Liminal members enjoy the exclusive benefit of receiving daily morning briefs directly in their inboxes, ensuring they stay ahead of the curve with the latest industry developments for a significant competitive advantage.
Looking for product or company-specific news? Log in or sign-up to Link for more detailed news and developments.
Here are the main industry highlights of this week week impacting identity and fraud, cybersecurity, trust and safety, financial crimes compliance, and privacy and consent management.

🪄Innovation and New Technology Developments
Wiz Researchers Uncover Data Leak in DeepSeek’s Unsecured Database
WIZ researchers found that China-based AI platform DeepSeek exposed over a million records, including user chat prompts and API keys, in an unsecured database. Though taken offline after contact, DeepSeek has not addressed the issue. Experts warn of security risks, while Italy investigates and the U.S. Navy advises against its use. OpenAI is also probing whether DeepSeek trained on ChatGPT outputs. (Source)
Industry Coalition Urges Trump Administration to Accelerate Mobile Driver’s Licenses and Digital Identity Adoption
An industry coalition is urging the Trump administration’s DOGE to accelerate mobile driver’s licenses (mDLs) and digital identity adoption to fight fraud. The Better Identity Coalition called for state grants and private-sector partnerships. While Biden considered an executive order on digital identity, it didn’t materialize, though his cyber directive included anti-fraud measures. The Trump administration has maintained Biden’s directive, supporting mDL funding and identity verification standards. (Source)
Australia’s Big Four Banks Adopt ConnectID for Secure and Consent-Based Digital Identity Verification
Australia’s four largest banks—Commonwealth Bank, NAB, ANZ, and Westpac —now offer ConnectID, a digital identity solution by Australian Payments Plus (AP+). Acting as a secure intermediary, ConnectID enables users to share only necessary information during transactions with full consent, without storing or accessing customer data. Businesses benefit by reducing the need to manage sensitive information. Awareness of digital identity solutions in Australia has risen, with 72% of Australians familiar with them as of December 2024. (Source)
Apple Patches Zero-Day Bug in Core Media, Enables Apple Intelligence by Default in Latest Updates
Apple‘s latest updates for iPhone, iPad, and Mac enable Apple Intelligence by default on newer devices and patch security bugs, including a zero-day vulnerability in Core Media. Hackers exploited the flaw to gain elevated privileges, affecting devices on iOS versions before 17.2. Apple has fixed the issue but did not disclose details on its discovery or targets. This is 2025’s first actively exploited iOS vulnerability, following seven similar cases in 2024. (Source)
OpenAI Launches Operator, an Autonomous AI Agent, Amid Concerns Over Oversight and Trust
OpenAI‘s Operator, an autonomous AI agent, is now live, partnering with Uber, Instacart, and DoorDash to handle online tasks. However, some websites are blocking it over concerns about bot access. To address these issues, initiatives like World propose linking AI agents to human identities, ensuring accountability while helping businesses integrate AI securely. (Source)
DeepSeek’s AI Breakthrough Disrupts Global Tech, Sparks Chip Stock Selloff, and Raises Cybersecurity Concerns
Chinese AI firm DeepSeek AI has shaken the global tech sector with its R1 and V3 AI models, matching top Western counterparts at a fraction of the cost. Training V3 on just over 2,000 Nvidia chips for $5.6M—far below the $100M–$1B spent by U.S. firms—DeepSeek’s efficiency triggered a chip stock selloff, with Nvidia plunging 15% and the Nasdaq dropping 3%. Beyond financial impact, DeepSeek’s cost-effective AI raises cybersecurity and military concerns, as it could democratize AI capabilities for various actors, including those with malicious intent. The breakthrough challenges U.S. export controls, intensifies the AI arms race, and could reshape the economics of AI development worldwide. (Source)
DeepSeek Temporarily Halts New Sign-Ups for AI Assistant App Amid Malicious Attacks and User Surge
DeepSeek’s AI Assistant app, a top-ranked ChatGPT rival, has temporarily restricted new sign-ups due to “large-scale malicious attacks.” While existing users remain unaffected, new registrations faced outages and performance issues. Initially, DeepSeek required a mainland China mobile number for sign-ups, but this has since been removed, allowing Google, Apple ID, and email registration. It’s unclear if the issue is solely due to attacks or a surge in users, as the app recently topped the U.S. App Store charts. DeepSeek has provided limited details, and the situation is still unfolding. (Source)
