Secure your small business:
Apps → Data →

Founded 2016


HQ Victoria, Canada


Issued Patents 3


Angel Investment $3.3 million


Team Size 19


Publications by Science Team 120+


Academic Citations 2,500+


Industries Government Defense Healthcare Finance SaaS

The leader in ADVANCED AUTHENTICATION WITH behavioral biometrics

We provide next-generation authentication using behavioral biometrics and machine learning.

The Company

Founded in 2016, Plurilock is a rapidly growing spin-out company driven by innovative security science developed at the University of Victoria.

Based on the results of industry-leading research, Plurilock’s founders believed that they had perfected a new way of authenticating computer users. This technology was better than passwords, didn’t require fingerprint scanners, phone codes, or security tokens, and was more secure—yet less intrusive.

A world-class management team was recruited to commercialize and market the technology as a next-generation authentication solution—and Plurilock was born.

The Technology

Plurilock enables organizations to identify users based on individual, fingerprint-unique patterns in their behavior, environment, and context.

Usernames, passwords, and authentication tokens can be forgotten or stolen. Fingerprint and facial scans can be fooled. Plurilock products, on the other hand, track imperceptible micro-patterns in keyboard and mouse use along with ambient environment and context data that is unique to each individual and their computing devices.

Impersonation is impossible, accounts can’t be stolen or shared, and privacy is protected—because Plurilock data can’t be used to reconstruct real-world identities even if somehow lost to the wild.

Ian L. Paterson
Chief Executive Officer

Aron Hsiao
Director of Marketing

Plurilock Products


Plurilock ADAPT

Plurilock ADAPT offers invisible, risk-based multi-factor authentication for SaaS applications and ADFS environments. ADAPT identifies individuals using behavioral- biometric, environmental, and contextual data and requires no phones, codes, hardware fobs, or other additional security devices.

  • Invisible authentication
  • Device-free MFA
  • SaaS and ADFS environments

Plurilock DEFEND

Plurilock DEFEND offers continuous behavioral-biometric authentication for enterprise environments. Rather than checking identity only at login, DEFEND confirms user identities every 3-5 seconds throughout the workday, all day, as users work—and no matter which application(s) are in use. This prevents session takeovers, credential sharing, and other common insider threats.

  • Continuous authentication
  • Device-free MFA
  • Enterprise environments

Plurilock Technical Terms

Behavioral Biometrics

Identifying users based on movement, rather than body shape (fingerprints, face scans), things known (passwords), or things held (cards, fobs, devices). Plurilock products rely on behavioral biometrics.

Identity Assurance

Certainty that an active user is who they claim to be, not someone with stolen credentials. Plurilock products provide identity assurance.

Out of Band

Out-of-Band authentication factors are identity signals that do not rely for their veracity on the same system requesting user authentication.

Device-free MFA

Device-free MFA refers to any multi-factor authentication strategy that requires no additional hardware for login.

Advanced Authentication

Advanced Authentication is an authentication strategy that uses real-world identity signals adaptively to provide significantly stronger identity verification for information and system security.

Continuous Authentication

Validating a user’s identity all the time, as they continue to work, rather than just at the moment a password is entered or a fingerprint is scanned. Plurilock products provide continuous authentication.

Multi-Factor Authentication

Requiring multiple methods of authentication to use a system, rather than just one method such as a password.  Plurilock products provide true out-of-band multi-factor authentication.

Regulatory Compliance

The process of meeting security requirements imposed on organizations by laws or governing agencies. Plurilock products enable regulatory compliance.

Machine Learning

Machine Learning refers to a general category of algorithms, statistical models, and computing technologies designed to enable computing systems to perform tasks competently or make reasonable decisions without the provision of new instructions in each case.

U.S. Government Work

Plurilock has worked with or received funding from multiple United States federal agencies, including:

U.S. Army / NETCOM
U.S. Department of Defense / DIUx
U.S. Defense Information Systems Agency
U.S. Department of Homeland Security

Form and Function

“Plurilock provides a nearly frictionless experience for users—no extra steps to take, no tokens to fumble around for, no PINs to enter, and nothing to remember… [T]he company could variously be placed in multiple categories: authentication, biometrics, EDR, and UBA.”

— 451 Research

Plurilock Protects faster

With typical security infrastructure, it takes workplaces an average of 200 days to recognize a breach and 90 days after that to resolve it.

Organizations that use Plurilock will resolve a breach in seconds and can achieve awareness of the attempt almost immediately.

Subscribe to the newsletter for Plurilock and cybersecurity news, articles, and updates.

You're on the list! Keep an eye out for news from Plurilock.