Verify Anyone's Identity Directly in Slack and Microsoft Teams
LastID now integrates directly into Slack and Microsoft Teams, letting anyone verify a colleague's identity with a single command. No portal, no ticket, no phone call. A cryptographic challenge is delivered as a QR code inside the chat, scanned with the LastID app, and the result is posted back in seconds.
"Trust me, I'm from IT"
Someone posts in your team channel. They say they're the new contractor, or the auditor from compliance, or the vendor who needs access to a shared drive. Their profile picture is there. Name looks right. You take them at their word.
Sometimes it really is that simple. But the harder version is worse: an attacker compromises a password or hijacks a session token, logs into Slack or Teams as a real employee, and starts operating from inside. They already have the identity. They already have the context. They use the trust baked into internal channels to move laterally, request access, approve changes, and extract data. The collaboration tool becomes the attack surface.
Either way, the core problem is the same. Slack and Teams were built for collaboration. They were never built to answer the question: is the person behind this account actually who they say they are right now?
So we built it in
LastID now works inside Slack and Microsoft Teams. You can verify someone's identity right where you're already talking to them.
In Slack:
/challenge @username
In Teams:
@LastID Verify @username
The person gets a DM with a QR code. They scan it with the LastID app. The app runs a biometric check on their device, signs the result with a cryptographic key in the secure enclave, and sends back the proof. A few seconds later the bot tells you: verified or not.
No passwords. No security questions. No calling someone back on a different number to "confirm." You verified the actual human, not just a credential they might have.
What's actually happening under the hood
The whole thing takes about thirty seconds:
- You run the command with a target user
- The bot DMs them a QR code (Adaptive Card in Teams, direct message in Slack)
- They scan it with the LastID app, which does a live biometric match on the device
- The app signs the response with their private key from the device's secure enclave
- The bot tells you the result
The challenge is single-use and expires in fifteen minutes. The biometric never leaves their phone. All the server gets is a signed proof that a specific person responded to a specific challenge at a specific time.
Where this actually gets used
Every company has moments where you need to know who you're actually talking to. A new hire shows up in a channel during their first week. Someone from finance asks you to approve a wire. A vendor needs elevated access during an incident.
Right now most teams handle these moments with... nothing. They just trust it. Because the alternative is opening a ticket, calling IT, waiting around. Nobody does that in practice.
When verification is one command away in the tool you already have open, people actually use it. That's the whole point.
Real workflows
- IT and security verify new hires during onboarding without leaving the channel
- Finance confirms identity before processing payment changes
- Compliance gets a cryptographically signed audit trail of every verification
- Managers check contractors and external collaborators before granting access
Every verification creates an audit record tied to a specific challenge, time, and device. Not a screenshot of a video call. A verifiable, signed assertion that the person was there.
Setup
The integrations are live for any enterprise running LastID. Install the bot, connect it through admin consent, and your team can start verifying people immediately.
If someone can type a slash command, they can verify an identity. That's it.