identity – Page 23 – Bredemarket

Why Your Identity Company Isn’t Saying Anything

Bredemarket spends a lot of its time on competitive analysis, either as part of client projects, or for my own personal edification. For example, right now I’m working on a client project and analyzing 20 of the client’s competitors in over 20 markets serving hundreds of customers.

But when I perform competitive analysis, I use entirely ethical and legal methods to obtain my competitive information. Nothing clandestine that will get me in trouble.

Painting of French spy captured during the Franco-Prussian War. By Alphonse-Marie-Adolphe de Neuville – [1], Public Domain, https://commons.wikimedia.org/w/index.php?curid=38398454

But sometimes the well of competitive information goes dry. Companies go silent and then come back, with no explanation of why its former communications were…um…incomplete.

From Jive Records. Fair use, https://en.wikipedia.org/w/index.php?curid=1956883

Of course, I don’t know why a particular company suddenly decides that prospect/customer communication isn’t critically important.

But this got me thinking. How often DO companies go silent?

And I had an excellent way to conduct a mini-survey and find out.

Are the 40+ blogging identity firms still blogging?

Back in September, I identified over 40 identity firms that w ere blogging, some more frequently than others. Blogging provides quantifiable benefits, and these companies were obviously taking advantage of those benefits.

Data source: Daily Infographic, https://www.dailyinfographic.com/state-of-blogging-industry

But that was back in September. How many of those companies were still actively blogging in mid-December? I wanted to find out, so I conducted a mini-survey of those identity blogs. Of the 40+ companies whose blogs and articles had identifiable posting dates:

21 had blogged at least once this month (December).
11 had last blogged in November.
3 had last blogged in October.
7 hadn’t blogged since the 3rd calendar quarter of 2023 (July – September).
4 hadn’t blogged since the 2nd calendar quarter (April – June).
1 hadn’t blogged since the 1st calendar quarter (January – March).
1 hadn’t blogged at all in 2023. Perhaps it forgot it had a blog, or a former employee never surrendered the password.

A little quiet, aren’t you? By Lorelei7, CC BY-SA 3.0, https://commons.wikimedia.org/w/index.php?curid=3164780

My mini-survey shows that of the 40+ identity firms with blogs, about one-third of them HAVEN’T SAID A SINGLE THING to their prospects and customers in the last two months.

Is your firm failing to engage in identity blog post writing, even though you have a blog?

But what about other communications?

To be fair, this is not a complete measure of corporate content marketing. While some of these companies hadn’t blogged on their own websites, they HAD communicated on Instagram (Mark Zuckerberg’s website), LinkedIn (Satya Nadella’s website), X (Elon Musk’s website), YouTube (Sundar Pichai’s website), and other websites controlled by other people. Great traffic for Zuck et al…not so great traffic for the companies.

More importantly, some of these companies communicate via email, which is a great way to find out what the company is doing…if the company has your email address.

If the company doesn’t have your email address, and if it isn’t blogging, then it’s going to be hard for prospects to find company information.

So why is your identity firm ignoring your customers?

Some identity companies with blogs and similar mechanisms are consciously making the choice to NOT communicate with their prospects and customers.

Why not?

There are many reasons. Here are five reasons that Full Funnel identified.

A couple of them have already been addressed by Bredemarket, such as “we don’t have the time.” (Bredemarket has the time.)
But I would like to dive into Full Funnel’s fourth reason: “we don’t have anything to say.” I encourage you to read Full Funnel’s response to that objection, because I agree with it. Your firm MUST have something to say if it wants to differentiate itself and remain viable. If you don’t have anything to say, prospects will go to your more talkative competitors.

When is your identity company going to start communicating with your prospects and customers?

If your identity company has fallen down on the blogging front, it’s best to restart the process as soon as possible. As I’ve said before, content marketing doesn’t yield immediate results. A particular piece of content may not result in a sale until six or twelve months later, or longer. Delaying the implementation simply delays the benefits I mentioned above.

So if your identity company is failing to reach your prospects and customers with content, why don’t you talk with Bredemarket now and develop a plan to reach them?

Yes, I know we’re right in the middle of the holidays, and some of you will put this off until next week, or probably the week after next.

For me, that’s just as well. That gives me more time to talk to your competitors and get their content process moving.

If you DON’T want your competitors to get in line ahead of you, click the image below and schedule a meeting. I’m available this week and most of next week.

Drive content results with Bredemarket Identity Firm Services.

