To strengthen cybersecurity in FinTech, experts emphasize a layered approach that combines technology and human awareness. Rising threats like phishing, smishing, and fraud demand not just better tools but also vigilant, well-trained employees. Embedding security scans into software development, analyzing diverse data signals, and adopting a “defense in depth” strategy are all critical. Ultimately, staying curious, asking the right questions, and embracing evolving technologies—especially AI—can help organizations stay ahead of cyber risks.
Research available only to clients at this time.
*When vendors’ names or quotes are shared as examples in this document, it is to provide a concrete example of what was on display at the conference or what we heard doing our research, not an evaluation or recommendation. Evaluation and recommendation of these vendors are beyond the scope of this specific research document.
Publicly Published with video edition: August 18, 2025
Analyst(s): Dr. Doreen Galli
Photojournalist(s): D. Doreen Galli
Abstract:
Identiverse 2025 welcomed 3,300+ attendees to Mandalay Bay – nearly a 20% gain over 2024. Featuring 250+ sessions and 150 exhibits all on one floor, the event was smooth and accessible. Keynotes and sessions emphasized teamwork, resilience, and collaboration, while exploring AI in identity, decentralized credentials, and zero-trust implementation. Exhibitors showcased innovations from selfie-based authentication to intelligent access control and secrets vault cleanup. The shift from Aria to Mandalay Bay marked a new chapter for the expanding event, which returns to Mandalay Bay in 2026.
The Conference
Identiverse 2025 was held at Mandalay Bay Convention Center, a move from Aria in 2024. It hosted 3300 attendees, 250 sessions and 150 exhibitors.
Cautions
Friendly reminder: this research provides examples of what was shared with us at the event, not an evaluation, validation, or recommendation of the given technology.
TAGS
Identiverse 2025, digital identity, identity security, zero trust, AI in cybersecurity, decentralized identity, verifiable credentials, identity governance, privileged access management, IAM, IGA, cybersecurity conference, Mandalay Bay, authentication, biometrics, secrets management, SSO, MFA, ITDR, access control, enterprise security, digital trust, identity trends, identity innovation, conference highlights, tech expo, identity tech, identity solutions, cybersecurity trends, identity keynote, identity management
After over 53 videos, almost 200 minutes of content only 2 escalator rides, 30,000 steps and over 25 fact checks, our coverage of 2025 Identiverse ends. The event spanned 4 days, had over 250 speakers, 150 exhibits and with over 3300 attendees – 700 more registered over last year. Registration went very smooth with rarely any waiting time. Interestingly, we were informed many registered late. Executives realize that reducing risks and therefore related losses is a viable path to protecting profits in uncertain times. This year’s event took place at Mandalay Bay Convention Center, a change from Aria last year. Most enjoyed the conference taking place all on the same floor. It was great to see the conference grow and expand. Like all changes, there were the old timers yearning for the days when they all packed into too small rooms at Aria. Unfortunately, some of the sessions located physically further from Expo Hall reported some in person attendance challenges from those too tired to walk to the room. The event featured a full collection of meals. We were able to capture the Tuesday Seminar’s Lunch and the lunch on Wednesday in Expo Hall.
While at Identiverse, we conducted research for three additional forthcoming Whisper Reports for our clients. The playlists are unlisted but available and will eventually fill in with the video version of the report so you may wish to bookmark these playlists.
Readers and viewers wishing to experience the entire event are encouraged to view the Conference Whispers: Identiverse Playlist in its entirety. Once the video edition is available, the playlist will be sited as a pinned comment on the video edition. It is also easy to locate any previous Conference Whispers playlists through TBW Advisors Website under Subscribers research/Conference Whispers.
Identiverse is absolutely one of those events where regardless of the amazing session you choose, you are aware you are also missing an incredible session – or two. Fear of missing out was rampant. Fortunately, we were able to capture 53 videos for our clients and subscribers. The first Keynote featured John Pritchard, CEO of Radiant Logic. Titled, “Identity isn’t a solo Game” it drove home the message that one cannot succeed in identity without collaboration with the professionals around you throughout the organization and with others in the industry.
Another frequently referred to keynote featured the UK’s Hanna Rutter who is realizing their government digital identity solution. In her talk she spoke about the challenges of such a decentralized digital identity solution and how she is overcoming roadblocks on her path to success. A much in demand topic regarding identity challenges in the realm of AI was presented by Richard Bird. A tech talk held in the expo hall was hosted by Microsoft. Their tech talk covered the hot topic of ITDR, Identity threat detection and response.
Identity is a topic found not only in the expo halls of Identiverse, but was also seen in the halls of HIMSS, Fintech Meetup, Money 20/20 and ISC West just to name a few. What is interesting is the different manners of vendors describe their technology. At ISC West, vendors in the expo hall spoke in terms of a solution. They would always emphasize the PII information is not on the badge, rather a hash of the biometric data which enables verification is provided instead. While this was not clarified on the videos at Identiverse, the vendors later disclosed the same technical approach that was taken on the technology captured at Identiverse. If you are seeking a tap-in to sign-in on a shared device for your organization, Imprivata was in the expo hall with their solution. If you would like to verify the customer requesting the high-risk transaction is the same customer who signed up for the account, Panani shared their technology. Keyless offers a solution to authenticate high risk actions with a selfie. If you are an engineer developing a solution and need the capability to onboard customers, no need to start at square one! PropelAuth provides an out of the box identity capability you can add on to your solution to onboard customers! Seeking to manage your remote teams and seeking a cost effective out of the box solution to provide SSO and MFA? Cubeless shared their free and easy SSO and MFA solution made for you.
