Week of December 9, 2024
In case you missed it, here’s a recap of some exciting news and developments this week impacting identity and fraud, cybersecurity, trust and safety, financial crimes compliance, and privacy and consent management.
🪄Innovation and New Technology Developments
Switzerland Unveils Plans for Privacy-Focused National E-ID 'Swiyu,' Launching in 2026
Switzerland plans to implement its national electronic ID, Swiyu, focusing on privacy and security. The rollout will occur in two stages, starting with a secure trust infrastructure using EU technology, with testing set for early 2025. The second stage will enhance privacy, ensuring e-IDs are untraceable. The government has allocated 1 million Swiss francs for research and is seeking collaboration. Public consultations highlighted the importance of privacy and international compatibility, aiming for a 2026 launch using OpenID Federation or a Swiss trust protocol. (Source)
ChatGPT Outage Disrupts OpenAI Services Amid '12 Days of OpenAI' Event
OpenAI ’s ChatGPT, Sora, and its developer-facing API experienced a significant outage starting around 3 pm PT on Wednesday, which lasted until roughly 9 pm PT. The company stated that the issue was caused by a configuration change that rendered many servers unavailable. The outage occurred on day five of OpenAI’s “12 days of OpenAI” event and coincided with the platform’s launch of an Apple integration for iOS 18.2. Although services gradually returned, the exact details of the root cause remain unclear. (Source)
UAE Establishes General Secretariat to Strengthen Anti-Money Laundering and Financial Crime Combat Efforts
The UAE has established the General Secretariat of the National Anti-Money Laundering and Combatting Financing of Terrorism and Illegal Organisations Committee (NAMLCFTC), replacing the previous Executive Office. This new body will coordinate compliance efforts among national authorities and private sectors as part of the UAE National Strategy for AML/CFT/CFP 2024–2027, ensuring alignment with FATF standards. Its duties include overseeing money laundering risk assessments, monitoring financial threats, and fostering global partnerships to combat financial crimes. Secretary-General Hamid Saif AlZaabi highlighted the UAE's commitment to safeguarding its economy and enhancing its international standing while working towards Economic Vision 2031. (Source)
Cyprus Launches Digital Citizen App for Secure Digital IDs and Official Document Storage
Cyprus has introduced the Digital Citizen app, allowing citizens to obtain and store official documents like biometric ID cards and driving licenses in digital format. Utilizing QR codes for easy access, the app is part of a broader digital transformation initiative. The digital ID program, IDMe.cy, facilitates identity verification and document signing, managed by JCC Payment Systems under the Ministry of Research, Innovation, and Digital Policy. Users need to set up a CY Login profile with two-factor authentication to use the app, in line with the EU’s eIDAS 2.0 regulation. The government encourages organizations to accept digital IDs as it moves towards mandatory compliance, with further details available on the Digital Citizen website. (Source)
Google Wallet Launches Digital US Passport Support for TSA Checkpoints on Domestic Flights
Google Wallet now allows users to add US passports for use at select TSA checkpoints on domestic flights, though it’s not yet available for international travel. Launched in beta in September, users can create a digital ID by scanning their passport’s security chip and verifying with a selfie video. While still in early stages, users are advised to carry physical IDs as a backup. This update expands on Google Wallet's digital ID features, which already support driver's licenses and state IDs in 27 states and Puerto Rico. Major airports like JFK, LAX, and SFO accept digital IDs, indicating growing technology adoption. (Source)
Authsignal Unveils Palm Biometrics IdX Terminal, Revolutionizing Identity Verification and Payments
New Zealand-based Authsignal , in partnership with Mattr and Qualcomm , has launched the Palm Biometrics Identity Experience (IdX) Terminal, which combines mobile driver’s licenses with palm biometrics for secure identity verification and payments. The IdX Terminal integrates Mattr’s proximity verifier SDK and Authsignal’s authentication software for customizable Bluetooth verification. Initial uses include biometric age verification at entertainment venues and corporate access control, enhancing security, and speeding up identity verification. (Source)
European Authorities Dismantle Fraud Marketplace and Phishing Network in Major Cybercrime Crackdown