Stand Out From the Identity Crowd

*Dionne Quintuplets – School Days*, painting by Andrew Loomis, 1938. By Andrew Loomis – https://www.flickr.com/photos/lac-bac/7797309642/in/album-72157631099965608/, CC BY 2.0, https://commons.wikimedia.org/w/index.php?curid=56000992

A note to those of you in the identity/biometrics industry.

From Sandeep Kumar, A. Sony, Rahul Hooda, Yashpal Singh, in Journal of Advances and Scholarly Researches in Allied Education | Multidisciplinary Academic Research, “*Multimodal Biometric Authentication System for Automatic Certificate Generation*.”

Gartner has released a new report, “Emerging Tech: Security — How to Stay Relevant as an Identity Verification Vendor.” Because it’s better to be relevant than to be irrelevant.

Anthropological Alphonse Bertillon. By Jebulon – Own work, stitching of archives of Service Regional d’Identité Judiciaire, Préfecture de Police, Paris., CC0, https://commons.wikimedia.org/w/index.php?curid=37546591

When co-author Akif Khan promoted the report on LinkedIn, he made the following comment:

Identity verification (which Gartner defines as the ID-plus-selfie process) is arguably the topic that I get the most inquiry calls about, but I also cover >70 vendors in this space. My end-user clients struggle to differentiate between them, and as the market evolves, it will become tougher to stand out in the crowd.
From LinkedIn.

C. Maxine Most of Acuity Market Intelligence advocates a similar message about the need to stand out. She provides the following to her clients:

Innovate, differentiate, and outmaneuver the competition
From https://www.acuitymi.com/.

It is in the vendors’ interest to keep the identity market from becoming a commodity market. But how can vendors keep the market from becoming commoditized when (almost) everyone is sharing the exact same message?

Why are you in business? To provide trust.
What do you do? Trust stuff.
How do you do this? Trust us.

If all the identity companies are peddling the exact same thing, the cheapest vendor wins.

Which is why certain vendors strive to do things differently.

And I’m here to help.

I ask my clients questions before I start work so that we can craft the client’s unique message. Read Bredemarket’s e-book “Seven Questions Your Content Creator Should Ask You” for more details.

Are you ready to craft a message that looks just like everybody else? Well, I CAN’T help you with that.

Are you ready to craft your own message? Then let me tell you how Bredemarket CAN help you do this.

Identification Perfection is Impossible

(Part of the biometric product marketing expert series)

There are many different types of perfection.

Jehan Cauvin (we don’t spell his name like he spelled it). By Titian – Bridgeman Art Library: Object 80411, Public Domain, https://commons.wikimedia.org/w/index.php?curid=6016067

This post concentrates on IDENTIFICATION perfection, or the ability to enjoy zero errors when identifying individuals.

The risk of claiming identification perfection (or any perfection) is that a SINGLE counter-example disproves the claim.

If you assert that your biometric solution offers 100% accuracy, a SINGLE false positive or false negative shatters the assertion.
If you claim that your presentation attack detection solution exposes deepfakes (face, voice, or other), then a SINGLE deepfake that gets past your solution disproves your claim.
And as for the pre-2009 claim that latent fingerprint examiners never make a mistake in an identification…well, ask Brandon Mayfield about that one.

In fact, I go so far as to avoid using the phrase “no two fingerprints are alike.” Many years ago (before 2009) in an International Association for Identification meeting, I heard someone justify the claim by saying, “We haven’t found a counter-example yet.” That doesn’t mean that we’ll NEVER find one.

You’ve probably heard me tell the story before about how I misspelled the word “quality.”

In a process improvement document.

While employed by Motorola (pre-split).

At first glance, it appears that Motorola would be the last place to make a boneheaded mistake like that. After all, Motorola is known for its focus on quality.

But in actuality, Motorola was the perfect place to make such a mistake, since it was one of the champions of the “Six Sigma” philosophy (which targets a maximum of 3.4 defects per million opportunities). Motorola realized that manufacturing perfection is impossible, so manufacturers (and the people in Motorola’s weird Biometric Business Unit) should instead concentrate on reducing the error rate as much as possible.

So one misspelling could be tolerated, but I shudder to think what would have happened if I had misspelled “quality” a second time.

Announcing a WhatsApp Channel for Identity, Biometrics, ID Documents, and Geolocation

I’ve previously stated that Bredemarket is present on a bunch of social platforms.

Well, if you’re a subscriber to the Bredemarket mailing list, or to the Bredemarket Threads account, then you already know what I’m about to say. Bredemarket is now on one additional social platform…kinda sorta.