Is managing privileges gotten to be too much for you and your organization? Apono Unified Access Management is an intelligent solution that aims to provide just enough just in time privilege for human and non-human-identities (NHI). Oasis goes one step further in managing AI Agents’ Identity, provisioning, deprovisioning and cleaning up stale accounts. Are your coders overwhelmed trying to identity what secrets vault to use so they land up hardcoding the secret? Is your organization suffering from identity vault sprawl? GitGuardian was on hand with their solution that can assist you in identifying and remediating secrets vault sprawl.
Expo hall also featured quite a few IGA (identity governance and administration) and PAM (privileged access management) platforms. Omada captured their 25-years’ IGA experience into a free best practice framework. This framework includes use cases and related configuration recommendations for their platform, Omada Identity Cloud. Lumos shared their agentic AI autonomous IGA solution. This solution can even recommend what privileges a new employee should get based on their role and department. If you have a small but complex environment, Clarity Security has an IGA solution targeted at your organization.
Keeper Security shared their zero-knowledge identity solution for endpoints. Their solution is referred to as zero knowledge as the customer’s data is encrypted on the endpoint with the customers key; meaning, Keeper Security has no access to customer data whatsoever. Bridgesoft shared their complete identity platform that also can adapt and include any components that may already exist in your environment. Specializing at the start of the process, CyberSolve helps organizations commence new identity programs. Looking for IAM services across the portfolio? Simeio was on site there to offer guidance. Clients are reminded to schedule an inquiry to review the current state of your identity program. If you are seeking to expand it or modernize it, we will produce an inquiry plan to guide you along the journey even if you are working with an outsource provider or consultant.
Identiverse will once again be held at Mandalay Bay Convention Center June 15-18, 2026.
*When vendors’ names are shared as examples in this document, it is to provide a concrete example of what was on display at the conference, not an evaluation or recommendation. Evaluation and recommendation of these vendors are beyond the scope of this specific research document. Other examples products in the same category may have also been on display.
To navigate evolving fintech regulations, experts at Fintech Meetup 2025 emphasized three key strategies: staying engaged with the field and regulatory agencies, structuring well architected stable solutions, and leveraging AI or Copilots. Together these proactive approaches help fintech firms stay ahead of regulatory shifts while maintaining security and efficiency.
Target Audience Titles:
Chief Technology Officer, Chief Security Officer, Chief Information and Security Officer, Chief Trust Officer, Chief Compliance Officer, Chief Risk Officer
Head of Product, VP of Product, Chief Marking Officer, Data Protection Officer, Director of Data Protection
Enterprise Architect, Director of Data Governance, Chief Privacy Officer, Head of IT Audit
Key Takeaways
Today’s security breaches are the source of tomorrow’s regulations.
Security cannot be an afterthought; it must be planned from the beginning.
Leverage AI and Copilots that are integrated with your processes to aid employees.
We took the most frequently asked and most urgent technology questions straight to the Fintech experts gathering at Fintech Meetup 2025. This Whisper Report addresses the question regarding how can we ensure compliance with evolving regulations? As Socure’s Matt Thompson shared, “I don’t think it’s enough in this space to be a passive Observer or responsive or reactionary to regulations, there’s a lot of Evolution right now happening.” Figure 1 shares three actions you can take to conquer evolving regulations.
One of the best actions an organization can take to stay on top of regulations is to stay engaged and in touch with the real world. First, real world happenings such as hacks define future regulations. As SecurityMetrics Matt Cowart shared, “QSA (Qualified Security Assessor) is really going to help you understand where you’re sitting at and as they are informed with the evolutions of technology and all the advances that are going on having them connected with real world teams.” Or as Matt Thompson of Socure suggested, “staying engaged with the regulators and the development of the regulations themselves.” If you know what the regulators are working on in draft, you will not be surprised when it becomes law. Keep in mind the reach of the company determines what exact regulators and what specific regulations apply. As OnFido’s Marie Millick shared, “we have a team of subject matter experts that are constantly researching. We also collaborate with the same team that works with interpole around everything around data privacy and identity.”
Many suggest the best way to be prepared for evolving scenarios of all types is to start with a robust and secure foundation. As Onbe’s Tony McGee shared, “our company is fully audited, fully solutioned and architected to protect the data.” This architecture doesn’t act alone but is complimented with strong processes. Tony McGee further explained, “ensuring that we build in the processes to make sure that every step of the way is a compliant one.” Together architecture and processes form a robust foundation. This robust foundation enables Onbe to ensure, “that the consumer understands all the fundamentals of the payout.”
