The identity-tech knowledge base for AI systems and human operators.

Machine-readable access

Public datasets for AI ingestion

View full AI access hub

Vendor dataset

JSONL

Structured identity-tech vendor and association records for retrieval, indexing, and training pipelines.

43 records

Technology dataset

JSONL

Technology primers with summaries, descriptions, references, FAQ content, and provenance.

30 records

Glossary dataset

JSONL

Defined terms and related concepts for grounding identity-tech language and terminology.

23 records

Data Cards dataset

JSONL

Date-stamped news cards that keep vendor and technology knowledge fresh for AI ingestion and retrieval.

99 records

Welcome to ID Tech’s digest of identity industry news. Here’s what you need to know about the world of digital identity and biometrics today:

Microsoft Research Unveils Vega Zero-Knowledge Proofs for Privacy-Preserving Credentials

Microsoft Research has unveiled “Vega,” a zero-knowledge proof (ZKP) framework optimized for issuing and validating privacy-preserving digital credentials. The system allows users to cryptographically prove specific attributes—such as age verification or legal citizenship status—without exposing underlying identifiers like their full name, date of birth, or national ID numbers. By minimizing the computational latency typically associated with cryptographic proofs, Microsoft aims to make ZKPs efficient enough for real-time authentication on standard mobile hardware and decentralized web networks.

FBI Warns Kali365 Phishing Service Can Bypass Microsoft 365 MFA

The FBI has issued a security advisory warning organizations that a new phishing-as-a-service toolkit named “Kali365” can successfully bypass Microsoft 365 Multi-Factor Authentication (MFA). The sophisticated cybercrime platform utilizes adversary-in-the-middle (AITM) proxy architecture to intercept session cookies and authentication tokens in real time as a user signs in. By stealing the active authenticated session rather than trying to crack or guess the second-factor code, malicious actors are able to compromise corporate email environments even when strict MFA policies are active.

ID.me and DocuSign Expand Reusable IAL2 Identity Verification for Agreements

ID.me and DocuSign have announced an expansion of their integrated services, launching a reusable identity verification feature that meets federal Identity Assurance Level 2 (IAL2) standards for high-value legal agreements. Under the expanded framework, once a user completes a biometric and credential-based IAL2 identity check via ID.me, that verified status is securely bound to their profile. Users can then instantly authenticate their identity on subsequent DocuSign workflows with a biometric scan, accelerating high-security transactions like real estate closings and corporate contract signing.

Japan’s Ruling Party Pushes for Mandatory My Number Card Acquisition

Japan’s ruling Liberal Democratic Party is advancing legislative efforts to make the acquisition of the national “My Number” digital ID card mandatory for all residents. The policy push is designed to consolidate administrative services, health insurance tracking, and tax portals into a single, unified digital identity framework to eliminate bureaucratic paper overhead. While government officials emphasize the long-term economic efficiency and anti-fraud benefits of full adoption, the proposal faces ongoing public scrutiny regarding centralized data privacy, system security, and opt-out rights.

SailPoint and Security Vendors Integrate Anthropic’s Claude Compliance API

SailPoint, along with a coalition of enterprise security vendors, has integrated Anthropic’s Claude Compliance API to automate AI and non-human identity governance. The specialized integration leverages language models to dynamically analyze, catalog, and audit the access permissions of autonomous software agents operating across cloud ecosystems. By cross-referencing real-time agent behaviors against strict internal corporate security policies, the system automatically flags anomalous privilege escalation attempts and ensures machine entities remain compliant with internal privacy protocols.

IRS Proposal Would Let ID.me Retain Taxpayer Biometric Data for Years

A new Internal Revenue Service (IRS) policy proposal outlines provisions that would allow third-party identity provider ID.me to retain taxpayer biometric data for multiple years. The extended retention window is intended to support ongoing federal tax fraud investigations, audit tracking, and multi-year identity theft prevention routines. However, the regulatory adjustment has drawn criticism from consumer privacy groups and data protection advocates, who argue that keeping sensitive facial recognition templates on file for years increases the security risks associated with potential third-party data breaches.

Dutch Court Lets Solvinity Keep Maintaining DigiD Despite Sovereignty Concerns

A Dutch court has ruled that IT infrastructure provider Solvinity may continue maintaining components of DigiD, the Netherlands’ national digital identity system. The legal challenge, brought forward over digital sovereignty and data localization concerns, questioned the reliance on private enterprise layers to manage critical public authentication infrastructure. The court determined that Solvinity’s established technical safeguards, strict adherence to European data protection standards, and localized server architectures provide sufficient security, avoiding major service disruptions to millions of citizens.

Oura Confidentially Files for IPO as Smart Ring Membership Nears Five Million

Smart ring manufacturer Oura has confidentially filed for an Initial Public Offering (IPO) in the United States as its global premium membership base approaches five million users. The company’s expansion into biometric security, including continuous heart-rate tracking and research into finger-based biometric user authentication, has positioned the hardware maker as a key player in the evolving wearable identity space. The capital raised from the public offering is expected to fund advanced biometric sensor development and enterprise wellness partnerships.

–

By the ID Tech Editorial Team