I’ll explain:

What WhatsApp channels are.
How this impacted me.
Most importantly, why this may, or may not, impact you.

(Long-time readers of the Bredemarket blog see what I did there. In reverse.)

What are WhatsApp channels?

Meta, the company that owns Facebook, Instagram, WhatsApp, Threads, and half the known universe, wants to keep people on those social platforms. They can check out any time they like, but they can never leave.

Scanned by Wikipedia user David Fell from the CD cover, Fair use, https://en.wikipedia.org/w/index.php?curid=14790284

So now WhatsApp, the service that was originally intended for PRIVATE communications between people that knew each other’s phone numbers, is now your latest source for Kardashians news. Seriously; there are millions of people who follow the Daily Mail’s “Kardashians News” channel.

No, this is NOT a Kardashian (yet), but this is something that @cultpopcult would post (with a misattribution) so I’m doing it myself. By Office of Congressman Greg Steube – https://twitter.com/RepGregSteube/status/1451579098606620673, Public Domain, https://commons.wikimedia.org/w/index.php?curid=112088903

Some people are kinda sorta breathless about this, if you take the IMM Institute’s LinkedIn article “WhatsApp Channels: Revolutionising Business Communication” as evidence.

WhatsApp, a widely used messaging platform, has recently introduced a revolutionary feature known as WhatsApp Channels. This innovation empowers businesses to thrive by effectively communicating with a broader audience, sharing vital information, and engaging with customers in a more personalised and efficient manner.
From LinkedIn.

Revolutionary? Frankly, this isn’t any more revolutionary than the similar broadcasting feature in Instagram, with one important difference: not everyone can create an Instagram channel, but anyone with WhatsApp channel access can set up their own channel.

Which got me thinking.

How I was impacted by WhatsApp Channels

I began mulling over whether I should create my own WhatsApp channel, but initially decided against it. Bredemarket has enough social media properties already, and the need to put Bredemarket stuff on WhatsApp is not pressing (the “100” WhatsApp group members get enough Bredemarket stuff already). The chances of someone ONLY being on WhatsApp and not on ANY other channel are slim.

I’d just follow the existing WhatsApp channels on identity, biometrics, and related topics.

But I couldn’t find any.

So I created my own channel last Friday entitled “Identity, Biometrics, ID Documents, and Geolocation.”

Why should you care?

Why should you care about my WhatsApp identity channel? Maybe you SHOULDN’T.

If you don’t use WhatsApp, ignore the WhatsApp channel.

If you use WhatsApp but have other sources for identity industry information (such as my Facebook group/LinkedIn page), ignore the WhatsApp channel.

But if you love WhatsApp AND identity, here is the follow link for “Identity, Biometrics, ID Documents, and Geolocation.”

https://whatsapp.com/channel/0029VaARoeEKbYMQE9OVDG3a

Geolocation Identifies People (Who Don’t Want To Be Identified)

A person in Upland, California posted this on the local NextDoor. While anecdotal and not statistical, in this case the geolocation capabilities of a device (in this case AirPods) identified someone in possession of a stolen vehicle.

https://nextdoor.com/p/ks5wW5n_csJB?utm_source=share&extras=NDk4MjIxOTI%3D

Login.gov and IAL2 #realsoonnow

Back in August 2023, the U.S. General Services Administration published a blog post that included the following statement:

Login.gov is on a path to providing an IAL2-compliant identity verification service to its customers in a responsible, equitable way. Building on the strong evidence-based identity verification that Login.gov already offers, Login.gov is on a path to providing IAL2-compliant identity verification that ensures both strong security and broad and equitable access.
From https://www.gsa.gov/blog/2023/08/18/reducing-fraud-and-increasing-access-drives-record-adoption-and-usage-of-logingov

It’s nice to know…NOW…that Login.gov is working to achieve IAL2.

This post explains what the August 2023 GSA post said, and what it didn’t say.

But first, I’ll define what Login.gov and “IAL2” are.

What is Login.gov?

Here is what Login.gov says about itself:

Login.gov is a secure sign in service used by the public to sign in to participating government agencies. Participating agencies will ask you to create a Login.gov account to securely access your information on their website or application.

You can use the same username and password to access any agency that partners with Login.gov. This streamlines your process and eliminates the need to remember multiple usernames and passwords.
From https://www.login.gov/what-is-login/

From https://www.gsa.gov/about-us/organization/federal-acquisition-service/technology-transformation-services

Obviously there are a number of private companies (over 80 last I counted) that provide secure access to information, but Login.gov is provided by the government itself—specifically by the General Services Administration’s Technology Transformation Services. Agencies at the federal, state, and local level can work with the GSA TTS’ “18F” organization to implement solutions such as Login.gov.

