blog

A-ISAC Recap

October 16, 2025

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

Read Next

VIEW ALL RESOURCES
blog
October 16, 2025
A-ISAC Recap
blog
September 25, 2025
What Is Know Your Employee (KYE)? How CLEAR1 Combats Social Engineering
blog
September 23, 2025
Building Trust Into Every Agreement: CLEAR and Docusign at TITV
Maximize security, minimize friction with CLEAR

Reach out to uncover what problems you can solve when you solve for identity.

By submitting my personal data, I consent to CLEAR collecting, processing, and storing my information in accordance with the CLEAR Privacy Notice.
blog

A-ISAC Recap

October 16, 2025

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

Read Next

VIEW ALL RESOURCES
blog
October 16, 2025
A-ISAC Recap
blog
September 25, 2025
What Is Know Your Employee (KYE)? How CLEAR1 Combats Social Engineering
blog
September 23, 2025
Building Trust Into Every Agreement: CLEAR and Docusign at TITV
Maximize security, minimize friction with CLEAR

Reach out to uncover what problems you can solve when you solve for identity.

By submitting my personal data, I consent to CLEAR collecting, processing, and storing my information in accordance with the CLEAR Privacy Notice.
blog

A-ISAC Recap

October 16, 2025

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

Read Next

VIEW ALL RESOURCES
blog
October 16, 2025
A-ISAC Recap
blog
September 25, 2025
What Is Know Your Employee (KYE)? How CLEAR1 Combats Social Engineering
blog
September 23, 2025
Building Trust Into Every Agreement: CLEAR and Docusign at TITV
Maximize security, minimize friction with CLEAR

Reach out to uncover what problems you can solve when you solve for identity.

By submitting my personal data, I consent to CLEAR collecting, processing, and storing my information in accordance with the CLEAR Privacy Notice.
blog

A-ISAC Recap

October 16, 2025

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

More product updates

VIEW ALL RELEASE NOTES
No items found.
blog

A-ISAC Recap

October 16, 2025

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

blog

A-ISAC Recap

October 16, 2025

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

Key Takeaways from the Aviation ISAC Summit

At the 2025 Aviation ISAC Cybersecurity Summit this week, CLEAR's Chief Security Officer, Jon Schlegel, delivered an urgent message to industry leaders: the identity threat landscape has changed, and cybercriminals aren’t forcing their way in—they’re being let in as someone they’re not.

In aviation, identity has long been at the foundation of trust, from passengers at the gate to employees behind the scenes. But, as Jon emphasized, the same vulnerabilities affecting aviation today are emerging across every industry that depends on secure access. 

From Hacks to Impersonation: The New Face of Cyber Threats

Cybercriminals are increasingly impersonating trusted employees, vendors, and partners to gain access to high-value systems. With AI-generated deepfakes, synthetic identities, and spoofed documents becoming more sophisticated, bad actors no longer need to bypass firewalls—they can simply pretend to be someone they’re not in order to be let in. 

A prime example is Scattered Spider, a cybercrime group linked to attacks on major airlines, airports, and third-party vendors. Known for its social engineering expertise, Scattered Spider doesn't rely on brute force; instead, it manipulates human trust. The group has successfully impersonated employees and customers during help desk calls, persuading IT staff to reset credentials or disable multi-factor authentication (MFA). They’ve also used tactics like SIM swapping and credential rental marketplaces to gain seemingly legitimate access to corporate systems, all while bypassing traditional detection.

Scattered Spider is part of a broader shift in the threat landscape, from infrastructure attacks to identity-first breaches. The group’s high-profile breaches have demonstrated how easy it is to exploit static verification processes and how costly those breaches can be when identity is treated as a checkbox instead of a continuous control.

While Jon’s remarks were delivered at an aviation cybersecurity summit, this issue isn’t confined to airlines or airports. The aviation industry offers a high-stakes example of what’s happening everywhere: attackers are targeting the people who power systems, not just the customers who use them. These tactics aren’t just affecting passengers—they’re also aimed directly at the workforce, which is why organizations must move beyond traditional ID checks and implement multi-layered solutions. 

Why Traditional Verification Falls Short

Much of today’s verification still depends on single sources of truth: a document, a password, or a device. But, as Jon underscored, these one-dimensional checks are increasingly vulnerable in a world where fake IDs, AI-generated audio, and stolen credentials can all appear authentic.

