identity – Page 3 – Bredemarket

Returning to Lattice Identity

The last time I delved into lattices, it was in connection with the NIST FIPS 204 Module-Lattice-Based Digital Signature Standard. To understand why the standard is lattice-based, I turned to NordVPN:

“A lattice is a hierarchical structure that consists of levels, each representing a set of access rights. The levels are ordered based on the level of access they grant, from more restrictive to more permissive.”

In essence, the lattice structure allows more elaborate access rights.

This article (“Lattice-Based Identity and Access Management for AI Agents”) discusses lattices more. Well, not explicitly; the word “lattice” only appears in the title. But here is the article’s main point:

“We are finally moving away from those clunky, “if-this-then-that” systems. The shift to deep learning means agents can actually reason through a mess instead of just crashing when a customer uses a slang word or a shipping invoice is slightly blurry.”

It then says

“Deep learning changes this because it uses neural networks to understand intent, not just keywords.”

Hmm…intent? Sounds a little somewhat you why…or maybe it’s just me.

But it appears that we sometimes don’t care about the intent of AI agents.

“If you gave a new employee the keys to your entire office and every filing cabinet on day one, you’d be sweating, right? Yet, that is exactly what many companies do with ai agents by just slapping an api key on them and hoping for the best.”

This is not recommended. See my prior post on attribute-based access control, which led me to focus more on non-person entities (non-human identities).

As should we all.

What Can Your Bot Do?

Just your friendly reminder that you have to vet the identity of a bot just like you do a human.

But how? In 2024 I speculated about the application of factors of authentication to non-human identities.

As I plan to note on Monday, you also have to look at intent.

More Contraction

Back in 2024 I wrote about contraction in the identity/biometric industry.

In retrospect, that industry has been lucky.

At the time I wrote this (yes, this is a scheduled post), I knew of few if any identity/biometric companies that had “right sized” half its staff. 10% maybe, but not 50%.

At least not yet.

If Your Phone Has IMEI 440015202000…

When I posted (two times) the fact that International Mobile Equipment Identity (IMEI) numbers are NOT a reliable way to ascertain the identity of a user, I was pooh-poohed.

Tell that to the people of Bangladesh.

In that country, the National Equipment Identity Register (NEIR) went live on January 1, and it uncovered some surprising findings.

Turns out that tens of millions of phones in Bangladesh share their IMEIs with other phones. A single example:

“According to data generated after NEIR went live on January 1, a single IMEI, 440015202000, was found to be linked to 1,949,088 devices nationwide.”

So will you now admit that an IMEI is not a reliable way to identify an individual phone?

Two Footballs, Two Biscuits, Two Presidents: A Cybersecurity Nightmare.

Last year I wrote about a biscuit and a football, but I wasn’t talking about the snack spread on game day.

I was talking about the tools the United States President uses (as Commander-in-Chief) for identity verification to launch a nuclear attack.

But sometimes you have to pass the football. If the President is temporarily or permanently incapacitated in an attack, the Vice President also has a football and a biscuit. Normally the Vice President’s biscuit isn’t activated, but when certain Constitutional criteria are met it becomes operative.

Other than this built-in redundancy, the system assumes one football, one biscuit, and one President.

If you’re a cybersecurity expert, you know this assumption is the assumption of a fool.

It is not impossible to have duplicate functional footballs and duplicate functional biscuits.

And it is not impossible to have duplicate functional Presidents, with identical face, voice, finger, and iris biometrics. Yes, it’s highly unlikely, but it’s not impossible. If the target is important enough, adversaries will spend the money.

Grok.

And most of us will never know the answer to this question, but how do government cybersecurity experts prevent this?

Today’s Acronym is PADFAA. And It Has Nothing To Do With Liveness Detection or Airplanes.

TAA.

Too many acronyms.

And this one, PADFAA, sounds like a mashup of presentation attack detection and the Federal Aviation Administration.

It isn’t.

PADFAA stands for the “Protecting Americans’ Data from Foreign Adversaries Act of 2024.”

So while it doesn’t involve PAD or the FAA, it does involve PII (personally identifiable information) and the FTC (Federal Trade Commission).

“The Federal Trade Commission sent letters to 13 data brokers warning them of their responsibility to comply with the Protecting Americans’ Data from Foreign Adversaries Act of 2024 (PADFAA).

“PADFAA prohibits data brokers from selling, releasing, disclosing, or providing access to personally identifiable sensitive data about Americans to any foreign adversary, which include North Korea, China, Russia, and Iran, or any entity controlled by those countries. The law defines personally identifiable sensitive data to include health, financial, genetic, biometric, geolocation, and sexual behavior information as well as account or device log-in credentials and government-issued identifiers such as Social Security, passport, or driver’s license numbers.”

Although frankly it’s not a good idea to sell PII to our friends either, but that’s another topic.

