Liminal members enjoy the exclusive benefit of receiving daily morning briefs directly in their inboxes, ensuring they stay ahead of the curve with the latest industry developments for a significant competitive advantage.
Looking for product or company-specific news? Log in or sign-up to Link for more detailed news and developments.
Here are the main industry highlights of this week week impacting identity and fraud, cybersecurity, trust and safety, financial crimes compliance, and privacy and consent management.
🪄Innovation and New Technology Developments
Socure Launches RiskOS, an AI-Driven Risk Decisioning Platform for Identity Verification, Fraud Prevention, and Compliance
Socure has launched RiskOS, a risk decisioning platform that combines its AI-driven identity verification, fraud prevention, and compliance solutions with orchestration and decisioning capabilities from its Effectiv acquisition. RiskOS integrates over 50 third-party data solutions, offering real-time decision-making and proactive risk alerts. Built on Socure’s identity graph with a network of over 4 billion known outcomes and 314 million recurring identities, the platform provides a no-code interface for creating workflows and integrating data services. It addresses key use cases, including consumer and business onboarding, KYB automation, bank account verification, account takeover prevention, and trust and safety in digital marketplaces. (Source)
Google to Test AI Model for Age Estimation to Enforce Age Restrictions Across Its Products
Google announced it will begin testing an AI model to estimate whether users are over or under 18 to enforce age restrictions across its products, including YouTube. The initiative is part of Google’s broader push to integrate AI into its services while addressing increasing regulatory pressure on child safety. The company plans to expand the AI-based age estimation model beyond the U.S. over time, following similar efforts by Meta. (Source)
Adobe Launches a Standalone Firefly AI Subscription Service With Focus On AI Images Videos And Vectors
Adobe is expanding its Firefly AI models into a standalone subscription service with a focus on AI-generated images, vectors, and videos. Users can choose the Standard plan ($9.99/month) for unlimited AI images, vectors, and 20 five-second AI videos or the Pro plan ($29.99/month) for 70 AI videos per month. A Premium tier, offering up to 500 AI videos per month, is also in development. These plans integrate with Creative Cloud, offering access across Photoshop and Express. Competing with OpenAI’s Sora, Runway’s Gen-3 Alpha, and Google DeepMind’s Veo, Firefly aims to differentiate itself by training on a licensed, brand-safe dataset to avoid legal risks. Adobe’s move reflects its strategy to monetize Firefly’s early success and attract creative professionals seeking customizable AI-generated visual content. (Source)
South African Banks Expanding Smart ID Services to Accelerate Digital Transition
South African banks plan to expand branches offering Home Affairs services to streamline the issuance of biometric smart ID cards. This initiative supports the government’s transition from outdated green ID booklets to more secure digital IDs, aiming to reduce inefficiencies and long wait times. Currently, over 30 banks provide ID services, and many intend to open more branches in 2025 to alleviate congestion at Home Affairs offices. The government has set a goal of issuing at least 2.5 million smart ID cards as part of its broader digital transformation strategy. While no official deadline for the full transition has been announced, authorities expect the process to be completed in the coming years. (Source)
đź’° Investments and Partnerships
OneID Secures New Funding to Expand Bank-Verified Digital ID Services and Market Reach
OneID® , the UK’s only provider of bank-verified digital identification services, has secured new funding led by ACF Investors, though the investment amount remains undisclosed. The company has raised over £16 million from more than 200 angel investors across the UK, Sweden, and the US, positioning itself as a leader in the sector. OneID’s technology enables real-time verification for approximately 50 million UK adults without requiring registration or storing personal data, streamlining identity authentication for businesses. The new funding will support product expansion, entry into new market sectors, and further adoption by existing and new customers, including NatWest and Adobe. (Source)
CyberArk Acquires Zilla Security for $165M to Strengthen Identity Governance and Administration Capabilities
CyberArk has acquired Zilla Security for $165 million in cash, with an additional $10 million earn-out, to enhance its Identity Security Platform with modern Identity Governance and Administration (IGA) capabilities. Zilla’s AI-driven SaaS platform automates identity compliance and provisioning, addressing the limitations of legacy IGA systems by offering faster deployment and streamlined access management. The acquisition aligns with CyberArk’s strategy to provide a comprehensive identity security platform, integrating privilege controls, entitlement management, and lifecycle governance. Zilla’s solutions, now available through CyberArk, will support enterprises in managing digital identities more efficiently across hybrid environments. (Source)
Sardine Secures $70M to Expand AI-Powered Fraud and Compliance Solutions
