Tag Archives: financial identity

Not Only Amazon Stale (not Fresh), But Also Amazon Zero (not One)

With all the news about Amazon Fresh closing and more Amazon layoffs taking place, I missed a bit of news about the Amazon One palm-vein technology. But first a bit of history.

Amazon One in 2021

I believe I first wrote about Amazon One back in 2021, in a “biometrics is evil” post.

2021 TechCrunch article.

In that year, TechCrunch loudly proclaimed:

“While the idea of contactlessly scanning your palm print to pay for goods during a pandemic might seem like a novel idea, it’s one to be met with caution and skepticism given Amazon’s past efforts in developing biometric technology. Amazon’s controversial facial recognition technology, which it historically sold to police and law enforcement, was the subject of lawsuits that allege the company violated state laws that bar the use of personal biometric data without permission.”

Yes, Amazon was regarded as part of the evil fascist regime even when Donald Trump WASN’T in office.

Amazon One in 2025

Enrolling.

Which brings us to 2025, when Trump had returned to office and I enrolled in Amazon One myself to better buy things at the Upland, California Amazon Fresh. But the line was too long so I went to Whole Foods, where my palm and vein may or may not have worked.

Amazon One in 2026

From https://amazonone.aws.com/help as of January 29, 2026.

And pretty soon we’ll ALL be going to Whole Foods since Amazon Fresh is rebranding or closing all its locations.

And when we get there, we won’t be using Amazon One.

“Amazon One palm authentication services will be discontinued at retail businesses on June 3, 2026. Amazon One user data, including palm data, will be deleted after this date.”

You know the question I asked. Why?

“In response to limited customer adoption…”

Of course, in Amazon’s case, “limited” may merely mean that billions and billions of people didn’t sign up, so it jettisoned the technology in the same way it jettisoned dozens of stores and thousands of employees.

The June date may or may not apply to healthcare, but who knows how long that will last.

So what now?

In my 2021 post I mentioned three other systems that used biometrics for purchases.

There was the notorious Pay By Touch (not notorious because of its technology, but the way the business was run).

There was the niche MorphoWave.

But the third system dwarfs them all.

“But the most common example that everyone uses is Apple Pay, Google Pay, Samsung Pay, or whatever ‘pay’ system is supported on your smartphone. Again, you don’t have to pull out a credit card or ID card. You just have to look at your phone or swipe your finger on the phone, and payment happens.”

And they’re so entrenched that even Amazon can’t beat them.

Or as I said after the latest round of Amazon layoffs:

“This, combined with its rebranding or closure of all Amazon Fresh stores, clearly indicates that Amazon is in deep financial trouble.

“Bezos did say that Amazon would fail some day, but I didn’t expect the company to fall apart this quickly.”

Updates on Hungary’s FaceKom and “Beneficial Ownership”

Masha Borak of Biometric Update is writing about FaceKom again.

I discussed Borak’s previous article on FaceKom, which noted the alleged ties between FaceKom and the Hungarian government. The whole thing is a classic example of BENEFICIAL ownership, in which someone who is not the legal owner of a company may still benefit from it.

Borak returned to the theme in the current post:

“FaceKom, the identity verification company used by the Hungarian national digital identity program, has been acquired by major local IT and telecom group, 4iG Informatikai (4iG IT). The deal is now attracting attention among media outlets and political watchers due to the companies’ relationship with Prime Minister Viktor Orbán….

“Recent 4iG’s purchases, however, have been raising questions over the company’s reported links to the Hungarian government, which has been accused by critics of enriching political allies, family, and loyalists through state resources and public contracts.”

The details are in Borak’s post, including:

“4iG chairman and majority investor Gellért Jászai is known for his ties to Orbán and was invited as part of his entourage to Donald Trump’s Mar-a-Lago resort after the 2024 U.S. presidential election.”

