The Authentication Game

Episode 274

State of Identity Podcast


Episode 274

The Authentication Game

Is “better digital identity already in your pocket?” On this week’s State of Identity podcast, host Cameron D’Ambrosi asks Prove Co-founder and CEO Rodger Desai how the company is leveraging mobile signals and the largest and most accurate network of reusable identity credentials to help companies redefine business identity processes as revenue drivers instead of cost centers. We’ll explore how reusable identity is changing the authentication game and how technology advancements such as 5G and the metaverse are spurring the need for mobile-powered tech that secures identity while also driving seamless experiences.


Cameron D'Ambrosi, Managing Director at Liminal


Rodger Desai, Co-Founder & CEO at Prove


Share this episode:

Cameron D’Ambrosi [00:00:03] Welcome everyone to State of Identity. I’m your host, Cameron D’Ambrosi. Joining me this week is Roger Desai, CEO of Prove and I believe now eligible as a three time State of Identity guest challenge coin recipient. Roger, welcome back.


Rodger Desai [00:00:20] Thank you, Cameron. Always a pleasure.


Cameron D’Ambrosi [00:00:23] Disappointed we weren’t able to do this in person as we’ve historically done, but. It sounds like we we have some fun social items on the agenda. Finally, you know, getting the band back together for some drinks and other fun things. So excited for, for maybe our fourth instance to to be back in person again.


Rodger Desai [00:00:43] Absolutely.


Cameron D’Ambrosi [00:00:44] For our listeners who were unfortunate enough to maybe not have listened to any of our previous conversations or maybe new to, you know, knowing prove or or knowing you personally, would you mind just giving a little bit of a background as to your career path through this very exciting and amorphous digital identity landscape, as we often say? I know you’ve kind of worn a bunch of different hats in the space, and I think many of those previous experiences really formed, you know, where you saw the market opportunity for digital identity and and helped you kind of understand what you wanted prove to be. So would you mind walking us through a little bit of that career background?


Rodger Desai [00:01:26] Yeah, absolutely. So, you know, I think a lot of great innovation comes from when you take some something that works in one industry and bring it to another. Since I have a long history in mobile technology and mobile phones. With various start ups that I’ve done. You know, like from a phone world perspective, things are, you know, things operate in a very different way than they operate on the Web. So making a phone call is pretty easy. You can take your phone anywhere in the world and it just works. We take for granted that it’s very simple, so there’s no friction in making the call, but it’s also secure and it’s private in the sense that the phone company, if you’re traveling in the world, doesn’t know who you are or have your name or Social Security number insecure in the sense that there’s one tiny bit of corruption involved in how the call is placed and billed. And, of course, as we all know, as consumers, our experiences on the Web are anything but that. There’s always a tradeoff between making things frictionless and easy and security and even privacy. It’s almost like you can’t have you can’t have one without making a trade off with the others. And so we’ve been passionate about trying to bring some of the ways of thinking and methodologies to the phone world and bring it to the Web. You know, as we know, the Internet wasn’t designed with identity or security in mind. And so it’s kind of missing in the plumbing. And therefore, we have all the issues we read about, you know, whether it’s cyber war or e-voting or anything that requires making sure people are who they claim to be, that not working properly makes all the opportunities and the vast potential of digital. It just it’s a major headwind to that. And so we approve think that we can bring a lot of the things that have a lot of the problems in our view have been solved. They’re just not, you know, fully distributed and the Web folks aren’t fully aware of them. So that’s our kind of mission to take things that kind of already work in other industries, bring them to the Web to solve these fundamental problems with the Web.


Cameron D’Ambrosi [00:03:30] I love that. And I think, you know, to this day, we have maybe not seen any other industries achieve that level of, you know, true interoperability that the mobile telcos have been able to achieve. I think that’s in no small part to, you know, the efforts of the the GSA and some of those collaborative bodies that have really been able to forge, you know, true international standards for the telecommunications industry, something in many ways that the digital identity space has lacked, at least internationally. And, you know, in many cases, the market opportunity that we seized on when we founded, you know, what was One World identity and and what is now liminal. So in in violent agreement with you there. So getting into prove more directly, you know, talk us through what you built in and where you are I guess at a 50,000 foot level. And then would love to kind of dove in with a bit more detail for folks who maybe are not as familiar with the platform and some of those capabilities and how they’ve evolved over time.


