Cameron D'Ambrosi, Managing Director at Liminal
Steve Ritter, CTO at Mitek
Christopher Briggs, Head of Product at Mitek
Cameron D’Ambrosi [00:00:05] Welcome everyone to State of identity. I’m your host, Cameron Ambrosi, joining me this week. We have a dynamic duo, if you will, Steve Ritter, Chief Technology Officer at MiTek, and Chris Briggs, Head of Product at MiTek. Steve, Chris, welcome to the podcast.
Steve Ritter [00:00:22] Thanks, Cameron. Thanks for having me.
Christopher Briggs [00:00:23] Thanks so much.
Cameron D’Ambrosi [00:00:24] It’s my pleasure. So much to to dove into obviously for those who are not aware the acquisition of who you MiTektech fairly recently so excited to hear a little bit of that back story as well as you know where these synergies lie. Looking forward to the future of the digital identity space and obviously the tremendous opportunity that I think we all believe is present in the space. But before we do that, you know, they say past is Prolog, but I’d love to get a little bit of of your individual backgrounds and you know those on ramps if you will, that you took to get into the digital identity space. So Steve, I’ll start with you. You know, I know you have more than 25 years experience more broadly in the technology field. How did you end up as chief technology officer at MiTek?
Steve Ritter [00:01:18] Well, thanks for the question. And actually, a little more than 25 years not giving away my age. You know, I studied machine learning and computer science in college at university down here in San Diego. And pretty immediately after graduating got into the early days of cyber and was focused very heavily on developing security solutions for enterprise customers around web security gateways and email security and network security. Those types of technologies and and at the core of that has always been kind of this machine learning algorithm in the cloud or back in the day, you know, on the server side approach. So that’s been a very consistent thread. And recently I was with a startup by the name of a moment that really focused on the facial, biometric and facial analytics that was acquired by Apple. And after that I had an opportunity to move over to MiTek. So MiTek was really my first focused time in the identity space. And one thing that I will say is that coming from a cyber background, identity was always part of the conversation, but it was a later part of the conversation. And after the last six years here at MiTek, focusing predominantly on the identity space, I now see that identity is kind of the first conversation we should be having. And everything else around cyber and fraud and all of that is really kind of what comes after identity, in my opinion. So, so that’s how I got here. And I’m having a great time learning more about the space.
Cameron D’Ambrosi [00:03:01] And Chris, what about your self? What was that path that you followed into the digital identity space?
Christopher Briggs [00:03:08] So most of my career has really been focused around the confluence of technology and how consumers use that type of technology. Over the course of the last, say, 14 or so years, I spent quite a bit of time working with the bureaus and understanding both how to build software, as well as risk analysis scores, modeling those types of things, and its direct influence on the industry overall as it relates to identity and fraud. Now, working with those types of organizations, I realize, as Steve was mentioning, that he was looking at the broader picture of identity, that it was really a company like MiTek where I wanted to go to be able to expand based on the capabilities that not they have from a legacy perspective, not just what they have from a legacy perspective, but also moving forward. Some of the recent acquisitions of IBRD and also the WHO as now being part of that MiTek family and focusing on MiTek has really made it an exciting place to be and has a strong opportunity to be able to continue to grow in the space, leveraging some of the background that I have in the past.
Cameron D’Ambrosi [00:04:13] I love it. Well, you know, I think there’s no time like the present for anyone to to jump into digital identity. But I always think it is is kind of fun to see again, those kind of breadcrumb trails, if you will, that folks have have trickled behind them, kind of bringing those different facets of their experience to bear on this this shared societal problem we face around digital identity. Getting, I guess, more directly to the question at hand, which is the MiTek who you acquisition, Steve or Chris. I guess I’ll leave this fairly open. Would you mind just for for folks who maybe have been living under a rock slightly or certainly not getting the the liminal. Morning briefs where we cover acquisitions like this in detail. Tell us about the who you acquisition what it means for the platform and and you know why you think this made sense at this time.