“[FaceKom’s] previous owner is Equilor Fund Management, owned by the Central European Opportunity Private Equity Fund (CEOM)….While CEOM has no direct links with Orbán, local media investigations have discovered links with companies owned by the Prime Minister’s son-in-law, István Tiborcz.”

Mere links do not necessarily indicate illegal activity, and Hungarian law may differ from laws in other countries, but FaceKom is being watched.

Three Takeaways From Carey Ransom’s Presentation on Banking Technology

Another SoCal Tech Forum presentation on Saturday, this one on banking technology from Carey Ransom of BankTech Ventures.

FoundrSpace.

Only a small reference to financial identity, but excellent nonetheless. While I live-posted the event here on my personal LinkedIn account, I wanted to summarize my three main takeaways from Bredemarket’s perspective.

One: Differentiate

Yes, community banks need to differentiate. Perhaps back in the 1980s before the advent of national banks, community banks could offer a standard suite of services for their communities. But now they’re competing against national banks that do business in their prospects’ communities, and in their prospects’ phones. (We will get to phones in a minute.)

One example Ransom gave: why do community banks offer credit cards? Are their credit cards better than the credit cards from the Really Big (Banking) Bunch? Probably not.

But unlike the Capital Ones and Chimes of the world, community banks know their communities. And they know what local businesses need, and are ideally suited to deliver this. (We will get to services in two minutes.)

Yes, I know that Bank of America may have someone attending and sponsoring your local events, but that person is not Brian Moynihan. And if you don’t know who Moynihan is, your prospects don’t know him either.

Two: Mobilize

Some time ago I wrote a post about shifts in the banking industry, most notably from imposing branch buildings to locations within grocery stores to your mobile phones.

But John, you may be saying to yourself, you can’t bank on a phone. How do you deposit checks? And how do you get cash?

Well, let’s look at this:

  • Bredemarket hasn’t received a check in over three years, but when one of my clients was paying me by check, I would use my phone to take a picture of it and deposit it.
  • And as for cash, this is needed less and less, especially since many merchants take Apple Pay and Google Pay.

In fact, bank branches are so irrelevant to today’s—and tomorrow’s—bank prospects and customers that Ransom referred to a $3 million dollar bank branch as a really expensive billboard. Probably none of the people who are reading this post WANT to go into a bank branch. 

And those that do? Here’s a little secret: if the average age of the people who bank at your bank is in their 70s, they will…um…not be long-term bank customers. The 18 year olds that will bank for decades? They’re opening accounts on their phones. Can they use a phone to open an account at your bank? And why would they do so? (See the differentiation discussion above.)

Three: Supplement

One way a bank can differentiate is via the services they offer.

At the most basic level, a bank can make money by loaning the funds they receive from deposits.

But they can offer many more services to 21st century clients, thanks to legislation such as the Gramm-Leach-Billey Act that allow financial holding companies to own financial or complementary firms.

And not just investments and wealth management.

Ransom provided an illustrative example: cybersecurity.

Banks need to have expertise in cybersecurity to stay alive, and to comply with Know Your Customer and other financial regulations.

So why not offer cybersecurity services to their customers?

This not only gives the banks another revenue stream, but also reduces the risk that their own customers will experience fraud from hacks.

Four: Market

I know I said there were three takeaways. I lied.

Ransom also noted that CapitalOne spends 20% on marketing, including everything from TV ads to cafes. Your typical community bank spends much less, maybe 1%.

How are your prospects going to know what differentiates your bank if they don’t have awareness of those differentiators?

Perhaps you need content such as case studies or white papers. Even blog posts help ensure that your firm comes up in LLM answers. Your prospects aren’t watching ABC, CBS, or NBC commercials.

From NP Digital.

Or perhaps you need proposal or analysis services.

Bredemarket, a provider of content, proposal, and analysis services to technology (and identity) firms, can work with you to create the words you need. Learn about my offerings and book a free meeting here.

