Identity insights

What’s inside

Get a practical, step-by-step look at how hiring fraud is evolving—and how security and HR teams can close the gaps without adding friction for real candidates. Inside the report, you’ll learn:

• How threat actors use stolen identities and deepfakes to slip past standard onboarding and background-check processes

• Where biometric identity verification makes the biggest impact during the interview, offer, and onboarding stages

• Why post-onboarding monitoring matters—and what to watch for to detect suspicious access and remote tools early

• How security and HR can work together to embed verification and risk controls directly into the hiring workflow, not around it⁠⁠

What’s inside

This guide examines how the ShinyHunters breach exposed the structural identity weaknesses most campuses still rely on, and lays out a clear path to passkey-based student identity security that can hold up against modern threats.

• How the recent Instructure breach by ShinyHunters bypassed local controls

• An analysis of why knowledge-based verification fails modern campuses

• The hidden dangers of centralized data honeypots in higher education

• A smart blueprint for securing student identities using FIDO passkeys

What’s inside

This datasheet shows how retail organizations can replace shared logins with biometric authentication without requiring associate mobile phones, while building a clear and auditable record of every access event across the store.

• A proven method to eliminate shared retail logins via face biometrics

• The strategy to protect store systems without associate mobile phones

• A framework to build crystal-clear audit trails of all staff activity

• The steps to seamlessly integrate offline biometric logins at the POS

What’s inside

This datasheet breaks down how 1Kosmos eliminates the centralized data honeypots that make most identity platforms a breach waiting to happen, and what a near-zero breach radius actually looks like in practice.

• An overview of how distributed ledger technology eliminates PII honeypots

• The mechanics of user-controlled encryption via live biometric generation

• A clear breakdown of how 1Kosmos achieves a near-zero breach radius

• A comprehensive list of the certifications enabling strict IAM compliance

What’s inside

This datasheet maps the identity gaps most common in higher education environments and shows how biometric verification closes them, from enrollment fraud and help desk risk to faculty access:

• A breakdown of how biometric identity proofing stops ghost student fraud.

• The framework to secure remote caller verification at campus help desks.

• The steps to deploy phishing-resistant, passwordless access for faculty.

• An overview of the compliance mandates satisfied by the 1Kosmos platform.

What’s inside

This whitepaper traces the identity security gap inside SAMA's framework and lays out a clear path for Saudi financial institutions to close it.

• SAMA's Level 3 identity gap and the limits of SMS authentication

• Saudi-specific attack data and the financial cost of a breach

• The centralized identity honeypot that KYC compliance created

• Legacy IAM investments and the identity assurance gap they mask

• A three-step path to phishing-resistant, decentralized identity

What’s inside

With this integration, health systems can verify patient identity at MyChart account creation and recovery using a selfie and ID scan, available directly through Epic Toolbox.

• The integration’s five-step patient identity verification flow

• The patient portal fraud risks that standard 2FA cannot prevent

• Help desk burden, reset costs, and the $400,000+ savings case

What’s inside

This datasheet covers how 1Key eliminates shared passwords and token overhead, including deployment timelines and real-world results.

• Password authentication failure in phone-restricted environments

• One key per workstation, unlimited users, zero individual tokens

• On-device AES-256 encryption and FIDO2-certified authentication

• Industry use cases and proven deployment results across sectors

• Technical specs, IAM integrations, and a four-week go-live path

What's inside

The 1Kosmos + Microsoft Entra integration adds government-grade identity proofing and extends passwordless authentication beyond the Microsoft ecosystem while federating back to your existing Entra environment.

Key features:

• Government-grade identity proofing before Entra account creation for new hires and contractors

• Passwordless authentication extending to legacy apps, Linux, Mac, VDI, and kiosk environments

• Biometric account recovery replacing Temporary Access Passes, SMS OTP, and security questions

• Conditional access integration mapping 1Kosmos authenticators to existing policy frameworks

• Industry-specific deployment patterns across retail, manufacturing, healthcare, and public sector

What’s inside

LiveID by 1Kosmos helps organizations replace passwords with fast, high-assurance facial biometric authentication. Using liveness verification and biometric matching, it confirms real users at key moments like onboarding, account recovery, and step-up access while scaling easily through enterprise integrations and standards-aligned compliance.

Key features

• Eliminate password risk with facial biometrics that verify it’s a real, live person.

• Turn high-friction moments (onboarding, recovery, step-up access) into fast, secure user experiences.

• Stop spoofing and fraud attempts with built-in liveness checks designed for real-world attacks.

• Bring strong identity assurance to any environment—from mobile to desktop to remote workforces.

• Roll out enterprise-wide with flexible integrations: out-of-the-box connectors, open APIs, and SDKs.

• Meet security and compliance demands with standards-aligned certifications and proven enterprise readiness.

What's inside

Healthcare CISOs face mounting pressure to close identity gaps before they become breaches.

This guide covers:

• Identity proofing and biometric verification for clinical staff onboarding

• Passwordless access to Epic and Cerner via FIDO2-compliant authentication

• EPCS compliance and live biometric workflows for controlled substances

• W3C-compliant credential wallets for patient identity and portal access

• Compliance mapping across NIST, HIPAA Security Rule, and ONC TEFCA updates

What's inside

Enterprise fraud losses exceed $50M annually at large firms, and traditional identity stacks leave verification gaps at every stage.

