SecurityBrief Canada - Technology news for CISOs & cybersecurity decision-makers
Canada

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Ps zain headshotsaugust2025 035 2 1
#
Blockchain
#
Physical Security
#
CASB

In the age of AI fakes, you need to own your credentials

Tue, 25th Nov 2025
By Zain Zaidi, CEO and Co-Founder, Transcrypts

Mark Cuban recently warned that "the internet is about to become weirder and harder to trust." He's right. A stranger with a laptop can now clone your voice, fake your employment letter, forge your bank statement, and convincingly impersonate you. The cost of faking has dropped significantly, while the cost of verifying hasn't. Global risk experts are seeing the same pattern: the World Economic Forum's Global Risks Report 2024 ranks misinformation and disinformation as the world's top short-term threat, ahead of even extreme weather.

On a recent episode of Sam Kamani's podcast, I talked about how an error in my grad school transcript disrupted my plans for higher education.

That small failure pointed to a larger issue: the most important facts about your life are often stuck in someone else's system. Your employer controls your employment record. Your school holds your transcript. Your hospital keeps your medical file. Your bank maintains your income and account history.

If one is hacked, your identity is at risk.

In 2024, Americans reported over $12.7 billion in losses due to fraud and identity theft, according to newly released Federal Trade Commission data, which notes a roughly 25% jump in reported fraud losses in a single year. At the same time, threat intelligence firm Flashpoint found that cybercriminals compromised more than 3.2 billion credentials in 2024 alone - a 33% increase over 2023 - flooding criminal marketplaces with stolen logins. Verizon's 2024 Data Breach Investigations Report highlights this shift clearly, with analysis showing that compromised credentials were the initial access vector in roughly 38% of breaches, more than double phishing and vulnerability exploits in some breakdowns.

About one in four adults has encountered an AI-powered voice scam, and most of these victims lose money, according to McAfee's Artificial Impostor report and related survey work. McAfee's research also found that roughly 77% of people who fell for these AI voice scams lost money.

Institutions can continue to issue records, but individuals should own their credentials. It feels almost archaic in this day and age to be emailing PDFs back and forth to verify personal information.  When people hear "blockchain" or "on-chain," they often think it means making everything public. In reality, today's verifiable credential systems do the opposite.

User-owned credentials give you three main benefits:

Ownership – You hold your records rather than a data broker, and if you change jobs, countries, or banks, your history travels with you.

Privacy – You reveal only what's necessary, such as proving your income exceeds a certain threshold without disclosing your exact salary. Many decentralized identity frameworks now support selective disclosure and even zero-knowledge proofs to enable this kind of "yes/no" proof without oversharing.

Lower costs – Once a credential is issued, it can be checked repeatedly for a tiny cost since the heavy lifting of confirming its authenticity happens only once.

One of the most fulfilling experiences I had was working with partners to help Ukrainian refugees who fled without medical records store digital versions that could be accessed wherever they relocated -  without giving control to yet another centralized database that could be breached later. Humanitarian organizations and researchers have repeatedly warned that displaced people often lack the documentation needed to access healthcare; one briefing note from the Norwegian Refugee Council found that in 79% of surveyed countries, refugees and internally displaced people struggled to obtain the documents health providers require.

Nowadays, platforms and companies know far too much about you, but they still don't have a reliable, privacy-respecting way to know what's actually true. AI will make that gap untenable. As more decisions become automated such as who gets hired, who receives a loan, who gets flagged for fraud, who gets access to what - models will need trustworthy, machine-verifiable inputs. If we don't build that layer, AI systems will operate on a mix of real and fabricated credentials, and we'll only notice the harm after it occurs.

User-owned, verifiable, ultra-low-cost credentials are not just a luxury. They are essential infrastructure for the age of AI. We can't prevent bad actors from creating fakes. But we can make it easy for good systems to distinguish between a fake and a credential backed by real cryptographic proof.

The future we are moving toward is one where AI can create nearly anything on demand. The only sustainable solution is to ensure that real things like your job history, your income, your health records, and your education - are portable, private, and verifiable as yours.

That's what user-empowered credentials are really about: giving people the simplest and most powerful tool they can have online in 2025 which is the ability to say, "This is true about me, and here's the proof."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
HP predicts surge in AI-driven cyber threats & cookie theft by 2026
Hack The Box launches AI cyber range & unveils red team certification
Dynatrace expands AWS integrations & wins LATAM partner award
Keeper Security named Overall Leader in non-human identity management
ATEN unveils secure KVM switches with 5K video for defence use

Top stories

Netskope adds MCP controls to secure enterprise AI use
Check Point updates Quantum firewall to secure AI use
Gallagher Security maps global growth & 2026 focus
How to detect fake players in online gaming
DivisionHex launches new framework to streamline exposure management