Stop losing prospects! Use Bredemarket content for tech marketers

Upcoming SoCal Tech Forum Presentations at FoundrSpace Rancho Cucamonga

During Saturday’s monthly meetup, the SoCal Tech Forum displayed a list of upcoming events.

January 3rd’s “Fraud Detection in FinTech” presentation looks promising.

Details here.

And on Monday I will have more to say on the meeting I attended yesterday.

Bredemarket Identity Assurance Level 3 (IAL3) Posts Over the Years

I’m preparing to promote four of my Identity Assurance Level 3 (IAL3) Bredemarket blog posts on my social media channels. You know, the posts that discuss in-person and remote supervised identity proofing. But I said to myself, “Self, why not re-promote them on the blog also?”

12/3/2020 IAL3 post

From the Bredemarket blog, December 2020:

“The U.S. National Institute of Standards and Technology has defined ‘identity assurance levels’ (IALs) that can be used when dealing with digital identities. It’s helpful to review how NIST has defined the IALs.”

“Identity assurance levels (IALs) and digital identity”: https://bredemarket.com/2020/12/03/identity-assurance-levels-ials-and-digital-identity/

7/19/2023 IAL3 post

From the Bredemarket blog, July 2023:

“If we ignore IAL1 and concentrate on IAL2 and IAL3, we can see one difference between the two. IAL2 allows remote, unsupervised identity proofing, while IAL3 requires (in practice) that any remote identity proofing is supervised.”

“The Difference Between Identity Assurance Levels 2 and 3”: https://bredemarket.com/2023/07/19/ial2-vs-ial3/

8/11/2025 IAL3 post

From the Bredemarket blog, August 2025:

“I’ve talked about Identity Assurance Levels 1, 2, and 3 on several occasions…..But as usually happens, IAL2 is yesterday’s news. Because biometric tech always gets harder better faster stronger.”

“Identity Assurance Level 3 (IAL3): When Identity Assurance Level 2 (IAL2) Isn’t Good Enough”: https://bredemarket.com/2025/08/11/ial3-when-ial2-isnt-good-enough/

9/17/2025 IAL3 post

From the Bredemarket blog, September 2025:

“Governments aren’t the only entities that need to definitively know identities in critically important situations.

“What about banks and other financial institutions, which are required by law to know their customers?

“Now the bank assumed a level of risk by [accepting a Bredemarket client check in a remote unsupervised manner] especially since the deposited check would not be in the bank’s physical possession after the deposit was completed.

“But guess what? The risk was acceptable for my transactions. I’m disclosing Bredemarket company secrets, but that client never wrote me a million dollar check.

“What about remote supervised transactions at financial institutions, where you are not physically present, but someone at the bank remotely sees you and everything you do?

“It turns out that the identity verification providers support video sessions between businesses (such as banks) and their customers.”

“Unlocking High-Value Financial Transactions: The Critical Role of Identity Assurance Level 3 (IAL3)”: https://bredemarket.com/2025/09/17/financial-ial3/

Unlocking High-Value Financial Transactions: The Critical Role of Identity Assurance Level 3 (IAL3)

(Picture designed by Freepik.)

I’ve previously discussed the difference between Identity Assurance Level 2 (IAL2) and Identity Assurance Level 3 (IAL3). The key differentiator is that IAL3 requires either (1) in-person identity proofing or (2) remote supervised identity proofing.

Who and how to use IAL3

Who can provide remote supervised identity proofing?

“NextgenID Trusted Services Solution provides Supervised Remote Identity Proofing identity stations to collect, review, validate, proof, and package IAL-3 identity evidence and enrollment data for CSPs operating at IAL-3.”

And there are others who can provide the equivalent of IAL3, as we will see later.

How do you supervise a remote identity proofing session?

“The camera(s) a CSP [Credential Service Provider] employs to monitor the actions taken by a remote applicant during the identity proofing session should be positioned in such a way that the upper body, hands, and face of the applicant are visible at all times.”