South Korea pilots blockchain-based digital IDs to modernize its national identification system
South Korea has launched a pilot program for blockchain-powered digital ID cards, modernizing its 56-year-old national ID system. Tested in nine regions, including Sejong and Yeosu, the program is open to residents 17 and older. Building on existing digital ID efforts like mobile driver’s licenses, this initiative aligns with the global shift toward digital identity integration. It aims to boost efficiency and security, showcasing South Korea’s commitment to innovative technologies in public administration. (Source)
Idemia launches ALIX to reduce lost luggage with AI-powered digital tags and biometrics
IDEMIA has launched ALIX (Augmented Luggage Identification Experience) to tackle the 28 million lost bags per year. Using AI and biometrics, ALIX creates digital luggage tags by capturing high-quality images when bags enter the system, ensuring identification even without physical tags. Developed with Air France and deployed at Paris CDG, ALIX boasts 90% accuracy in identifying bags. The system includes ALIX Arch (an image-capturing device) and ALIX Core (a cloud-based platform). By enhancing airport efficiency and customer satisfaction, ALIX offers a smarter baggage-tracking solution for airlines and ground staff. (Source)
Guyana invests $1 billion in biometric e-ID system to advance digital transformation and public service access
Guyana has allocated $1 billion (US$4.8 million) to launch a biometric e-ID card system this year, part of a $35.4 million contract with Veridos to enhance identity security and e-governance. The initiative supports healthcare, education, and transportation while expanding digital access to rural areas. Alongside e-IDs, Guyana is integrating biometric surveillance, facial recognition, and an electronic passport control system at its main airport for national security. However, political tension remains, as the election commission rejected biometric voting for 2025, citing time constraints, drawing criticism from the opposition. (Source)
💰 Investments and Partnerships
Tenable To Acquire Vulcan Cyber For $150M To Boost Exposure Management Capabilities
Tenable is acquiring Vulcan Cyber | Own exposure risk for $150 million ($147M cash, $3M stock), enhancing its exposure management platform with risk prioritization, automated remediation, and integrations with 100+ security products. Expected to close in Q1 2025, the deal follows Tenable’s 2024 purchase of Eureka Security for $30 million. In 2024, SecurityWeek tracked 400+ cybersecurity M&A deals, with disclosed transactions totaling $50.4 billion, highlighting continued consolidation in the sector. (Source)
CHEQ Acquires Deduce to Enhance AI-Driven Identity Fraud Prevention
CheQ has acquired Deduce to integrate its patented identity graph technology into CHEQ’s go-to-market security platform. Deduce’s system, tracking 185M weekly users and 1.5B daily events, enhances fraud detection by identifying AI-generated “SuperSynthetic” identities. This acquisition boosts CHEQ’s defense against AI-driven fraud, ensuring compliance while minimizing disruptions to user experiences. It aligns with CHEQ’s M&A strategy to strengthen cybersecurity against evolving threats, offering businesses real-time forensics and advanced identity verification. (Source)
X Partners With Visa To Launch A Digital Wallet And Peer-To-Peer Payments
Elon Musk’s social platform X announced a partnership with Visa that will introduce a digital wallet and peer-to-peer payments, allowing users to transfer funds between bank accounts and X’s wallet as well as send money to each other. The initiative is part of X’s plan to expand into financial services, backed by its money transmitter licenses in 41 states. The service is expected to launch in the first quarter, initially focusing on allowing creators to receive payments within the platform and potentially including banking features such as high-yield money market accounts. (Source)
Clutch Security Raises $20M To Tackle Machine Identity Risks In The Cloud
Clutch Security, an Israeli startup specializing in machine identity management, has raised $20 million in a funding round led by SignalFire, with backing from Lightspeed Venture Partners and Merlin Ventures. Founded in late 2023, Clutch helps secure machine identities across cloud services, APIs, and SaaS applications by providing visibility, lifecycle management, and zero-trust controls for service accounts, API keys, and tokens. The funds will support R&D, product growth, and business expansion as the rise of cloud and AI-driven tools increases machine identity threats. (Source)
Wultra Raises €3M To Strengthen Quantum-Resistant Banking Authentication
