Dock Labs

One question I get a lot is: “What happens to my digital ID if someone steals my phone? Do they suddenly own my life?” Short answer: no. Not if digital IDs are built the right way. Digital ID credentials should be biometrically bound to the person. That means they can’t do anything with it without you. Here’s an example: 1) Issuance I go through a biometric verification once (for example, a facial scan). My company, Dock Labs, issues me a digital ID credential attesting that I’m the CEO and cryptographically binds my biometric to it. I store the credential in my ID wallet*. 2) Verification We work remotely. So if I request a sensitive action to be taken, like a money transfer, I could be asked to present my digital ID credential and complete a new biometric check. The company verifies that the credential is authentic and that the new biometric check matches the biometric bound to the credential. If both match, they know it’s me, not a scammer who got hold of my phone or who’s deepfaking me. This is how we make digital identity more secure. *Note that one of the key aspects of our implementation is that sensitive biometric data is not stored in centralized systems but locally on user devices.

🙌 This week we participated in a live podcast with GSMA Foundry and Dock Labs to share the progress of the Trusted Caller Identity project and the lessons learned from the Proof of Concept. During the session, Glyn Povah, Head of Digital Identity at Telefónica Tech, reviewed how this pilot applies open digital identity standards to improve call verification, reducing fraud and eliminating common friction in authentication processes. Through a live demo, he showed how a contact centre can verify a person's identity almost immediately, using verifiable credentials and identity wallets, without resorting to security questions or one-time codes. 👇

One of my favourite parts of yesterday’s live webinar about our caller authentication pilot was hearing what the audience really wanted to know. Here are three questions that stood out: “Do customers need to download a wallet app?” No. The wallet functionality doesn’t have to be a standalone app. It can be embedded directly into an existing mobile operator app and existing user flows using an SDK. “Is the telco issuing a cryptographically protected ID credential to the customer?” Yes. The identity credential is issued to the customer’s wallet. Then, when they call support, the IVR system automatically sends an encrypted message (via DIDComm) to that wallet requesting authentication. “Can this work both ways? Can callers verify the call center too?” That’s not in scope for this pilot, but the same technology could support that model as well. We also had several people ask for access to the documentation, so I’ll drop a link in the comments for anyone who wants to go deeper. Kudos to Glyn Povah, Helene Vigue and Nick Lambert on yesterday's webinar. I'm excited to keep pushing this forward with our partners at Telefónica Tech, GSMA and TMT ID.

I’ve been thinking a lot about what “identity” really means for AI agents. To me, it comes down to three things: First, who built this agent? Which company or person is responsible for creating it? Second, what is the specific identity and purpose of this agent? And third, who is this agent acting for? Is it acting on behalf of a human or organization, who explicitly delegated that authority? And all of these should be cryptographically provable, tamper-proof, and verifiable without having to contact the agent creator or the user who authorized the agent. Once you have those pieces in place, organizations can finally answer the questions that actually matter: Which agent executed this transaction? Is it legitimate? Who authorized this agent to perform it? Was the action performed within approved boundaries? That’s the difference between “AI running loose inside your systems” and AI you can actually trust.

Proud to see this go live today after months of work with Telefónica Tech and Dock Labs on the Trusted Caller Identity pilot. If you care about killing phone fraud and fixing painful security questions with fast, privacy-first caller verification, you’ll want to see this demo. Register and join us today for the live demo and discussion with Helene Vigue, Glyn Povah, and Nick Lambert.

This is the first public feedback I’ve seen of the solution we’re piloting with one of the largest telecom providers in the world. It’s great to see it resonating with people who’ve experienced it first-hand! What we’re testing is a simple idea: caller authentication should be fast and secure. Instead of SMS OTPs or security questions, callers receive a push notification in an ID wallet on their phone (note: in a real world scenario, the wallet capabilities would be embedded in the company’s existing app, so users don’t have to download an extra app). Callers then unlock the app with biometrics, see an encrypted message asking them to confirm they’re really speaking with support, and approve it with one tap. The call center agent immediately knows they’re speaking with the legitimate account holder. No passwords. No shared secrets. No OTPs. This matters even more as countries like the UAE move to ban SMS OTP entirely. Others will possibly follow soon. Companies need call center authentication that happens in seconds, not minutes, cuts handle time instead of adding to it, and prevents caller impersonation. This pilot is a joint effort between Telefónica Tech, GSMA, TMT ID and Dock Labs. We’ll be sharing a demo and more details this week in a live webinar. I’ll leave the registration link in the comments.

