The Really Big Bunch Isn’t Afraid of Biometrics Any More

Are the major tech firms about to drive the relatively miniscule identity/biometric firms out of business?

Don’t be evil: stay away from surveillance

I’ve previously discussed the “big three” in biometrics: currently IDEMIA, NEC, and Thales (although IDEMIA may be replaced by Amadeus at some point). These companies are seemingly big, with billions of dollars in revenue…but they are dwarfed by the “really big bunch” of Google, Meta, and whoever else you throw in the category.

The Really Big Bunch could smash the Big Three in a heartbeat, if they wanted to.

Why haven’t they?

Because they have very active consumer sales that don’t affect IDEMIA and the like, and are terrified that any entry into biometric “surveillance” will adversely affect their lucrative consumer business. So they all concentrated on “don’t be evil.”

This is why Amazon withdrew Amazon Rekognition, Meta and others are cautious about adding facial recognition to consumer products, and Apple loudly proclaims its commitment to privacy.

But is this changing?

First, the mobile driver’s licenses

IDEMIA and Thales offer physical driver’s licenses, and moving into mobile driver’s licenses is a natural. I observed this during my time at IDEMIA, as (then) Gemalto pursued numerous mDL opportunities and IDEMIA responded in turn.

As part of my efforts to educate myself in the driver’s license market dominated by our new corporate overlords MorphoTrust, I attended an AAMVA regional conference several years ago. IDEMIA was obviously there, as was Gemalto. But also attending the conference was Apple. Why? I asked.

Apple wasn’t visible over the next few years as IDEMIA and Thales expanded their mobile driver’s license implementations. But all of a sudden, Apple was visible, as was Google, as was Samsung.

Why? Because these smartphone providers all had their own wallets, and they were adding mDLs to their offerings.

Which meant that someone who wanted a mobile driver’s license could use the convenient smartphone wallet they already had.

Were Apple and Google entering the surveillance state? Of course not, because Apple and Google were really nice people who were providing these wallets for our convenience and benefit. Never mind the facial recognition underpinning their use. There was nothing to worry about. Absolutely nothing.

Until they targeted the airports.

Second, TSA PreCheck

As a former IDEMIA employee, TSA PreCheck was near and dear to my heart. Well, until IDEMIA’s revenue tanked in 2020 when nobody flew or got driver’s licenses…and I lost my job.

But absent a worldwide pandemic, TSA PreCheck had been very very good to IDEMIA, since only IDEMIA offered it. Sure CLEAR had its program, but TSA PreCheck was much cheaper.

Until CLEAR also offered TSA PreCheck.

And Telos did also.

But who cares what these companies are doing? It’s not like a big company like Google is offering TSA PreCheck.

Fast forward to 2026.

“The Transportation Security Administration today announced a new partnership with Google Wallet, introducing a more seamless way for eligible travellers to opt in to TSA PreCheck® Touchless ID. Google Wallet is the first digital wallet to offer this innovative feature, making secure, efficient travel easier than ever.”

Yup, Google and the Department of Homeland Security are now best buddies. To some civil libertarians, this is evil indeed.

What’s next?

So how long until the really big bunch prime contracts for systems such as NGI and HART? They have a responsibility to their shareholders, after all.

On Android APK Sideloading

Apple and Google (and probably Samsung) defend their lockdown of their app stores (and the resulting 15-30% or so cut they receive from app revenue) by saying that their “App Store” and “Google Play Store” provide safety to users. Would you want to risk your phone by downloading from sleazy sources, or would you prefer to get your apps from the name that you trust?

If that were true, I wouldn’t have to clean a particular person’s phone every once in a while because he downloaded an app from one of those stores, which then proceeded to download a bunch of other apps.

But on the other hand, there are sometimes legitimate reasons to “sideload” Android apps (Android Package Kits, or APKs) from alternative sources. Maybe the app is one that shouldn’t be accessed by run-on-the-mill consumers, so therefore an alternative distribution mechanism is needed. I could name some examples, but if I named them I’d have to kill you.

But as Lifewire notes, you have to take a few extra steps to allow downloads from outside the App Store and Google Play Store.

