digitalcourage.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Diese Instanz wird betrieben von Digitalcourage e.V. für die Allgemeinheit. Damit wir das nachhaltig tun können, erheben wir einen jährlichen Vorausbeitrag von 1€/Monat per SEPA-Lastschrifteinzug.

Server stats:

818
active users

#digitalidentity

1 post1 participant0 posts today

Important work happening around HTTP Signatures in the Fediverse. Stronger key validation, better digest handling, clearer test vectors—all steps toward more secure and trustworthy ActivityPub communication.
HTTP Signature Upgrades Coming Soon

activitypub.blog/2025/07/03/ht

ActivityPub for WordPress · HTTP Signature Upgrades Coming Soon
More from ActivityPub for WordPress
Replied in thread

@heiseonline

Wir brauchen endlich einen kryptografisch sicheren und privatsphärefreundlichen #EPerso.

Und weg von dem ganzen unverschlüsselten Kram wie Telefon, SMS, Fax oder Email. Jede Nachricht muss mit einem privaten Key signiert sein, das geht schon, juckt aber kein Schwein. Keine Behörde, Arztpraxis etc. unterstützt #PGP.

youtube.com/watch?v=PKtklN8mOo

media.ccc.de/v/38c3-eu-s-digit

⚠️ “Government programs are being treated like ATMs by international crime rings.”

According to a recent report, the U.S. is losing $233–$521 billion per year to fraud — much of it driven by foreign actors using identity theft and synthetic identities at massive scale.

Key insights from the article:
🌍 Attackers operating from China, Russia, India, the Philippines, Poland, and South Africa
💥 COVID-era relief programs were a proving ground for large-scale fraud
🤖 AI is helping attackers scale and evade detection
🆔 Most scams leverage real or synthetic PII, easily pulled from data breaches
🔁 Reuse across agencies and private-sector targets is common

These vulnerabilities aren’t hypothetical or historical — they’re active.

We need more than longer forms and security questions. We need real-time intelligence, modern verification, and a national strategy that treats identity as critical infrastructure.

#CyberSecurity #IdentityTheft #FraudPrevention #ThreatIntel #DigitalIdentity
darkreading.com/threat-intelli

🔐 Passwords are out. Microsoft is going all-in on passkeys 🎉🧑‍💻

Starting now, all new Microsoft accounts default to passwordless login:
🔑 Passkeys
📲 Push notifications
🔐 FIDO2 security keys

Why it matters:
📈 Nearly 1 million passkeys registered every day
✅ Passkeys succeed 98% of the time — passwords only 32%
🧠 Fewer support calls, less phishing risk, smoother UX

This shift isn’t just about convenience — it’s a major step toward killing the biggest security weak spot: the password.

#Microsoft #Passkeys #Passwordless #CyberSecurity #DigitalIdentity
theverge.com/news/659929/micro

The Verge · Microsoft goes passwordless by default on new accountsBy Umar Shakir

"""
[...] the fake passport generated using ChatGPT-4o successfully bypassed basic KYC checks used by fintech platforms like Revolut and Binance, which depend on photo ID uploads and user selfies. Musielak warned of the rising threat of mass identity theft, fraudulent credit applications, and fake account creation, which are now more scalable with generative AI.
"""

Looks like we need to accelerate the change to SSI.

boingboing.net/2025/04/07/rese

"In a stunning reversal, the European Commission is once again poised to undermine the privacy of citizens across Europe in the ongoing eIDAS reform process. After promising to close a dangerous loophole in the eIDAS implementing acts, the Commission has yielded to powerful industry lobbyists and reintroduced an optional regime for “relying party registration certificates.” This dramatic backslide threatens the core principle of the European Digital Identity (EUDI) Wallet project: namely, giving users across the EU secure digital identities under reliable and uniform protections."

epicenter.works/en/content/eu-

epicenter.worksEU Commission Undermines eIDAS Protections, again!

Day 2 of #TIIME is in full swing – filled with diverse discussions, fresh insights, and new perspectives.

The morning started with a keynote speech by Andrew Hindle on Global Identity Trends, Challenges, and Opportunities.

In the afternoon there will be more sessions on #digitalidentity, #privacy, and #trust. The open and dynamic atmosphere of the unconference fosters engaging conversations.

Want to join next year? Visit tiime-unconference.eu & subscribe for updates on TIIME events.

Foul-Spiel der Europäischen Kommission!

Statt das Vertrauen in die kommende European Digital Identity Wallet zu stärken, soll mit neuen Regeln der Daten- und Trackingschutz ausgehebelt und die pseudonyme Nutzung quasi unmöglich gemacht werden.

Wenn jedoch bei der #EUDI-Wallet nicht der Schutz der Nutzenden gewährleistet wird, sondern sogar verdeckt deren Überwachung und Kontrolle organisiert wird, muss vor der Nutzung gewarnt werden!

epicenter.works/en/content/eu-

epicenter.worksEU Commission Undermines eIDAS Protections, again!