⏳ Happening tomorrow - still time to register! 🚀 Join this live podcast: The Future of Caller Authentication - GSMA and Telefónica Reveal the Trusted Caller Identity Pilot [Live] 💡Be among the first to see how this pilot is reshaping the way organisations verify and authenticate customers! In this live podcast hosted by Dock Labs on Wednesday 14 January, Glyn Povah (Telefónica Tech) and Helene Vigue (GSMA) will walk you through the Trusted Caller Identity Proof of Concept (PoC). This pilot shows how digital ID technology can transform caller authentication, making it faster, more secure, and privacy-first. The session will include: 🔸A demo of the PoC, showing how a call center can verify customers’ identities faster using biometric confirmation through an ID wallet app 🔸Insights from GSMA and Telefónica Tech as they present the results of the PoC and share what it revealed about using verifiable credentials, ID wallets and carrier Network APIs to make #CallerVerification cryptographically secure and #PhishingResistant 🔸A discussion on the challenges of caller authentication, the role of trusted #DigitalIdentity, and how #MobileInnovation can set a new benchmark for secure customer engagement 👉Click below to find out more and to book your place: https://lnkd.in/eT58xDQm #GSMA #GSMAFoundry

Our pilot with one of the largest telecom providers in the world is proving that there’s a better way to authenticate callers than SMS OTPs or knowledge-based auth. Here’s what we’re testing: When customers call support, they receive a push notification in an ID wallet on their phone. They unlock the app using biometrics and see an encrypted message asking them to confirm they’re really speaking with support. One tap to confirm, and the call center agent immediately knows they’re speaking with the legitimate account holder. No security questions, no shared secrets, and no exposure of sensitive information. This matters because SMS OTP is becoming one of the weakest links in authentication. SIM swap fraud, CLI spoofing, and rising operational costs are forcing companies to find better alternatives that eliminate the entire OTP attack surface while working seamlessly across mobile, web, and call center environments. If you’d like to watch a demo and learn more about the results, we’re hosting a live webinar about it with Telefónica Tech and GSMA this Wednesday (link in the comments below).

I’m very happy that we’ll finally present the Trusted Caller Identity pilot, developed jointly by Telefónica Tech, TMT ID, and Dock Labs, to accelerate call center authentication. Call centers spend several minutes confirming who’s on the line, wasting time on security questions and ID checks that remain vulnerable to fraud. We’re about to change that. In this live episode, Glyn Povah and Helene Vigue will show you a demo of how a call center can verify a caller’s identity using biometric confirmation through an ID wallet app and discuss the results from this innovative pilot. Register now (it’s free): https://lnkd.in/g-2DsC3S Can't make it live? Don't worry. We'll send the recording to everyone who registers.

💡 𝐔𝐩𝐜𝐨𝐦𝐢𝐧𝐠 𝐄𝐯𝐞𝐧𝐭: Call centers spend several minutes confirming who’s on the line, wasting time on security questions and slow ID checks that remain vulnerable to fraud. We’re about to change that. In this live podcast, we’ll be joined by Glyn Povah (Telefónica Tech) and Helene Vigue (GSMA) to present the Trusted Caller Identity pilot, developed jointly by them, TMT ID, and Dock Labs, to accelerate call center authentication. They’ll show a demo of how a call center can verify a caller’s identity using biometric confirmation through an ID wallet app and discuss the results from this innovative pilot. Can't make it live? Don't worry. We'll send the recording to everyone who registers. 📅 January 14th | 9 am PST | 5 pm GMT Looking forward to seeing you there!