Rodger Desai [00:04:36] Yeah, absolutely. So I think one thing maybe to start with is I think there’s kind of the notion people have about prove that we’re about phone numbers and phones. And and while that’s true. The real. Value behind the scenes is that phone numbers are connected to SIM card, which are cryptographic keys. And if you look at, you know, Nest and other kind of standards bodies that like how they point to a better place in terms of security is to move to these kind of cryptographic keys that they their yubikey is which have tons of benefit. But of course you have to have them with you. And the what if you lose them? And there’s all sorts of problems with that. But ultimately, in our view, it’s tying identity like in a real world identity to a key and kind of making that bind position, that bind. Like that’s the real challenge. Like if every adult in the world was kind of bound to these digital cryptographic keys, then, you know, we could bring a lot of the benefits of digital two to bear. And the question is like, well, you know, where do you start? Well, phone numbers are a good place to start. It doesn’t mean that, you know, ten years from now, the phone number may not even exist. Let’s say it’s really just about the notion of using what’s available today, which are, you know, SIM cards, but then moving to it, whether it’s Fido or other types of keys that are becoming available. And instead of having a keychain associated with folks that gets into the guts of what we do underneath the hood. Ultimately, you know, as our clients, whether they be banks or crypto firms or fintechs or health care like they that’s a lot of technology for them to understand. The benefit of what we’ve built is we built an asset that essentially is so good at proving if people are who they claim to be in a passive, secure, private way, that in one bank’s case, they’re down to three basis points of fraud. And so ultimately, I think the the thing that everyone aspires for in the business community is, well, how do I get the highest pass rate meaning for every hundred people that apply and open an account or log in or change their password, whatever it may be. For every hundred, how do I get make like 98 of them not go through any friction. And at the same time, do so in a way that you thwart the fraudsters. So, like, in some way, the best way to put that is who wouldn’t want the highest pass rate, you know, with the lowest fraud at potentially the lowest cost? And I think that’s what proof can do. Prove, we think, is the most accurate way to make a decision on a transaction in digital that we think exists in the world. And the basis of that is we’ve moved beyond the traditional approach of looking at what we would often call risk based authentication or like observing things, for example, like camera never buys things at four in the morning, so maybe the transaction should be respected or, you know, Cam would buy ten flat screens in a row in 10 minutes. You know, that’s weird behavior. So let’s inspect that more closely. That stuff works in terms of looking at behavior and velocity. The problem with it is it’s not very accurate like maybe Cameron did, but hope that screens because he’s having an event for a lower limit. So there’s a lot of false positives or false negatives of just trying to look at behavior. And often, you know, businesses don’t even interact with their customers enough to get a sense of their normal behavior, like an average merchant may see their customer once a year. You know, Amazon has the luxury of seeing you, let’s say, 36 times a year, but, you know, the merchant one time of year. So they don’t really know what, you know, the real camera and how you know, how he behaves. And what prove has done has gone beyond risk based authentication or like behavioral analysis to authentication. Like I know that this transaction took place because this key, this cryptographic key was present during the transaction, you know, whether that be a SIM card, a photocopy, whatever it may be, and that just takes it to another level. Maybe an analogy would be like if you’re making a phone call at four in the morning and well, Cameron never calls people for in the morning. The phone company wouldn’t say like, well, I’m going to let this call go through, you know, because behaviorally it looks weird like they have cryptographic truth that your phone made that call and they just let it go through. So in general, I think what Prouve has done is created an asset based on machine learning, based on a network of reusable identities that ultimately we think can get the highest pass rate with the least amount of fraud, potentially down to three basis points, like one tier one bank is achieving it all because we have the ability to to go beyond a behavioral assessment to something deterministic. And ultimately that that has the benefits I think everyone’s looking for, which is extremely high pass rates with low friction and, you know, the ability to thwart the bad stuff down to three basis points. So that’s that’s the asset that that prove is built in wants to make a global standard.