But that doesn’t matter with me now. What matters to me is WHEN we need remote identity proofing sessions.

Mitek Systems’ Adam Bacia provides one use case:

“IAL3 is reserved for high-risk environments such as sensitive government services.”

So that’s one use case.

But there is another.

When to use IAL3 for financial transactions

Governments aren’t the only entities that need to definitively know identities in critically important situations.

What about banks and other financial institutions, which are required by law to know their customers?

Now it’s one thing when one of my Bredemarket clients used to pay me by paper check. Rather than go to the bank and deposit it in person at a teller window (in person) or at an ATM (remote supervised), I would deposit the check with my smartphone app (remote unsupervised).

Now the bank assumed a level of risk by doing this, especially since the deposited check would not be in the bank’s physical possession after the deposit was completed.

But guess what? The risk was acceptable for my transactions. I’m disclosing Bredemarket company secrets, but that client never wrote me a million dollar check. Actually, none of my clients has ever written me a million dollar check. (Perhaps I should raise my rates. It’s been a while. If I charge an hourly rate of $100,000, I will get those million dollar checks!)

So how do financial institutions implement the two types of IAL3?

In-person

Regarding IAL3 and banks, in-person transactions are supported in certain cases, even with the banks’ moves to close branches.

“If you need to initiate a funds transfer payment, an authorized signer for your account may also initiate funds (wire) transfers at any Chase branch.”

Note the use of the word “may.” However, if you don’t want to go to a branch to make a wire transfer, you have to set up an alternate method in advance.

Remote supervised

What about remote supervised transactions at financial institutions, where you are not physically present, but someone at the bank remotely sees you and everything you do? Every breath you take? And every move you make? Etcetera.

It turns out that the identity verification providers support video sessions between businesses (such as banks) and their customers. For example, Incode’s Developer Hub includes several references to a video conference capability. 

To my knowledge, Incode has not publicly stated whether any of its financial identity customers are employing this video conference capability, but it’s certainly possible. And when done correctly, this can support the IAL3 specifications.

Why to use IAL3 for financial transactions

For high-risk transactions such as ones with high value and ones with particular countries, IAL3 protects both the financial institutions and their customers. It lessens the fraud risk and the possible harm to both parties.

Some customers may see IAL3 as an unnecessary bureaucratic hurdle…but they would feel differently if THEY were the ones getting ripped off.

This is why both financial institutions and identity verification vendors need to explain the benefits of IAL3 procedures for riskier transactions. And do it in such a way that the end customers DEMAND IAL3.

To create the content to influence customer perception, you need to answer the critically important questions, including why, how, and benefits. (There are others.)

And if your firm needs help creating that content, Underdog is here.

I mean Bredemarket is here.

Visit https://bredemarket.com/mark/ and schedule a time to talk to me—for free. I won’t remotely verify your identity during our videoconference, but I will help you plan the content your firm needs.

Who or What is Evaluating Your Proposal?

As I’ve said before, you should write a proposal that resonates with the people who read it. In marketing terms, you write for the key personas in your target audience.

But what if your target audience never reads your proposal?

Diella, Albanian Minister of Procurement

In Albania, it’s possible that no person will read it.

“A new minister in Albania charged to handle public procurement will be impervious to bribes, threats, or attempts to curry favour. That is because Diella, as she is called, is an AI-generated bot.

“Prime Minister Edi Rama, who is about to begin his fourth term, said on Thursday that Diella, which means “sun” in Albanian, will manage and award all public tenders in which the government contracts private companies for various projects.”

Imagen 4.

The intent is to stop corruption from “gangs seeking to launder their money from trafficking drugs and weapons.”

When people evaluate proposals

But how savvy is Diella?

Let me provide a proposal evaluation example that has nothing to do with corruption, but illustrates why AI must be robust.