Steve Ritter [00:05:10] Yeah, I’ll start with that. And Chris, you can feel free to add some stuff, I’d say in short. It’s to execute on our strategy. Right. And MiTek. As many of your listeners may know, we really have focused historically on document based identity verification. We added in a biometric signal and did facial comparison and liveness, but it’s essentially a kind of a document based approach, and that’s just part of the overall identity verification strategy that most of our customers employ. Right. There is different signals they use, and that was obvious to us and we wanted to provide more value. And at the same time, we wanted to make sure that we had a way to get our technology into the market as quickly as possible on behalf of our customers or our customers. Time to market was a really big driver here, and one of the things we really liked, not only about the KYC platform that who you had put together, but specifically the no code, low code approach that they have taken. And it really seems to resonate well with not only our existing customer base, but the customers that we plan on going after with this new asset. Who is a great product. Great team. But what I’d say, it really is just a manifestation of the MiTek strategy. And I’ll touch here on the idea R&D acquisition as well, because of course that was driven by our strategy, you know, having worked with IDEO R&D to kind of develop our approach on face liveness, which is absolutely required in the world of biometrics and identity verification. We just came to a understand that that technology was just fundamental to the solution, right? And we were not comfortable not owning it. And the idea and the team was absolutely fantastic, just worked very, very impressed with the knowledge and skill. So that acquisition made a lot of a lot of sense, but you can see how that built up. Cameron where, you know, we added in a company that provides key technology in facial biometrics also with a leadership in voice biometric that allows us to expand into that category and then add on kind of that KYC platform capability, bringing in all the other signals needed for a secure onboarding while being allowing MiTek to deliver much more quickly.
Cameron D’Ambrosi [00:07:35] So, you know, I think what’s so interesting about this moment in time in the digital identity space is we are, you know, one foot in the pool, if you will, of true digital identity, but one foot very much on the dry land of document based flows matching that is not done by an authoritative source like at the DMV. It sounds like, you know, my tax evasion is that we are maybe going to be in this no man’s land for for quite a while longer. And certainly, while you can help organizations position themselves to be ready for the, you know, adoption of of pure mobile driver’s licenses, verified credentials in whatever form they may take, you expect companies to still really need to be focusing on these core questions of, you know, are these documents that are being presented legitimate and is this a real face and not a spoofing attack for a decent amount of time into the future? Is that safe to say?
Steve Ritter [00:08:36] It is. Chris, why don’t you kind of jump in on this one?
Christopher Briggs [00:08:40] Yeah, absolutely. So if you look at my tax history and where we’ve come from today, we do, as you mentioned, have this very strong capability in the document space and the document verification space that, in fact, as you mentioned, is going to continue in the near future. There’s no doubt about it. The documents comprise a key vector in determining risk, particularly for an on boarding or some type of verification as part of a transaction that will continue for the near future, not just because in some jurisdictions they have a multiplicity of documents that are available for use. And in many cases, organizations and financial institutions specifically have to accept the number of those documents, and they won’t be replaced anytime soon. But because it is a signal, as Steven mentioned, a little bit early in conversation of many that will continue to be used as part of this KYC risk assessment process. So we’re moving on this continuum towards digital with one foot in the past, perhaps, but it’s more like parallel paths moving into the future around what we’re trying to do with one or more key capabilities that we have within my take, but more general in the marketplace to be able to measure risk as an individual as they go through that customer journey.
Cameron D’Ambrosi [00:09:57] Yeah, I think right anchoring back to the customer journey is a fantastic way to to keep this conversation going because I think in many ways you have a lot of platforms and companies that are missing the forest for the trees when it comes to digital identity. This is a cliché that my long time listeners will have heard me say over and over again, but it bears repeating, which is, you know, in our perspective, digital identity is not a what, it’s a how. Consumers don’t want a digital identity. They don’t want to do identity verification. They want to access financial services. They want to access online to offline platforms. They want to rent a car. They want to remit money. They want to board an airplane. They want to buy plane tickets, whatever they want to do. Digital identity is is not where they’re trying to be. It is the speed bump, you know, on the way to the beach vacation. And I think our role as an industry is to nail that speedbump down as low as possible to the point where most people don’t even feel it or, you know, ideally have it be motorized to the point where when the the bad guy tries to drive over it at 80 miles an hour, it turns into a brick wall. And when, you know, grandma is just trying to be on her merry way, she doesn’t, you know, even spill her coffee the slightest bit.
