Trusted Codes

Solutions

Stop the fraud
before it starts.

AI can clone any voice from 3 seconds of audio, render any face in real time, and forge any document in seconds. One question — “What's your code?” — is the only defence that cannot be faked.

ConnectionsBeaconsGuest CodesStamping

Impersonation of People You Know

Criminals clone voices and faces of family, colleagues, and executives. Ask for their code — AI can never answer.

Grandparent Scams

Connections

$4.8B lost by Americans over 60 in 2024 alone

The threat

A panicked voice — sounding exactly like your grandchild — calls to say they've been arrested or injured and need bail money wired immediately. A "lawyer" or "officer" stays on the line. The voice is AI-cloned from social media audio.

How it stops it

Your daily code changes every morning and lives only on your grandchild's device. Before acting on any urgent request, ask: "What's your code?" A genuine grandchild answers in seconds. An AI clone never can.

Fake Emergency Calls

Connections

The threat

"Mum, I've been in an accident — the ambulance is here, I need you to call my bank and authorise a transfer." The caller has cloned your child's voice from a single voicemail. They know the name of their partner, their car, their usual habits — all scraped from social media.

How it stops it

A three-word code established when you last saw each other is impossible to fake. No caller who cannot produce today's code should receive urgent financial action.

Romance Scams

Connections

Over $1.1B reported to the FTC in 2023

The threat

Scammers — often AI-assisted — build convincing relationships over weeks or months before engineering a financial crisis. They may use AI-generated profile photos, cloned voices, and synthetic video calls. By the time the "emergency" arrives, victims trust them completely.

How it stops it

Establish a Trusted Code early in any new relationship. If the person refuses or cannot provide today's code after the secret has been set up, you have hard proof they are not who they claim.

CEO & CFO Fraud

Connections

BEC attacks caused $2.9B in reported losses in 2023 (FBI IC3)

The threat

A deepfake of your CEO sends a voice message or joins a video call, demanding an urgent wire transfer before end of day. The voice is indistinguishable. The face moves naturally. The NDA it asks you to sign looks genuine. You have 15 minutes.

How it stops it

Company policy: no financial authorisation without a verified code from the authorising executive. Codes are established once in-person during onboarding and never travel over email or Slack.

Deepfake Conference Calls

Connections

A Hong Kong finance worker wired $25M after a fake Zoom call with AI-rendered colleagues

The threat

Entire boardrooms can be faked. Real executives, real faces, real voices — all synthesised in real time. Participants discuss real company matters (scraped from public sources) to build confidence before the kill shot: a fund transfer, a contract change, a data request.

How it stops it

At the start of any sensitive video call, each participant is asked for their code. No code, no discussion of anything material. A 30-second check prevents a $25M loss.

Client Impersonation

Connections

The threat

A message arrives from "your most important client" asking to change the bank account for upcoming invoices, redirect a shipment, or approve an urgent change order. The email domain is a convincing lookalike. The writing style matches — because it was trained on months of real correspondence.

How it stops it

Connections with key clients mean any material change request can be verified with a code check before action is taken. No code match = escalate through a known phone number.

Inbound Caller Fraud

Legitimate organisations call you every day. Criminals exploit that trust. Beacons let any caller prove they really work for the organisation they claim.

Bank & Financial Fraud Teams

Beacons

$1.3M stolen in one Canadian city by fake "bank fraud teams" (2026)

The threat

"Hello, this is the fraud team at your bank. We've detected suspicious activity and need to verify your details before it's too late." The caller knows your name, partial account number, and recent transactions — scraped from a prior data breach. They ask you to approve a "safe" transfer, hand over card details to a courier, or install "security software".

How it stops it

Your bank registers a Beacon. Every fraud team agent's code is linked to their identity and rotates daily. Before you confirm anything, ask: "What's your Beacon code?" A legitimate agent produces it in seconds. A scammer cannot.

IT Helpdesk Impersonation

Beacons

Social engineering caused 82% of data breaches in 2023 (Verizon DBIR)

The threat

"Hi, this is IT support. We've detected unusual login attempts on your account. I need you to confirm your credentials and allow remote access so I can secure it immediately." Employees comply because they fear being locked out — and because the caller sounds exactly like someone from IT.

How it stops it

Every IT helpdesk staff member carries a Beacon code tied to their employee identity. Staff are trained: before providing any credentials or granting remote access, ask for the code. No code = hang up and call IT's known number.

Government & Tax Agency Impersonation

Beacons

The threat

"This is the IRS. You have unpaid taxes and a warrant has been issued for your arrest. Call back within one hour or law enforcement will be dispatched." Or: "This is HMRC. Your National Insurance number has been used fraudulently — confirm it now or your benefits will be suspended." These calls cause genuine terror and extract billions annually.

