curid=61679038

In Allan’s assessment, he wondered whether the mandated encryption and age verification regulations would apply to all services, or just critical services.

Allan considered a number of services, but I’m just going to hone in on two of them: WhatsApp and Wikipedia.

The Online Safety Bill and WhatsApp

WhatsApp is owned by a large American company called Meta, which causes two problems for regulators in the United Kingdom (and in Europe):

Meta is a large company.
Meta is an American company.

WhatsApp itself causes another problem for UK regulators:

WhatsApp encrypts messages.

Because of these three truths, UK regulators are not necessarily inclined to play nice with WhatsApp, which may affect whether WhatsApp will be required to comply with the Online Safety Bill’s regulations.

Allan explains the issue:

One of the powers the Bill gives to OFCOM (the UK Office of Communications) is the ability to order services to deploy specific technologies to detect terrorist and child sexual exploitation and abuse content….

But there may be cases where a provider believes that the technology it is being ordered to deploy would break essential functionality of its service and so would prefer to leave the UK rather than accept compliance with the order as a condition of remaining….

If OFCOM does issue this kind of order then we should expect to see some encrypted services leave the UK market, potentially including very popular ones like WhatsApp and iMessage.
From https://www.regulate.tech/online-safety-bill-some-futures-25th-july-2023/

And this isn’t just speculation on Allan’s part. Will Cathcart has been complaining about the provisions of the draft bill for months, especially since it appears that WhatsApp encryption would need to be “dumbed down” for everybody to comply with regulations in the United Kingdom.

Speaking during a UK visit in which he will meet legislators to discuss the government’s flagship internet regulation, Will Cathcart, Meta’s head of WhatsApp, described the bill as the most concerning piece of legislation currently being discussed in the western world.

He said: “It’s a remarkable thing to think about. There isn’t a way to change it in just one part of the world. Some countries have chosen to block it: that’s the reality of shipping a secure product. We’ve recently been blocked in Iran, for example. But we’ve never seen a liberal democracy do that.

“The reality is, our users all around the world want security,” said Cathcart. “Ninety-eight per cent of our users are outside the UK. They do not want us to lower the security of the product, and just as a straightforward matter, it would be an odd choice for us to choose to lower the security of the product in a way that would affect those 98% of users.”
From https://www.theguardian.com/technology/2023/mar/09/whatsapp-end-to-end-encryption-online-safety-bill

In passing, the March Guardian article noted that WhatsApp requires UK users to be 16 years old. This doesn’t appear to be an issue for Meta, but could be an issue for another very popular online service.

The Online Safety Bill and Wikipedia

So how does the Online Safety Bill affect Wikipedia?

Wikipedia article about the Online Safety Bill as of August 1, 2023. https://en.wikipedia.org/wiki/Online_Safety_Bill

It depends on how the Online Safety Bill is implemented via the rulemaking process.

As in other countries, the true effects of legislation aren’t apparent until the government writes the rules that implement the legislation. It’s possible that the rulemaking will carve out an exemption allowing Wikipedia to NOT enforce age verification. Or it’s possible that Wikipedia will be mandated to enforce age verification for its writers.

Let’s return to Richard Allan.

If they do not (carve out exemptions) then there could be real challenges for the continued operation of some valuable services in the UK given what we know about the requirements in the Bill and the operating principles of services like Wikipedia.

For example, it would be entirely inconsistent with Wikipedia’s privacy principles to start collecting additional data about the age of their users and yet this is what will be expected from regulated services more generally.
From https://www.regulate.tech/online-safety-bill-some-futures-25th-july-2023/

Left unsaid is the same issue that affects encryption: age verification for Wikipedia may be required in the United Kingdom, but may not be required for other countries.

It’s no surprise that Jimmy Wales of Wikipedia has a number of problems with the Online Safety Bill. Here’s just one of them.

(Wales) used the example of Wikipedia, in which none of its 700 staff or contractors plays a role in content or in moderation.

Instead, the organisation relies on its global community to make democratic decisions on content moderation, and have contentious discussions in public.

By contrast, the “feudal” approach sees major platforms make decisions centrally, erratically, inconsistently, often using automation, and in secret.

By regulating all social media under the assumption that it’s all exactly like Facebook and Twitter, Wales said that authorities would impose rules on upstart competitors that force them into that same model.
From https://www.itpro.com/business-strategy/startups/370036/jimmy-wales-online-safety-bill-could-devastate-small-businesses

And the potential regulations that could be imposed on that “global community” would be anathema to Wikipedia.

Wikipedia will not comply with any age checks required under the Online Safety Bill, its foundation says.

Rebecca MacKinnon, of the Wikimedia Foundation, which supports the website, says it would “violate our commitment to collect minimal data about readers and contributors”.
From https://www.bbc.com/news/technology-65388255

Regulation vs. Privacy

One common thread between these two cases is that implementation of the regulations results in a privacy threat to the affected individuals.

For WhatsApp users, the privacy threat is obvious. If WhatsApp is forced to fully or partially disable encryption, or is forced to use an encryption scheme that the UK Government could break, then the privacy of every message (including messages between people outside the UK) would be threatened.
For Wikipedia users, anyone contributing to the site would need to undergo substantial identity verification so that the UK Government would know the ages of Wikipedia contributors.

This is yet another example of different government agencies working at cross purposes with each other, as the “catch the pornographers” bureaucrats battle with the “preserve privacy” advocates.

Meta, Wikipedia, and other firms would like the legislation to explicitly carve out exemptions for their firms and services. Opponents say that legislative carve outs aren’t necessary, because no one would ever want to regulate Wikipedia.

Yeah, and the U.S. Social Security Number isn’t an identificaiton number either. (Not true.)

Educational Identity: Why and How Do Educational Institutions Verify Identities?

Chaffey High School, Ontario California.

Whether a student is attending a preschool, a graduate school, or something in between, the educational institution needs to know who is accessing their services. This post discusses the types of identity verification and authentication that educational institutions may employ.

Why do educational institutions need to verify and authenticate identities?

Whether little Johnny is taking his blanket to preschool, or Johnny’s mother is taking her research notes to the local university, educational institutions such as schools, colleges, and universities need to know who the attendees are. It doesn’t matter whether the institution has a physical campus, like Chaffey High School’s campus in the video above, or if the institution has a virtual campus in which people attend via their computers, tablets, or phones.

Access boils down to two questions:

Who is allowed within the educational institution?
Who is blocked from the educational institution?

Who is allowed within the educational institution?

Regardless of the type of institution, there are certain people who are allowed within the physical and/or virtual campus.