Sardine raised $70 million in a Series C funding round, bringing its total capital to $145 million, with backing from investors like Activant Capital , Andreessen Horowitz , and GV (Google Ventures). The company, which provides AI-driven fraud and compliance solutions, has profiled over 2.2 billion devices and serves more than 300 enterprises, including FIS, Deel, and GoDaddy. Sardine is launching AI agents to automate risk operations, reducing manual work in fraud detection, compliance, and credit underwriting. These AI tools streamline processes such as KYC verification, sanctions screening, and chargeback handling, aiming to reduce false positives and improve efficiency. With this investment, Sardine plans to scale its AI infrastructure to help financial institutions manage increasing fraud and compliance challenges more effectively. (Source)
Cleversoft Acquires Fineksus to Expand Regulatory and AML Solutions Across Europe and the Middle East
Fineksus has been acquired by cleversoft group after receiving regulatory approvals. The acquisition integrates Fineksus’ financial messaging and AML expertise with cleversoft’s regulatory technology, expanding services across Türkiye, the Middle East, and Europe. Customers of cleversoft will gain access to financial messaging services, while Fineksus customers will receive EU regulatory compliance support and improved service in Europe. Fineksus will retain its brand and leadership, with its CEO, Ahmet Vefik Dinçer, joining cleversoft’s executive board. The two companies aim for full integration by the end of 2025, focusing on enhancing regulatory and AML solutions. (Source)
Securitize, Apollo, and Wormhole Tokenize $1.3B Credit Fund for Multi-Chain DeFi Integration
Securitize, Apollo Global Management, Inc., and Wormhole have partnered to tokenize the $1.3 billion Apollo Diversified Credit Fund ($ACRED) and deploy it across six blockchains, including Solana. This allows institutional investors to access private credit markets on-chain, increasing liquidity and accessibility. Wormhole’s protocol enables $ACRED to move across blockchains, letting users trade, lend, or use it as collateral in decentralized finance (DeFi). Solana’s low-cost infrastructure is playing a key role in supporting institutional asset tokenization. The success of $ACRED could encourage further institutional adoption of tokenized assets, expanding blockchain’s role in traditional finance. (Source)
Turn/River Capital to Acquire SolarWinds for $4.4 Billion in All-Cash Deal
Private equity firm Turn/River Capital has agreed to acquire SolarWinds for $4.4 billion in an all-cash deal at $18.50 per share, taking the IT management and observability software provider private. SolarWinds, which became infamous for the 2020 supply chain attack linked to Russian-backed hackers, will no longer be publicly traded on the NYSE. The company faced SEC scrutiny in 2023 over alleged failure to disclose cyber risks, though most allegations were dismissed. The acquisition has been approved by SolarWinds’ board and is expected to close in Q2 2025. (Source)
Signaturit Group Acquires Validated ID to Expand Digital Identity and E-Signature Solutions
Signaturit Group, a Barcelona-based provider of secure digital transaction solutions, has announced its acquisition of Validated ID, a fellow Barcelona-based vendor in digital identity and electronic signature solutions. The financial terms of the deal were not disclosed.Validated ID, known for its VIDwallet mobile identity wallet and biometric signature solutions, serves over 4,000 clients in 35+ countries. (Source)
France Secures €109 Billion in AI Investments to Boost Infrastructure and Innovation
French President Emmanuel Macron announced that private sector investments in France’s artificial intelligence sector will reach approximately €109 billion ($112.5 billion) during the upcoming Paris AI Summit. Key contributions include €20 billion from Canadian investment firm Brookfield, largely for data center development, and potentially €50 billion from the United Arab Emirates, which will help finance a 1-gigawatt data center. The initiative aims to position France as a leader in AI infrastructure, though energy demands for large-scale data centers remain a challenge for Europe. The announcement follows the U.S.’s recent commitment of $500 billion in AI infrastructure from OpenAI, SoftBank, and Oracle to maintain its competitive edge over China and other rivals. (Source)
AttackIQ Acquires DeepSurface to Enhance Cybersecurity Risk Analysis
AttackIQ, a Santa Clara-based cybersecurity firm specializing in Adversarial Exposure Validation (AEV), has acquired Portland startup DeepSurface Security. Founded in 2017, DeepSurface developed software that prioritizes security risks by mapping out potential attack paths for hackers. The acquisition will integrate DeepSurface’s risk analysis technology into AttackIQ’s security control validation and breach simulation offerings. DeepSurface’s CEO, James Dirksen, and CTO, Tim Morgan, expressed enthusiasm for the merger, emphasizing its potential to enhance security teams’ ability to analyze and mitigate threats. The startup previously raised $1 million in seed funding in 2020 from Cascade Seed Fund, SeaChange Fund, and Voyager Capital. (Source)
⚖️ Policy and Regulatory
Hackers Breach OmniGPT Exposing Personal Data Of Over 30000 Users And 34 Million Chatbot Interactions
