EVERYTHING STARTS WITH UNCLONABLE IDENTITY
THE ONLY NO-PASSWORD AUTHENTICATION TECHNOLOGY BASED ON YOUR SMARTPHONE HARDWARE
PASSWORDLESS TECHNOLOGY
WE PROVIDE MAXIMUM PROTECTION OF THE SECRET ON YOUR SMARTPHONE, AS IT PERFORMS COMPUTATIONS IN A SECURE ENVIRONMENT – AND UNLOCKS IT UPON SENSOR HARDWARE VERIFICATION.
Our technology recognizes the user's smartphone through an invisible pattern of imperfections that characterize the millions of pixels of the camera sensor, which can be considered a kind of unique hardware fingerprint.
Every picture taken by a smartphone contains an invisible trace, which is called PRNU (Photo-Response Non-Uniformity). This trace is unique, making every camera sensor different from each other, just like a fingerprint. This fingerprint is also completely random, because it is intrinsic to manufacturing processes of sensors. Being random means that the producers of sensors and smartphones cannot manipulate it, or clone it in a different sensor, making this characteristic a Physical Unclonable Function (PUF) by design.
For user authentication a simple protocol can be established: the server sends a challenge message to the user, the user signs the message using the private key, the server verifies the signature with the user’s public key.
Since there is no shared secret between the server and users, there is no single point of failure at the server side. Due to its enhanced security, this is the solution chosen by most recent authentication protocols like FIDO.
CRYPTO WALLET - BLOCKCHAIN - MOBILE WALLET
AS CRYPTOCURRENCIES BECOME MORE POPULAR AND VALUABLE, THEY HAVE INCREASINGLY BECOME TARGETS FOR CYBERATTACKS.
IN ADDITION TO MEETING THE NEEDS OF EVER-INCREASING INTEREST, CRYPTOCURRENCY WALLETS MUST BE PROTECTED
AGAINST MALWARE ATTEMPTING TO STEAL CRYPTOASSETS.
We’ve made possible to use your smartphone as your secured crypto wallet versus buying a dedicated hardware.
As cryptocurrency becomes more popular and more valuable, more cryptocurrency have been targeted with cyber-attacks. In addition to trying to satisfy the needs of a widely increasing interest, cryptocurrency wallets need to be protected from malware trying to steal crypto assets.
Unlike software wallets, there's no private key stored on the smartphone's storage. If malware clones the phone, the attacker can't recover the private key, as the cloned phone will have a different camera sensor with a different pattern of imperfections.
This pattern is unique and unrepeatable, distinguishing each smartphone from any other. The private key is then linked only to a specific smartphone: only that smartphone can retrieve the key and use it to authorize transactions.
CRYPTO EXCHANGE - AUTHENTICATION AND SECURE LOGIN
OUR INTUITIVE MULTI-FACTOR AUTHENTICATION TECHNOLOGY TURNS EVERY SMARTPHONE INTO A SECURE AUTHENTICATION KEY, BASED ON THE RECOGNITION OF THE INVISIBLE PATTERN OF IMPERFECTIONS IN THE SMARTPHONE'S CAMERA SENSOR.
A UNIQUE AND UNREPEATABLE FEATURE THAT DISTINGUISHES EACH SMARTPHONE FROM ANY OTHER.
Secret authentication keys are combined with the physical characteristic of the camera sensor to generate a valid authentication token.
This feature is used to prove possession in a multi-factor authentication scheme in a more secure manner than SMS or existing authenticator apps because it relies on a physical characteristic of the device being used to prove possession.
This way, even if malware manages to export the secret keys used to verify the device, it wouldn't be able to use them because it would lack the smartphone's camera sensor to reproduce its pattern.
We’ve made it easy to increase the level of security for exchange’s customers and operators without impacting the usability.
DIGITAL SIGNATURE OF DOCUMENTS WITH YOUR SMARTPHONE
WE’VE MADE IT EASY TO INCREASE THE LEVEL OF SECURITY ALLOWING PEOPLE
TO USE THEIR PHONE AS SIGNATURE DEVICE VS. HAVING ADDITIONAL HW.
As companies and workforce are working from remote and offices are distributed around the world, companies increased the usage of digital signature of critical documents, contracts, agreements sometimes sharing HW token increasing the risk of misuse and stolen credential.
Our solution transforms virtually any smartphone into a secure private key vault. Our patented technology securely links a private key to a camera sensor.
This technology is based on recognizing the invisible pattern of imperfections in a smartphone's photo sensor. This pattern is unique and unrepeatable, distinguishing each smartphone from any other.
BANKING - AUTHENTICATION AND ANTI-PHISHING
AS PEOPLE ARE USING MORE INTERNET BANKING, USING SMARTPHONES TO PROCESS TRANSACTIONS,
APPS HAVE BEEN TARGETED WITH CYBER-ATTACKS LIKE SIM-SWAP, CLONED PHONES AND SO ON. WE HAVE MADE IT EASY TO INCREASE THE LEVEL OF SECURITY OF HOME BANKING APPS WITHOUT IMPACTING THEIR USABILITY.
Currently, if a malicious user attempts to access a legitimate user's bank account and steal their money via a wire transfer, they need to steal: The legitimate user's knowledge factor (i.e., their PIN/password) and The legitimate user's possession factor (i.e., the credentials stored on their smartphone). The malicious user steals the legitimate user's knowledge factor via a phishing email impersonating their bank. With these credentials, the malicious user can access the legitimate user's bank account.
With our technology, a malicious user requests a bank transfer. The bank sends the REQUEST to the legitimate user's phone clone, but the malicious user's phone won't be able to use the stored credential because it's linked to the fingerprint on the camera sensor.
