Context-Based Identity Management

Context-based identity management is another security layer to consider if you are looking to improve the security of your organization’s systems/data and protect yourself from cyber intrusions. Many organizations use biodata to manage identities and secure systems. With the evolution of cyber attacks and intrusion tools, old identity management practices are slowly becoming outdated and unable to handle cyber threats as attacks targeting organizations are increasing and becoming sophisticated. Don’t be stuck in the world of fixed data user management.

Context-Based Identity Management



In 2021 alone, some organizations in the United States of America suffered various major attacks including Colonial pipeline, one of the largest gas and pipeline companies, and JBS Meat Processing and Supply Company. According to various news outlets, JBS had to pay $11 million in a ransomware attack.

Context-Based Identity Management

In most cybersecurity breaches, there is always the problem of fraudulent entry or unauthorized access to a computer systems through various means that may include identity theft. Context-based identity management is the process of collecting identity related data to create an extended identity for a person which can be used for a variety of purposes in identity management.


Although most companies are improving their cybersecurity capabilities to face evolving cyber threats, cybercriminals are evolving at an even faster rate. This is where context-based identity management comes in. essentially, instead of having to authenticate identities using the old methods of username and password, we can use more complex authentication systems such as context-based authentication.

What Is Context-Based Authentication?

Context-based authentication is not a new concept, however, it may not be deployed in many organizations. It involves using extended user data to verify identity and grant access. If you are a regular user of your computer browser application, you have probably come across this technology where your search engine results and websites are customized for you. For instance, you probably have noticed that each time you try to make a purchase, there is a particular list of customized products for you. Now, most browsers and mobile applications have been ‘fitted’ with artificial intelligence capabilities that can learn about:

• Your preferences
• Sites that you visit frequently
• The physical locations that you frequent – hotels, schools, residences, and many more.
• Credit and debit card usage
• Travel
• Type of mobile phones and computers that you use
• The IP addresses and locations of your frequently used devices
• Frequently contacted persons
• Music preferences
• Purchase behavior

These user data can be used for a variety of marketing and identity management purposes including improved authentication.

Privacy Implications

As context-based information involves the collection of many personal information, privacy advocates consider context-based data private information and great risk to privacy and personal freedoms. However, context-based information makes each person unique and different. In addition, with the policies and data protection regulations that have been placed, the data collection requires permission from the users. This ensures that privacy is not infringed, and the information collected is relevant and used for intended purpose.

How Does It Work?

Apart from protecting your organization, context-based data also gives you information about your clients and how they conduct business online. Many successful organizations attribute their success to a better understanding of their customers. Currently, the fact that the world is a global village is accentuated because almost everybody owns either a mobile phone or a computer. In the past, these devices did not carry much functionality.

Considering changing tides and the increased need for security and better business performance, personal devices have been fitted with technology that protects users while at the same time learns about their personal preferences and activities. Basically, in the course of using these device, the following data might be collected:

• Address of your device – mostly the IP address
• Geographical location
• Personal info such as age and gender
• Device usage history
• Purchases and sales history
• Transaction history
• Calls and messaging history
• Language of communication

Data Mining

Data mining is the science of collecting data related to a particular identity. Currently, data mining practices have evolved to include artificial intelligence machines that use algorithms to collect and group data. Currently, data mining is widely used in various institutions such as:


• Insurance organizations
• Banking institutions
• Communication organizations
• Credit card organizations
• Government institutions

Artificial Intelligence

Essentially, artificial intelligence is the art of getting machines to think and act like humans. Like with a human child, artificial intelligence requires extensive training and learning process to work well. Currently, this technology has been included in most of the devices and applications that we use. In practice, artificial intelligence can be used to learn and evaluate patterns in our daily life. Consequently, this creates a personalized database for each person which can serve many purposes.

Context-Based Identity Management and AI

In effective identity management, collecting and using all the relevant information about a particular person is important in order to verify and understand the person. Artificial intelligence helps with speedy analysis and simulation of human behavior through the accumulated data. In essence, as AI learns about a particular person, it creates an expanded identity that can be used to identify and manage that person. AI uses certain differentiating factors relevant to the personal behavior and information which can also be used for identity management.

Why Is Context-Based Identity Management with Artificial Intelligence Important?

