SecurityDevelopersDeployArchitectureAbout
Try Demo

GrayPass isa behavioral signature.

You are the password.

GrayPass verifies who you are by how you behave - not what you provide. No passwords, no codes, nothing to remember.

Try Demo
< 0 msdecision latency
0-Dfeature vector
0raw biometrics stored
0 minfirst integration
Live on this page

We've been verifying you since you opened this page.

The way you just moved your cursor here is already a signature. This panel enrolled a print of your pointer dynamics, typing rhythm, and scroll cadence - locally, in your browser. Nothing leaves this tab, and you can switch it off below.

Now try to fool it: hand this device to someone else and let them browse - their rhythm won't match your print. Or press the red button and let a bot take over.

0 bytes sent · runs locally
your session · live
graypass.runtime

Continuous trust score

0.50
calibrating
threshold 0.92
your pointer pathmove your mouse - this is you
Operator printenrolling #1…
Pointer dynamics0 samples
Typing cadencewaiting - try below
Scroll rhythm0 events

timings only · text never stored

read locally · 0 bytes sent · forgotten on reload
Backed By1517 FundBoost VCRideau Hall FoundationIngenious+
With Angels FromBrexDayDream Ventures
What GrayPass does

Three steps. One identity. Zero passwords.

  1. raw signal
    01/03
    01

    We pick up how you react.

    A short challenge captures the timing of your reactions and the rhythm of your typing.

  2. salted print
    02/03
    02

    We turn it into a salted print.

    Those signals collapse into a small, salted vector. The raw behavior never leaves the session.

  3. verified
    03/03
    03

    We verify the next time it matches.

    On every login we recompute the print and decide accept or deny in milliseconds.

What the numbers say
0decisions this session
185 msp50
Median decision time· drag to scrub
0-D
Feature vector
0
Raw biometrics retained
0 min
Typical time to first call
Why this exists

Authentication that cannot be stolen.

Passwords get stolen. OTPs get intercepted. Fingerprints leak. We built an identity layer that refuses to be any of those.

Reaction timingmatch

Behavior-first security

We pick up the rhythm behind your reactions. Shoulder surfing, credential stuffing, and replay attacks have nothing to copy.

Salted, projected, stored

Privacy by design

Raw behavior never leaves the session. We store a salted print, encrypted at rest, with helper data on a rotation.

rotate seed

Cancelable templates

If anything ever leaks, we rotate the seed. Your identity stays. The template behind it is replaced in minutes.

187 msDecide

Sub-second decisions

Accept or deny in milliseconds, with calibrated confidence ready for your policy engine.

0104020503Shuffled, timed, signed

Replay-hard challenges

Server-driven schedules with jittered timing. Macros and remote-takeover tools fail the timing tests.

Inside the product

Inside GrayPass

Four short reads. Pick one and you will know what we built and why it matters.

clientfeaturessalteddecideEnd to end

Architecture

How a session moves from a calibration to a salted print to a decision, end to end.

Read more
Defense in depthencrypted · salted · rotatable

Security

Encryption at rest, salted prints, cancelable templates, and the things we deliberately never store.

Read more
// 3 calls. one identity.await gp.start(user)const sig = await gp.capture()const { ok, p } = await gp.verify(sig)Client SDK

Developers

Three calls to ship a passwordless login. The SDK does the heavy lifting in the browser.

Read more
PositioningIdentity without friction

About

Why GrayPass exists and what we think identity should feel like next.

Read more
Pricing

Pay per session. Never per seat.

One session is one user's visit to your app. Flat $0.70 a session, no subscriptions, and packs never expire until you've used them.

Launch
$3,500
5,000 sessions · $0.70 each

Prove it on one product surface.

  • Continuous scoring on every page
  • Block · MFA handoff · support escalation
  • Sessions never expire until used
Buy Launchmost popularGrowth
$14,000
20,000 sessions · $0.70 each

Roll out to your core user base.

  • Continuous scoring on every page
  • Block · MFA handoff · support escalation
  • Sessions never expire until used
Buy GrowthScale
$70,000
100,000 sessions · $0.70 each

Continuous auth across everything.

  • Continuous scoring on every page
  • Block · MFA handoff · support escalation
  • Sessions never expire until used
Buy Scale

Self-serve checkout · provisioned in minutes · need 100k+, on-prem, or a custom SLA? Talk to us

Try it yourself

Two minutes. No hardware. No password to remember.

The full enrollment-and-login loop runs end to end in about two minutes. Here's what to expect.

I

Enroll your Brainprint

A quick series of tests designed to mimic natural interactions with your device.

II

Camera (optional)

Turn on your webcam if you want gaze tracking. No camera works fine too the rest of the signals stand on their own.

III

Routine tasks

Follow tasks like everyday routine work: scrolling across the screen, looking around, typing, and clicking paths.

IV

Mock workspace & live trust

Drop into a mock workspace and "work" normally. Watch your Continuous Trust Score on the side with full GrayPass telemetry. Simulate a bot attack and see the score drop in real time.

V

Cross the trust threshold

Try logging into "trusted" surfaces like the dashboard or billing to feel how the Trust Score Threshold gates real actions.

Live trust panel · drag to expand

Continuous Trust Score

0.96access granted
threshold 0.92
Keystroke cadencematch
Reaction timingin band
Pointer pathnominal
Gaze drift+0.3σ
Feedback

Tell us where the demo surprised you.

Two sentences are enough. We read almost everything and reply to most.

Build with GrayPass

Identity, finally invisible.

Get an API key in minutes. The SDK runs in the browser. Your stack doesn't have to change.

Try Demo