The biggest step, of course, is to allow the download of “unknown” apps from non-Apple/Google sources. Needless to say, you should only download apps from a site that you trust. No, not mikrosofft.com.

  1. Open the Settings app and tap Apps or Apps & Notifications.
  2. Tap the three dots in the upper-right corner. If you don’t see that, skip down to the next step.
  3. Tap Special access, or Special app access on some Android devices.
  4. Tap Install unknown apps.
  5. Tap Chrome (or whichever web browser you use).
  6. Switch the toggle next to Allow from this source so it turns on.

For more details on APK installation, check the Lifewire page.

The Apple App Store, Texas, and Developers

Microsoft isn’t the only company that works with developers, developers, developers, developers, and developers. And in Apple’s case, governments are dictating the terms.

“Due to a recent court ruling lifting an injunction on Texas law SB 2420, new Apple Accounts in Texas are now subject to the law, which introduced age assurance requirements for app marketplaces and developers. As previously announced, this includes age assurance and parent or guardian consent on behalf of minors under the age of 18 for downloads, Apple In-App Purchases, and significant changes associated with an app. Parents or guardians will also be able to revoke their consent for any app they previously approved for their child.”

For those who say that these local government laws are too complex for vendors to implement…the vendors are figuring it out. Apple is specifically providing a Declared Age Range API for developer use.

And for those who don’t remember Microsoft’s commitment to developers

The Difference Between Localization and Nationalization

I am (mostly) not a programmer, but I’ve been exposed to materials developed for programmers, including materials from a company then known as Apple Computer.

Macintosh programming was new

The Macintosh was new at the time, and there was a learning curve for programmers who were used to character-based interfaces such as MS-DOS. In fact, some programmers were derided for putting DOS-like designs on the Mac platform.

Including Microsoft. Early versions of Microsoft Word used dot commands and other non-Mac interfaces, so we switched to another word processor (FullWrite Professional) which featured a true graphic interface. Unfortunately it was EXTREMELY slow, so we switched back to Word, dot commands and all.

But Apple Computer’s approach to development wasn’t just limited to the look and feel.

The resource fork

Pre-Mac, programmers would create code to compile into a single executable. Then if they needed, say, a French version, they would edit the code, take the English bits out, and put the French bits in.

But files in the original Macintosh File System had two parts: a data fork, and a resource fork. You could edit the resource fork without touching the data fork.

Which meant that it was a lot easier to create that French version of a program.

“Because all the pictures and text were stored separately in a resource fork, it could be used to allow a non-programmer to translate an application for a foreign market, a process called internationalization and localization.”

Localization

Or to create any version of a program.

Because of the ease of the process, software developers were not restricted to providing a single software version per country. Residents of Belgium, Canada, China, South Africa, and Switzerland could each receive software in their own local language. And the French Canadian version differed from the Swiss French version. (Or it should have differed.)

Software users received software just for them. And everybody won.

Sadly, this post is not localized, which is why non-U.S. readers are being bombarded with zeds.

Clifford Stoll Was Wrong AND Right

A former coworker reshared the story of Clifford Stoll investigating an accounting error and discovering a Cold War spy network. But a few years later, Stoll was wrong about the emerging Internet…and also right.

Stoll shared his views in a 1995 Newsweek article that was an amusing read after the fact.

Replacing your daily newspaper?

For example:

“The truth is no online database will replace your daily newspaper…”

Stoll lived long enough to see the decline of printed newspapers in the early 21st century.

Electronic books?

Another one:

“How about electronic publishing? Try reading a book on disc. At best, it’s an unpleasant chore: the myopic glow of a clunky computer replaces the friendly pages of a book. And you can’t tote that laptop to the beach. Yet Nicholas Negroponte, director of the MIT Media Lab, predicts that we’ll soon buy books and newspapers straight over the Internet. Uh, sure.”

Let’s pick this one apart piece by piece.

  • A book on disc? What’s a disc?
  • Yes, to some the myopic glow of an electronic book isn’t the best experience, whether on light or dark mode. But a traditional printed book cannot be read at all when you turn the lights off.
  • Stoll assumed that you would always need a laptop to read an electronic book. He did not envision dedicated electronic reading devices that were smaller than a laptop…to say nothing of “smart” phones with an “app” called “Kindle.”
  • Speaking of Amazon Kindles, you CAN buy books straight over the Internet. And music also, from a company that is no longer called Apple Computer.