This guide covers how 1Kosmos IDV closes those gaps with government-grade identity proofing, spanning:

• Government ID verification and biometric matching certified to NIST IAL2 and IAL3 standards

• Authoritative data cross-reference via AAMVA, Aadhaar, credit bureaus, and SSN validation

• Workforce onboarding, EPCS compliance, and Microsoft Temporary Access Pass bootstrapping

• Customer account security blocking synthetic identities with reusable digital wallets

• Self-service account recovery cutting help desk volume by 60% with sub-2-minute resolution

What's inside

Manufacturing plants run on shared credentials and physical badges that can't prove who's actually at the machine, creating downtime risk and third-party access blind spots.

This guide covers:

• Biometric authentication replacing shared passwords on HMIs and production workstations

• Third-party access controls granting contractors exact permissions for exact durations

• Zero trust access applying strict verification checks to every login and session

• Deployment alongside existing workflows to avoid production disruption during rollout

• Unified IT and OT identity governance across plant systems, remote access, and enterprise apps

What's inside

Secure work environments ban phones, cameras, and hardware tokens, forcing workers to rely on static passwords that get shared and reset constantly.

This guide covers how typing biometrics by 1Kosmos delivers passwordless authentication with only a keyboard:

• AI-powered typing biometrics that authenticate users by typing rhythm, pressure, and cadence

• Deployment on standard shared Windows workstations with zero additional hardware required

• Enrollment and login workflows pairing typing patterns with PIN-based second-factor verification

• Spoofing protection detecting unauthorized typing attempts and blocking login automatically

• Use cases across BPO call centers, financial operations, and government classified facilities

When every other option is off the table

Secure environments like contact centers, financial operations floors, and government facilities ban phones, cameras, and hardware tokens entirely. When those options are gone, the only thing left is a keyboard.

Typing biometrics turn how you type into the credential.

When deploying physical security keys at scale is cost prohibitive, behavioral authentication provides a secure alternative. It protects the operating system using the standard equipment you already have.

Why falling back on passwords is a risk

When a keyboard is the only tool allowed, organizations usually default to long, complex passwords. But in fast-paced, shared-workstation environments, those passwords inevitably get shared, observed, or written down.

A password only authenticates what you know. Typing biometrics authenticate who you are. Even if someone learns your phrase, they can't replicate your typing pattern because the credential is tied to the person, not the text. With 1Kosmos, raw biometric data is never stored and is instead hashed locally on the device.

The last mile to passwordless

For secure environments that have ruled out every other option, this is the most reliable option. Download the guide for full technical details.

What's inside

The 1Kosmos + ServiceNow integration stops social engineering attacks at the service desk by requiring high-assurance identity verification before sensitive actions.

Key features:

• Identity verification workflows embedding into password resets, change control, and HR requests

• Agent-initiated and automated verification triggers enforced directly within ServiceNow incidents

• One-time identity proofing creating reusable credentials for passwordless access to critical apps

• Government ID scanning and live biometric matching replacing legacy KBA and OTP authentication

• Auto-updating worknotes delivering verified user details to agents before approving sensitive actions

What's inside

The 1Kosmos + Microsoft Entra Verified ID integration combines standards-based identity proofing with W3C-compliant verifiable credentials infrastructure.

Key features:

• Government ID document verification and biometric matching with liveness detection

• W3C-compliant verifiable credential issuance to Microsoft Authenticator wallets

• API-based integration enabling customizable identity verification workflows

• Two verification options including KYC with selfie or document-only verification

• Straightforward deployment via Entra portal setup and 1Kosmos AdminX configuration

What’s inside

Major cloud outages can disrupt access, recovery, and verification when identity runs on a single provider. This guide covers how 1Kosmos stays online across clouds and regions, including:

• Active/active architecture across AWS, Azure, GCP, Oracle Cloud, and Kubernetes

• Global DNS steering and load balancing with Cloudflare failover

• MongoDB Atlas multi-cloud data services across 110 plus regions

• Self-healing architecture with autoscaling and automatic recovery

• End-to-end health monitoring and platform observability with New Relic

What’s inside

Digital identity costs show up across fraud losses, call center spend, and vendor fees, yet rarely get treated as a C-suite priority. This guide outlines where the P&L impact comes from and how banks can move forward, covering:

• The biggest identity-related cost drivers across banking P&L

• Why digital identity lacks a single choke point for ownership today

• The profit upside from improving onboarding and login authentication

• An incremental path to fix high-impact identity use cases quickly

• A C-suite-led path to address digital identity end to end

What’s inside

The 1Kosmos + Saviynt integration brings identity verification directly into Saviynt workflows.

Features include:

• Identity verification during onboarding and access requests

• Government ID validation across 190+ countries

• Out-of-the-box deployment via Saviynt Exchange App

• Mobile capture of ID front and back plus live selfie

• Liveness, biometric match, and verified status returned to Saviynt

What’s inside

Deepfakes now represent 40% of biometric fraud attempts, and traditional checks can miss AI generated and manipulated content. The 1Kosmos + Reality Defender integration adds real time deepfake detection to identity verification and authentication.

Key features:

• Multimodal deepfake detection across image, video, and audio

• Deepfake checks at selfie capture during identity verification

• Deepfake checks during face based authentication and login

• Results feeding 1Kosmos fraud engine as an added trust signal

• Flexible deployment via API, on premises, container, or private cloud

What’s inside

The 1Kosmos + Reality Defender integration embeds real-time deepfake detection into 1Kosmos identity verification and LiveID login workflows.

Key features:

• Real-time image and video deepfake detection during verification

• Protection against face swap, injection, and manipulated media attacks

• Identity binding to passwordless authentication after successful IDV

• Deployment via API, on premises, containerized cloud, or private cloud

• Coverage for onboarding, high risk actions, and account recovery flows