Students.
Instructors, including teachers, teaching assistants/aides, and professors.
Administrators.
Staff.
Parents of minor students (but see below).
Others.

All of these people are entitled to access to at least portions of the campus, with different people having access to different portions of the campus. (Students usually can’t enter the teacher’s lounge, and hardly anybody has full access to the computer system where grades are kept.)

Before anyone is granted campus privileges, they have to complete identity verification. This may be really rigorous, but in some cases it can’t be THAT rigorous (how many preschoolers have a government ID?). Often, it’s not rigorous at all (“Can you show me a water bill? Is this your kid? OK then.”).

Once an authorized individual’s identity is verified, they need to be authenticated when they try to enter the campus. This is a relatively new phenomenon, in response to security threats at schools. Again, this could be really rigorous. For example, when students at a University of Rhode Island dining hall want to purchase food from the cafeteria, many of then consent to have their fingerprints scanned.

From https://www.youtube.com/watch?v=JzMDF_LN_LU

Another rigorous example: people whose biometrics are captured when taking exams, to deter cheating.

But some authentiation is much less rigorous. In these cases, people merely show an ID (hopefully not a fake ID) to authenticate themselves, or a security guard says “I know Johnny.”

(Again, all this is new. Many years ago, I accompanied a former college classmate to a class at his new college, the College of Marin. If I had kept my mouth shut, the professor wouldn’t have known that an unauthenticated student was in his class.)

Who is blocked from the educational institution?

At the same time, there are people who are clearly NOT allowed within the physical and/or virtual campus. Some of these people can enter campus with special permission, while some are completely blocked.

Former students. Once a student graduates, their privileges are usually revoked, and they need special permission if they want to re-enter campus to visit teachers or friends. (Admittedly this isn’t rigorously enforced.)
Expelled students. Well, some former students have a harder time returning to campus. If you brought a gun on campus, it’s going to be much harder for you to re-enter.
Former instructors, administrators, and staff. Again, people who leave the employ of the institution may not be allowed back, and certain ones definitely won’t be allowed back.
Non-custodial parents of minor students. In some cases, a court order prohibits a natural parent from contact with their child. So the educational institutions are responsible for enforcing this court order and ensuring that the minor student leaves campus only with someone who is authorized to take the child.
Others.

So how do you keep these people off campus? There are two ways.

If they’re not on the allowlist, they can’t enter campus anyway. As part of the identity verification process for authorized individuals, there is a list of people who can enter the campus. By definition, the 8 billion-plus people who are not on that “allowlist” can’t get on campus without special permission.
Sometimes they can be put on a blocklist. Or maybe you want to KNOW that certain people can’t enter campus. The inverse of an allowlist, people who are granted access, is a blocklist, people who are prevented from getting access. (You may know “blocklist” by the older term “blacklist,” and “allowlist” by the older term “whitelist.” The Security Industry Association and the National Institute of Standards and Technology recommend updated terminology.)

There’s just one teeny tiny problem with blocklists. Sometimes they’re prohibited by law.

In some cases (but not in others), a person is required to give consent before they are enrolled in a biometric system. If you’re the ex-student who was expelled for brining a gun on campus, how motivated will you be to allow that educational institution to capture your biometrics to keep you off campus?

And yes, I realize that the expelled student’s biometrics were captured while they were a student, but once they were no longer a student, the institution would have on need to retain those biometrics. Unless they felt like it.

This situation becomes especially sticky for campuses that use video surveillance systems. Like Chaffey High School.

Sign: "To reduce property damage to our facilities, this campus has installed a video surveillance system." — Chaffey High School, Ontario, California.

Now the mere installation of a video surveillance system does not (usually) result in legally prohibited behavior. It just depends upon what is done with the video.

If the video is not integrated with a biometric facial recognition system, there may not be an issue.
If Chaffey High School has its own biometric facial recognition system, then a whole host of legal factors may come into play.
If Chaffey High School does not have a biometric facial recognition system, but it gives the video to a police agency or private entity that does have a biometric facial recognition system, then some legal factors may emerge.

Or may not. Some facial recognition bans allow police use, and if this is true then Chaffey can give the footage to the police to use for authorized purposes. But if the jurisdiction bans police use of facial recognition, then people on the video can only be recognized manually. And you know how I feel about that.

Writing About Educational Identity

As you can see, educational identity is not as clear-cut as financial identity, both because financial institutions are more highly regulated and because blocklists are more controversial in educational identity. Vladimir Putin may not be able to open a financial account at a U.S. bank, but I bet he’d be allowed to enroll in an online course at a U.S. community college.

So if you are an educational institution or an identity firm who serves educational institutions, people who write for you need to know all of these nuances.

You need to provide the right information to your customers, and write it in a way that will motivate your customers to take the action you want them to take.

Speaking of motivating customers, are you with an identity firm or educational institution and need someone to write your marketing text?

Someone with 29 years of identity/biometric marketing experience?
Someone who understands that technological, organizational, and legal issues surrounding the use of identity solutions?
Someone who will explain why your customers should care about these issues, and the benefits a compliant solution provides to them?

If I can help you create your educational identity content, we need to talk.

Email me at john.bredehoft@bredemarket.com.
Book a meeting with me at calendly.com/bredemarket.
Contact me at bredemarket.com/contact/.
Subscribe to my mailing list at http://eepurl.com/hdHIaT.

Yeah, I Wrote a Bredemarket Mailing List Entry About…the Bredemarket Mailing List

(UPDATED WITH SHORTLINK)

This blog post explains how you can go to http://eepurl.com/hdHIaT and subscribe to the Bredemarket mailing list.

OK, I guess I’m done.

Actually, I’m going to provide some background.

With great fanfare in October 2020…

…I established the Bredemarket mailing list. I even wrote a blog post about it, “The Bredemarket mailing list is live,” and sat back. Occasionally I’d write something for the mailing list, until nearly three years later I had written 11 entries (including the two I wrote today).

Do you know what? If you build it, they may not come. They aren’t going to come if they don’t know about it.

I’ve done precious little promotion of the Bredemarket mailing list, other than an isolated page on the Bredemarket website.

But I’ve recently decided to resurrect the Bredemarket mailing list and devote more time to it, for the following reasons…well, actually I explained the reasons in the mailing list.

So don’t miss out on future missives. Subscribe by clicking here.

Which reminds me that I have to tweak my usual “contact me” message a bit. Now instead of having three bullets, it will have four.