Cameron D’Ambrosi [00:09:42] I think there’s a lot to unpack there. You know, tier point around that forum phone call analogy. In some ways, you could argue that, you know, there is a kind of a long tail of both potential, you know, fraud for those interactions, but also a critical, urgent need. Right. Like if I’m making a phone call at 4 a.m., that quite frankly, probably means something is like really gone wrong. And I’m in dire need of of completing this phone call because, like, you know, I’m calling the hospital because my kid is sick or something like that. So in many regards, you know, while you. Be identifying, you know, risky transactions in some cases. This is your your customers ultimate time of need. They really would like to complete this transaction now. And that additional friction might be, you know, results in a relationship extinction level event, you might say.


Rodger Desai [00:10:35] Exactly. That’s well. Like in actually by looking at just behavior and compare it to past behavior, you could be stopping something that’s critical versus catching a fraudulent transaction.


Cameron D’Ambrosi [00:10:49] Or in the other sense like a lot of the the transactions that might be relationship changing transactions. You know I I don’t know I can finally afford to buy the $20,000 watch that I want to buy. And I’m really excited to do it. And you stepping in and calling me a fraudster might might sour me in what otherwise would be extremely exciting for me. And sometimes these divergent events are, you know, in some cases, harbingers of my ability to up level my relationship with a platform. You know, I know you did anchor on fraud, but I think what’s most interesting about where we see the space going is moving, you know, product managers and buyers of these solutions in some cases away from a fraud centric mindset. Not that fraud doesn’t matter. Not that stopping fraudsters is unimportant. But that growth metrics Trump fraud in many cases. And, you know, I think when you look at what are the true existential threats that many potential customers in this space are facing, fraud would not be the top of the list. What I would put on the top of the list is young, nimble startups looking to steal your customer base primarily through a superior user user experience, oftentimes driven by extremely low friction. Now, I think some people would make the argument, well, you know, those competitors are only able to offer that experience by cutting corners and maybe taking on greater risk. But to the degree you’re an incumbent platform that doesn’t, you know that that should make me feel any better about losing my customer. To them, it means, you know. The price of poker, as it were, has gone up and we need to react. And I think figuring out a way to not focus on identifying bad actors, but flip that script around, identifying good actors and waving them through the VIP entrance, as opposed to putting everybody in line and inspecting everyone’s ID with a black light, you know, to catch the two people in line that have fake IDs.


Rodger Desai [00:12:54] Yeah. Complete. Well, put it, fraud. I think we created an industry where people, vendors sell based on the fear of fraud and trying to scare folks versus exactly what you said, which is, look, in our view, if you look at card president, accept and trace, 98% of car present transactions are legitimate. It’s kind of true, I think, for all transactions. And if the humans behind the transaction 90% of time, it’s like legitimate, you know, but if you look at the, you know, like the notion of accepting trade or pass rate, you know, across industries, across use cases, it’s nowhere near 98%. You know, maybe it’s 60%. You know, I mean, 40% of the transactions, whether consumers realize it or not, have some kind of intervention going on just to kind of prove, you know, would put the black lie, essentially. So, yeah, how do we move to a world where it’s waving folks through with the confidence and help? It does come down to confidence. But this stuff is is so pervasive that we don’t I think people realize it. So if you you know, if you’re one bank’s best customer ever and you have high like levels and limits on what you can do your pictures in their cafeteria, then you open an account at another bank, you start over like, you know, like your levels of limits will be very low. And if you ask like, hey, I, what can I take out? What can I take out more three, two bucks out of they have like, oh, no, we’re a year off now. Yeah. You can take out more. Well, let’s just let’s that really comes down to that choice. So you get like, even though you open the account, like, well, maybe there is in Cameron. So the confidence to do more in digital is with what’s at stake. And I think that in a world where whether it’s COVID and the impact of COVID cyberwar and, you know, crypto, those things that are affecting the ability to the need to trust more quickly is really what’s at stake in all separate, you know, brands to figure this out versus brands adult example like hey normally Cameron doesn’t like, you know, who is logging into the liminal, you know, corporate systems. Well, he doesn’t usually do that from Mexico. And therefore, this must be a cyber attack. Well, but because of COVID, I mean, you can’t predict where people are going to be, you know, logging in from I mean, it’s a completely different world. People are everywhere now. I mean, we’ve seen that approved like, you know, more than half of people not in any of our offices anymore. So, you know, that’s like suddenly behavior is not a great assessment tool for that. For crypto, it’s not unusual for someone for their first transaction, a coinbase to be extremely risky, but yet legitimate like buy $5,000 of Etherium, you know, to a bank. It’s like, whoa, come to the branch, right? Coinbase doesn’t have a branch. So, you know, how do you get that trust more quickly or in the case of. You know, opening on a new account, like, why should I wait a year? Like, maybe, you know, how do you give businesses the confidence to do higher risk things more quickly in a relationship without friction? And again, the ones to figure that out are going to are going to grab the market share. Because we all talk about this. We talk about the brands that we have great experiences with and we talk about the brands that we have incredibly frustrating experiences with. And that’s the difference.