So Stoll was not perfect. But he anticipated some things that we still struggle with today.

Unedited data!

“What the Internet hucksters won’t tell you is tht the Internet is one big ocean of unedited data, without any pretense of completeness. Lacking editors, reviewers or critics, the Internet has become a wasteland of unfiltered data. You don’t know what to ignore and what’s worth reading.”

While many companies from Yahoo to Altavista to Google to Wikipedia to OpenAI have tried to solve this problem, it is not fully solved.

And then there’s the biggie.

Isolation!

“What’s missing from this electronic wonderland? Human contact. Discount the fawning techno-burble about virtual communities. Computers and networks isolate us from one another. A network chat line is a limp substitute for meeting friends over coffee. No interactive multimedia display comes close to the excitement of a live concert. And who’d prefer cybersex to the real thing?”

Today’s world is actually worse than the one Stoll envisioned. Not only have I conducted most of my interactions with people over chat boxes and screens. But in 2026 we are now interacting with “HAL 9000” non-person entities…and we may not even know that they aren’t human, but synthetic or deepfake identities.

Despite the benefits of remote interactions—they’ve kept me (and my former coworker) employed—Stoll’s warnings about this new world remain valid.

Wrong but right

So I wouldn’t laugh at Stoll’s derision over the emerging Internet. If you were alive in 1995, be honest: did you anticipate THIS?

Why Does California Support Two Separate Digital Wallets For Its Mobile Driver’s License?

This morning I was attending a NIST webinar on mobile driver’s license use at financial institutions, and began looking at the services I could access in April 2026 with my California mobile driver’s license—financial and otherwise.

Of course I already knew that I could use my California mDL at the Transportation Security Administration checkpoint at Ontario International Airport. In fact, the mDL in my Apple Wallet (obtained in 2024) recorded the fact that I used my mDL at the airport on August 31, 2025.

Google Gemini.

But today I learned that some services are NOT available with the mDL in my Apple Wallet, but ONLY while using the “CA DMV Wallet” app.

So I downloaded the app, which I last used in my initial unsuccessful attempt to obtain an mDL. (I finally used Apple’s facility to get one.) I assumed that since I already had my mDL in my Apple Wallet, it would automatically show up in the app.

You know what happens when you assume. My buddy Google Gemini pointed it out to me.

“It’s a common point of confusion, but the Apple Wallet and the CA DMV Wallet app are actually two separate “containers” for your digital ID. Because California uses a secure, decentralized system, your mDL doesn’t automatically sync between them. Even if it’s already in your Apple Wallet, you have to go through a separate enrollment process to “provision” it into the DMV’s official app.”

Which meant that I had to enroll again and get another decentralized mDL, which I did. (After some difficulty; it took four separate attempts to capture my facial image, which was only successful when I went into a very dark room.)

Now that my mDL is in this second wallet, I could go ahead an enroll in the TruAge program for age verification at a private retailer.

Google Gemini.

As I type this, TruAge hasn’t processed my application.

And now for a word from our sponsor

Mobile driver’s licenses are a digital form of “something you have,” which is a factor of identity verification and authentication.

Would you like to learn about all six of the identity verification and authentication factors? (Not three. Not five.)

Learn more about the six identity factors.

Six identity factors. One Bredemarket ebook. Total identity protection. Purchase “Proving Humanity: The Six Factors of Identity Verification and Authentication.”

Four pages from "Proving Humanity: The Six Factors of Identity Verification and Authentication" by John E. Bredehoft, Bredemarket., Click on the image to purchase.

Why Did Apple Implement iPhone/iPad Age Verification in the United Kingdom?

There has been ongoing debate on whether age verification should be implemented at the website level or at the operating system level…or not at all.

In the United Kingdom, Apple is opting for OS level age verification, according to the BBC.

“Apple is rolling out age checks for iPhone and iPad users in the UK that will ask them to verify if they are adults to access “certain services” such as 18-plus apps.