Why would agencies implement Login.gov? Because the agencies want to protect their constituents’ information. If fraudsters capture personally identifiable information (PII) of someone applying for government services, the breached government agency will face severe repurcussions. Login.gov is supposed to protect its partner agencies from these nightmares.

How does Login.gov do this?

Sometimes you might use two-factor authentication consisting of a password and a second factor such as an SMS code or the use of an authentication app.
In more critical cases, Login.gov requests a more reliable method of identification, such as a government-issued photo ID (driver’s license, passport, etc.).

What is IAL2?

At the risk of repeating myself, I’ll briefly go over what “Identity Assurance Level 2” (IAL2) is.

From https://pages.nist.gov/800-63-3/sp800-63a.html

The U.S. National Institute of Standards and Technology, in its publication NIST SP 800-63a, has defined “identity assurance levels” (IALs) that can be used when dealing with digital identities. It’s helpful to review how NIST has defined the IALs. (I’ll define the other acronyms as we go along.)

Assurance in a subscriber’s identity is described using one of three IALs:

IAL1: There is no requirement to link the applicant to a specific real-life identity. Any attributes provided in conjunction with the subject’s activities are self-asserted or should be treated as self-asserted (including attributes a [Credential Service Provider] CSP asserts to an [Relying Party] RP). Self-asserted attributes are neither validated nor verified.

IAL2: Evidence supports the real-world existence of the claimed identity and verifies that the applicant is appropriately associated with this real-world identity. IAL2 introduces the need for either remote or physically-present identity proofing. Attributes could be asserted by CSPs to RPs in support of pseudonymous identity with verified attributes. A CSP that supports IAL2 can support IAL1 transactions if the user consents.

IAL3: Physical presence is required for identity proofing. Identifying attributes must be verified by an authorized and trained CSP representative. As with IAL2, attributes could be asserted by CSPs to RPs in support of pseudonymous identity with verified attributes. A CSP that supports IAL3 can support IAL1 and IAL2 identity attributes if the user consents.
From https://pages.nist.gov/800-63-3/sp800-63a.html#sec2

So in its simplest terms, IAL2 requires evidence of a verified credential so that an online person can be linked to a real-life identity. If someone says they’re “John Bredehoft” and fills in an online application to receive government services, IAL2 compliance helps to ensure that the person filling out the online application truly IS John Bredehoft, and not Bernie Madoff.

As more and more of us conduct business—including government business—online, IAL2 compliance is essential to reduce fraud.

One more thing about IAL2 compliance. The mere possession of a valid government issued photo ID is NOT sufficient for IAL2 compliance. After all, Bernie Madoff may be using John Bredehoft’s driver’s license. To make sure that it’s John Bredehoft using John Bredehoft’s driver’s license, an additional check is needed.

This has been explained by ID.me, a private company that happens to compete with Login.gov to provide identity proofing services to government agencies.

Biometric comparison (e.g., selfie with liveness detection or fingerprint) of the strongest piece of evidence to the applicant
From https://network.id.me/article/what-is-nist-ial2-identity-verification/

So you basically take the information on a driver’s license and perform a facial recognition 1:1 comparison with the person possessing the driver’s license, ideally using liveness det e ction, to make sure that the presented person is not a fake.

From https://www.nist.gov/news-events/news/2023/09/whats-wrong-picture-nist-face-analysis-program-helps-find-answers

So what?

So the GSA was apparently claiming how secure Login.gov was. Guess who challenged the claim?

The GSA.

Now sometimes it’s ludicrous to think that the government can police itself, but in some cases government actually identifies government faults.

Of course, this works best when you can identify problems with some other government entity.

Which is why the General Services Administration has an Inspector General. And in March 2023, the GSA Inspector General released a report with the following title: “GSA Misled Customers on Login.gov’s Compliance with Digital Identity Standards.”

The title is pretty clear, but Fedscoop summarized the findings for those who missed the obvious:

As part of an investigation that has run since last April (2022), GSA’s Office of the Inspector General found that the agency was billing agencies for IAL2-compliant services, even though Login.gov did not meet Identity Assurance Level 2 (IAL2) standards.