Cameron D’Ambrosi [00:16:17] Yeah. And I think that, again, talking about that price of poker as it were, going up, you know, from a from an industry perspective, I think it’s really easy to pigeonhole yourself and start thinking about, okay, well, how do I stack up against my peers? How do I stack up against kind of the fast follower, you know, fintechs or whatever? And really only be benchmarking yourself against those clear competitors that you identify. Well, that is not how consumers think, right? Consumers, they don’t understand the nuances behind the scenes, regulatory or otherwise, that differ between, I don’t know, applying for a credit card online versus signing up for a new ride sharing platform or something like that. Right. You are going to be held to the standard of the best mobile UX that your customers encounter in their day. Not just your peers. Consumers understand what a good ukces do. You know they’re working with some of the best in the world, like Apple, right? You know, I applied for the Apple card recently and it was unbelievably low friction. Now, I obviously understand that not all flows can be that low friction in some regards and and the nuances and complication that goes into utterly simplifying that. But to the average consumer, you know, they’re going to leave that experience and then think the next time they see a crappy flow while this stinks, like, why can’t you guys match up with this other experience that I had? So I think we are going to see a flattening of expectations across industries, and the winners and losers are not just being measured against who is best in class for your vertical, but what is the best possible UX that exists out of any application.


Rodger Desai [00:18:01] Yeah, well said Cameron. I think that’s exactly right. And Apple is one to watch. I mean. Well, if you just look at the announcements in the last few days, you know, the vertical integration that they’re doing, where in their view, like we’re all consumers and we’re all merchants and the entire stack is seamless. The integrated is should be a warning sign for all the incumbents that are paying, you know, a piece of the stack versus owning the stack and creating that amazing experience that everyone will expect, like all consumers that you just had will expect. Like every other brand to have. It’s going to be I mean, that kind of race is on. And I think there’s lots of folks who don’t realize that that’s that like. Like things will be very different a few years as these experiences become the norm that consumers expect.


Cameron D’Ambrosi [00:18:55] So in terms of your, I think, unique differentiators among some of your peers, we talked about risk based authentication. You know, prove has this model that you call pro. Can you unpack a little bit about why you feel that you have the right to win in what is an increasingly competitive space?