Email me at john.bredehoft@bredemarket.com.
Book a meeting with me at calendly.com/bredemarket.
Contact me at bredemarket.com/contact/.
Subscribe to my mailing list at http://eepurl.com/hdHIaT.

~~Now I just have to nose around the Mailchimp documentation and see if the free version of Mailchimp allows a more user-friendly URL.~~ FOUND THE SHORTLINK!

Yeah, I Wrote a Bredemarket LinkedIn Article About…Company LinkedIn Articles

Stump the Experts at WWDC 2010
Stefan Haubold • CC BY-SA 3.0

One way for your firm to publicize its offerings is through company LinkedIn articles. My LinkedIn article, written by my company Bredemarket, discusses…well, company LinkedIn articles. It also discusses:

Why you should write LinkedIn articles.

Why companies should write LinkedIn articles under their own names.

How to create LinkedIn articles.

Finally, who can write your LinkedIn articles. (I have a suggestion.)

To read the LinkedIn article, visit https://www.linkedin.com/pulse/why-your-company-should-write-linkedin-articles-bredemarket

Financial Identity: Which Firms Can Remotely Onboard Financial Customers?

Bank of America, Euclid Avenue, Ontario, California.

Here’s a sign of the times from Ontario, California. The sign at the end of this video appears on the door of a bank branch in downtown Ontario, and basically says that if you wanted to go to THIS branch on Saturday, you’re out of luck.

Of course, that assumes that you actually WANT to go to a physical bank branch location. Unlike the old days, when banks were substantive buildings that you visited to deposit and withdraw money, now banks can be found in our smartphones.

What locational, technological, and organizational changes have taken place at banks over the last 50 years? And now that you can open an account to buy crypto on your smartphone, does your financial institution’s onboarding solution actually WORK in determining financial identity?

Three changes in banking over the last fifty years

Over the last fifty years, banking has changed to the point where someone from 1973 wouldn’t even recognize “banking” today. Stick around to see a video from a company called “Apple” showing you how to use a “wallet” on a “smartphone” to pay for things even if you’re not carrying your “chip card.” Karl Malden would be spinning in his grave. So let’s talk about the three changes:

The locational change.
The technological change.
The organizational change.

The locational change: from stand-alone buildings to partitioned grocery store sections

When I was growing up, a “bank” (or a “savings & loan,” which we will discuss later) was located in a building where you would go on weekdays (or even Saturdays!) and give money to, or get money from, a person referred to as a teller.

By Dennis Brown – Own work, CC BY 3.0, https://commons.wikimedia.org/w/index.php?curid=5214388

There was this whole idea of “going to the bank,” perhaps on your lunch hour because you couldn’t go to the bank on Sunday at midnight, could you?

The first crack in the whole idea of “going to the bank” was the ability to bank without entering the door of the bank…and being able to bank on Sunday at midnight if you felt like it. Yes, I’m talking about Automated Teller Machines (ATMs), where the “teller,” instead of being a person, was a bunch of metal and a TV screen. The first ATM appeared in 1967, but they didn’t really become popular until several years later.

Actor Reg Varney using the world’s first cash machine at Barclays Bank, Enfield, north London on 27 June 1967. https://en.wikipedia.org/w/index.php?curid=12747908

For the most part, these ATMs were located at the bank buildings themselves. But those buildings were costly, and as competition between banks increased, banks sought alternatives. By 1996, a new type of banking location emerged (PDF):

The largest U.S. commercial banks are restructuring their retail operations to reduce the cost disadvantage resulting from a stagnant deposit base and stiffer competition. As part of this effort, some banks are opening “supermarket,” or “in-store,” branches: a new type of banking office within a large retail outlet. An alternative to the traditional bank office, the supermarket branch enables banks to improve the efficiency of the branch network and offer greater convenience to customers.
From https://www.newyorkfed.org/medialibrary/media/research/current_issues/ci2-13.pdf

From https://www.digitalcheck.com/postal-banking-no-need-to-play-the-political-game/

To traditionalists, these bank branches looked pretty flimsy. Where are the brick and (fake) marble walls that protect my cash? Heck, anyone can walk into the store and just steal all my money, right?

Well, these newfangled bank branches apparently WERE able to protect our cash, and the idea of banking right in the grocery store proved to be very popular because of its convenience.

But the changes were just beginning.

The technological change: from store sections to smartphones

As banks changed where they were located, there were technological changes also.

During the 1990s, more and more people were using home computers. As the computers and their security became more and more sophisticated, some people asked why we needed to “go to the bank” (either a stand-alone building or a partitioned area next to the cigarettes) at all. Why not just bank at the computer? So PC banking emerged.

Interpol and Deutsche Bank. The cover art can be obtained from Kling Klang and EMI Electrola., Fair use, https://en.wikipedia.org/w/index.php?curid=42639079

The term “PC banking” refers to the online access of banking information from a personal computer. A solution for both personal or business banking needs, this type of financial management allows you to conduct transactions using an Internet connection and your computer in lieu of a trip to the local bank branch or the use of an ATM. PC banking enables an account holder to perform real-time account activities and effectively manage finances in a way that avoids the hassle of daytime bank visits and eliminates the postage required to pay bills by mail.
From https://smallbusiness.chron.com/pc-banking-72403.html

Ah yes; there was another benefit. You could use the computer to pay your bills electronically. The U.S. Postal Service was NOT a fan of this change.

As we crossed into the new millennium, the online banking ideas got even wilder. Cellular telephones, which followed a modified version of the “Princess phone” form factor, became more complex devices with their own teeny-tiny screens, just like their larger computer cousins. Eventually, banks began offering their services on these “smartphones,” so that you didn’t even need a computer to perform your banking activities.

Imagine putting the video below on 8mm film and traveling back in time to show it to a 1973 banking customer. They would have no idea what was going on in the film.

From https://www.youtube.com/watch?v=znIOqQLbNFk

But are PC and smartphone banking secure? After all, smartphones don’t have brick or (fake) marble walls. We’ll get to that question.

The organizational change: from banks to…who knows what?

The third change was not locational or technological, but a change in terms of business organization. Actually, many changes.

Back in 1973, the two major types of banks were banks, and something called “savings & loans.” Banks had been around for centuries, but savings & loans were a little newer, having started in 1831. They were regulated a little differently: banks were insured by the FDIC, S&Ls by the FSLIC.

From https://mises.org/library/savings-and-loan-debacle-twenty-five-years-later

Everything was all hunky dory until the 1980s, when the S&Ls started collapsing. This had monumental effects; for example, this PDF documenting the S&L crisis is hosted on the FDIC website, because the FSLIC was abolished many years ago.