“After customers accept the latest iOS 26.4 software update, they will be asked to verify their age, which they can do by providing a credit card or scanning their ID, according to an Apple support page.

“Those who do not confirm how old they are or are underage will have web content filters turned on automatically.”

Specifically, according to Apple:

“When creating a new Apple Account or using Apple services, you may see a prompt asking you to confirm that you’re an adult. This is required by law in some countries and regions.”

Regarding that last sentence, is OS level age verification REQUIRED? Silkie Carlo of Big Brother Watch says no:

“Carlo told the BBC she believed Apple had “crossed the Rubicon” with its new software update which she described as “more like ransomware”, and which she said essentially left millions of Brits owning a “child’s device”, unless they complied with the age checks.

“And she said while she believed children’s online safety was vital, it required more thoughtful tech responsibility and not “sweeping, draconian shock demands by foreign companies for all of our IDs and credit cards”.”

Note the appeal to resist the “American” company, which raises questions about whether Apple’s collection of this information potentially violates United Kingdom privacy laws if the data is sent to Cupertino.

For the record, Ofcom currently only requires age verification for pornographic sites, not for everything.

So why did Apple do it if UK law doesn’t require it?

Two reasons:

  • Future proofing. While the UK and other jurisdictions do not require age verification at the OS level now, they may require it at some point. If so, Apple has already implemented it in the UK (for iPhones and iPads) and can implement it elsewhere.
  • CYA. A jury in California awarded damages after finding that Meta and Google were responsible for a woman’s anxiety and depression, suffered because of her social media use as a child. Apple doesn’t want to face a similar lawsuit.

Incidentally, it’s interesting to note that these and other stories pair “Meta” and “Google.” Does no one refer to “Alphabet” (Google’s parent company) any more?

Not Only Amazon Stale (not Fresh), But Also Amazon Zero (not One)

With all the news about Amazon Fresh closing and more Amazon layoffs taking place, I missed a bit of news about the Amazon One palm-vein technology. But first a bit of history.

Amazon One in 2021

I believe I first wrote about Amazon One back in 2021, in a “biometrics is evil” post.

2021 TechCrunch article.

In that year, TechCrunch loudly proclaimed:

“While the idea of contactlessly scanning your palm print to pay for goods during a pandemic might seem like a novel idea, it’s one to be met with caution and skepticism given Amazon’s past efforts in developing biometric technology. Amazon’s controversial facial recognition technology, which it historically sold to police and law enforcement, was the subject of lawsuits that allege the company violated state laws that bar the use of personal biometric data without permission.”

Yes, Amazon was regarded as part of the evil fascist regime even when Donald Trump WASN’T in office.

Amazon One in 2025

Enrolling.

Which brings us to 2025, when Trump had returned to office and I enrolled in Amazon One myself to better buy things at the Upland, California Amazon Fresh. But the line was too long so I went to Whole Foods, where my palm and vein may or may not have worked.

Amazon One in 2026

From https://amazonone.aws.com/help as of January 29, 2026.

And pretty soon we’ll ALL be going to Whole Foods since Amazon Fresh is rebranding or closing all its locations.

And when we get there, we won’t be using Amazon One.

“Amazon One palm authentication services will be discontinued at retail businesses on June 3, 2026. Amazon One user data, including palm data, will be deleted after this date.”

You know the question I asked. Why?

“In response to limited customer adoption…”

Of course, in Amazon’s case, “limited” may merely mean that billions and billions of people didn’t sign up, so it jettisoned the technology in the same way it jettisoned dozens of stores and thousands of employees.

The June date may or may not apply to healthcare, but who knows how long that will last.

So what now?

In my 2021 post I mentioned three other systems that used biometrics for purchases.

There was the notorious Pay By Touch (not notorious because of its technology, but the way the business was run).

There was the niche MorphoWave.

But the third system dwarfs them all.

“But the most common example that everyone uses is Apple Pay, Google Pay, Samsung Pay, or whatever ‘pay’ system is supported on your smartphone. Again, you don’t have to pull out a credit card or ID card. You just have to look at your phone or swipe your finger on the phone, and payment happens.”

And they’re so entrenched that even Amazon can’t beat them.