Steve Ritter [00:11:11] Absolutely. Absolutely. Agree with that, Cameron. You know, the consumer and what the consumer wants and what is driving the consumer is everything. That’s where we start with every discussion about new feature or capability that we might add into the portfolio of products that we have at MiTek. And it’s really our job, right, as the software vendors, the technology providers, the solution providers to take care of all of the security enhancing, privacy enhancing aspects. Maybe it’s decentralized technology using blockchain, maybe it’s not, but consumers just a don’t care and we shouldn’t rely on them to, hey, I’m going to pick the decentralized solution because that’s the safer one. No, we need to make sure that we provide convenient solutions that give them that access to these increasingly just required digital services. Right. These are critical services now across the world. And if people don’t have equal access to them and easy access to them, then there is a significant disadvantage. Right. And this is really one of the missions that internally at MiTek really drives a lot of the conversations and designs and planning that we do.
Christopher Briggs [00:12:27] Yeah, I like it and I like the analogy that you brought up with where you said basically it’s a speed bump in most people’s minds. And to this point, what we are trying to do is minimize that speed bump as much as possible. As a matter of fact, you said that how most consumers would rather not have to put a picture out there or a piece of paper out there that proves their identity. They just want whoever they’re working with to know that they are who they say they are and that they are deserving of what type of transaction. They’re not a big risk, that they’re very low risk. And it needs to be a very simple, easy to manage process and it needs to be inside of this customer journey because we’re bouncing off the customer journey that makes it very straightforward for them to understand and to be able to do. A lot of people when you get in the space are like, Well, why do I have to scan my driver’s license and why do I have to do this over here? It’s this process of making sure that it’s not only seamless but understandable to somebody, it’s logical, and that they really do get it and understand the reasons behind why they are sharing a specific piece of information at a specific point of time in their journey.
Cameron D’Ambrosi [00:13:33] So in thinking to the future, you know, over the course of the next year, what does that look like for MiTek and. How are you planning to continue evolving the platform in line with some of these shifts in consumer and industry expectations that we’ve talked about?
Steve Ritter [00:13:48] Yeah, so great question. And I’ll kind of tie back to a previous theme that we just had, which is, you know, physical identity documents. Aren’t they going away? At MiTek, we hope they do. Right? We actually see ourselves as a bridge to that digital identity future, and we want to help accelerate the world to that bridge. But when you think about it, Cameron, how are you going to verify the identity to issue that digital credential? Right. You’re going to start with something. So, you know, the current tech in the current world is going to have to play a big part in that. So.
Cameron D’Ambrosi [00:14:22] Steve, what do we have in store over the course of the next year for MiTek? How are you looking to kind of ingest these acquisitions? And how is this going to shape the product roadmap as we look to, you know, adapt to some of these market trends we’ve talked about in terms of both consumer and industry expectations around digital identity moving forward.
Steve Ritter [00:14:42] Great. That’s a that’s a big topic. I’ll focus on a couple key aspects of it. First and foremost, our Hulu acquisition, which we’re really excited about, is pretty much focused on UK and and getting into Germany right now in Europe, our number one priority is going to be bringing that technology here to the United States and Canada to service this North American market. And that’s going to be a lot of what you’re seeing and as well as integrating in, you know, the best of what mobile verify our ITV product as well as our idea and I.D., R&D, biometric, as well as what our I.D. R&D biometrics have to offer in that. The other aspect that we’re going to be focusing on is I mentioned earlier about the R&D acquisition. Not only did we pick up amazing capability with face, likeness and facial recognition, but we also acquired a company that has an expertize in voice, right. And voice liveness and voice recognition are going to be increasingly important as not only the you know, the digital future comes at us, but as these voice uses, start becoming more and more prevalent. So think Iot and how people are interacting with devices around them, being able to use that voice signal not only to recognize who the person is, but to determine whether or not there are live human right to combat the increasing threat of deepfake technology, etc. is going to be really important. So MiTek is focusing heavily on those two areas.