After savings & loans became less popular, other “banks” emerged.

Members-only associations called credit unions had started in 1864, and in the United States they had their own government-sponsored insurance, separate from the FDIC and FSLIC.
By the 1990s, “payday loan” institutions filled a market gap by offering small loans to people at very high interest rates.

But there was one similarity between banks, savings & loans, credit unions, and payday loans. They all dealt in U.S. dollars (or the currency of the nation where they were located).

Enter the crypto providers, who traded cryptocurrencies that weren’t backed by any government. Since they were very new entrants, they didn’t have to make the locational and technological changes that banks and related entities had to make; they zoomed straight to the newest methods. Everything was performed on your smartphone (or computer), and you never went to a physical place.

Now, let’s open a financial account

Back in 1973, the act of opening an account required you to travel to a bank branch, fill out some forms, and give the teller some form of U.S. dollars.

You can still do that today, for the most part. But it was hard to do that in the summer and fall of 2020 when Bredemarket started.

Bredemarket pretty much started because of the COVID-19 pandemic, and those first few months of Bredemarket’s existence were adversely affected by COVID-19. When I wanted to start a bank account for Bredemarket, I COULDN’T travel to my nearby bank branch to open an account. I HAD to open my account with my computer.

So, without a teller (human or otherwise) even meeting me, I had to prove that I was a real person, and give my bank enough information during onboarding so that they knew I wasn’t a money-laundering terrorist. Banks had to follow government regulations (know your customer, anti-money laundering, know your business), even in the midst of a worldwide pandemic.

This onboarding process had to be supported whether you were or were not at a physical location of a financial institution.

Whether you were conducting business in person, on a computer, or on a smartphone.
Whether you were working with U.S. dollars or (as crypto regulations tightened) something named after a dog or an entire planet or whatever.

How can you support all that?

Liminal’s “Link™ Index for
Account Opening in Financial Services”

Back in 2020 when I was onboarding the new-fashioned way, I had no way of predicting that in less than two years, I would be working for a company that helped financial institutions onboard customers the new-fashioned way.

At the time, I estimated that there were over 80 companies that provided such services.

According to Liminal, my estimate was too low. Or maybe it was too high.

Liminal’s July 2023 report, “Link™ Index for Account Opening in Financial Services,” covers companies that provide onboarding services that allow financial institutions to use their smartphone apps (or web pages) to sign up new clients.

Account opening solutions for the financial services industry are critical to ensuring compliance and preventing fraud, enabling companies to effectively identify new users during customer registration and deliver a seamless onboarding experience. The primary purpose of these solutions is to facilitate mandatory compliance checks, with a particular emphasis on the Know Your Customer (KYC) process.
From https://liminal.co/research/link-index/account-opening-financial-services/

If I can summarize KYC in layperson terms, it basically means that the person opening a financial institution account is who they say they are. For example, it ensures that Vladimir Putin can’t open a U.S. bank acccount under the name “Alan Smithee” to evade U.S. bans on Russian national transctions.

Remember how I found over 80 identify proofing vendors? Liminal found a few more who claimed to offer identity proofing, but thinks that less than 80 firms can actually deliver.

Around 150 vendors claim to offer account opening compliance and fraud solutions in banking, but only 32 (21.3%) have the necessary product features to meet buyer demands.
From https://liminal.co/research/link-index/account-opening-financial-services/

The firms identified by Liminal include my (now former) employer Incode Technologies, plus some others in the industry.

Leading Vendors Profiled

Alloy, Au10tix, Bureau, Caf, Contactable, Effectiv, Experian, FrankieOne, GBG, GeoComply, IDnow, ID.me, iDenfy, IDMERIT, Incode, Jumio, LexisNexis Risk Solutions, MetaMap, Mitek, Onfido, Persona, Plaid, Prove, Refinitiv, ShuftiPro, Signicat, Signzy, Socure, Sumsub, TransUnion, Trulioo, Veriff.
From https://liminal.co/research/link-index/account-opening-financial-services/

Now I have not purchased the entire Liminal report, and even the Executive Summary (which I do have) is “privileged and confidential” so I can’t reprint it here. But I guess that I can say that Liminal used something called the “Link Score” to determine which vendors made the top category, and which didn’t.

I’m not sure how the vendors who DIDN’T make the top category are reacting to their exclusion, but I can bet that they’re not happy.

Writing about Financial Identity

As you can gather, there are a number of issues that you have to address if you want to employ identity proofing at a financial institution.

And if you’re an identity firm or financial institution, you need to provide the right information to your customers, and write it in a way that will motivate your customers to take the action you want them to take.

Speaking of motivating customers, are you with an identity firm or financial institution and need someone to write your marketing text?

Someone with 29 years of identity/biometric marketing experience?
Someone who consistently tosses around acronyms like ABM, FRVT, KYB, KYC, and PAD, but who would never dump undefined acronyms on your readers? (If you’re not a financial/identity professional and don’t know these acronyms, they stand for anti-money laundering, Face Recognition Vendor Test, Know Your Business, Know Your Customer, and Presentation Attack Detection.)
Someone who will explain why your customers should care about these acronyms, and the benefits a compliant solution provides to them?

If I can help you create your financial identity content, we need to talk.

Email me at john.bredehoft@bredemarket.com.
Book a meeting with me at calendly.com/bredemarket.
Contact me at bredemarket.com/contact/.

Iris Recognition, Apple, and Worldcoin

(Part of the biometric product marketing expert series)

Iris recognition continues to make the news. Let’s review what iris recognition is and its benefits (and drawbacks), why Apple made the news last month, and why Worldcoin is making the news this month.

What is iris recognition?

There are a number of biometric modalities that can identify individuals by “who they are” (one of the five factors of authentication). A few examples include fingerprints, faces, voices, and DNA. All of these modalities purport to uniquely (or nearly uniquely) identify an individual.

One other way to identify individuals is via the irises in their eyes. I’m not a doctor, but presumably the Cleveland Clinic employs medical professionals who are qualified to define what the iris is.

The iris is the colored part of your eye. Muscles in your iris control your pupil — the small black opening that lets light into your eye.
From https://my.clevelandclinic.org/health/body/22502-iris

And here’s what else the Cleveland Clinic says about irises.

The color of your iris is like your fingerprint. It’s unique to you, and nobody else in the world has the exact same colored eye.
From https://my.clevelandclinic.org/health/body/22502-iris

John Daugman and irises

But why use irises rather than, say, fingerprints and faces? The best person to answer this is John Daugman. (At this point several of you are intoning, “John Daugman.” With reason. He’s the inventor of iris recognition.)