Or as I said after the latest round of Amazon layoffs:

“This, combined with its rebranding or closure of all Amazon Fresh stores, clearly indicates that Amazon is in deep financial trouble.

“Bezos did say that Amazon would fail some day, but I didn’t expect the company to fall apart this quickly.”

A More Positive Update on the Apple Vision Pro

Earlier this year, I quoted sources that claimed that Apple “may have ceased production of its first-generation Vision Pro headset.”

But as is often true in the tech world, there is now a SECOND generation of the Vision Pro headset, featuring more power (via the M5 chip that Apple is introducing everywhere) and more comfort (via the new “Dual Knit Band”).

Source: Apple.

“M5 provides an even faster, smoother, and more responsive experience for Apple Vision Pro users, while introducing new opportunities for developers to create more advanced spatial and immersive experiences. Built using third-generation 3-nanometer technology, M5 on Vision Pro features an advanced 10-core CPU that delivers higher multithreaded performance, resulting in faster experiences throughout the system, including faster load times for apps and widgets and more responsive web browsing.”

Source: Apple.

“The Dual Knit Band delivers an even more comfortable fit for users. It features upper and lower straps that are 3D-knitted as a single piece to create a unique dual-rib structure that provides cushioning, breathability, and stretch. The lower strap features flexible fabric ribs embedded with tungsten inserts that provide a counterweight for additional comfort, balance, and stability. And the intuitive dual-function Fit Dial allows users to make fine-tuned adjustments to achieve their ideal fit. The new Dual Knit Band comes in small, medium, and large sizes; is available to purchase separately; and is compatible with the previous-generation Apple Vision Pro.”

For all the details of the new Apple Vision Pro, read the press release.

But it’s still pretty pricey, more niche than revolutionary event.

Oh, and “one more thing”…

I had to read the fine print in the press release, and this is what it says about Apple.

“Apple revolutionized personal technology with the introduction of the Macintosh in 1984. Today, Apple leads the world in innovation with iPhone, iPad, Mac, AirPods, Apple Watch, and Apple Vision Pro. Apple’s six software platforms — iOS, iPadOS, macOS, watchOS, visionOS, and tvOS — provide seamless experiences across all Apple devices and empower people with breakthrough services including the App Store, Apple Music, Apple Pay, iCloud, and Apple TV. Apple’s more than 150,000 employees are dedicated to making the best products on earth and to leaving the world better than we found it.”

All right and fine, but Apple (then Apple Computer) existed before 1984. And while the Macintosh changed everything, including the non-Apple computer that I’m typing on today, there never would have been a Macintosh if it hadn’t been for the Apple II. Remember the Apple II, Tim? Woz does.

And another thing

Reminder to marketing leaders: if you need Bredemarket’s content-proposal-analysis help, book a meeting at https://bredemarket.com/mark/

Deepfake App Secret Purposes and Age Non-verification

It’s nearly impossible to battle a tidal wave.

CBS News recently reported on the attempts of Meta and others to remove advertisements for “nudify” apps from their platforms. The intent of these apps is to take pictures of existing people—for example, “Scarlett Johansson and Anne Hathaway”—and creating deepfake nudes based on the source material.

Two versions of “what does this app do”

But the apps may present their purposes differently when applying for Apple App Store and Google Play Store approval.

“The problem with apps is that they have this dual-use front where they present on the app store as a fun way to face swap, but then they are marketing on Meta as their primary purpose being nudification. So when these apps come up for review on the Apple or Google store, they don’t necessarily have the wherewithal to ban them.”

How old are you? If you say so

And there’s another problem. While the apps are marketed to adult men, their users extend beyond that.

“CBS News’ 60 Minutes reported on the lack of age verification on one of the most popular sites using artificial intelligence to generate fake nude photos of real people. 

“Despite visitors being told that they must be 18 or older to use the site…60 Minutes was able to immediately gain access to uploading photos once the user clicked “accept” on the age warning prompt, with no other age verification necessary.”

We’ve seen this so-called “age verification” before.

From another age-regulated industry.

But if whack-a-mole fighting against deepfake generators won’t work, what will?

I don’t have the answer. Even common sense won’t help here.