Hackers allegedly breached OmniGPT, an AI chatbot platform, exposing the personal data of over 30,000 users, including email addresses, phone numbers, API keys, and 34 million user-chatbot interactions. A hacker named “Gloomer” claimed responsibility on February 9, 2025, posting leaked samples on a hacking forum, which included plaintext emails, phone numbers, chat logs, and sensitive documents stored on Google Cloud. The leaked chat logs and uploaded files pose serious privacy risks, potentially revealing personal, financial, or corporate data. (Source)
India Considers Banning Chinese AI Chatbot DeepSeek Over Data Privacy And Cybersecurity Risks
India is considering banning DeepSeek, a Chinese AI chatbot, due to data privacy and cybersecurity concerns, with CERT-In, under the Ministry of Electronics and Information Technology, investigating its data collection practices. DeepSeek reportedly gathers user data through prompts, device metadata, app interactions, and external sources, raising fears of unauthorized access to sensitive information and potential manipulation of political discourse. Unlike ChatGPT, DeepSeek poses elevated privacy risks, as it can track user behavior across other AI platforms like ChatGPT and Google Gemini. Similar concerns have led countries like the US, Italy, and Australia to restrict DeepSeek’s use. India’s finance ministry has already warned against using AI tools like DeepSeek on government devices, reinforcing the need for strict regulations to protect national security and user privacy. (Source)
UK Government Pressures Apple to Weaken iCloud Encryption, Sparking Privacy Concerns
The U.K. government secretly ordered Apple to create a backdoor to access encrypted iCloud backups under the Investigatory Powers Act 2016, aiming to weaken Apple’s end-to-end encryption feature, Advanced Data Protection. The order, which Apple is likely to comply with by removing the feature for U.K. users, has sparked concerns over privacy rights and the potential for similar demands from other governments. Critics argue that the move would set a dangerous global precedent, making encrypted data more vulnerable to cybercriminals and authoritarian regimes. Security experts warn that weakening encryption contradicts efforts to protect users from state-sponsored cyber threats, such as recent hacking campaigns by Chinese-backed groups. The U.K.’s approach risks straining alliances with nations prioritizing encryption as a safeguard against espionage and cyberattacks. (Source)
Lee Enterprises Confirms Cyberattack Disrupting Operations at 72 Newspapers
Lee Enterprises, a major U.S. newspaper publisher, has confirmed that a cyberattack is behind ongoing disruptions at its 72 publications, including the St. Louis Post-Dispatch and Casper Star-Tribune. CEO Kevin Mowbray stated that the company is working to restore systems, but Lee has not disclosed the nature of the attack or whether any data was compromised. The outages have affected newspaper production, subscriber services, and internal systems like VPN and call centers. While Lee’s earnings report this week omitted mention of the cyberattack, this marks the company’s second known breach in five years, following a 2021 Iranian hacker attack. Recovery efforts are ongoing, with no clear timeline for resolution. (Source)
PayPal Fined $2 Million by New York for Cybersecurity Failures
PayPal has been fined $2 million by New York State for failing to meet cybersecurity regulations, leaving customer data vulnerable to cybercriminals. The investigation by the Department of Financial Services (DFS) found that PayPal lacked qualified cybersecurity personnel, failed to implement adequate security measures like multifactor authentication, and did not provide sufficient training. The breach occurred when untrained teams expanded access to IRS Form 1099-Ks, allowing hackers to exploit compromised credentials and access sensitive customer data. DFS Superintendent Adrienne A. Harris emphasized the importance of trained cybersecurity personnel and strong policies to protect consumer information. This case highlights the enforcement of New York’s updated cybersecurity regulations, which set strict standards for financial institutions to prevent data breaches. (Source)
DeepSeek iOS App Banned Globally Over Security and Privacy Risks
Critical vulnerabilities in the DeepSeek iOS app have raised serious privacy and national security concerns, leading to global bans by governments and organizations. The app transmits unencrypted user data to ByteDance servers in China, bypassing iOS security protocols and exposing users to surveillance risks. Researchers found multiple security flaws, including weak encryption, insecure data storage, and extensive fingerprinting, making user information vulnerable to interception and misuse. Given the regulatory and compliance risks, countries like South Korea, Australia, Taiwan, and U.S. agencies have banned the app on official devices. Security experts recommend prohibiting its use in corporate environments, adopting self-hosted alternatives, and conducting regular security assessments to mitigate emerging threats. (Source)
đź”— More from Liminal
Access our latest research in Link for a comprehensive benchmark and analysis of the 20 leading providers in biometric technology, identity verification, and age assurance.
Access Market & Competitive Intelligence
Our award-winning Link™ platform empowers you to monitor trends, access benchmark research reports, explore use cases, and more.
Interested in attending? Request an invite to our 4th annual exclusive CEO event, which will be held in Laguna Beach, California.
