The C in CIAM stands for Chips. Chips go with everything in IAM: Sign-up, Sign-in, Authorisation, and Recovery. CIAM pros know to start with the end in mind: Recovery. And that recovery should be as secure, if not more than authentication. Unphishable Passkeys and cryptographic authentication demand unphishable recovery. Bad News: Weak knowledge based authentication, voice biometrics, SMS account resets, and paper documents undermine strong authentication. Good News: You and a billion other people already have phishing resistant recovery. You can scan your government issued Passport or ID card chip with your phone, in the familiar way that you buy things in store, with NFC. - Your chip proves it is: - the original, not copied, - genuinely issued, - untampered document, that contains a high resolution image of you, not a photo of a photo. Matching that with a live selfie can prove it is you on your new device... it's the original decentralised verifiable credential put to new use. Bring your passport to this session and you'll see what data security is inside an ICAO DOC 9303 chip, and how it can help you recover access when you lose or break your phone.