Rodger Desai [00:19:17] Yeah. I think again it comes with the mindset that this marketed like you can Google identity and the application and you find a thousand companies and they all basically say the same thing and there’s a lot of great companies. I mean, I think some of the smartest folks are working on this problem of identity. And so there’s many, many amazing companies. I think then the next question is like, what’s the, you know, the McKinsey two by two matrix that you can kind of compare them like, what’s the right way to compare these folks? And I think it really comes down to is how accurate you can be on an assessment. You know, when the target and the Home Depot breach has happened, you know, people that not in the security industry said, well, don’t they have any security? Wasn’t there kind of an alert? I mean, these companies have thousands of alerts every day. And if you I’m sure the day that those breaches happened, happened, there was thousands of alerts and it just becomes spam after a while, like everything is an alert and everything looks risky and everything. And you can’t like, you know, the best said, as I said, the best way to stop all the the bad is to close the bank or close the store which you know officials argument but but it kind of illustrates the point of like how can you. I have precision on making an assessment, you know, with the lowest cost you can get it to so that businesses can, you know, say, wave through the VIP folks, which is 90% folks and kind of thwart the bad. In our view. So pro is a methodology. It’s like what we do underneath the hood is we basically tie people to these keys and and it’s kind of like a network effectively. So instead of like a payment network, the Visa MasterCard would have the payment credentials. We have an identity network and those identities are essentially people tied to these keys. Once you do that with precision, when these folks show up, it’s easy to authenticate them. They authenticate that they’re there. So if I show up at a merchant and they run, prove, it’s like, okay, well, this person is saying they’re Cameron and it’s Cameron’s key that is there. Therefore. I’m proving the possession that he has a key, the reputation of the key, and that the fact that Cameron owns a key. That’s the pro pro. When you do that assessment, again, I’m sure there’s many, many great systems out in the world that can kind of get to an accurate assessment. But what our clients are telling us is where we’re like, if you use us as prescribed versus picking and choosing parts of approve, you will get to these amazing outcomes like, you know, the bank reference before they’ll make over $1,000,000,000 in incremental revenue this year because of us. And that shows you the amount of friction we’re reducing, you know, that would otherwise be abandoned or declined or, you know, the stuff the friction causes at an amazing, you know, three basis points of fraud. So meeting our assessments and saying, you know, wave them through wave them through waves and through without friction is unparalleled. And I think that’s I think that’s probably the best measure in the of like how can you stack rank, you know, McKinsey style different decision engines. We again add authentication to identity with these keys, which makes for an accurate a more accurate assessment. And I think that’s what differentiates us. And it’s I guess the proof is in the pudding with these with our clients telling us about these results.


Cameron D’Ambrosi [00:22:56] Yeah. I mean, the proof is usually in the pudding. I don’t know where that expression came from, but I do I do enjoy both savory and sweet puddings, especially if they come with with a side of digital identity in terms of. Your touchpoints with the broader mobile ecosystem. You know, I think my understanding of your solution has evolved over time. I think helping folks understand, you know, where your reliance on mobile network operators is and and how you are kind of moving beyond that relationship to provide a more holistic view of these identities in your network would be super helpful. Can you talk a little bit about that evolution of the platform and and how you have expanded and kind of evolved your relationship with both mobile network operators as well as other data sets that you rely on to kind of establish and forge these identities over time.