GSA knowingly billed over $10 million for services provided through contracts with other federal agencies, even though Login.gov is not IAL2 compliant, according to the watchdog.
From https://fedscoop.com/gsa-login-gov-watchdog-report/

So now GSA is explicitly saying that Login.gov ISN’T IAL2-compliant.

Which helps its private sector competitors.

Does Your Identity/Biometric Research Project Need Excel…or Bredemarket?

Does your identity/biometric firm require research?

Here’s one way for your researcher to organize the research data.
And if you need a researcher, I’ll address that also.

Introduction

When talking about marketing tools, two words that don’t seem to go together are “marketing” and “Excel” (the Microsoft spreadsheet product). Because I’m in marketing, I encounter images like this all the time.

From Daniel Murray, https://www.linkedin.com/posts/daniel-murray-marketing_you-never-realize-how-much-math-marketing-activity-7071849222035177472-Pp_-/

Daniel Murrary (of Marketing Millennials fame), who used the image above in a LinkedIn post, noted that the statement is incorrect.

You never realize how much math marketing has, but excel is an underrated marketing skill.
From https://www.linkedin.com/posts/daniel-murray-marketing_you-never-realize-how-much-math-marketing-activity-7071849222035177472-Pp_-/

It’s true that marketing analytics requires a ton of Excel work. I’m not going to talk about marketing analytics here, but if you have an interest in using Excel for marketing analytics, you may want to investigate HubSpot Academy’s free Excel crash course.

From HubSpot, https://academy.hubspot.com/courses/excel-training-crash-course

But even if you DON’T pursue the analytic route, Excel can be an excellent ORGANIZATIONAL tool. As you read the description below, ask yourself whether my Bredemarket consultancy can perform similar organization for YOU.

Excel as an organizational tool

As I write this, Bredemarket is neck-deep in a research project for a client. A SECRET research project.

By Unnamed photographer for Office of War Information. – U.S. Office of War Information photo, via Library of Congress website [1], converted from TIFF to .jpg and border cropped before upload to Wikimedia Commons., Public Domain, https://commons.wikimedia.org/w/index.php?curid=8989847

While I won’t reveal the name of the client or the specifics about the research project, I can say that the project requires me to track the following information:

Organization name.
Organization type (based upon fairly common classifications).
Organization geographic location.
Vendor providing services to the organization.
Information about the contract between the vendor and the organization.
A multitude of information sources about the organization, the vendor, and the relationship between the two.

To attack the data capture for this project, I did what I’ve done for a number of similar projects for Bredemarket, Incode, IDEMIA, MorphoTrak, et al.

I threw all the data into a worksheet in an Excel workbook.

By Microsoft Corporation – Screenshot created and uploaded by Paowee., https://en.wikipedia.org/w/index.php?curid=58004382

I can then sort and filter it to my heart’s content. Ror example, if I want to just view the rows for which I have contract information, I can just look at that.

Bredemarket as an identity/biometric research service

And sometimes I get even fancier.

From Spreadsheet Web, “How to combine data from multiple sheets.” https://www.spreadsheetweb.com/how-to-combine-data-from-multiple-sheets/

For one organization I created a number of different worksheets within a single workbook, in which the worksheet data all fed into a summary worksheet. This allowed my clients to view data either at the detailed level or at the summary level.

From Microsoft, “Report a Table Like Excel Pivot Table,” https://community.fabric.microsoft.com/t5/Desktop/Report-a-Table-like-Excel-Pivot-Table/m-p/565724

For another organization I collected the data from an external source, opened it in Excel, performed some massaging, and then pivoted the data into a new view so that it could then be exported out of Excel and into a super-secret document that I cannot discuss here.

Now none of this (well, except maybe for the pivot) is fancy stuff, and most of it (except for the formulas linking the summary and detailed worksheets) is all that hard to do. But it turns out that Excel is an excellent tool to deal with this data in certain cases.

Which brings me to YOUR research needs.

After all, Bredemarket doesn’t just write stuff.

Sometimes it researches stuff, especially in the core area of biometrics and identity.

After all, I offer 29 years of experience in this area, and I draw on that experience to get answers to your questions.

Unlike the better-bounded projects that require only a single blog post or a single white paper, I quote research projects at an hourly rate or on retainer (where I’m embedded with you).

By Staff Sgt. Michael L. Casteel – [1], Public Domain, https://commons.wikimedia.org/w/index.php?curid=2407244

So if you have a research project that you haven’t been able to get going, contact Bredemarket to get it unstuck and to move forward.