Since the malicious user's phone has a different camera sensor than the legitimate user's, their fingerprint will be different and won't unlock the credential to approve the transaction, which will then be denied.
CORPORATE - AUTHENTICATION PASSKEY
AI-DRIVEN ATTACKS THREATEN ENTERPRISE AUTHENTICATION, BYPASSING PASSWORDS, MFA, AND SYNCED PASSKEYS THROUGH ADVANCED MANIPULATION AND SUPPLY CHAIN RISK. OUR TECHNOLOGY SOLVES THIS WITH DEVICE-BOUND PASSKEYS UNIQUELY ANCHORED TO EACH SMARTPHONE’S CAMERA SENSOR FEATURE, COUPLED WITH COMPANY-CONTROLLED ATTESTATION.
An example of how our solution can be used is to protect confidential information on employee devices.
For example, if an employee needs to access the company cloud using their PC, instead of simply entering their password and thus having a single-factor authentication, they are also asked to confirm possession of their mobile phone via ToothPic, in a secure and intuitive way.
Our secure and intuitive multi-factor authentication technology aims to turn every smartphone into a secure authentication key.
This prevents a malicious user, who is not in possession of the phone, from accessing company applications.
ENCRYPTED DOCUMENTS - SHARE CONFIDENTIAL DOCUMENTS
WE'VE MADE IT EASY TO INCREASE THE LEVEL OF SECURITY BY ALLOWING PEOPLE
TO USE THEIR PHONE AS SECURE DECRYPTION KEY VS. HAVING ADDITIONAL HW.
As companies’ workforces are remotely working there has been an increase in sharing confidential documents online.
Top managers use to receive confidential documents which can be intercepted or sent to another person by mistake therefore compromising their security and disclosing sensitive information.
Today's remote employee connects company devices to their home network, where all confidential company information can be accessed, increasing the likelihood of cyberattacks.
Our technology makes it easy to increase the level of security when your staff is working remotely, without compromising system usability. If the phone is cloned, the malware would be unable to access the company's information because the credential stored inside would not be usable if it is on a device with a different camera than the one that registered the credential itself.
SAFE DIGITAL SIGNATURES FOR QUANTUM COMPUTING
OUR TECHNOLOGY INCLUDES A QUANTUM-SECURE COMPONENT AND A DIGITAL SIGNATURE ALGORITHM.
QUANTUM-SECURE DIGITAL ALGORITHMS CAN BE INTEGRATED WITH OUR TECHNOLOGY.
Although current quantum computers do not pose an immediate threat to RSA or Diffie-Hellman key exchange, the security community's main concern is summed up by the motto: harvest now, decrypt later. An adversary could collect large amounts of data encrypted with classical algorithms, which could become vulnerable to quantum computers in a few years.
To address the threat of quantum computing, quantum-secure schemes have been actively researched in recent years. These schemes can leverage two paradigms:
Developing new algorithms based on computational problems that cannot be solved by quantum computers.
Using unconditionally secure schemes, that is, algorithms whose security does not depend on computational problems.
Our technology can be considered quantum-secure when combined with quantum-secure digital signature schemes such as ML-DSA.
USE CASES
BEING RECOGNIZED FOR THE SECOND CONSECUTIVE YEAR AS A REPRESENTATIVE VENDOR
.IN GARTNER’S PRESTIGIOUS 2025 MARKET GUIDE FOR USER AUTHENTICATION IS A SIGNIFICANT MILESTONE FOR OUR TECHNOLOGY
We have a world-class security key solution with a seamless user experience, Passkey. Designed for Android devices, it's more than just another key: it revolutionizes smartphone authentication security.
You can register your Passkey using the app, PC browser, or mobile browser, and then authenticate to Amazon from any platform you prefer—whether it’s the app, PC, or mobile browser. The authentication platform doesn't need to match the registration platform.
You can access Amazon with the Passkey from any platform you prefer—whether it’s the app, PC, or mobile browser — whichever way you used to register your Passkey —app, PC browser, or mobile browser. The authentication platform doesn't need to match the registration platform.
Traditional passwords are vulnerable to cloning, putting your sensitive data at risk. Our Technology eliminates this vulnerability, making your digital identity impossible to clone. By leveraging the unique hardware capabilities of a smartphone's camera sensor, ToothPic creates device-linked access keys that are impossible to clone remotely.
You can access PayPal with our Passkey from any platform you prefer—whether it’s the app, PC, or mobile browser — whichever the way you used to register your Passkey —app, PC browser, or mobile browser. The authentication platform doesn’t need to match the registration platform.
With the rise of sophisticated malware and AI-based attacks, our technology is your shield against growing identity threats. If the device is fully cloned, the access keys remain locked, making them unusable to unauthorized users.
Easily register your toothpic passkey and securely access your linkedin account from your smartphone and pc. You can register your ToothPic Passkey using the app, PC browser, or mobile browser, and then authenticate to LinkedIn from any platform you prefer—whether it’s the app, PC, or mobile browser. The authentication platform doesn't need to match the registration platform.
HEADCOM IN NUMBERS
15+
COUNTRIES
50+
PROJECTS EXECUTED
1M$
INVESTMENT IN SUSTAINABILITY
20+
GLOBAL PARTNERSHIPS
INDUSTRY COLLABORATION
Our Partnerships
Collaborate with us to drive innovation and sustainable growth in the fields of Artificial Intelligence and Clean Energy.
TRANSNATIONAL CONGLOMERATE
MULTINATIONAL AUTOMOTIVE MANUFACTURER
EV MOBILITY SOLUTIONS MANUFACTURER
ENERGY EFFICIENCY CONSULTANCY