Protecting systems, data, and users against identity theft, fraud, and intrusions is critical in maintaining the credibility of your organization. The cost of protection against cyberattacks is often less than the cumulative cost of major attacks that result in lengthy investigations, non-compliance fines, and lawsuits.

The benefits of context-based identity management include:


• Evaluation of a user transaction against the created identity. For instance, AI may evaluate how often the client transacts and from where, travel habits, and the amount of money involved in the transaction. If the particular transaction is not in line with the normal transaction behavior, it is declined.
• Protected login and data manipulation. With AI, your systems can detect an intrusion by evaluating the IP addresses, the recognized device’s MAC addresses, the device’s physical location, and device use history. For instance, if you live in the US and have logged in to an account, another attempted login in Dubai or Japan will raise red flags and prevent the login.
• Data protection. In this age, data privacy has become exceedingly important. Data protection ensures the credibility of information and the security of all persons involved. In addition, it gives parties involved privacy and security.
• Protection against identity theft. With context-based identity management, stealing a person’s username and password will no longer work. Typically, this has been the longest-serving loophole that gives any person the ability to intrude someone else’s life. Essentially, even a person without much hacking knowledge can use the username and password to mess things up.

Cyber threats are evolving with each passing hour. However, with another layer of security to protect identities in your organization, you can better secure systems and data. Context-based identity management may not be the holy grail for staving off cyber-attacks, however, it gives your systems the ability to withstand certain types of cyber-attacks.

The Takeaway

Context-based user management is the next generation of identity and access management which leverages big data and artificial intelligence to better secure systems. If you are already using multi-factor authentication, adding context-based identity management will make your system’s security more robust.

Obituary Death Announcement Scams

There are many obituary death announcement scams and fraud risks that we must consider when one of our loved ones dies and we decide to make public announcements. This is mainly because scammers and con artists are always looking for easy targets to steal their identities and commit various types of scams and fraud. A dead person is less likely to monitor account activities and respond to suspicious and fraudulent activities.

There are many obituary death announcement scams and fraud risks that we must consider when one of our loved ones dies and we decide to make public announcements.

Many families opt to write an obituary or death announcement when a family member has passed. Traditionally, this act serves to celebrate the decedent’s life and memory. However, even the best intentions can come with some dangers. Before preparing your family members’ obituary, take a moment to educate yourself on the risks involved.

Obituary Scams

In recent years, obituary or death announcement scams, also known as bereavement scams, have become common. For this type of scam, con artists peruse obituaries for biographical information, such as birthdates, hometowns, and names of children, which they can use to commit various forms of fraud. Some examples include:

  • Accessing personal bank accounts
  • Opening lines of credit
  • Obtaining healthcare
  • Filing fraudulent tax returns

Obituaries are normally published during the grieving process, when families are often too distracted to monitor the dead person’s financial accounts. Fraudsters love stealing the identities of dead people, and obituaries let them know when it’s the right time to strike their victims. Therefore, publicly announcing a family member’s death before understanding the risks can expose you, your loved ones, and your dearly departed to a form of identity theft.

Imposter scams

Like most other scams, money is the primary motivation for obituary fraud. In the event of a death in the family, it isn’t just the decedent’s personal finances that become vulnerable. Surviving family members, friends, and professional connections can become targets as well.

For some scammers, obituary fraud may be just the first phase of their scheme. The chaos and disorganization following death provides the perfect opportunity for fraudsters to victimize surviving spouses or other family members by pretending to be debt collectors, government agents, or life insurance agents. Whoever they may be impersonating, their goal is always to convince their victims to pay up. Have you ever received vague social media messages from persons that you have known a long time ago but never communicated with each other until you received the message? Although this may be a legitimate communication, chances are the person is dead or the account has been hijacked.

Elder fraud

Elderly people are especially vulnerable to obituary fraud. A tendency to be overly trusting and financially stable makes this group an attractive target for criminals. Obituaries can provide direct access to the seniors in a grieving family. They can also be used to aid in a grandparent scam, when a fraudster impersonates a family member to gain their victims’ sympathy and eventually, money.