Time for the FIRST Iteration of Your Firm’s UK Online Safety Act Story

By Adrian Pingstone – Transferred from en.wikipedia, Public Domain, https://commons.wikimedia.org/w/index.php?curid=112727

A couple of weeks ago, I asked this question:

Is your firm affected by the UK Online Safety Act, and the future implementation of the Act by Ofcom?
From https://bredemarket.com/2023/10/30/uk-online-safety-act-story/

Why did I mention the “future implementation” of the UK Online Safety Act? Because the passage of the UK Online Safety Act is just the FIRST step in a long process. Ofcom still has to figure out how to implement the Act.

Ofcom started to work on this on November 9, but it’s going to take many months to finalize—I mean finalise things. This is the UK Online Safety Act, after all.

This is the first of four major consultations that Ofcom, as regulator of the new Online Safety Act, will publish as part of our work to establish the new regulations over the next 18 months.

It focuses on our proposals for how internet services that enable the sharing of user-generated content (‘user-to-user services’) and search services should approach their new duties relating to illegal content.
From https://www.ofcom.org.uk/consultations-and-statements/category-1/protecting-people-from-illegal-content-online

On November 9 Ofcom published a slew of summary and detailed documents. Here’s a brief excerpt from the overview.

Mae’r ddogfen hon yn rhoi crynodeb lefel uchel o bob pennod o’n hymgynghoriad ar niwed anghyfreithlon i helpu rhanddeiliaid i ddarllen a defnyddio ein dogfen ymgynghori. Mae manylion llawn ein cynigion a’r sail resymegol sylfaenol, yn ogystal â chwestiynau ymgynghori manwl, wedi’u nodi yn y ddogfen lawn. Dyma’r cyntaf o nifer o ymgyngoriadau y byddwn yn eu cyhoeddi o dan y Ddeddf Diogelwch Ar-lein. Mae ein strategaeth a’n map rheoleiddio llawn ar gael ar ein gwefan.
From https://www.ofcom.org.uk/__data/assets/pdf_file/0021/271416/CYM-illegal-harms-consultation-chapter-summaries.pdf

Oops, I seem to have quoted from the Welsh version. Maybe you’ll have better luck reading the English version.

This document sets out a high-level summary of each chapter of our illegal harms consultation to help stakeholders navigate and engage with our consultation document. The full detail of our proposals and the underlying rationale, as well as detailed consultation questions, are set out in the full document. This is the first of several consultations we will be publishing under the Online Safety Act. Our full regulatory roadmap and strategy is available on our website.
From https://www.ofcom.org.uk/__data/assets/pdf_file/0030/270948/illegal-harms-consultation-chapter-summaries.pdf

If you want to peruse everything, go to https://www.ofcom.org.uk/consultations-and-statements/category-1/protecting-people-from-illegal-content-online.

From https://www.ofcom.org.uk/consultations-and-statements/category-1/protecting-people-from-illegal-content-online

And if you need help telling your firm’s UK Online Safety Act story, Bredemarket can help. (Unless the final content needs to be in Welsh.) Click below!

Kelly Shepherd, #fakefakefake

My belief that everything on the Internet is true has been irrevocably shattered, all because of what an entertainment executive ordered in his spare time. But the Casey Bloys / “Kelly Shepherd” story is just a tiny bit of what is going on with synthetic identities. And X isn’t the only platform plagued by them, as my LinkedIn experience attests.

By the way, this blog post contains pictures of a lot of people. Casey Bloys is real. Some of the others, not so much.

Blame COVID

Casey Bloys. Fair use. From https://wbd.com/leadership/casey-bloys/

Casey Bloys is the Chairman and CEO of HBO and Max Content. Bloys had to start a recent 2024 schedule presentation with an apology, according to Variety. After explaining how passionate he is about his programming, he went back in time a couple of years to a period that we all remember.

So when you think of that mindset, and then think of 2020 and 2021, I’m home, working from home and spending an unhealthy amount of scrolling through Twitter. And I come up with a very, very dumb idea to vent my frustration.
From Variety.

Casey Bloys’ very, very dumb idea

So why did Bloys have to apologize on Thursday? Because of an article that Rolling Stone published on Wednesday. The article led off with this juicy showbiz tidbit about Bloys’ idea for responding to a critic.

“Maybe a Twitter user should tweet that that’s a pretty blithe response to what soldiers legitimately go through on [the] battlefield,” he texted. “Do you have a secret handle? Couldn’t we say especially given that it’s D-Day to dismiss a soldier’s experience like that seems pretty disrespectful … this must be answered!”
From Rolling Stone.