Rodger Desai [00:23:55] Okay. Yeah. So there’s definitely like it’s a very complex ecosystem and we try to do a good job of, of explaining. The role of a mobile operator and our reliance on them. So the first thing I suppose is that whether I guess we realize it or not, all the one time passcodes that are sent via SMS know they used to be sent by email, then missed said. That’s probably not a good idea because email isn’t just about what they would call a hardware route of trust. When you send a one time passcode to a phone number, what’s really happening is you’re you’re really trying to take advantage of the hardware route of trust of the SIM card because that’s one point a bit encryption and that’s why there’s so much OTP everywhere, whether it’s with your bank or merchant, whatever it may be globally. Like OTP is such a heavily relied upon factor authentication because well, if I know this is Cameron’s phone and I know I said this code to that phone, then I’m taking advantage of the encryption, that SIM card, that that’s why it’s so powerful. Now, of course, the problem with that is that, you know, Ottps are not passive. They’re they’re what folks would call active, meaning, you know, you can social engineer them and there’s lots and lots of ways to sort of engineer them. There’s things called sim swaps. There’s fishing, there’s all sorts of techniques. So that’s why there’s such a like a a movement now to say, well, what’s what does the world b.a.p look like and prove? I mean, there are there are ways in which you can make Ottps passive by working with the phone company. So we have deals with the phone companies in the U.S. and Canada, all over Europe, Asia. Because, you know, you can kind of touch that SIM card with the operator’s help without sending it OTP. But in fact, they’re trying to do the same thing in OTP and kind of a similar indication via the phone company. In fact, they’re trying to do the same thing, which is reach that high road or trust the. So that’s like kind of what their role is. If the phone companies didn’t exist, if they didn’t offer this capability, our business wouldn’t change at all. I think our our revenues from a reliance on phone company standpoint is less than 10%. So if folks that want to say, hey, look, I really want to move away from OTP from a like sending an SMS standpoint and I’m not ready to get to Fido and Fido to web often, which is we think around the corner, you know, that can be could be an interim step is to leverage, you know, the operators to do an authentication. So to us, it’s a nice to have. If you if you didn’t have them. There’s other ways to authenticate that we offer. You know, we acquired a company last year that looks at, you know, how you move around on your phone, how you how you walk like your gait. So there’s other authenticators that are available that we that we enjoy and kind of bring to our customers. That to me, the best way look at it is nest. Nest is an amazing framework. It doesn’t really take into account. Friction or cost. So lots of folks don’t use list as prescribed. However, it gives you a great framework of knowing, you know, levels of assurance. And so that’s the same kind of thing that we approve use. So way to think about that is when we tie an identity to a key. That could be a low level of assurance because we’re not quite sure that that’s Cameron’s key. Maybe it’s Cameron’s wife’s key. But as we do authentication events, our machine learning advances are assurance levels. So today, maybe like in the U.S., for 90% of the adults in the U.S., we have tied people to Keys, which is why we have such great coverage and efficacy. But for a long time, maybe that was 50%. And as we do more and more transactions, we get closer to, you know, amazing coverage. And we’re doing that in apes and then going to 30 countries around the world. So the way in which we do that, like how you got higher assurance levels, the mobile operators can help like expedite that because they can do a silent authentication. They’re not the only way to do that. In fact, you look at the new standard. They don’t ever talk about mobile operators. They just talk about ways in which you can kind of get to higher assurance levels. And there’s several pathways to do that. So in summary, I’d say like what our vision is that is that there is a identity credential for every adult on the planet that they control, and that credential has a really high assurance level. So we’re very confident that these are these people who are they claim to be. And the way to get those to that kind of data set is a variety of paths. The phone companies are one of those paths. So in some countries the phone companies will be very supportive and you can get there quicker than other countries. The phone companies don’t think it’s worth their time or money, and then there’s other pathways to get the high assurance levels. So we think they’re like an accelerant, but but they’re not, you know, you can’t assume that they are a must have because not every phone company will participate.


Cameron D’Ambrosi [00:29:10] I love it. So what’s next for proof? You know, I love to ask my guests to take out their their magic crystal ball and make some predictions. Glad to hear kind of where you see the space more broadly headed as well as where you think, you know, prove has a role to play in that future.