Here’s an excerpt from John Daugman’s 2004 paper on iris recognition:

(I)ris patterns become interesting as an alternative approach to reliable visual recognition of persons when imaging can be done at distances of less than a meter, and especially when there is a need to search very large databases without incurring any false matches despite a huge number of possibilities. Although small (11 mm) and sometimes problematic to image, the iris has the great mathematical advantage that its pattern variability among different persons is enormous.
Daugman, John, “How Iris Recognition Works.” IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS FOR VIDEO TECHNOLOGY, VOL. 14, NO. 1, JANUARY 2004. Quoted from page 21. (PDF)

Or in non-scientific speak, one benefit of iris recognition is that you know it is accurate, even when submitting a pair of irises in a one-to-many search against a huge database. How huge? We’ll discuss later.

Brandon Mayfield and fingerprints

Remember that Daugman’s paper was released roughly two months before Brandon Mayfield was misidentified in a fingerprint comparison. (Everyone now intone “Brandon Mayfield.”)

From https://mayfieldlaw.weebly.com/about.html

If you want to know the details of that episode, the Department of Justice Office of the Inspector General issued a 330 page report (PDF) on it. If you don’t have time to read 330 pages, here’s Al Jazeera’s shorter version of Brandon Mayfield’s story.

While some of the issues associated with Mayfield’s misidentification had nothing to do with forensic science (Al Jazeera spends some time discussing bias, and Itiel Dror also looked at bias post-Mayfield), this still shows that fingerprints are remarkably similar and that it takes care to properly identify people.

Police agencies, witnesses, and faces

And of course there are recent examples of facial misidentifications (both by police agencies and witnesses), again not necessarily forensic science related, and again showing the similarity of faces from two different people.

Iris “data richness” and independent testing

Why are irises more accurate than fingerprints and faces? Here’s what one vendor, Iris ID, claims about irises vs. other modalities:

At the root of iris recognition’s accuracy is the data-richness of the iris itself. The IrisAccess system captures over 240 degrees of freedom or unique characteristics in formulating its algorithmic template. Fingerprints, facial recognition and hand geometry have far less detailed input in template construction.
Iris ID, “How It Compares.” (Link)

Enough about claims. What about real results? The IREX 10 test, independently administered by the U.S. National Institute of Standards and Technology, measures the identification (one-to-many) accuracy of submitted algorithms. At the time I am writing this, the ten most accurate algorithms provide false negative identification rates (FNIR) between 0.0022 ± 0.0004 and 0.0037 ± 0.0005 when two eyes are used. (Single eye accuracy is lower.) By the time you see this, the top ten algorithms may have changed, because the vendors are always improving.

IREX10 two-eye accuracy, top ten algorithms as of July 28, 2023. (Link)

While the IREX10 one-to-many tests are conducted against databases of less than a million records, it is estimated that iris one-to-many accuracy remains high even with databases of a billion people—something we will return to later in this post.

Iris drawbacks

OK, so if irises are so accurate, why aren’t we dumping our fingerprint readers and face readers and just using irises?

In short, because of the high friction in capturing irises. You can use high-resolution cameras to capture fingerprints and faces from far away, but as of now iris capture usually requires you to get very close to the capture device.

Iris image capture circa 2020 from the U.S. Federal Bureau of Investigation. (Link)

Which I guess is better than the old days when you had to put your eye right up against the capture device, but it’s still not as friendly (or intrusive) as face capture, which can be achieved as you’re walking down a passageway in an airport or sports stadium.

Irises and Apple Vision Pro

So how are irises being used today? You may or may not have hard last month’s hoopla about the Apple Vision Pro, which uses irises for one-to-one authetication.

From Apple, https://www.apple.com/apple-vision-pro/

I’m not going to spend a ton of time delving into this, because I just discussed Apple Vision Pro in June. In fact, I’m just going to quote from what I already said.

And when all of us heard about Vision Pro, one of the things that Apple shared about it was its verification technique. Not Touch ID or Face ID, but Optic ID. (I like naming consistency.)
From https://bredemarket.com/2023/06/12/vision-pro-not-revolutionary-biometrics-event/

From Apple, https://www.apple.com/105/media/us/apple-vision-pro/2023/7e268c13-eb22-493d-a860-f0637bacb569/anim/drawer-privacy-optic-id/large.mp4

In short, as you wear the headset (which by definition is right on your head, not far away), the headset captures your iris images and uses them to authenticate you.

It’s a one-to-one comparison, not the one-to-many comparison that I discussed earlier in this post, but it is used to uniquely identify an individual.

But iris recognition doesn’t have to be used for identification.

Irises and Worldcoin

“But wait a minute, John,” you’re saying. “If you’re not using irises to determine if a person is who they say they are, then why would anyone use irises?”

Enter Worldcoin, which I mentioned in passing in my early July age estimation post.

Over the past several years, I’ve analyzed a variety of identity firms. Earlier this year I took a look at Worldcoin….Worldcoin’s World ID emphasizes privacy so much that it does not conclusively prove a person’s identity (it only proves a person’s uniqueness)…
From https://bredemarket.com/2023/07/03/age-estimation/

That’s the only thing that I’ve said about Worldcoin, at least publicly. (I looked at Worldcoin privately earlier in 2023, but that report is not publicly accessible and even I don’t have it any more.)

Worldcoin’s July 24 announcement

I guess it’s time for me to revisit Worldcoin, since the company made a super-big splashy announcement on Monday, July 24.

From https://worldcoin.org/blog/announcements/worldcoin-project-launches

The Worldcoin Foundation today announced that Worldcoin, a project co-founded by Sam Altman, Alex Blania and Max Novendstern, is now live and in a production-grade state.

The launch includes the release of the World ID SDK and plans to scale Orb operations to 35+ cities across 20+ countries around the world. In tandem, the Foundation’s subsidiary, World Assets Ltd., minted and released the Worldcoin token (WLD) to the millions of eligible people who participated in the beta; WLD is now transactable on the blockchain….

“In the age of AI, the need for proof of personhood is no longer a topic of serious debate; instead, the critical question is whether or not the proof of personhood solutions we have can be privacy-first, decentralized and maximally inclusive,” said Worldcoin co-founder and Tools for Humanity CEO Alex Blania. “Through its unique technology, Worldcoin aims to provide anyone in the world, regardless of background, geography or income, access to the growing digital and global economy in a privacy preserving and decentralized way.”
From https://worldcoin.org/blog/announcements/worldcoin-project-launches

Worldcoin does NOT positively identify people…but it can still pay you

A very important note: Worldcoin’s purpose is not to determine identity (that a person is who they say they are). Worldcoin’s purpose is to determine uniqueness: namely, that a person (whoever they are) is unique among all the billions of people in the world. Once uniqueness is determined, the person can get money money money with an assurance that the same person won’t get money twice.