(A note to my younger readers: Twitter used to be a popular social media service that no longer exists. It was replaced by X.)

Eventually Bloys found someone to create the “secret handle.” Sully Temori is now alleging wrongful termination by HBO (which is why we’re learning about these juicy tidbits, via court filings). But in 2021 he was an executive assistant who wanted to get ahead by pleasing his bosses.

This is where Kelly Shepherd enters the story.

Kelly Shepherd, fake vegan mom

From https://twitter.com/KellySh33889356

Ms. Shepherd seems like a nice woman. A mom, a Texan, a herbalist and aromatherapist, and a vegan. (The cows love that last part.)

Most critically, Shepherd is a normal person, not one of those Hollywood showbiz folks. Although Shepherd, who never posted anything on her own, seems to have a distinct motivation to respond to critics of HBO shows. Take her first reply to a critic from (checks notes) Rolling Stone. (Two years later, Rolling Stone would gleefully report on this story. Watch out who you anger.)

From https://twitter.com/KellySh33889356/status/1379101699969720323

alan is always predictably safe and scared in his opinions
From https://twitter.com/KellySh33889356/status/1379101699969720323

Kelly’s other three replies were along the same lines.

All were short one-sentence blurbs.
Most were completely in lower case, because that’s how regular non-Hollywood folk tweet.
All were critical of those who were critical of HBO, accusing them of “shitting on a show about women,” getting their “panties in a bunch,” and being “busy virtue signaling.”

Hey, if I couldn’t eat hamburgers and my home was filled with weird herbs and aromas, I’d be a little mad too.

And then, a little over a week later, it was over, and Kelly Shepherd never tweeted again. Although Temori apparently performed other activities against HBO critics via other methods. Well, until he was terminated.

Did Kelly Shepherd open a LinkedIn account?

But as part of the plan to satisfy Casey Bloys’ angry whims, Kelly Shepherd acquired a social media account, which she could use as a possible proof of identity.

Even though we now know she doesn’t exist.

But X isn’t the only platform plagued with synthetic identities, and some synthetic identities can do much more than anger an entertainment reviewer.

Many of us on LinkedIn are regularly receiving InMails and connection requests (in my case, from profiles with pictures of beautiful women) who say that we are constantly recommended by LinkedIn, who tell us how impressive our profiles are, and who want to contact us outside of the LinkedIn platform via text message or WhatsApp.

Now perhaps some of these messages are from real people, but I seriously doubt that so many of the employees at John Q Wine & Liquor Winery in New York happen to have the last name “Walter.” And the exact same job title.

Let’s take a close look at what Karina has been doing for the last 4+ years. Other than posing in front of her car, of course.

From https://www.linkedin.com/in/karina-walter-853923245/

Ms. Walter is a pretty busy freelance general manager / director / content partnerships manager.

As for her colleague Ms. Alice Walter, she has more experience (having started in 2018) but also has an extensive biography that begins:

The United States is a country with innovative challenges, and there is more room for development in the wine industry at John Q Wine & Liquor Winery. I am motivated and love to learn, and like to be exposed to more different cultures, and hope to develop more careers in my future life.
From https://www.linkedin.com/in/alice-walter-b97bb2113/

Sound familiar?

And you can check out Maria Walter’s profile if you’re so inclined. Or at least check out “her” picture.

Now none of the Walters women tried to contact me, but another “employee” (or maybe it was a “freelancer,” I forget) of this company tried to do so, which led my curious nature to discover yet another hive of fake LinkedIn profiles.

Sadly, one person from this company is a second-degree connection, which means that one of my connections accepted “her” connection request.

Synthetic identities are harmless…right?

Who knows what Karina, Alice, and Maria will do with their LinkedIn profiles?

Will they connect with other professionals?
Will they ask said professionals to move the conversation to SMS or WhatsApp, for whatever reason?
Will they apply for new jobs, using their impressive work history? A 98.8% customer satisfaction rate while managing 1,800 sub-partnerships is remarkable.
Will they apply for bank accounts…or loans?

The fraud possibilities from fake LinkedIn accounts are endless, and could be very costly for any company who falls for a fake synthetic identity. In fact, FiVerity reports that “in 2020, an estimated $20 billion was lost to SIF” (synthetic identity fraud). Which means that LinkedIn account holders and Partnerships Managers Karina, Alice, and Maria Walter could make a LOT of money.

