?? What do deepfakes, passkeys, and behavioral biometrics have in common? They’re all reshaping how we think about identity verification. Aaron Painter, Nametag's CEO, dives into these game-changing topics on The Business of Tech podcast with Dave Sobel. Some of the questions that Dave and Aaron ask and answer: ?? What happens when #MFA falls short? Recovery processes are often the weakest link in protecting accounts. ?? Are passkeys the future — or just a patch? Big tech loves them, but recovery gaps still leave vulnerabilities for attackers to exploit. ?? How can we fight deepfakes? Visual verification isn’t enough anymore. Aaron makes the case for combining AI, biometrics, and cryptography to safeguard identities. One standout takeaway: Deepfakes and #AI are changing the rules of remote identity verification faster than most organizations can adapt. As Aaron puts it, it’s not just about keeping people out — it’s about making sure the right people get in. It’s time to rethink not just how we secure accounts, but how we define identity in the digital age. ?? Catch the full episode here:
Nametag
计算机和网络安全
Seattle,Washington 1,493 位关注者
Account protection solutions with Deepfake Defense? identity verification. Prevent breaches and save IT support costs.
关于我们
Nametag stops AI-powered attackers while saving 30% of your helpdesk costs. Complete your IAM and MFA configuration with plug-and-play solutions that protect critical moments like MFA resets, password changes, and employee onboarding, while unlocking new automations and cost savings through self-service and agent-assisted workflows. Nametag solutions are built on Deepfake Defense?, the next-generation identity verification (IDV) engine that combines Cryptographic Attestation?, Adaptive Document Verification?, Spatial Selfie? and other features to prevent AI-powered impersonation. It’s the only IDV that delivers the identity assurance needed in the age of generative AI and deepfakes. Global enterprises across social media, software, healthcare, insurance, finance, higher education and other industries trust Nametag to deliver secure, integrated account protection and cost savings at scale. Nametag customers eliminate over 50% of their IT tickets, reduce helpdesk costs by 30%, boost helpdesk agent efficiency by 5x, improve user experiences, and prevent account takeovers that lead to data breaches and ransomware attacks. Visit www.getnametag.com to learn more and watch a demo.
- 网站
-
https://www.getnametag.com/
Nametag的外部链接
- 所属行业
- 计算机和网络安全
- 规模
- 11-50 人
- 总部
- Seattle,Washington
- 类型
- 私人持股
- 创立
- 2020
- 领域
- Digital Identity、ID Verification、Secure Sign-in、Anti-Fraud、Account Recovery、Biometrics、Visual Identity Verification、Cybersecurity、Mobile Security、Authentication、Multi-Factor Authentication (MFA)、Passwordless Authentication、Workforce Verification、Data Security、Biometric Authentication、Identity Verification、ID&V、Strong Customer Authentication (SCA)、Fraud Prevention、Social Engineering、Ransomware和Artificial Intelligence (AI)
产品
Nametag Copilot
帮助台软件
Nametag Copilot is the only identity verification product built for IT helpdesks. Copilot empowers helpdesk agents and support reps to quickly verify whomever they’re talking with, returning a trusted proof of verification so agents can act with confidence. Copilot surrounds your existing MFA and IAM infrastructure to add a strong security layer at critical like account recoveries, onboarding, and high-risk transactions. Copilot stops social engineering attacks that lead to account takeovers, data breaches and ransomware. Nametag's ultra-secure identity verification technology prevents injection attacks, presentation attacks, and the use of AI deepfakes to impersonate legitimate employees and customers. Learn more at getnametag.com
地点
Nametag员工
动态
-
On a new episode of Podnosis, Fierce Healthcare's Anastassia Gliadkovskaya talks with Aaron Painter about the growing threat of deepfake vhishing (voice phishing). With voice deepfake incidents rising 12% from 2023 to 2024, this is a can't-miss episode for anyone in #cybersecurity or healthcare #IT! From #AI impersonations to unauthorized data access, Anastassia and Aaron explore: ?? What makes #vishing a formidable attack vector. ?? Why #healthcare organizations are prime targets. ??? How strong #IdentityVerification can shield companies against these AI-powered threats. Listen here:
An emerging cyberthreat: vishing
fiercehealthcare.com
-