Wultra, a banking security vendor, has raised €3 million from Tensor Ventures, Elevator Ventures, and J&T Ventures to advance quantum-resistant authentication for financial applications. Anticipating a “Q-day” within five years, when quantum computing could break current cryptographic methods, Wultra offers software authentication, the Talisman hardware device, and biometric onboarding for banks. Clients include Raiffeisen Bank, Erste Digital, OTP Bank, and Global Payments. With this funding, Wultra plans to expand into Western Europe, Southeast Asia, and Vietnam, where it has partnered with Savis Group. (Source)
Humanity Protocol Raises $20M to Expand Decentralized Identity Solutions and Web3 Credential Validation
Humanity Protocol has raised $20 million in a Pantera Capital- and Jump Crypto-led round, valuing the company at $1.1 billion. The funding will accelerate its decentralized identity blockchain solutions and global expansion in 2025. Partnering with OKX Wallet, the company will issue verifiable credentials to ensure fair token distribution and fraud prevention. Additionally, its collaboration with Open Campus integrates verifiable credential frameworks for education validation and Web3 interoperability, allowing users to showcase verified skills while maintaining privacy via zero-knowledge proofs. (Source)
⚖️ Policy and Regulatory
France Expands Binance Probe Over Money Laundering And Terrorist Financing
French authorities have expanded their investigation into Binance for money laundering and terrorist financing, covering activities from 2019 to 2024. The probe examines allegations of habitual money laundering linked to drug trafficking and tax fraud, as well as unauthorized marketing via influencers. This follows Binance’s $4.3 billion fine by U.S. officials in 2023 for similar violations. Despite receiving registered status in France in 2022, the exchange now faces scrutiny over customer complaints and inadequate disclosure, with the case referred to client protection and anti-fraud agencies. (Source)
Largest Medical Data Breach in U.S. History Exposes Sensitive Information of 190 Million Americans
UnitedHealth Group has confirmed that the February 2024 ransomware attack on Change Healthcare affected 190 million Americans, nearly double the initial estimate. This ALPHV ransomware gang breach is now the largest medical data breach in U.S. history, exposing names, contact details, government IDs, health diagnoses, treatment plans, and financial information. Hackers gained access via a stolen credential lacking multi-factor authentication, causing months-long outages across the U.S. healthcare system. While UnitedHealth claims no evidence of medical record misuse, some stolen data was published online, and two ransoms were paid to prevent further leaks. The incident highlights serious vulnerabilities in healthcare data security. (Source)
UK Sets Timeline for Stricter ID Verification and AML Measures Under Economic Crime and Corporate Transparency Act 2023
The UK will enforce stricter identity verification (IDV) and anti-money laundering (AML) controls under the Economic Crime and Corporate Transparency Act 2023. Starting autumn 2025, new business directors and PSCs must verify their identities, with existing companies complying by autumn 2026. IDV will also be required in annual filings. Authorized Corporate Service Providers (ACSPs) can offer verification from February 2025, with voluntary IDV opening in March 2025 and enforcement in 2026. Covering 7 million individuals, the Act aims to combat fraud and money laundering, though verification methods remain unspecified. (Source)
Google allowed to depose Texas in biometric data lawsuits but blocked from deposing Attorney General’s office
Google has won the right to depose Texas in lawsuits over alleged biometric and consumer protection violations but cannot depose the Attorney General’s Office. The cases involve claims that Google Photos, Assistant, and Nest Hub Max violated Texas’ biometric law (CUBI) and that Google collected location data under the Deceptive Trade Practices Act. Google has also subpoenaed Clearview AI to support its defense, while Amazon and Lytx have settled similar biometric privacy lawsuits under Illinois’ BIPA for undisclosed terms and $4.25 million, respectively. The rulings highlight growing legal scrutiny over biometric data use in the tech industry. (Source)
🔗 More from Liminal
Access the Market & Buyer’s Guide for Third-Party Risk Management in Link for insights to strengthen compliance and tackle emerging risks as the TPRM market nears $19.9 billion by 2030.
Access Market & Competitive Intelligence
Our award-winning Link™ platform empowers you to monitor trends, access benchmark research reports, explore use cases, and more.
Interested in attending? Request an invite to our 4th annual exclusive CEO event, which will be held in Laguna Beach, California.