A couple of years before I became a proposal writer, I was a Request for Proposals (RFP) writer…sort of. A Moss Adams consultant and I assembled an RFP that required respondents to answer Yes or No to a checklist of questions.

When the consultant and I received the proposals, we selected two finalists…neither of whom responded “Yes” to every question like some submissions. 

We figured that the ones who said “Yes” were just trying to get the maximum points, whether they could do the work or not. 

Imagen 4.

The two finalists gave some thought to the requirements and raised legitimate concerns.

Can Diella detect corruption?

Hopefully Diella is too smart to be fooled by such shenanigans. But how can she keep the gangs out of Albania’s government procurements?

Imagen 4.

Certainly on one level Diella can conduct a Know Your Business check to ensure a bidder isn’t owned by a gang leader. But as we’ve seen before in Hungary, the beneficial owner may not be the legal owner. Can Diella detect that?

Add to this the need to detect whether the entity can actually do what it says it will do. While I appreciate that the removal of humans prevents a shady procurement official from favoring an unqualified bidder, at the same time you end up relying on a bot to evaluate the bidders’ claims to competency.

Of course this could all be a gimmick, and Diella will do nothing more than give the government the aura of scientific selection, while in reality the same procurement officers will do the same things, with the same results.

Let’s see what happens with the next few bids.

My Continuing (Positive) Experiences With Wildebeest Bank

(CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=245337.)

The names and identification numbers have been changed to protect my PII.

Early this morning, I received an email from my bank, Wildebeest Bank.

Your Wildebeest Bank debit card transaction was declined.

A transaction on your debit card ending in 1234 was declined.

So I went to my Wildebeest Bank app to see what company tried to charge to my card, and how much they tried to charge. But I found nothing.

Then I realized that my debit card does NOT end in 1234, but in 5678. I’ve had that debit card since…well, since May 2024, when “enron*publications us” fraudulently charged $8.28 to my card that DID end in 1234.

Wildebeest Bank cancelled that card immediately and issued a new one.

And no one tried to use that old card until today.

And Wildebeest Bank just laughed at the attempt, not even bothering to inform me of the details.

Oh Heck, I Look Like a Scammer

Scamicide recently talked about a “free piano scam” where the scammer gifts the victim a piano for free—if the victim pays delivery costs northwards of $600—in advance. Guess what never gets delivered?

The post goes on to say:

“A big indication that this is a scam is that the moving company asks for payment by Zelle or cryptocurrencies.  No legitimate business asks for payment by Zelle or cryptocurrencies, but scammers often do because of the anonymity for these types of payments and the difficulty in tracing or reversing payments made in this manner.”

Well, Bredemarket doesn’t REQUIRE Zelle…but I take it. (No crypto.)

Crypto Transfers Without KYC

(Imagen 4)

Have you ever played a smartphone game that gives you a teeny bit of crypto?

So little crypto that it’s not measured in Bitcoin, but in satoshis (where 100 million satoshis equals one bitcoin)?

If so, you probably didn’t have to undergo a Know Your Customer (KYC) check to verify your financial identity.

Renno and Company explains why not:

“If a virtual currency transfer of $1,000 or more occurs, the client’s identity must be verified. This step is critical in the digital currency world, where anonymity can lead to misuse.

“If there is a virtual currency exchange of $1,000 or more, identity verification is also required. This helps ensure that all exchanges are transparent and not used for illegal purposes.”

If you find a smartphone game that pays more than $1,000 a pop…let me know.

And if you want to transact crypto, StealthEX supports no-KYC transactions:

“Thanks to StealthEX you can now purchase an amount of crypto without KYC if it’s less than $700 or the equivalent of this amount in other currencies. As long as your total purchases don’t exceed $700, you don’t have to verify your identity. You can make one big purchase or several small $20, $50 or $100 transactions. StealthEX allows users to seamlessly exchange their assets across chains in minutes without the need to verify their identity.”

Yeah, $700 rather than $1,000. StealthEX is…um…playing it safe.