Digital injection attacks, why they matter, and how to stop them: a brief treatise. As #IdentityVerification software becomes more common, so too have digital injection attacks. By hijacking the data stream between a device and an #IDV provider's servers, threat actors can fool the system in a way that's virtually impossible to detect. Which begs the question: How might we prevent them? This question is core to Nametag. Instead of trying to detect injection attacks after the fact by scanning with SDKs or using other unreliable techniques, our Cryptographic Attestation? technology proactively prevents the injection of #deepfakes and false data in the first place. Our Deepfake Defense? identity verification engine uses hardware-backed keystore assurance and secure enclave technology from Apple and Google to establish a cryptographically-signed chain of trust between a user’s device and our services. The upshot: Cryptographic Attestation delivers unparalleled protection against injection attacks. And it's only available from Nametag. Learn more about Deepfake Defense, Cryptographic Attestation, and why it matters:
Deepfake Defense - Nametag
getnametag.com
-
Fraud is evolving beyond stolen passwords and phishing emails. #Deepfake attacks grew by 3,000% last year, and #SocialEngineering continues to be a factor in most major data breaches. Attackers aren’t just hacking systems; they’re hacking people. Countless breaches are highlighting how even smallest gaps in security can lead to catastrophic losses. In 2023, 66% of organizations faced #ransomware, often starting with attackers bypassing MFA and other account security measures by impersonating employees at the #helpdesk. #FraudAwarenessWeek is a reminder that as threats evolve, so must our defenses. Whether it’s rethinking how we verify identity or adopting stronger processes, addressing vulnerabilities now can prevent larger disasters later. Let’s use this week to reflect, learn, and strengthen the way we fight fraud at every level.
-
The Financial Crimes Enforcement Network, US Treasury (FinCEN) recently issued a FinCEN Alert on fraud schemes involving #deepfake media targeting financial institutions. FinCEN warns that bad actors are weaponizing generative #AI to fool outdated customer identification, identity verification, and customer due diligence (CDD) systems. Key insights from FinCEN include: ?? Low barrier to entry: #genAI tools make it easy for anyone to produce high-quality synthetic content that is extremely difficult (read: nigh-impossible) to distinguish from reality. ?? Fake IDs and other uses: fraudsters create deepfake IDs, photographs and videos to trick verification systems, or combine these with stolen PII to create synthetic identities. ?? Costs beyond the financial: In addition to financial losses, institutions face compliance challenges under the Bank Secrecy Act (BSA) and new detection burdens. FinCEN offers a number of recommendations for how to mitigate the threat of deepfakes, including phishing-resistant MFA and live verification checks. Of course, phishing-resistant MFA is a general best-practice, but attackers can bypass it through the MFA recovery process. Live verification checks that don't use Cryptographic Attestation? are susceptible to digital injection attacks and can't be trusted. ?? Learn more about FinCEN's Deepfake Alert on our blog:
FinCEN Alert: Deepfake Attacks on Financial Institutions
getnametag.com
-
We’re honored to be identified in the 2024 Gartner Emerging Tech: Techscape for Startups in Security Software and mentioned in the inaugural 2024 Gartner Magic Quadrant for Identity Verification! In an industry crowded with #KYC compliance tools and consumer shopping benefits platforms, Nametag is highlighted for our differentiated #IDV technology, depth of integrations, and focus on account protection use cases. From securing frontline #helpdesks to automating the #MFA reset process, #Deepfake Defense? and our out-of-the-box solutions deliver greater #identity assurance, better user experiences, and more cost savings. As our CEO Aaron Painter puts it, "Industry experts are increasingly recognizing Nametag’s innovation and momentum in delivering workforce account protection solutions powered by our Deepfake Defense engine.” For more on what this recognition means to us: https://lnkd.in/edd2Pbb3
Nametag in the 2024 Gartner Magic Quadrant for Identity Verification and Security Software Techscape