Now banks and other financial institutions have safeguards to verify financial identities of people who open accounts and apply for loans, because fraud reduction is critically important to financial institutions.

Social media companies? Identity is only “important” to them.

They don’t even care about uniqueness (as Worldcoin does), evidenced by the fact that I have more than two X accounts (but none in which I portray a female Texas mom and vegan).

So if someone comes up to you on X or LinkedIn, remember that all may not be as it seems.

What Is Your Firm’s UK Online Safety Act Story?

It’s time to revisit my August post entitled “Can There Be Too Much Encryption and Age Verification Regulation?” because the United Kingdom’s Online Safety Bill is now the Online Safety ACT.

Having passed, eventually, through the UK’s two houses of Parliament, the bill received royal assent (October 26)….

[A]dded in (to the Act) is a highly divisive requirement for messaging platforms to scan users’ messages for illegal material, such as child sexual abuse material, which tech companies and privacy campaigners say is an unwarranted attack on encryption.
From Wired.

This not only opens up issues regarding encryption and privacy, but also specific identity technologies such as age verification and age estimation.

This post looks at three types of firms that are affected by the UK Online Safety Act, the stories they are telling, and the stories they may need to tell in the future. What is YOUR firm’s Online Safety Act-related story?

What three types of firms are affected by the UK Online Safety Act?

As of now I have been unable to locate a full version of the final final Act, but presumably the provisions from this July 2023 version (PDF) have only undergone minor tweaks.

Among other things, this version discusses “User identity verification” in 65, “Category 1 service” in 96(10)(a), “United Kingdom user” in 228(1), and a multitude of other terms that affect how companies will conduct business under the Act.

I am focusing on three different types of companies:

Technology services (such as Yoti) that provide identity verification, including but not limited to age verification and age estimation.
User-to-user services (such as WhatsApp) that provide encrypted messages.
User-to-user services (such as Wikipedia) that allow users (including United Kingdom users) to contribute content.

What types of stories will these firms have to tell, now that the Act is law?

Stories from identity verification services

For ALL services, the story will vary as Ofcom decides how to implement the Act, but we are already seeing the stories from identity verification services. Here is what Yoti stated after the Act became law:

We have a range of age assurance solutions which allow platforms to know the age of users, without collecting vast amounts of personal information. These include:

Age estimation: a user’s age is estimated from a live facial image. They do not need to use identity documents or share any personal information. As soon as their age is estimated, their image is deleted – protecting their privacy at all times. Facial age estimation is 99% accurate and works fairly across all skin tones and ages.

Digital ID app: a free app which allows users to verify their age and identity using a government-issued identity document. Once verified, users can use the app to share specific information – they could just share their age or an ‘over 18’ proof of age.

From Yoti.

Stories from encrypted message services

Not surprisingly, message encryption services are telling a different story.

MailOnline has approached WhatsApp’s parent company Meta for comment now that the Bill has received Royal Assent, but the firm has so far refused to comment.

Will Cathcart, Meta’s head of WhatsApp, said earlier this year that the Online Safety Act was the most concerning piece of legislation being discussed in the western world….

[T]o comply with the new law, the platform says it would be forced to weaken its security, which would not only undermine the privacy of WhatsApp messages in the UK but also for every user worldwide.

‘Ninety-eight per cent of our users are outside the UK. They do not want us to lower the security of the product, and just as a straightforward matter, it would be an odd choice for us to choose to lower the security of the product in a way that would affect those 98 per cent of users,’ Mr Cathcart has previously said.
From Daily Mail.

Stories from services with contributed content

And contributed content services are also telling their own story.

Companies, from Big Tech down to smaller platforms and messaging apps, will need to comply with a long list of new requirements, starting with age verification for their users. (Wikipedia, the eighth-most-visited website in the UK, has said it won’t be able to comply with the rule because it violates the Wikimedia Foundation’s principles on collecting data about its users.)
From Wired.

What is YOUR firm’s story?

All of these firms have shared their stories either before or after the Act became law, and those stories will change depending upon what Ofcom decides.

Maybe they’ll thank Ofcom for its wise decisions.
Or maybe they’ll say “bye bye, UK” in the same way that many businesses have said “bye bye, Illinois.” (“BIPA” is a four-letter word.)

But what about YOUR firm?

Is your firm affected by the UK Online Safety Act, and the future implementation of the Act by Ofcom?

Do you have a story that you need to tell to achieve your firm’s goals?

Do you need an extra, experienced hand to help out?

Learn how Bredemarket can create content that drives results for your firm.

Click the image below.