Rodger Desai [00:29:27] Well, you know, there’s obviously lots of disruptions that have taken place from COVID to now. But, yeah, the war in Ukraine, you know, the potential cyber wars that we’ll you know, we’ll go through. I think that a couple maybe predictions. One is that I think speaking of cyber security specifically, there’s this notion that identity is the new perimeter, which I think makes a lot of sense, meaning like it’s not enough to put like a firewall around a physical building. And, you know, because all the employees show up in the building, you know, and that’s how you keep the bad folks out, because if you’re in the building, you must be an employee and therefore we’re good. Now, again, now people are logging in from everywhere. And so, you know, how do you know that if someone is, you know, your employee or a bot or hacker from a nation state, you know, when PayPal announced that they had four and a half million kind of fake accounts, I mean, you know, that’s an example of of like they haven’t kind of completed their journey. That identity is the new perimeter. And in that sense, like when you have an identity credential and you authenticate properly, you know, that’s who you allow in to create an account or who should allow in as an employee to, you know, to use the employee services and corporate data. And I think I think that there’s going to be a heightened pressure because of the funding that governments will provide the cybersecurity to make identity that much more of a of a tool of a resource of an asset. Like I think the quicker countries can get these identities that are going to be controlled by folks so they can decide where they want to participate, how they want to participate. But the sooner we get there, the more resilient a country, a national infrastructure will be. I say that because my last company was in the homeland security space and I asked the company, it’s quite successful. And I asked them like, you know, what percentage of administrators of broadcast alerting systems in the U.S. are secured by like just a password or an OTP? And they said 50 to 75%. So, for example, the person that is has access to like the ability to send a message to every phone in York State is secure by a very flimsy security system in which some young person in some other country could probably take it over in minutes. And then everyone, New York State is now getting a message that says an ICBM is 3 minutes away from Manhattan. Yeah, you can you can imagine the resulting powers. If you look at the Colonial Pipeline attack that happened recently, I mean, that was an employee that left Colonial. The attackers were able to get phishers password and they were able to almost take down the entire diesel supply chain in the U.S.. Think about like the the resilience of our national infrastructure is is sometimes as simple as a password or an OTP. That’s not acceptable. And I think I think I think governments will start investing much more heavily on, again, what I would call resilience security, which is, you know, identity that’s attached to cryptographic keys that consumers control. I think the faster we get there, the better. And I think this all the things that are happening around cybersecurity, cyber war will unlock more funding. Second thing I think that the war is also revealing is supply chains are you know, globalization is going to be very different. I think supply chains are going to change fundamentally. Now, typically from a CapEx perspective, you know, it makes sense for you if you’re a company to build every part of your product when you know you’re you only need, you know, to run the machines to create that product once in a while. Why not outsource that to someone? That’s their only job. So that’s going to change. I think you’re going to see a lot of vertical integration that’s going to make products more expensive, of course, but but people have to have control over their products. And that means kind of outsourcing security to like firms all over the world. I think that’s going to change. I think it’s going to be onshore. It’s going to be more and more controlled so that businesses can control their destiny. And that’s going to be more funding for, I think, the identity industry. Those are some of the I think headlines. I think that I think the notion of self-sovereign and controls, I think I think that’s going to break finally in the next 12 or 18 months where you’ll have some systems that will operate at scale. Of course, most consumers may not care to control their identity enough folks do, though. You know, if I look at like my own behavior, like I use things like doctor go all the time now and I don’t know when that happened. Maybe over the last year and a half, I think more and more tools are going to become available to consumers. Consumers will adopt them either way. I think regulators will force more of this to happen where consumers need to control these things if they want to. So I think those are the three kind of big trends I’m seeing.


Cameron D’Ambrosi [00:34:39] I absolutely love that. I think you’re right over the target there. And I think we are set to see all of these trends accelerate again. You know, COVID, I think, wasn’t the the impetus here. A lot of these trends, but it’s kind of, you know, gasoline on the fire that was already burning. And I think the executives that were not prepared for this mobile and digital centric future that was very much obviously presenting itself have been, you know, completely caught out by the past couple of years. And and I feel like I say this a lot, but I don’t think there is ever a silver lining for, you know, a global pandemic to the extent we are going to see some positive results. I think the recognition that digital identity is the future is a realization that. COVID forced a lot of executives that maybe weren’t on board to to realize and internalize and hopefully start allocating some budget and some major time towards really crunching on these issues and identifying their path forward. Roger, thank you so much for your time. I do really, really appreciate it. I know you’re super busy. Before we go. Shameless plug time if folks want to get in touch with the probe team to learn more about the solution, what’s the best channel for them to reach out? And God forbid, if any of our listeners want to reach out to you directly, how would you suggest they do that.


Rodger Desai [00:36:06] So you can go to approve dot com. I love talking to folks about this. I’m extremely passionate. I’ve been doing this for a while, but I think it’s still the second inning. And a lot of folks like you, Cameron, that have really accelerate this industry so people can reach out to me directly as well. So I’m Roger with a D Rodger dot Desai approved dot com. So we’d love to chat to anyone that wants to talk about these topics and thank you for all the work that you guys are liminal. It’s it’s amazing to see how you’re leading the industry in these very important products, very important topics such as I love it.