getnametag.com
-
Google to enforce mandatory #MFA in 2025 — what does this mean for you? Starting this month, Google will begin a 3-phase rollout of mandatory multi-factor authentication for Google Cloud users. Phase 1?? will focus on raising awareness and training Google Administrators on how to plan a rollout and conduct testing. Phase 2?? will require all new and existing #GCP users to enable MFA. Phase 3?? will require all users who federate authentication into Google Cloud to enable MFA. This of course follows on a similar plan from Microsoft. We're glad to see more mandatory MFA requirements, but as Jasson Casey at Beyond Identity points out, MFA alone isn't enough. "Mandatory MFA is necessary but not sufficient for enterprise security.?This is because MFA is not created equal and doesn't offer the same level of security assurances." And, of course, mandatory MFA creates its own set of problems: a wave of user lockout tickets at your helpdesk, any one of which could be a social engineering attack or attempted account takeover. Dark Reading has the scoop on Google's new MFA requirement, then check the comments for our blog on how to plan for lockouts:
Google Cloud to Enforce MFA on Accounts in 2025
darkreading.com
-
A common refrain in cybersecurity is that "attackers don't break in, they log in." But perhaps it's due for an update. How's this: In the era of generative AI, "attackers don't log in, they convince you to open the door." We've entered a new era in cybercrime, where threat clusters like Scattered Spider are proving just how effective #genAI-powered #SocialEngineering can be. Threat actors are bypassing traditional defenses — not by brute force — but by calling your #helpdesk to reset credentials or slip around #MFA. One case even saw attackers using Microsoft Teams to demand a ransom after accessing the network through a helpdesk exploit. With tactics like these on the rise, the stakes for #IT and security teams couldn’t be higher. This highlights a critical gap: helpdesks are increasingly the target of attackers, whose sophisticated social engineering tactics exploit the very people meant to keep systems secure. To counter this threat, it's essential to: ?? Surround your helpdesk with Deepfake Defense identity verification to stop genAI-enabled social engineering attacks ?? Ensure MFA can’t be easily bypassed by strengthening the MFA reset process with strong IDV ?? Invest in workforce training and advanced monitoring to catch suspicious behavior early Shoutout to Stu Sjouwerman, SACP, Founder/CEO?at KnowBe4, and James Xiang at ReliaQuest for their excellent writing and research on this threat. Check out Stu's new blog article and be sure to click through to James' extremely detailed Scattered Spider Attack Analysis report:
[Eye Opener] Attackers Don’t Hack, They Log In. Can You Stop Them?
blog.knowbe4.com
-
Elizabeth Montalbano from Dark Reading breaks down the alarming evolution of the FakeCall malware — a powerful new tool that targets Android users with advanced voice and mobile #phishing attacks. This new variant of FakeCall goes beyond traditional #vishing and #mishing ("marketing phishing"). It leverages Android’s Accessibility Service to gain unprecedented control over a device’s user interface, intercept calls, capture on-screen data, and manipulate interactions — all while seamlessly mimicking legitimate interfaces to avoid detection. ?? Stay informed on how attackers are advancing and why it’s crucial to equip employees with the skills to recognize and report mobile phishing attacks. Read the full article on Dark Reading to learn more:
Vishing Goes Next-Level With FakeCall Android Malware
darkreading.com
-
The evolution of #GenerativeAI has ushered in a new era of impersonation attacks. Recent research from IRONSCALES shows that: ?? 75% of organizations experienced at least one deepfake-related incident in the last year. ?? 60% feel only “somewhat confident” or less in their ability to defend against these threats. ?? 39% of incidents involve phishing emails that mimic email addresses, sender names, and brands, making them alarmingly convincing. #GenAI is a superpower for fraudsters; #deepfake-enabled scams are skyrocketing to unprecedented levels. #IT, security, and risk teams must all stay informed and prioritize proactive defenses that stay ahead of these rapidly-evolving threats. Read the research:
IRONSCALES Deepfake Survey Research Report
ironscales.com