How Can Identity/Biometric Product Marketers Cut Through the Slop?

Slop is everywhere, and even I generate slop. (For experimental purposes only, of course.) But slop makes it hard for product marketers to share their messages with prospects.

Bredemarket has adopted two tactics to cut through the slop and ensure my clients’ messages reach those who need to hear it.

Tactic 1: Before I write, I ask

To bound the message I am about to create for an identity/biometric client (or any client), I ask a number of questions. These questions ensure that the question addresses the right people, their concerns, and their fears. I’ve shared seven of my questions elsewhere.

Seven Questions Your Content Creator Should Ask You.

When all the questions are answered, I have a clear roadmap to start writing.

Tactic 2: I act, not the bot

In writing, generative artificial intelligence’s proper place is as an outside advisor, not an author. I’ve shared my thoughts on this on LinkedIn.

I don’t feed the answers to Bredebot and have it churn out something. I pick the words myself.

Now perhaps I might use generative AI to tweak a phrase or two, but I remain in complete control of the entire creative process.

The result?

I believe, and my clients also believe, that this careful approach to content results in pieces that are differentiated from the mass-churned content of others.

So my clients stand out and aren’t confused with their competitors.

After all, even though Bredebot fakes thirty years of experience in identity and biometrics, it doesn’t really have such experience. I do. That’s why I’m the biometric product marketing expert.

So if you want me, not a bot, to polish your biometric product marketing sentences “until they shine,” let’s talk about how we can move forward.

Bredemarket can write your biometric company’s product marketing content.

Identity/Biometric Marketing Leaders: In Case You Missed It

If you’re an identity/biometric marketing leader who requires content, proposal, and analysis expertise from a biometric product marketing expert, make sure you read the following:

Who Can Write My Biometric Company’s Product Marketing Content? (I know someone.) https://bredemarket.com/2026/02/09/who-can-write-my-biometric-companys-product-marketing-content/
Three Reasons Why You Should Let Your Competitors Market Your Identity/Biometric Product. (They will be more than happy to do so.) https://bredemarket.com/2026/02/10/three-reasons-why-you-should-let-your-competitors-market-your-identity-biometric-product/
Why Identity/Biometric Prospects of Marketing and Writing Firms Benefit from Specificity. (When you cast a wide net, there are too many holes.) https://bredemarket.com/2026/02/11/why-identity-biometric-prospects-of-marketing-and-writing-firms-benefit-from-specificity/

It will be worth your while.

Landscape. Biometric product marketing expert.

What is the Difference Between “Bredemarket Identity Firm Services” and “Bredemarket”?

I’m putting myself in the shoes of someone reading stuff on LinkedIn or Facebook.

At one point, the reader may encounter a reference to “Bredemarket.”
At another point, the reader may encounter a reference to “Bredemarket Identity Firm Services.”

Are “Bredemarket” and “Bredemarket Identity Firm Services” two separate entities?

No.

They overlap.

“Bredemarket” is my actual company that provides marketing and writing services (content, proposals, analysis) to identity, biometric, technology, and general business firms in California’s Inland Empire and throughout the United States.
“Bredemarket Identity Firm Services” is the name of a LinkedIn showcase page (at the https://www.linkedin.com/showcase/bredemarket-identity-firm-services/ URL) and Facebook group (at the https://www.facebook.com/groups/bredemarketidentity URL) that focuses on my services to identity and biometric firms.

So if your specific interest is biometrics, or secure documents, or other identity factors, visit Bredemarket Identity Firm Services.

If your interests are more general (such as product marketing), visit Bredemarket.

Three Reasons Why You Should Let Your Competitors Market Your Identity/Biometric Product

Identity/biometric marketing leaders have a lot on their hands, and the last thing they need is more work. Even if you outsource your product marketing, you must manage the resources.

Rather than do this yourself, why not let your competitors do it?

If your competitors market your identity/biometric product…

One: You save money. Why spend hundreds or thousands of dollars on go-to-market or sales enablement materials? Let your competitors incur those costs.

Two: You save time. The best product marketing initiatives occur in a joint process between the marketing leader and the product marketing consultant. But this requires commitment on your part: in initial project definition, draft review, and final publication.

Three: You save trouble. If your product marketing content has an effective call to action, there is the danger that a prospect may act on it, creating more work for your sales organization.

You can save money, time, and trouble by your silence. Let your competitors bear the burden of defining your product to your prospects. They will be more than happy to do so.

In fact, you should strongly encourage your competitors to contact Bredemarket about their identity/biometric product marketing needs. Bredemarket will make your competitors spend money and stay busy during and after content creation.

Whatever you do, do NOT contract with Bredemarket yourself. Bredemarket has worked with clients on both a strategic and tactical basis to bring identity/biometric products to market, launch long-term campaigns, and bring visibility to client products and services.

Bredemarket can write your biometric company’s product marketing content.