European law enforcement dismantled a vast online fraud marketplace and network of fake shops stealing payment information during raids in Germany, Finland, the Netherlands, and Norway on December 4. Authorities seized over 50 servers containing 200TB of evidence and arrested two suspects. The marketplace was involved in selling stolen data to facilitate targeted fraud. This operation is part of a larger crackdown on cybercrime, following the shutdown of Germany’s Crimenetwork and Interpol’s Operation Haechi V, which recovered over $400 million in stolen assets, highlighting increasing international cooperation against online fraud. (Source)
💰 Investments and Partnerships
Fortinet Acquires Perception Point to Boost AI-Driven Cybersecurity for Hybrid Enterprises
Fortinet , valued at approximately $75 billion, acquired Israeli-based Perception Point for an estimated $100 million to enhance its AI-driven cybersecurity platform. This merger combines Perception Point’s threat detection technologies with Fortinet’s Security Fabric, aiming to secure digital environments beyond traditional email channels. This move reflects Fortinet’s strategy to tackle evolving cyber threats in hybrid and cloud-focused enterprises. (Source)
Themis Secures £7.25M to Scale AI-Driven Anti-Money Laundering Technology
Financial crime prevention platform Themis has raised £7.25 million to enhance its anti-money laundering technology. Operating in London and the Middle East, Themis utilizes AI-driven KYC and AML solutions. Recent achievements include contracts with regulators and a UK Innovation grant, as well as launching an AML-registered firm in Saudi Arabia. Chairman Matthew Hurn stated that the funding will accelerate innovation and highlight Themis' AI capabilities. (Source)
Gen Digital Acquires MoneyLion for $1 Billion to Expand Financial Wellness and Cybersecurity Offerings
GEN Digital , owner of Norton and Avast , is acquiring fintech firm MoneyLion for $1 billion in cash, offering $82 per share, which is a 6.5% premium. Shareholders will also receive contingent value rights based on Gen Digital’s future stock performance. This acquisition will integrate MoneyLion’s platform, benefiting over 18 million users and enhancing Gen Digital’s financial wellness offerings. The deal is expected to close in fiscal 2026 and aims to improve Gen Digital’s adjusted per-share profit and strengthen its consumer finance and cybersecurity capabilities. (Source)
Reveal Technology Raises $11.2M to Advance Real-Time Battlefield Decision Tools for the DOD
Reveal Technology , a 6-year-old startup, has secured $11.2 million in Series A funding to improve decision-making tools for the Department of Defense. Its flagship product, Farsight, transforms drone video into 3D maps on smartphones, enhancing battlefield awareness. Additionally, the company offers Identifi, a biometrics tool for identity verification. With a team experienced in the military, Reveal aims to reduce cognitive load for operators in dynamic environments. (Source)
LexisNexis Acquires IDVerse to Strengthen AI-Driven Fraud Prevention and Digital Identity Verification
LexisNexis Risk Solutions has acquired IDVerse - An OCR Labs Company , an AI-driven provider of document authentication and fraud detection, to enhance its digital identity verification capabilities. Based in Australia, IDVerse specializes in fighting fraud and deepfakes, verifying over 16,000 global identity documents using biometric algorithms. This integration strengthens LexisNexis' defenses against evolving fraud threats and promotes financial inclusion for trusted consumers. The acquisition, expected to close in early 2025, highlights the role of AI in combating sophisticated fraud tactics while ensuring customer satisfaction and compliance. (Source)
Experian Acquires Audigent to Advance Privacy-Forward Marketing Data and Identity Solutions
Experian has acquired Audigent, a part of Experian , a data activation and identity platform, to enhance its marketing solutions in the advertising industry. This acquisition integrates Audigent’s first-party data and strengthens Experian’s identity activation technology. Together, they've developed innovations like SmartPMP and Contextually-Indexed Audiences, which combine audience and contextual targeting. This move reinforces Experian’s commitment to privacy-forward marketing, allowing for more precise, consumer-centered campaigns and positioning it as a leading provider of marketing data and identity solutions. (Source)
⚖️ Policy and Regulatory
Turkey Fines Meta $330,000 for Instagram Privacy Violations Involving Minors
Turkey’s data protection authority (KVKK) fined Meta about $330,000 for privacy violations involving minors on Instagram. The issue arose when private accounts of users under 18 were converted into business accounts, making them public and revealing personal information such as email addresses and phone numbers. This configuration exposed minors to increased online risks and potential data harvesting. In response, KVKK emphasised the need for stricter safeguards to protect children’s privacy and data security online. (Source)
