Financial Services Security

Cryptographic Voice Authentication

Because hearing a familiar voice is no longer enough.

DeepFree embeds a mathematically derived authentication signal into every live call. AI voice clones cannot replicate it. Neither can recorded audio. The guarantee is cryptographic, not probabilistic.

Request a Briefing Live Demo
Download the SDK
iOS SDK
Swift · Coming Soon
Web SDK
JavaScript · v1.9.0
REST API
JSON · Docs & keys
Live Authentication — Call in Progress Verified
Identity Confirmed
Device binding Matched
Timing signature Consistent
Clone resistance 100%
Time to verify < 3 seconds
Confidence score 87%
How it works
Live voice captured
Mic audio streams from the enrolled device in real time
↺ Rotates every 2s
Carrier injected
16 tones at HMAC-derived frequencies mixed in at −30 dBFS — inaudible, unforgeable
Phase coherence scored
Server runs FFT and checks 16 carrier bins against expected phases
Timing verified 2nd factor
Chunk arrival matches a credential-derived device offset — independent of the carrier
Authenticated
Result in < 3 seconds. Mathematical certainty, not a score.
The technology

Four patent claims. One mathematical guarantee.

Each shield represents a distinct technical claim in our US provisional patent filing. Together they form a four-factor authentication system that no synthesis technology — present or future — can defeat.

Zero-day clone resistance

A voice clone without the enrolled device key cannot generate the correct HMAC carrier. The carrier check returns near zero regardless of which synthesis model is used.

Mathematical certainty — 100%

Replay attack immunity

The carrier rotates every 2 seconds. A recorded call contains a signal from an expired time window — cryptographically stale before replay is possible.

99.8% replay resistance

Credential theft resilience

Authentication requires simultaneous possession of the user key, device key, and timing offset. A stolen credential without the physical device fails verification.

Four independent factors

Real-time injection immunity

The authentication signal is embedded with a secret key-derived timing offset. A man-in-the-middle attacker aligns with the live stream, not the secret temporal slot — arriving at the wrong time on every attempt.

Verified within 3 seconds

These properties are mathematical consequences of the cryptographic architecture. They do not degrade as synthesis technology improves. Click any shield to view the technical claim and mathematical basis.

US Provisional Patent Filed  ·  Utility Patent In Preparation  ·  Prior Art Search Completed
Technical white paper available under NDA →
Live platform

Observe the authentication in real time.

Open the platform on two devices. Create a room on one, join from the other. Watch the cryptographic trust score verify within 3 seconds — no configuration required.

The live demo runs on the production infrastructure. All calls are end-to-end encrypted via WebRTC. No audio is recorded or stored.

Open Live Demo → Request a Briefing
< 3s
Time to verify
0%
False acceptance
100%
Clone resistance
4
Auth factors
DFV Code Lookup

Verify a received code.

If someone sent you a DeepFree™ DFV token via text or message, paste it below to confirm its cryptographic authenticity instantly.

PASTE YOUR DFV TOKEN
Need to generate tokens, manage epochs, or export audit logs? Open Full Platform →
Platform access & pricing
Individual
$19 /month
Up to 5 agents · 200 tokens/mo
  • 200 signed tokens/month
  • Full verification platform
  • QR codes + multi-platform share
  • SLA & compliance docs
  • Per-seat licensing
Get Started — $19/mo →
Credit Unions & Banks
Institution
$12 /agent/month
Annual contract · Minimum 10 agents
≈ $1,440/yr per institution
  • Unlimited tokens per agent
  • Full platform + audit log
  • Revocation registry + epoch control
  • Annual SLA + onboarding support
  • Security documentation package
Request a Briefing →
Enterprise
Custom
Multi-branch · SOC 2 · NDA available
Typically $25k–$75k/yr
  • Everything in Institution
  • Private key infrastructure
  • Custom epoch rotation schedule
  • SOC 2 report + compliance docs
  • Dedicated account manager
Talk to Sales →

All plans include cryptographic verification, Postgres-backed revocation, cross-session HMAC integrity, and NDA on request.

Engage DeepFree

Schedule a technical briefing.

We work with security, fraud, and technology teams at financial institutions. Briefings include a live demonstration, architecture review, and security documentation package.

Request a Briefing View Live Platform

NDA available on request — Technical white paper and SOC 2 report provided under NDA

Web SDK

JavaScript · v1.9.0

Embed a cryptographic carrier into live audio. AI voice clones cannot replicate it — the guarantee is mathematical, not probabilistic.

npm install deepfree
View on npm Full Docs

Requires AudioWorklet · Web Crypto API · getUserMedia — Chrome 66+, Firefox 76+, Safari 14.1+

iOS SDK  ·  Coming Soon

Swift · Secure Enclave Native

The DeepFree iOS SDK brings cryptographic voice authentication directly into your mobile banking application — no server-side audio processing required for enrollment.

Secure Enclave Key Storage
Device keys are generated inside and never leave the Secure Enclave. The extractable flag is set to false — the key cannot be read by JavaScript, the OS, or any software attack. Authentication requires the physical device.
Real-Time Audio Embedding
The SDK hooks into AVAudioEngine to embed the HMAC-derived carrier into outgoing audio frames at under 2ms latency. Compatible with VoIP, WebRTC, and standard telephony stacks.
Passive Enrollment
Enrollment happens silently during a normal authenticated session — no dedicated voice sample required from the customer. The SDK handles key generation and server registration automatically.
Face ID / Touch ID Gating
Carrier embedding can be gated behind biometric confirmation via LocalAuthentication, adding a second factor before any call is cryptographically signed.
Join the Early Access List Request a Briefing

Targeting iOS 16+ · Swift 5.9 · Requires AVAudioEngine & LocalAuthentication frameworks

REST API

JSON · v1

Authenticate a live call by posting a signed audio chunk to the verification endpoint. Responses arrive in under 15 ms. All requests require a bearer token scoped to your institution.

curl -X POST https://api.deepfree.app/v1/verify \ -H "Authorization: Bearer $DF_API_KEY" \ -H "Content-Type: application/octet-stream" \ --data-binary @chunk.raw
Get API Keys Full Docs

TLS 1.3 required · Bearer token scoped per institution · Rate limit: 600 req/min