Recent WLD trading price, from https://coinmarketcap.com/currencies/worldcoin-org/

OK, so how are you going to determine the uniqueness of a person among all of the billions of people in the world?

Using the Orb to capture irises

As far as Worldcoin is concerned, irises are the best way to determine uniqueness, echoing what others have said.

Iris biometrics outperform other biometric modalities and already achieved false match rates beyond 1.2× ⁣10−141.2×10−14 (one false match in one trillion^[9]) two decades ago^[10]—even without recent advancements in AI. This is several orders of magnitude more accurate than the current state of the art in face recognition.
From https://worldcoin.org/blog/engineering/humanness-in-the-age-of-ai

So how is Worldcoin going to capture millions, and eventually billions, of iris pairs?

By using the Orb. (You may intone “the Orb” now.)

From https://worldcoin.org/blog/worldcoin/orb-faqs

To complete your Worldcoin registration, you need to find an Orb that will capture your irises and verify your uniqueness.

Now you probably won’t find an Orb at your nearby 7 Eleven; as I write this, there are only a little over 100 listed locations in the entire world where Orbs are deployed. I happen to live within 50 miles of Santa Monica, where an Orb was recently deployed (by appointment only, unavailable on weekends, and you know how I feel about driving on Southern California freeways on a weekday).

But now that you can get crypto for enrolling at an Orb, people are getting more excited about the process, and there will be wider adoption.

Whether this will make a difference in the world or just be a fad remains to be seen.

Experimenting on LinkedIn

When Bredemarket writes, it usually gives the written content to the client in Microsoft Word format.

I was curious what would happen if a client just pasted my Word text straight into a LinkedIn article.https://www.freepik.com/ai/image-generator

So I tried it.

You can see the results here.

Is the Funnel Consideration Phase Quantitative or Qualitative?

From Venn Marketing, “Awareness, Consideration, Conversion: A 4 Minute Intro To Marketing 101.” (Link)

The picture above shows a simple sales funnel example. The second of the three items in the funnel is the “consideration” phase.

In that phase, those people who are aware of you can then consider your products and services.
If they like what they see, they move on to conversion and hopefully buy your products and services.

But how do prospects in the funnel consideration phase evaluate your offering as opposed to competitor offerings? Is it truly a quantitative and logical process, or is it in reality qualitative and emotional?

Quantitative consideration

For purposes of this post, let’s assume that there are two competing companies, Bredemarket and Debamarket, who are fighting each other for business.

OK, maybe not literally. I have never boxed in my life. By Royal Navy official photographer – http://media.iwm.org.uk/iwm/mediaLib//31/media-31189/large.jpg This photograph A 29806 comes from the collections of the Imperial War Museums., Public Domain, https://commons.wikimedia.org/w/index.php?curid=25124750

Second, let’s assume that Bredemarket and Debamarket offer similar services to their prospects and customers:

Blog posts
Case studies
White papers

Finally, let’s assume that a big government agency (the BGA) has issued a Request for Proposal (RFP) for blog/case study/white paper services, and Bredemarket and Debamarket are the two companies competing for the award.

Source selection

Now I’m not a big-time pre-acquisition consultant like Applied Forensic Services, but I’ve been around long enough to know how pre-acquisition consultants work—especially when working with big government agencies like BGA.

A pre-acquisition consultant will develop a Source Selection Plan (SSP). In competitive procurements such as the one in this example, the SSP will state exactly how proposals will be evaluated, and how the best proposal will be selected.

Here is the U.S. Government’s guidance on Source Selection Plans. (link)

SSPs can be very complex for certain opportunities, and not so complex for others. In all cases, the SSP dictates the evaluation criteria used to select the best vendor.

Michael Ropp of RFP360 has published a very simple example of how a particular group of proposal responses may be evaluated.

The weighted scoring approach breaks down your RFP evaluation criteria and assigns a value to each question or section. For example, your RFP criteria may consider questions of technical expertise, capabilities, data security, HR policies and diversity and sustainability. Weighted scoring prioritizes the criteria that are most important to your business by assigning them a point or percentage value. So your weighted scoring criteria may look like this:

Technical expertise – 25%

Capabilities – 40%

Data security – 10%

HR policies – 10%

Diversity and sustainability – 15%

RFP360, “A guide to RFP evaluation criteria: Basics, tips and examples.” (Link)

Individual question evaluation

In most cases the evaluator doesn’t look at the entire technical expertise section and give it a single score. In large RFPs, the technical expertise section may consist of 96 questions (or even 960 questions), each of which is evaluated and fed into the total technical expertise score.

For example, the RFP may include a question such as this one, and the responses from the bidders (Bredemarket and Debamarket) are evaluated.

Question	Bredemarket	Debamarket
96. The completed blog post shall include no references to 1960s songs.	0.8 points awarded. While many Bredemarket blog posts comply, “How Remote Work Preserves Your Brain” does not.	1.0 points awarded. Debamarket fully complies.

Example evaluation of a proposal response to an individual RFP question.

Final quantitative recommendation for award

Now repeat this evaluation method for every RFP question in every RFP category and you end up with a report in which one of the vendors receives more points than the other and is clearly the preferred bidder. Here’s an example from a U.S. Nuclear Regulatory Commission proposal source selection process. (And you can bet that a nuclear agency doesn’t use an evaluation method that is, um, haphazard.)

From U.S. Nuclear Regulatory Commission, “FINAL EVALUATION RECOMMENDATION REPORT FOR
PROPOSALS SUBMITTED UNDER RFP NO. RQ-CIO-01-0290
ENTITLED, “INFRASTRUCTURE SERVICES AND SUPPORT
CONTRACT (ISSC).”” (link)

So what does this example show us? It shows that L-3 Communications/EER received a total score of 83.8, while its closest competitor Logicon only received a score of 80. So EER is the preferred bidder.

So in our example, BGA would evaluate Bredemarket and Debamarket, come up with a number for each bidder, and award the contract to the bidder with the highest evaluation score.

Quantitative recommendation for the little guys

Perhaps people who aren’t big government agencies don’t go to this level of detail, but many prospects who reach the consideration phase use some type of quantitative method.

