Security

A spilled database is worth nothing here.

We don't store raw biometrics. We don't let the same secret protect two users. Every accept or deny carries a reason a human can audit. Security is the product, not a checkbox.

Hover a node to see what survives each step.

Run an attack against your own session.

Pick one. The sandbox executes it against the live behavioral session this site has been keeping on you, and shows exactly where it dies.

simulation · runs locally · mirrors production reason codes

gp-sim · replay · sandbox

Principles

01

Salted, not stored.

Behavior collapses into a salted print. The print is what we keep. The behavior does not persist.

02

Encrypted at rest.

Templates and helper data sit behind envelope encryption. A database spill gives an attacker nothing usable.

03

Cancelable.

If anything ever leaks, we rotate the seed. Identity stays. The template behind it is replaced in minutes.

04

Replay-hard.

Server-driven schedules with jittered timing. Macros and remote-takeover tools cannot fake the cadence.

05

Auditable.

Every decision carries calibrated confidence and a human-readable reason. Nothing is accepted or denied in silence.

06

Consent-led.

Raw signals are not collected by default. Opt-in research data is double-encrypted and revocable on request.

v1.0

Posture snapshot

TransportStorageOperationsData rights
  • TLS 1.3
  • HSTS
  • Per-request nonces
  • Encryption at rest
  • Salted templates
  • Helper data only
  • Rate limits
  • Anomaly alerting
  • Reason-coded decisions
  • Erase on request
  • Per-user salts
  • Consent-led research data
Live posturep95 < 320 ms at the edge

Want a deeper walkthrough? Email us and we'll make time.

Request a review