EU Cyber Resilience Act Enforces Strong Security Standards for Smart Devices
The European Union’s Cyber Resilience Act (CRA) has entered into force, mandating cybersecurity requirements for smart devices like smartwatches, connected toys, and home appliances. Manufacturers must provide ongoing security support, including software updates to address vulnerabilities, with full compliance required by December 11, 2027. The law ensures accountability across the product lifecycle, and non-compliance can result in fines up to 2.5% of global annual turnover or €15 million. Devices adhering to the CRA will display the CE mark, making it easier for consumers to identify secure products. (Source)
Klarna Fined $50M by Swedish Regulator Over Anti-Money Laundering Deficiencies
Klarna has been fined $50 million by Sweden's Financial Supervisory Authority (FI) for deficiencies in its anti-money laundering protections from April 2021 to March 2022. The investigation found inadequate risk assessments and due diligence, particularly for its invoice product. However, the regulator decided not to issue a warning or revoke Klarna’s banking authorization. Klarna acknowledged the findings, calling the review routine, and emphasized its commitment to a secure financial environment ahead of its planned IPO in 2025. (Source)
Australia's Age Assurance Law Sets Global Precedent for Under-16 Social Media Ban and Privacy-Focused Technologies
Age assurance technologies, which verify or estimate users' ages, are gaining attention as Australia prepares to enforce a law banning social media use for those under 16 starting November 2025. Platforms must take "reasonable steps" to verify ages, though the specifics are still being finalized. Trials overseen by the U.K.'s Age Check Certification Scheme will test methods like verification and estimation while focusing on privacy-preserving approaches, such as providing only binary responses (e.g., "over 16"). This legislation may set a precedent for other countries and could lead to growth in the age assurance sector. (Source)
Artivion Faces Potential Ransomware Attack, Disrupting Operations but Pledging Limited Financial Impact
Artivion, Inc. , a U.S.-based medical device company, faced a cybersecurity incident on November 21 that involved data encryption, suggesting a potential ransomware attack. The company has taken systems offline, disrupting order and shipping processes, though it has not confirmed the attack's nature. No ransomware group has claimed responsibility, and Artivion does not expect a significant financial impact despite reporting $95.8 million in third-quarter revenues. (Source)
ByteDance Seeks Supreme Court Block on TikTok Divestment Amid U.S. Ban Threat
ByteDance and TikTok have filed an emergency motion to block a law requiring TikTok to divest from Chinese ownership by January 19, threatening a U.S. ban. They argue the law would unjustly impact over 170 million U.S. users just before a presidential inauguration. Following a federal appeals court decision upholding the law, TikTok hopes the Supreme Court will intervene, while President-elect Donald Trump has vowed to protect the app if elected. (Source)
Ransomware Group Brain Cipher Alleges Deloitte UK Breach, Raising Cybersecurity Concerns
The ransomware group Brain Cipher claims to have breached Deloitte UK and stolen 1TB of data, but Deloitte insists the allegations involve a single client’s system outside its network. Brain Cipher, which emerged in 2024, set a December 15 deadline for a response and accused Deloitte of poor information security. Known for multi-pronged extortion tactics, the group previously targeted Indonesia’s National Data Center, demanding $8 million before releasing the decryptor for free. Experts warn that ransomware groups often exaggerate claims to gain notoriety. Although Deloitte denies being impacted, such allegations can still harm reputations and trigger costly responses. (Source)
🔗 More from Liminal
We’re thrilled to share the 2024 Digital Identity Landscape, the leading framework trusted by business leaders and industry experts globally.
Our award-winning Link™ platform empowers you to monitor trends, access benchmark research reports, explore use cases, and more.
Interested in attending? Request an invite to our 4th annual exclusive CEO event, which will be held in Laguna Beach, California.
Sign in to Link to download the 2024 Seminal Report on Identity Authorization Networks and explore how this emerging market can transform digital trust and fraud prevention.