For example, if the (non-weighted) pros for an item under consideration outnumber the cons, go for it.

Five pros and only three cons. Do it!

All quantative, objective, and straightforward.

If people really evaluate that way.

But is consideration quantitative?

Now of course the discussion above assumes that everyone is a logical being who solely evaluates based on objective criteria.

But even Sages such as myself may deviate from the objective norm. Here’s a story of one time when I did just that.

As I previously mentioned, I had never written a proposal response before I started consulting for Printrak. But I had written a Request for Proposal before I joined Printrak. For a prior employer (located in Monterey Park), I worked with an outside consultant to develop an RFP to help my employer select a vendor for a computer system. The questions posed to the bidders were not complex. Frankly, it was a simple checklist. Does your computer system perform function A? Does it perform function B?

The outside consultant and I sent the final RFP to several computer system providers, and received several proposals in response.

A few of the proposals checked every box, saying that they could do anything and everything. We threw those proposals out, because we knew that no one could meet every one of our demanding requirements. (“I can’t trust that response.”)
We focused on the proposals that included more realistic responses. (“That respondent really thought about the questions.”)

As you can see, we introduced a qualitative, emotional element into our consideration phase.

According to Kaye Putnam, this is not uncommon.

Qualitative consideration

Humans think that we are very logical when we consider alternatives, and that our consideration processes are logical and quantitative. Putnam has looked into this assertion and says that it’s hogwash. Take a look at this excerpt from Putnam’s first brand psychology secret:

Your brand has to meet people at that emotional level – if you want them to buy. (And I know you do!)

Findings from several studies support this, but one of the most seminal was outlined in Harvard professor Gerald Zellman’s 2003 book, The Subconscious Mind of the Consumer. Zellman’s research and learnings prompted him to come to the industry-rocking conclusion that, “95 percent of our purchase decision making takes place in the subconscious mind.”
From Kaye Putnam, “7 Brand Psychology Secrets – Revealed!” (link)

But how can the subconscious mind affect quantitative evaluations?

While logic still has to play SOME role in a purchase decision (as Putnam further explains in her first and second brand psychology secrets), a positive or negative predisposition toward a bidder can influence the quantitative scores.

Imagine if the evaluators got together and discussed the Bredmarket and Debamarket responses to question 96, above. The back and forth between the evaluators may sound like this:

“OK, we’re up to question 96. That’s a no brainer, because no one would ever put song references in a BGA blog post.”
“Yeah, but did you see Bredemarket’s own post that has multiple references to the song ‘Dead Man’s Curve’?”
“So what? Bredemarket would never do that when writing for a government agency. That piece was solely for Bredemarket.”
“How do you KNOW that Bredemarket would never slip a song reference into a BGA post? You know, I really don’t trust that guy. He wore two different colored shoes to the orals presentation, a brown one and a black one. Someone as slopy as that could do anything, with huge consequences for BGA communications. I’m deducting points from Bredemarket for question 96.”
“OK. I think you’re being ridiculous, but if you say so.”

And just like that, your quantitative logical consideration process is exposed as a bunch of subconscious emotional feelings.

How does qualitative consideration affect you?

As you develop your collateral for the consideration phase, you need to go beyond logic (even if you have a Sage predisposition) and speak to the needs and pain points of your prospects.

Yes, pain.

Spock is behaving illogically. Jayenkai, “Pain – Star Trek Remix.” (link)

Here’s a example from my law enforcement automated fingerprint identificaiton system (AFIS) days.

If your prospect is a police chief who is sick and tired of burglars ransacking homes and causing problems for the police department, don’t tell your prospect about your AFIS image detail or independent accuracy testing results. After all, 1000 ppi and 99.967 accuracy are only numbers.
Provide the police chief with customer-focused benefit statements about how quickly your AFIS will clean up the burglary problem in the town, giving residents peace of mind and the police department less stress.

If you can appeal to those emotions, that police chief will consider you more highly and move on to conversion (purchase).

Can I help?

If your messaging concentrates on things your prospects don’t care about, most of them will ignore you and not shower you with money. Using the wrong words with your customers impacts your livelihood, and may leave you poor and destitute with few possessions.

Remember what I said about pain points? By Unknown author – Library of Congress[1], Public Domain, https://commons.wikimedia.org/w/index.php?curid=6237178

If you need a writer to work with you to ensure that your written content includes the right words that speak directly to your prospects, hire…Debamarket!

Oh wait. Debamarket is fictional.

OK, talk to Bredemarket then.

Email me at john.bredehoft@bredemarket.com.
Book a meeting with me at calendly.com/bredemarket.
Contact me at bredemarket.com/contact/.

How Remote Work Preserves Your Brain

I remember the day that my car skidded down Monterey Pass Road in Monterey Park, California, upside down, my seatbelt saving my brain from…um…very bad things. (I promised myself that I’d make this post NON-gory.)

Monterey Pass Road and South Fremont Avenue, Monterey Park, California. https://www.google.com/maps/@34.0586679,-118.1445677,19z?entry=ttu

I was returning from lunch to my employer farther south on Monterey Pass Road when a car hit me from the side, flipping my car over so that it skidded down Monterey Pass Road, upside down. Only my seat belt saved my from certain death.

(Mini-call to action: wear seat belts.)

By The cover art can be obtained from Liberty Records., Fair use, https://en.wikipedia.org/w/index.php?curid=25328218

Now some of you who know me are asking, “John, you’ve lived in Ontario and Upland for the past several decades. Why were you 30 miles away, in Monterey Park?”

Well, back in 1991, after working for Rancho Cucamonga companies for several years, I ended up commuting to a company in Monterey Park, California, at least an hour’s drive one way from my home. Driving toward downtown Los Angeles in the morning, and away from downtown Los Angeles in the afternoon. If you know, you know.

After I left the Monterey Park company, I consulted or worked for companies in Pomona, Brea, Anaheim, Irvine, and other cities. But for most of the next three decades, I was still driving at least an hour one-way every day to get from home to work.

And it’s not just a problem in Southern California. By B137 – Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=48998674

As I’ll note later in this post, some people are still commuting today. And for all I know I may commute again also.

I learn the acronym WFH

That all stopped in March 2020 when a worldwide pandemic sent all non-essential personnel at IDEMIA’s Anaheim office to work from home (WFH). Now there were some IDEMIA employees, such as salespeople, who had been working from home for years, but this was the first time that a whole bunch of us were doing it.

Some of us had to upgrade our home equipment: mesh networks, special face illumination lighting, and other things. And now, instead of having a couple of people participating in meetings remotely, ALL of us were doing so. (Before 2020, the two words “Zoom background” would be incomprehensible to me. After 2020, I understood those words intimately.)

