digital identity Archives

AppWizard

June 5, 2026

Google Wallet just fixed the most annoying part of online checkout

Google is expanding digital ID support to select European Union member states this summer, following successful launches in Brazil, India, Singapore, and Taiwan. The company is introducing age verification features that require minimal information sharing, allowing users to confirm their age without disclosing sensitive personal details. This is done in collaboration with European banking partner Sparkasse. Additionally, Google Pay Direct Checkout will enable consumers to use payment methods saved in Google Wallet directly on merchant checkout pages, streamlining the process. Security enhancements have been made to authentication systems to ensure fast online checkouts while protecting payment credentials and personal information.

AppWizard

June 5, 2026

Apple Removes Max from App Store, Russian Messaging App Without Encryption

Apple has removed the messaging app Max from its App Store, making it unavailable for download as of June 3. Max is classified as a super-app that integrates various services, including messaging, social media, government services, and banking, but lacks end-to-end encryption, raising concerns about security and user tracking. The Russian government has encouraged citizens to adopt Max, restricting access to other messaging platforms, and state employees have been directed to use it for communications. While existing users in Russia can continue to use Max, new downloads and updates are no longer available. Launched in 2025 by VK, Max is compared to China's WeChat and is pre-installed on devices sold in Russia, but it is not available in the European Union. The app's terms of use state that user data is stored on Russian servers, raising further concerns about surveillance.

AppWizard

April 29, 2026

Are you still using Sign in with Google? Here’s why you should stop

Relying on a single Google account for access to various services poses significant vulnerabilities, including the risk of account lockout due to forgotten credentials, phishing attacks, or arbitrary bans. This centralized approach can lead to loss of access to critical data and services. Sophisticated phishing techniques, such as Adversary-in-the-Middle (AiTM) attacks, can compromise account security by mimicking legitimate login screens. Additionally, linking multiple services through a Google account contributes to a comprehensive digital footprint that Google can analyze, raising privacy concerns. To enhance digital security, users are advised to create standalone accounts for various services and utilize password managers like KeePass, Bitwarden, and 1Password to maintain unique credentials.

Winsage

March 16, 2026

Microsoft has lost the plot: 5 Windows “features” nobody asked for

Windows 11 has faced criticism for design choices that prioritize corporate interests over user experience, including aggressive monetization strategies and privacy concerns. The Recall app was designed to take frequent screenshots of the desktop but functioned like a keylogger, leading to privacy issues. Initially set to be enabled by default on new Copilot+ PCs, backlash prompted Microsoft to make it an opt-in feature during setup, allowing users to uninstall it. Microsoft also introduced biometric encryption and moved screenshot processing to secure enclaves for data protection. The Start Menu has shifted to include third-party advertisements in the "Recommended" section, turning it into a platform for promotions rather than a personal navigation tool. Microsoft replaced the right Control or Menu key with a dedicated Copilot key, disrupting standard keyboard layouts and complicating workflows for users. Setting up a new PC now requires an active internet connection and a Microsoft account, making it difficult to operate without relinquishing digital identity. This change illustrates a shift towards subscription revenue and data collection. Windows 11 often ignores users' default browser choices, defaulting to Microsoft Edge and Bing for web searches initiated from the taskbar, reflecting a trend of prioritizing Microsoft's ecosystem over user autonomy. These developments indicate a strategy by Microsoft to erode user control, suggesting users are becoming products rather than customers as the company focuses on data collection and subscription services.

AppWizard

February 28, 2026

Centre’s SIM binding directive on app-based messaging platforms ‘unconstitutional’: Tech industry body BIF

The Broadband India Forum (BIF) has expressed legal concerns about the government's SIM binding mandate, stating it is "ultra vires the parent legislation" and "unconstitutional," based on a senior counsel's opinion. This opinion critiques the Telecommunications (Telecom Cyber Security) Amendment Rules, 2025, claiming they exceed the authority of the Telecommunications Act of 2023. The government's directive requires app-based communication services to maintain a link to a user's active SIM card, which BIF argues violates principles of due process and proportionality. BIF also highlights that the introduction of Telecommunication Identifier User Entities (TIUEs) alters the scope of telecom regulation improperly, potentially leading to legal conflicts with existing laws like the Information Technology Act. BIF concludes that the amendment rules represent an impermissible expansion of delegated authority under the Telecom Act, advocating for adherence to the statutory framework. The government's directive, aimed at addressing cyber security concerns, would change how users access messaging services in India.