Cameron D’Ambrosi [00:16:19] Where. In terms of, you know, thinking about trust in identity, what role do we think trust has to play as we move forward? And, you know, I know that MiTek has historically really had a really strong market position with financial services. But I take it that with these acquisitions, you’re looking to continue challenging to win market share, kind of across use cases in digital identity, many of which, you know, going back to this point around trust are anchored not necessarily in financial transactions, but other transactions like, you know, face to face interactions that have been arranged via an online platform. You know, how do you continue seeing my tax value proposition evolving for these trust based use cases? And and is that a different mandate than, you know, a core financial services application, for example?
Christopher Briggs [00:17:15] So trust is a two way street when you think about the concept of trust, or you could even say it’s multifaceted. So you talk about trust from a consumer standpoint. They’re looking to make sure that they trust a financial institution, that they will be able to hold their money. And it’s secure and they’re not going to lose an identity over the process of of giving you information. Likewise, the financial institution is looking to establish trust with the consumer, to be able to better interact with them and provide the types of services that the consumer expects and create an ecosystem in which that consumer feels very safe. If you then talk about what that means in our world, in the might tech ecosystem, it basically is taking these properties that we had talked about the acquisitions and the core capabilities around those and melding those together in such a way that we create a trust framework. Now, you may ask, well, how do you build this trust framework? Well, the trust framework is a combination of not only I am who I say I am because I carry a driver’s license or a passport from a specific jurisdiction. But also I am who I say I am because there are certain attributes or characteristics or behaviors that I’ve exhibited in the past that would allow me to be able to demonstrate that I am trustworthy. And if you think about sort of a platform KYC view that we’re talking about from a sort of an orchestration perspective, bringing in all of those attributes or signals information about me as a consumer that then can be quickly amalgamated to be able to create a much more holistic view of the consumer in a transaction. Then using that as an approach, whether it is, whether it is, here’s my address, here’s my document, here’s voice, here’s liveness. And then combine that with something else that you might know about me, whether that is maybe a credit bureau report or other types of information that they can be melded together establishes a very, very high level of trust without a significant impact on the on the customer experience, the user experience. That road bump or road that you were talking about sort of whittling down over time becomes much easier because it’s much less friction with many more signals that actually allows you to establish trust by bringing all of these together to create this view of the consumer that then can be used by an organization not just once to onboard, but also over and over again from a verification and reverification perspective as well. And so the current condition of the industry, I liken it to sort of the wild west of the late 1800s. And this is the fact that there’s a lot going on in the space. There are a lot of individual players that are are looking to help organizations provide this trust around the consumers and vice versa. And these these signals that I’ve been talking about are really the trust signals that will allow you to be able to consolidate that view into an understanding of the consumer. And what does that actually mean over time? It means that this Wild West with sort of not as many government regulations, limited standards and specific spaces, but still not as much definition around the edges, it allows us to be able to create a framework that then can be leveraged across organizations by tech, can create the standard that organizations can use to define trust, not just with the document, but more broadly to sort of make sense out of the chaos that is this Wild West where you could be taking hundreds of thousands of different signals from different places and actually refining what those are, relatively speaking, to creating that definition of the good person versus one that perhaps may be a little bit more risky to to on board as part of your overall portfolio, if you’re, say, a big financial institution.
Cameron D’Ambrosi [00:21:24] So I love to ask folks to take out their magic crystal balls and and make some predictions. Thankfully, both of you confirmed that you are feeling especially clairvoyant this morning. In our our pre conversation warm up so Steve maybe I’ll kick it to you first would love to hear your crystal ball predictions for what we can expect to see over the coming years in digital identity. You know, macro micro trends wherever you see fit to prognosticate.