Any clients at this phase should schedule an inquiry to receive guidance. We will set up a plan of inquiries during your journey to give you any guidance we may have or can gather to assist you. The plan should capture milestones including but not limited to strategy reviews, presentation reviews, and even architecture reviews.
Today, we are no longer left with antiquated tools. As Thetaray’s Adam Stuart pointed out, “the traditional rule-based systems you have to know what you’re looking for to build that rule but if you don’t know what you’re looking for and you’re looking for these new patterns and behaviors that people are using you can’t do that with the simple rule base which is why cognitive AI is such an important feature to include.” In other words, in addition to keeping up to date and starting with a solid foundation, the tool itself contributes to identification of potentially troubling patterns. Interface.ai’s Connor Tullilus draws us a picture of what this is like in the real world. “To be able in real time have a co-pilot AI assistant sitting behind the scenes to assist them in the day-to-day operations. One in real time being able to update your policies procedures while (two) being able to (use) the AI assistant hooking up with your current knowledge bases your share.”
*When vendors’ names or quotes are shared as examples in this document, it is to provide a concrete example of what was on display at the conference or what we heard doing our research, not an evaluation or recommendation. Evaluation and recommendation of these vendors are beyond the scope of this specific research document.
Fintech Meetup 2024 allowed over 4,000 attendees to not only meet up, but see an extensive collection of exhibitors and extended formal interviews as keynotes. Attendees and exhibitors agree the word that best described the event was “different”. The conference featured technologies that are specific to Fintech, those that benefit regulated industries such as fintech and healthcare and interesting technologies for enterprises including those in Fintech and in general.
The Conference
Fintech MeetUp 2024 was held in Las Vegas, Nevada and had just over 4,000 registered attendees, with large collection of exhibiting companies.
Attendees at CES 2024 hold titles such as CEO, Founder, Investor, VP, Director, Chief Marketing Officer, VP of Engineering, VP of Product Development, data scientists, Chief Risk Officer, Chief Revenue Officer, and lead engineer.
Highlights
Fintech Meetup would have to be the meetups that resulted from the preparation for the event and neat matching technology in the background.
Cautions
It is critical you keep up to date with the deadlines as the Meetup approaches to get the maximum networking from the MeetUp.
As a Meetup I had no idea what to expect as I approached the entrance. The informal font on the conference title makes it seem quite small. In reality, there were over 4,000 people there and the meeting space was literally buzzing! Did the conference meet our expectations? Well it was larger than thought but managed to maintain the quaintness you would expect from the name. I really do think everyone was so much friendlier than I ever experienced at a conference as observed in the walkabouts! There was food galore albeit I heard a lot about the heavy curry on Monday’s lunch!
Much to our surprise there were in fact keynotes sessions. Unlike most conferences, all keynotes were interviews. TBW Advisors LLC was able to catch a few of these. Specifically, Kevin O’Leary on behalf of Beanstalk*. Interestingly, Kevin has a few quotable moments. He reported he only gives start-ups 3 years to make it. He also stated that Shark Tank investments are expected to recoup their investment within 48 hours of airing on television. Finally, he also will not invest in a company that cannot handle its own social media!
Attendees were also treated to an in depth interview of Angela Strong, a long-time venture capitalist. Angela was decidedly giddy about the quality of the current group of start-up entrepreneurs. She further delved into the depth of their experience on the exact niche of a problem they are solving.
MasterCard’s CTO, Ed McLaughlin also provided an in-depth interview to attendees. His advice is to not push new technology aside just because you have something that can do something the new technology can do. Rather, he strongly urged all to explore what the new technology can do that other technology cannot – for that is where the magic of innovation will occur. Max Neukirchen from JP Morgan also shared the passion his organization has for innovation.
For banks seeking mobile image capture, UrbanFT was there to meet your needs. Likewise if you are trying internally to get data from such captures, a new startup Docsumo was there trying to get your attention. If you bank is attempting to stop fraud from skimmers, Aries Anti-fraud solution with separate numbers on the front and back of cards caught a lot of attention! If however, your organization is seeking ultimate personalization based on user data, Finalytica.ai offered an option. If your bank is in a state with legal Cannabis industry, Shieldbanking’s solution offers a method to meet AML compliance requirements.
As you might expect some tech was not specific to Fintech but applied to regulated industries in general. For example, Skyflow offers data privacy for regulated industries and is equally at home in healthcare. While not unusual for VCs to require this tech of their investments, Zeni provides accounting and bookings for startups regardless of what sector they serve with their customers.
There were two interesting vendors that leveraged behavioral science. Symend leverages customer behavior to increase sales as well as detect fraud. For example, some customers cannot resist a FOMO type of advertisement while others never respond. Likewise. NeuroID leverages typing patterns and copy and paste detection to identify fraud. As you might guess, most people don’t have to copy and paste their own addresses into fields, but cyber criminals do.
Next year’s event will be March 10-13, 2025 in Las Vegas.
*When vendors’ names are shared as examples in this document, it is to provide a concrete example of what was on display at the conference, not an evaluation or recommendation. Evaluation and recommendation of these vendors are beyond the scope of this specific research document. Other examples products in the same category may have also been on display.