Cameron D’Ambrosi [00:36:41] Thank you again. So great to hear from you. And for folks who want to hit those links, they will be in the show notes below although you know if you can’t remember approved dot com. Not really sure what else to say. Roger, thank you so much again.


Rodger Desai [00:36:58] Thank you.


Explore The Podcast Library

Episode 343

In the latest State of Identity podcast, hosted by Cameron D’Ambrosi, we’re joined by Laura Spiekerman, co-founder and president of Alloy, a global identity risk solution for financial services and a Liminal 2023 Company to Watch. We’ll discuss its pioneering role in the orchestration-centric approach to Digital Identity in Fintech. Spiekerman delves into the challenges Alloy addresses in the fintech space, where compliance and fraud often hinder innovation. Join us to explore the evolving landscape of digital identity in Fintech, trends in fraud prevention, and the critical intersection of customer experience and security.

Episode 342

In the latest episode of the State of Identity podcast series, we delve into the ever-evolving world of customer identity and access management (CIAM). Join host Cameron D’Ambrosi from Liminal as he sits down with Brian Pontarelli, the founder and CEO of FusionAuth, to explore the exciting developments and challenges in the realm of passwordless authentication, user data management, and the quest for seamless transitions in the digital landscape. Bryan shares his expertise and unique perspective, shedding light on the fascinating journey of FusionAuth and its pivotal role in this dynamic landscape. Tune in for a thought-provoking discussion that promises to expand your understanding of CIAM and its critical role in the modern enterprise.

Episode 341

Tune in to the latest episode of the State of Identity podcast series, where Data Security expert Shane Curran, Founder and CEO of Evervault, dives deep with host Cameron D’Ambrosi into the intricacies of data security. Discover why basic encryption methods aren’t enough, understand innovative data security strategies that ensure functionality, learn how encryption safeguards AI model training without compromising customer data, and grasp the significance of prioritizing current cybersecurity threats over quantum computing concerns.

Episode 340

In the latest episode of the State of Identity podcast, host Cameron D’Ambrosi is joined by Gadalia Montoya Weinberg O’Bryan, an ex-NSA crypto mathematician and the Founder and CEO of Dapple Security. Learn about Gadalia’s remarkable journey from the National Security Agency to the forefront of identity-focused cybersecurity. Learn about the limitations of current passwordless approaches, particularly in scenarios involving lost or stolen devices, and delve into the crucial distinction between authenticating the user behind the device rather than the device itself. Gadalia introduces Dapple Security’s unique solution, which involves generating an on-demand passkey using a user’s fingerprint—emphasizing the company’s commitment to user privacy by avoiding the storage of biometrics on the device or in the cloud—and how this approach is a key element in enhancing overall security posture.

Episode 339

In this episode of the State of Identity podcast, host Cameron D’Ambrosi talks with Eric Olden, the co-founder and CEO of Strata Identity. Join us as they discuss the challenges faced by today’s multi-vendor/multi-cloud enterprise technology landscape and how forward-looking executives view identity as an opportunity, not a cost center. They also delve into the importance of moving towards passwordless authentication and the role of identity orchestration in addressing these challenges.

Episode 338

In this episode of the State of Identity podcast, Liminal host Cameron D’Ambrosi and Justin McCarthy, the co-founder and CTO of StrongDM explore the dynamic landscape of digital identity and access management, addressing the challenges and trends that shape the industry. They talk about what it means to move towards a “credential-less” world and discuss the complexities of authentication, authorization, and the role of proxies in bridging old and new technologies. McCarthy highlights the imperative for convergence among various tools, including the essential role of AI, providing a unified approach to access control, governance, and policy enforcement.

Filter by Content Type
Select all
Case Study
Filter by Category
Select all
Customer Onboarding
Fraud and Risk
Growth Strategy
Identity Management
Market Intelligence
Transaction Services