AppWizard

February 19, 2026

Massiv: When your IPTV app terminates your savings

Massiv is an Android banking Trojan that disguises itself as legitimate applications, primarily targeting users in southern Europe. It is distributed through side-loading and is capable of remote control over infected devices, enabling Device Takeover attacks that can lead to unauthorized banking transactions. Massiv often masquerades as IPTV applications to attract users seeking online television services. The malware employs overlay functionality to create deceptive screens, keylogging to capture sensitive information, and SMS/Push message interception. It can monitor applications on infected devices and present fake overlays to prompt users for sensitive data. Notably, it has targeted the Portuguese government application gov.pt and connects with Chave Móvel Digital, a digital authentication system, to access victims' banking accounts. Once it captures sensitive data, Massiv allows operators remote access to the device using Android’s AccessibilityService, facilitating real-time observation and manipulation of the user interface. It communicates over a WebSocket channel and supports screen streaming and UI-tree modes for enhanced control. Massiv's distribution includes malware droppers that initially do not contain malicious code but open a WebView to an IPTV website while the actual malware operates in the background. This tactic has increased in recent months, particularly in Spain, Portugal, France, and Turkey. Indicators of compromise include specific SHA-256 hashes and package names associated with the malware. The bot commands allow operators to perform various actions on the infected device, such as clicking coordinates, installing APKs, and showing overlays.

AppWizard

December 12, 2025

Sam Altman’s Biometric ID ‘Super App’ Launches Encrypted Messaging and Crypto Payments

World, supported by Sam Altman, launched an upgraded application featuring encrypted messaging and enhanced cryptocurrency payment capabilities. The app allows users to confirm their identity as unique humans online through biometric authentication with World ID. Key features include: - World Chat offers Signal-level encryption and color-coded verification badges for user identity confirmation. - Users can receive paychecks and bank deposits directly in the app and convert funds to cryptocurrency. - The company has verified under 20 million people and aims to reach one billion iris scans. - The app includes social features aiming to create a messenger platform similar to WhatsApp or Telegram, with a focus on security. - Users verify their identity by having their iris patterns scanned by an Orb device, which converts the data into encrypted digital codes for World IDs. - Orb Minis, handheld devices for home self-scans, were introduced to ease the verification process.

AppWizard

November 22, 2025

No, Google isn’t using your Gmail data to train AI models, but that doesn’t mean you shouldn’t be careful about the kind of data you share with companies

The ongoing dialogue surrounding data collection highlights the relationship between users and their digital footprints, particularly during events like Black Friday. Recent claims about a new Gmail setting allowing Google to use user message data for AI training have been clarified by Google, which states it does not use Workspace data for this purpose. Instead, data is anonymized to improve features like spam detection. Users often become the product in a digital economy where their data is exchanged for free services, leading to the creation of detailed profiles that can be sold to advertisers. This results in practices like price discrimination and hyper-targeted messaging. Data breaches pose a threat to companies holding extensive data, and automated decision-making can lead to biased outcomes. Consumers are encouraged to engage with privacy policies and question the necessity of data requests to better manage their data and maintain ownership of their digital identity.

AppWizard

November 14, 2025

Google’s Android Identity Check: Fortifying Apps Against Malware in 2026

Google has introduced a developer verification program that will require all app creators to undergo identity checks by 2026 to combat malware and scams in the Android ecosystem. Developers must register through the Android Developer Console or Play Console, submitting government-issued identification and possibly paying a registration fee. The program will feature both free and paid tiers, with a focus on enhancing security while maintaining Android's open nature. Only applications from verified developers will be allowed on certified Android devices by 2026, starting in high-risk markets. The initiative aims to reduce malicious applications while ensuring that verified developers' identities are not publicly listed. Concerns have been raised about potential overreach and barriers for smaller developers, but supporters view it as a positive step toward improved security.

AppWizard

November 4, 2025

Samsung Pass might try to replace your digital wallet with this update

A leaked APK for Samsung Pass indicates that the app may soon support enhanced document and ID storage features, including IDs, passports, invoices, and tax identification numbers. The new version, 15.3.01.6, will allow users to securely store sensitive information and save images of both sides of ID cards. Current features, particularly password synchronization with Samsung Cloud, are reportedly experiencing issues. If these updates are released, Samsung Pass could compete with Samsung Wallet, Google Wallet, and Apple Wallet.