In today’s threat environment, verification needs to evolve from a moment-in-time event to an ongoing safeguard. Traditional MFA is often device-based and vulnerable to SIM swapping, phishing, and deepfake attacks. If you only verify once, or only verify the device, you’re not actually confirming the person is who they say they are.

The CLEAR1 Approach: Person-Based Verification

Jon called for a new playbook: one that verifies people continuously and comprehensively across every critical touchpoint. 

With CLEAR1, businesses can verify identity across the entire workforce journey—from onboarding and account recovery to privileged access and more—using a multi-layered identity framework that goes beyond single-point solutions:

  • Biometric verification anchors the process by confirming the person is physically present and who they say they are. CLEAR1 compares a user’s selfie to the photo on their government-issued ID, while liveness detection runs behind the scenes to block spoofing tactics like deepfakes or printed images. 
  • Document validation checks the authenticity of the government-issued ID itself. Forged or stolen documents can appear legitimate in isolation, which is why CLEAR1 doesn’t stop at surface-level checks. It inspects the document for signs of tampering and cross-checks it against the selfie. 
  • Source corroboration closes the loop by verifying that the identity exists in the real world. CLEAR1 confirms key data points—like name, address, and phone number—against trusted sources.

Each layer amplifies the others. A valid ID doesn’t mean much if the selfie is fake, and a good selfie isn’t enough if the underlying data doesn’t check out. But when all the above align, identity is confirmed with a high degree of assurance. 

Building Resilience in Aviation and Beyond

Just as CLEAR is transforming the passenger experience with eGates that verify their identity in seconds, we can bring that same standard to the workforce by applying high-fidelity verification behind the scenes, where the stakes are just as high.

For aviation and many other industries, this is a turning point. Organizations can either continue with outdated verification tools or embrace a smarter, more secure foundation that starts with verified identity.

“Securing aviation starts with securing identity—and that means verifying the person behind every credential, every access request, and every device.”

– Jon Schlegel, Chief Security Officer @ CLEAR

Explore how CLEAR1 helps organizations move beyond device-based security to person-based security. 

PARTNER SPOTLIGHT
INDUSTRY
No items found.
COMPANY SIZE
INDUSTRY
No items found.
COMPANY SIZE

More Success Stories

VIEW ALL CASE STUDIES
case study
August 19, 2025
Case Study: Tampa General Hospital
case study
June 11, 2025
Beyond the Device: How T-Mobile and CLEAR Are Enhancing Secure Authentication
case study
May 16, 2025
Community Health Network Streamlines And Secures MyChart Account Creation With CLEAR
Maximize security, minimize friction with CLEAR

Reach out to uncover what problems you can solve when you solve for identity.

By submitting my personal data, I consent to CLEAR collecting, processing, and storing my information in accordance with the CLEAR Privacy Notice.
blog
Person looking at CLEAR Multi-Layered Identity Screen
By submitting my personal data, I consent to CLEAR collecting, processing, and storing my information in accordance with the CLEAR Privacy Notice.
blog
By submitting my personal data, I consent to CLEAR collecting, processing, and storing my information in accordance with the CLEAR Privacy Notice.
Thank you! You are being redirected

Thank you! View the webinar below.

Oops! Something went wrong while submitting the form.
blog

A-ISAC Recap

October 16, 2025

More webinars

VIEW ALL WEBINARS
No items found.
CLEAR+

Discover all the ways to win the day of travel—from our dedicated airport Lanes, stadiums, and exclusive Member benefits.
LEARN MORE
Why clear?
PRODUCT
OverviewUse CasesIntegrations
RESOURCES
InsightsDeveloper Resources
INDUSTRIES
HealthcareFinancial ServicesRentalsHospitalityWorkforce
CONTACT
©2025 Secure Identity, LLC. All Rights Reserved.
CLEAR1 Credential Page
Investor Relations
Newsroom
Cookie Usage
Terms of Use
CONNECT WITH US!

Ready to see CLEAR1, our Identity Platform Built for Businesses?

Complete this form to get in touch with our Business Development team.

By submitting my personal data, I consent to CLEAR collecting, processing, and storing my information in accordance with the CLEAR Privacy Notice.