Steve Ritter [00:21:56] Sure. I think one of the big ones that we’re seeing right now that will continue into the future is. Well, let me step back a little bit. You know, some of the signals that we use to verify identities. Right. Especially biometric signals. There’s a an unfortunate overlap with these conversations around surveillance. Right. So when you think about using a facial biometric or a voice biometric or really any biometric for the purposes of identity verification. Authentication. A lot of consumers get concerned because, of course, that’s just, you know, a hop, skip and a jump away from some form of surveillance. Right. And we see companies out there today that are using this powerful technology in ways that maybe we don’t think is quite as ethical as we’d like it to be. Cameron Right. So I think one of that one of the challenges I see is if we don’t provide that kind of those ethical guidelines and frameworks for how this technology can be used in a positive sense without, you know, with while reducing that risk that the technologies used for the negative case. Hey, I want the convenience of being able to access these digital services. If I can just show my face to get access to them, that’s super convenient. But if all of a sudden that facial biometric is now being used by that company to market to me or to report to my government about me or something like that, that’s really challenging, right? So I see that sort of as a risk for our current state that we as solution providers really need to focus on. And one of the big themes from your liminal conference that we recently attended was this idea of collaboration not just among the industry participants, but between industry and governments. So I think from a crystal ball perspective, that’s going to be where we have to go in the near future. We have to work more closely as an industry to make sure that we can provide that level of trust for the consumers. And we’re going to have to partner up with our governments to make sure that the governments are providing the right frameworks and giving us the right opportunities to kind of reach the levels of security and convenience that we want to reach.
Christopher Briggs [00:24:08] And if you take that one step further. That’s a good point, Steve. You take that one step further. I think we can all agree that the state of the industry is changing almost every single day. Every day you wake up and you hear something new about a different type of regulation, whether it’s in the United States or in Europe or in other jurisdictions. And it’s this constant state of change that, at least in the short term, I would say, over the next to even perhaps five years, is going to be rapidly advancing in specific directions. Part of it will be due to government regulation and collaboration. Part of it will be changes in the industry to technology and how technology is going to be used. Ultimately, I see it all as a big sort of continuum of risk assessment fraud, as a component of risk, as part of an overall strategy that many organizations are going to be using within their within their sort of profiling of specific consumers that they work with and may give a loan to or those types of things. But at the same time, they’re having to deal with new concepts and new capabilities that are also emerging as people continue to look at privacy by design and perceived, to your point, thinking about how do you maintain sort of this ethical capability at the same time you’re adhering to privacy, at the same time you’re trying to create this secure, frictionless experience for the consumer. It’s going to remain in a very severe juxtaposition for a relatively long period of time. So it’s going to be a bit of a balancing act as to who has the best capabilities to be able to smooth out those different of the paradox of where we are today versus where we’re going in the future. And bets are off in many cases as to how regulations may involve, particularly over the next five years versus the next two years, and how those will actually impact some of the changes in the industry as well. But we do know that it’s likely to become more regulated rather than less regulated.
Cameron D’Ambrosi [00:26:12] I love it. I love everything you’re laying down. And I think we’re, you know. We’re in the mood. You know, I’m maybe I’ll lay down a marker here. Like, I think we’ve been in the early, early innings for the past few years. I think COVID maybe marked an inflection point of of us kind of getting to this these middle innings of identity, which are, you know, not the biggest baseball fan, but, you know, kind of make or break time for the game. Right. You can either blow the game wide open or or give up a whole lot of runs and and make those closing innings really challenging for yourself. So I think we are poised for some significant breakthroughs both here in the U.S. as well as globally around digital identity. And it’s always so great to to have minds like yourself who are kind of out there in the trenches shaping that future. On with me, before we do wrap here to bring us on home opportunity for a shameless plug. You know, for folks who are interested in getting in touch with the MiTek team to learn more about MiTek about who you about R&D, what is the best place for them to go? Who should they get in touch with? How should they reach out?
Steve Ritter [00:27:24] So I’ll I’ll start in there. And first off, you know, welcome to reach out to me. I’m sure Chris is happy to have people reach out to them as well. Our contacts will be there. Maybe we can provide LinkedIn contacts as well. Cameron Happy to do that. And after this, we can make sure that you’re armed with kind of maybe some of the more formal ways to engage with with MiTek because I’m not a sales guy, neither is Chris. Right. Fortunately, we get to focus on on the solutions. But what I would say as a shameless plug is, you know, MiTek has spent over 20 years establishing its its brand and its recognition of of being able to work with the largest banks in the world. Right. And we currently in the U.S. have over 6500 banks and financial institutions that are using our solutions, whether it’s on the deposit side, on the fraud side, or now on the identity side. And so we’ve had a kind of a look inside how the larger organizations are thinking. And as you said, with the who you acquisition, we’re absolutely now going to be able to target, you know, maybe smaller parts of the market or, you know, those those other customers that maybe don’t have all the same needs or all the same resources, more importantly, as the big banks. So the shameless plug is, you know, whatever your need is in the area of identity or biometrics or delivering full KYC platforms. Talk to MiTek. We, we, we absolutely love the mission that we’re on to provide the safe environment for people. And are open to even just, you know, exploratory conversations.
