Kenshiki

Demo workspace

Tiny detour: the demo opens in a new tab.

The workspace contains 60 synthetic people and representative lender-review workflows. No production borrower data, no surprise detour from this page.

  • No production borrower records are displayed.
  • The new tab keeps this page right where you left it.
  • The app surface is noindexed and marked as synthetic data.
Request a briefing

Threat model primer

Why portable proofs fail modern identity fraud.

A document can be copied. A code can be relayed. A session can be hijacked. A phone farm can hold devices. But manufacturing thousands of distinct, ordinary, carrier-backed human days is a different economic problem.

The Pulse thesis

The attacker has to fake lives, not just signals.

Synthetic fraud is a Sybil problem. Relay attacks create confused deputies. Pulse was built for that threat model.

The terms below are not trivia. Each one names a specific way identity and authentication systems can validate a signal while missing the person behind the action.

Relay attack, shown

When proof travels, attackers can steal it. Pulse ties the proof to the application submit.

Proof that travels

Codes, push approvals, browser sessions

The applicant may do the expected step, but the proof can unlock the wrong browser session.

A real person can be used for fraud.
Proof that stays bound

Pulse

Pulse checks the carried phone and returns a session result your server verifies for this exact submit.

No reusable proof leaves the phone.

The core three

Terms that define the Pulse threat model.

Scale problem

Sybil attack

One actor creates many identities to overwhelm a system that assumes each identity maps to one real person. Synthetic identity fraud is a Sybil attack on the identity layer.

Pulse: one coherent human day cannot cheaply be many.
Human-in-the-loop problem

Confused deputy

An honest person or system is tricked into using its authority for the wrong session or action. The deputy is not malicious; it is confused about who it is acting for.

Pulse: the proof is scoped to this action.
Portable-proof problem

Relay attack

An attacker forwards a real proof in real time. OTPs, push approvals, and browser sessions can fail when the proof travels and can be replayed elsewhere.

Pulse: nothing useful to type, forward, or reuse.
Time problem

Replay attack

An old proof is reused after the moment has passed. Point-in-time identity checks often become loose credentials after the ceremony is over.

Pulse: short-lived proof tied to the protected submit.

More terms

Why portable proofs leak.

Man-in-the-browser

The browser is compromised or remotely controlled. Pulse treats the browser as the display surface, not the root of trust.

Bearer token

Whoever holds the token can use it. Pulse avoids making the applicant type or transmit a portable proof.

Pharming

Traffic is redirected to a fraudulent destination. Action-bound proof matters when the browser view cannot be trusted.

Pulse fit

Sybil resistance at the presence layer.

Synthetic fraud wins when one operator can become many plausible applicants. Pulse makes each high-risk submit answer to a carried phone, a carrier relationship, and an ordinary lived day. That shifts the attack from cheap digital fabrication to expensive physical coordination.

See Pulse See the embed code