This new work practice continued after I left IDEMIA, as I started Bredemarket, joined Incode Technologies for a little over a year, and returned (for now) to Bredemarket again.

The U.S. Marine Corps supported WFH (for certain positions) in 2010, long before COVID. This image was released by the United States Marine Corps with the ID 100324-M-6847A-001 (next). This tag does not indicate the copyright status of the attached work. A normal copyright tag is still required. See Commons:Licensing.العربية ∙ বাংলা ∙ Deutsch ∙ Deutsch (Sie-Form) ∙ English ∙ español ∙ euskara ∙ فارسی ∙ français ∙ italiano ∙ 日本語 ∙ 한국어 ∙ македонски ∙ മലയാളം ∙ Plattdüütsch ∙ Nederlands ∙ polski ∙ پښتو ∙ português ∙ slovenščina ∙ svenska ∙ Türkçe ∙ українська ∙ 简体中文 ∙ 繁體中文 ∙ +/−, Public Domain, https://commons.wikimedia.org/w/index.php?curid=23181833

WFH benefits

There are two benefits to working from home:

First, it preserves your brain. Not just from the horrible results of a commuting automobile accident. For the last three-plus years, I’ve gotten more rest and sleep since I’m not waking up before 6am and getting home after 6pm. And I’m not sitting in traffic on the 57, waiting for an accident to clear.
Second, it provides the best talent to your employer. Why? Because it can hire you. I just spent over a year working for a company headquartered in San Francisco, and I didn’t have to move to San Francisco to do it. In fact, when my product marketing team reached its apex, we had two people in Southern California, one in England, and one in Sweden. None of us had to move to San Francisco to work there, and my company was not restricted to hiring people who could get to San Francisco every day.

But that doesn’t stop some companies from insisting on office work

In-office presence controversy predates COVID (remember Marissa Mayer and Yahoo?), and now that COVID has receded, the “return to office” drumbeat has gotten louder.

Laith Mas arweh shared the story of a woman who, like me, is tiring of the L.A. freeway grind.

So she asked her boss for help–

And he told her to change her mindset.

“That’s just life,“ he said. “Everyone has to commute.”…

All she asked for was some flexibility, and he shut her down.

So he’s going to lose her.
Laith Masarweh, LinkedIn. (link)

Now I’m not saying I’ll never work on-site again. Maybe someday I’ll even accept an on-site position in Monterey Park.

But I’m not that thrilled about going down Monterey Pass Road again.

In the meantime…

…since I’m NOT full-time employed, and since my home office is well equipped (I have Nespresso!), I have the time to make YOUR company’s messaging better.

If you can use Bredemarket’s expertise for your biometric, identity, technology, or general blog posts, case studies, white papers, or other written content, contact me.

Email me at john.bredehoft@bredemarket.com.
Book a meeting with me at calendly.com/bredemarket.
Contact me at bredemarket.com/contact/.

From https://open.spotify.com/track/2BPEPkeifa5LoOg2Cq9bkx

Awareness Calls to Action

Blog posts are transitory things, reflecting the views of the author at a particular point in time. Those views can change as the world evolves, or as the author evolves.

Take the author who wrote the following statement in late 2022: “Posts for awareness don’t need CTAs (calls to action).”

The author who wrote that statement was…um, it was me.

Can I get a re-do on that one?

What I said in December 2022

The quoted statement above is from a section in the December 2022 blog post “Does Every Blog Post Need a Call to Action?“

Incidentally, I still believe that you don’t need a call to action in EVERY blog post.

Some will argue, “Well then why did you write it?”

To answer that, here’s some of what I said in that December 2022 blog post.

Candy Street Market, 110 W Holt, Ontario, California

Take my post from last Saturday, “Candy Street Market is coming.”

This post simply talked about a new candy store in Ontario, California, but never talked about Bredemarket’s content creation or proposal writing services.

So why did I write a post that doesn’t directly lead to business?

For the awareness….

(I) am concentrating more on serving local firms in California’s Inland Empire….But the locals need to know that I’m here.
From https://bredemarket.com/2022/12/04/does-every-blog-post-need-a-call-to-action/

What I’m saying in July 2023

While perhaps it’s valid to say that the Candy Street Market blog post didn’t need a CTA (although some would dispute that), I myself have written other “awareness” blog posts and content that DID need a CTA.

(UPDATE OCTOBER 23, 2023: “SIX QUESTIONS YOUR CONTENT CREATOR SHOULD ASK YOU IS SO 2022. DOWNLOAD THE NEWER “SEVEN QUESTIONS YOUR CONTENT CREATOR SHOULD ASK YOU” HERE.)

For example, take another blog post that I wrote in December 2022, “Six Questions Your Content Creator Should Ask You: the e-book version.” It didn’t end with a request to contact me. It didn’t attempt to move the reader down the funnel from awareness to consideration. The blog post merely said that there are six questions.

But it did have a “download” CTA.

While the CTA didn’t in and of itself move the reader to consideration (and hopefully to conversion), it did make them, um, more aware. For those who followed my CTA and downloaded the e-book, they learned why their content creator should ask “why” and other questions. And by the time they got to page 13 14, they saw this:

For some of you, this e-book has helped you to decide on the questions that you will ask your preferred content creator, or the questions that you will ask yourself before you create your own content.

But for others, you might be asking how Bredemarket can help you create content. As I said earlier, you’re probably not ready to contract with me yet. We have to talk first.

If you’re interested in Bredemarket’s services, contact me via one of the methods listed at the https://bredemarket.com/contact/ URL.
From “Six Questions Your Content Creator Should Ask You.” Go here to download.

So THAT’S where I moved the reader on to the consideration phase—AFTER they had read the blog post AND the e-book.

But while they were still on the blog post, I assumed they were still in the awareness phase.

By Steve simple – Own work, CC BY 3.0, https://commons.wikimedia.org/w/index.php?curid=7749648

Summing up

Here’s the TL;DR version:

The Candy Street blog post was an awareness blog post that didn’t need a Bredemarket-focused CTA, because it only alerted people of Bredemarket’s existence.
The Six Questions e-book blog post was an awareness blog post that DID need a Bredemarket-focused CTA, because I wanted them to download and read the e-book and THEN move on to consideration.
I’m going to update the old blog/CTA blog post to refer to THIS one.
I may change my mind again.

As for the CTA to THIS blog post, there isn’t one—yet. This post was written for a purpose that I will reveal shortly.