Christopher Briggs [00:29:06] Love it.
Cameron D’Ambrosi [00:29:07] Definitely. Check out the show notes below for those links. We can include both Steve and Chris’s LinkedIn profiles for you to reach out. They will tell me if anyone reaches out and says anything rude, so please be nice. And we’ll also include some links to the MiTek website below as well. Chris. Steve, thank you so much for your time. Greatly, greatly appreciate it. And congratulations on all the success.
Steve Ritter [00:29:36] Thank you.
Christopher Briggs [00:29:37] Thanks so much.
In the latest State of Identity podcast, hosted by Cameron D’Ambrosi, we’re joined by Laura Spiekerman, co-founder and president of Alloy, a global identity risk solution for financial services and a Liminal 2023 Company to Watch. We’ll discuss its pioneering role in the orchestration-centric approach to Digital Identity in Fintech. Spiekerman delves into the challenges Alloy addresses in the fintech space, where compliance and fraud often hinder innovation. Join us to explore the evolving landscape of digital identity in Fintech, trends in fraud prevention, and the critical intersection of customer experience and security.
In the latest episode of the State of Identity podcast series, we delve into the ever-evolving world of customer identity and access management (CIAM). Join host Cameron D’Ambrosi from Liminal as he sits down with Brian Pontarelli, the founder and CEO of FusionAuth, to explore the exciting developments and challenges in the realm of passwordless authentication, user data management, and the quest for seamless transitions in the digital landscape. Bryan shares his expertise and unique perspective, shedding light on the fascinating journey of FusionAuth and its pivotal role in this dynamic landscape. Tune in for a thought-provoking discussion that promises to expand your understanding of CIAM and its critical role in the modern enterprise.
Tune in to the latest episode of the State of Identity podcast series, where Data Security expert Shane Curran, Founder and CEO of Evervault, dives deep with host Cameron D’Ambrosi into the intricacies of data security. Discover why basic encryption methods aren’t enough, understand innovative data security strategies that ensure functionality, learn how encryption safeguards AI model training without compromising customer data, and grasp the significance of prioritizing current cybersecurity threats over quantum computing concerns.
In the latest episode of the State of Identity podcast, host Cameron D’Ambrosi is joined by Gadalia Montoya Weinberg O’Bryan, an ex-NSA crypto mathematician and the Founder and CEO of Dapple Security. Learn about Gadalia’s remarkable journey from the National Security Agency to the forefront of identity-focused cybersecurity. Learn about the limitations of current passwordless approaches, particularly in scenarios involving lost or stolen devices, and delve into the crucial distinction between authenticating the user behind the device rather than the device itself. Gadalia introduces Dapple Security’s unique solution, which involves generating an on-demand passkey using a user’s fingerprint—emphasizing the company’s commitment to user privacy by avoiding the storage of biometrics on the device or in the cloud—and how this approach is a key element in enhancing overall security posture.
In this episode of the State of Identity podcast, host Cameron D’Ambrosi talks with Eric Olden, the co-founder and CEO of Strata Identity. Join us as they discuss the challenges faced by today’s multi-vendor/multi-cloud enterprise technology landscape and how forward-looking executives view identity as an opportunity, not a cost center. They also delve into the importance of moving towards passwordless authentication and the role of identity orchestration in addressing these challenges.
In this episode of the State of Identity podcast, Liminal host Cameron D’Ambrosi and Justin McCarthy, the co-founder and CTO of StrongDM explore the dynamic landscape of digital identity and access management, addressing the challenges and trends that shape the industry. They talk about what it means to move towards a “credential-less” world and discuss the complexities of authentication, authorization, and the role of proxies in bridging old and new technologies. McCarthy highlights the imperative for convergence among various tools, including the essential role of AI, providing a unified approach to access control, governance, and policy enforcement.