How it stops it

Government agencies that issue outbound calls can register Beacons. Citizens who receive government calls can verify the agent's code via a free web check — no app required.

Healthcare Provider Fraud

Beacons

The threat

"This is your GP surgery calling to rebook your appointment — we need to confirm your date of birth and insurance number." Or: "The pharmacy team here, confirming your prescription — can you verify your address?" Healthcare calls harvest high-value personal data in a context where patients automatically trust.

How it stops it

Healthcare providers register Beacons for their outbound calling staff. Patients are instructed: before confirming any health or personal data, ask for the Beacon code. One question protects all your health information.

Tech Support Scams

Beacons

Tech support scams cost Americans $924M in 2023 (FBI IC3)

The threat

"This is Microsoft Support. Our systems show your computer has been infected with a severe virus. If we don't act now, your banking credentials will be stolen." The caller directs victims to grant remote access — then installs real malware and drains bank accounts or demands payment to "remove the virus".

How it stops it

Microsoft, Apple, and major software vendors can register Beacons. Any claimed support call that cannot produce a Beacon code is fraudulent — these companies do not make unsolicited support calls, but victims don't always know that.

Compromised Help Desks

Beacons

The threat

A real employee's credentials are compromised. The attacker uses a legitimate account to call colleagues, request credential resets, approve access changes, or gather sensitive information. Because the account is genuine, traditional authentication passes. Caller ID shows a real internal number.

How it stops it

Beacon codes rotate every 24 hours and live only on the legitimate employee's device. Even with stolen credentials, an attacker cannot produce today's code — giving every colleague a daily-fresh way to detect account takeover in real time.

Access & Service Fraud

Criminals exploit the trust we extend to delivery drivers, service technicians, and contractors. Guest Codes let you verify anyone — no app required.

Fake Delivery Persons

Guest Codes

The threat

Someone arrives at your door or building entrance claiming to be a courier, utility engineer, or building maintenance worker. Once inside, they case the property, steal packages, or install physical surveillance devices. They may pre-call to announce a "delivery" to reduce suspicion.

How it stops it

When scheduling any expected visit, generate a Guest Code and share it with the legitimate service provider. At the door, ask for the code. Only the real provider — who received it from you — can answer.

Contractor & Tradesperson Fraud

Guest Codes

The threat

"Your neighbour recommended me — I'm just finishing work in the street and noticed your roof has serious damage. If you don't let me fix it today, it will cost triple." High-pressure tactics, no credentials, payment demanded upfront in cash. The "work" is never done or makes things worse.

How it stops it

For any unscheduled visit, generating a code takes 10 seconds. Legitimate tradespeople welcome the verification. Those who refuse or become aggressive when asked for a code are giving you all the information you need.

Document & Message Fraud

When criminals can forge any email or document, the only defence is a cryptographic stamp that proves origin and detects any modification.

Invoice Payment Diversion

Stamping

Invoice fraud is the fastest-growing category of B2B fraud, averaging $130K per incident

The threat

Criminals intercept supplier email threads — via a compromised account or a convincing lookalike domain — and resend modified invoices with new bank account numbers. Everything looks identical: the logo, the invoice number, the amounts. Only the payment destination changed.

How it stops it

Suppliers stamp every invoice at creation. Recipients run a 3-second stamp verification before processing payment. Any document that has been modified — even a single character — fails verification. Invoice fraud becomes structurally impossible.

Supply Chain Compromise

Stamping

The threat

Attackers who gain access to a supplier's email thread can redirect shipments, substitute components, change delivery addresses, or exfiltrate purchase orders. They may operate undetected for months, sending plausible-sounding instructions that blend with legitimate correspondence.

How it stops it

Stamp all official instructions, purchase orders, and logistics documents. Any instruction that arrives without a valid stamp — or with a stamp that doesn't match — is rejected and escalated. The legitimate supplier is alerted immediately.

AI-Generated Executive Correspondence

Stamping

The threat

AI can generate a convincing email in someone's exact writing style in under a second. "I need you to handle this personally — don't involve anyone else." These messages bypass spam filters, pass casual inspection, and exploit authority and urgency to override normal approval processes.

How it stops it

Any sensitive instruction from an executive carries a cryptographic stamp that only their device can generate. An AI-forged message, however convincing, has no stamp — or has a stamp that cannot be verified against the executive's registered key.

One question. Every fraud stopped.

Free for families. Business plans for organisations that need Beacons, Stamping, and verified caller identity at scale.