FEMA scam

The post-2020 environment has given rise to yet another way for fraudsters to commit fraud. Thanks to the pandemic, an obituary can alert scammers if a person died of COVID-19 . That scammer then impersonates a government agent or representative of FEMA, a government agency that offers funeral aid to victims of coronavirus. Usually, the scammer will claim that additional personal information will be needed before aid is dispensed. Then, that information is subsequently used to commit identity fraud.

Obituary Death Announcement Scam Warning Signs

No two scammers operate in the same way. However, there are some red flags that may indicate you’ve been targeted for a bereavement scam. Some signs to watch out for are:

  • Phone calls, texts, or emails rather than official mail from government agents
  • Debt collectors who stress “immediate” payment or use scare tactics
  • Being instructed to pay debt via wire transfer or gift cards
  • Bills for credit activity after account holder’s death
  • Any unsolicited communication, specially vague messages from imposters pretending to be someone you know

How to Protect Yourself From Obituary Death Announcement Scams

While writing the obituary

Understandably, writing someone’s obituary is a huge responsibility that requires careful planning and thought. Not only do you have to condense an entire person’s life to a few paragraphs, you must also honor their memory with “just enough” personal details while preventing identity fraud at the same time.

The best way to protect your loved ones’ personal information is to think like a scammer. Birthdates, mother’s maiden names, middle names, and street addresses are common details that can be used to access accounts. State the decedent’s age but avoid announcing their actual birthday. Also, avoid announcing the time and place of the funeral in the obituary, which can alert burglars to when your family members’ homes will likely be empty.

While grieving

Contact credit bureaus, financial institutions, the IRS, and the Social Security Administration right away to notify them that your loved one has died. A few months after your loved one passes, obtain a copy of their credit report to check for any activity after their death. Be wary of any long-lost relatives, friends, and professional contacts who seem to appear “out of nowhere,” especially if they contact you through social media with vague messages. Finally, avoid paying any debts until you’ve verified their legitimacy. In most cases, family members aren’t liable for paying the debts of a deceased person.

Certified Identity Protection Advisor (CIPA) consumer identity theft certification
Become a Certified Identity Protection Advisor (CIPA)

IMI Ranked Top Identity and Access Management Organization

Enterprise Security Magazine listed Identity Management Institute as a top identity and access management organization in 2021. IMI provides thought leadership, training, and professional certification to its global members, and was the first organization of its kind established in 2007 to offer independent certifications in 8 separate IAM sub-domains.

Top identity and access management organization

The importance of identity and access management has increased in recent years for many reasons including greater cybersecurity, data breach prevention, and operational efficiencies for managing digital identities and system access. Increasing remote workforce specially after the Covid-19 pandemic, Internet of Things, as well as cloud computing and storage are among some of the top factors for the rising importance of IAM. Learn about other factors contributing to the rise of IAM.

In particular, data breach incidents have been attributed to poor access management and employee error who unwittingly shar their access credentials with hackers who steal their passwords mainly through social engineering. It is estimated that companies spend hundreds of millions of dollars to deal with the aftermath of data breach cases such as investigation, legal expenses, data recovery, compliance, media relations, and compensation to affected parties.

This is why IAM concepts such as Zero Trust have emerged as key solutions for preventing data breach and unauthorized access. Identity Management Institute was among the first organizations to write about the security risk and benefits of blockchain technology, cryptocurrency and decentralized finance, IoT, automated cars and robots, as well as the importance of Artificial Intelligence in timey prevention and detection of unauthorized access.

These major industry changes have resulted in a shortage of certified identity management professionals who understand the technical aspects or developing, implementing, and managing IAM products and solutions.

Top Identity and Access Management Organization

The professional certifications offered by Identity Management Institute offer specialized training and niche certifications in a bite size format to reduce cost, speed up the learning process, and fast-track certification for candidates.

The significance of Certified Identity and Access Manager (CIAM) certification program was also mentioned by the Enterprise Security Magazine as the leading IAM certification for identity professionals who manage risks in the ever-expanding identity and access management industry. Read the Enterprise Security article about CIAM certification.

Our member testimonials page offers a glimpse of what some of our members say about IMI’s certification programs. Join our community to share your knowledge, gain expertise, and increase your professional standing in the marketplace.

Top identity and access management organization
Click here to see the list of top IAM service companies in 2021