Founded 2016
HQ Victoria, Canada
Issued Patents 3
Angel Investment $3.3 million
Team Size 19
Publications by Science Team 120+
Academic Citations 2,500+
Industries Government Defense Healthcare Finance SaaS
The leader in ADVANCED AUTHENTICATION WITH behavioral biometrics
We provide next-generation authentication using behavioral biometrics and machine learning.
The Company
Founded in 2016, Plurilock is a rapidly growing spin-out company driven by innovative security science developed at the University of Victoria.
Based on the results of industry-leading research, Plurilock’s founders believed that they had perfected a new way of authenticating computer users. This technology was better than passwords, didn’t require fingerprint scanners, phone codes, or security tokens, and was more secure—yet less intrusive.
A world-class management team was recruited to commercialize and market the technology as a next-generation authentication solution—and Plurilock was born.
The Technology
Plurilock enables organizations to identify users based on individual, fingerprint-unique patterns in their behavior, environment, and context.
Usernames, passwords, and authentication tokens can be forgotten or stolen. Fingerprint and facial scans can be fooled. Plurilock products, on the other hand, track imperceptible micro-patterns in keyboard and mouse use along with ambient environment and context data that is unique to each individual and their computing devices.
Impersonation is impossible, accounts can’t be stolen or shared, and privacy is protected—because Plurilock data can’t be used to reconstruct real-world identities even if somehow lost to the wild.
Plurilock Products

Plurilock ADAPT
Plurilock ADAPT offers invisible, risk-based multi-factor authentication for SaaS applications and ADFS environments. ADAPT identifies individuals using behavioral- biometric, environmental, and contextual data and requires no phones, codes, hardware fobs, or other additional security devices.
- Invisible authentication
- Device-free MFA
- SaaS and ADFS environments

Plurilock DEFEND
Plurilock DEFEND offers continuous behavioral-biometric authentication for enterprise environments. Rather than checking identity only at login, DEFEND confirms user identities every 3-5 seconds throughout the workday, all day, as users work—and no matter which application(s) are in use. This prevents session takeovers, credential sharing, and other common insider threats.
- Continuous authentication
- Device-free MFA
- Enterprise environments
Plurilock Technical Terms
Behavioral Biometrics
Identifying users based on movement, rather than body shape (fingerprints, face scans), things known (passwords), or things held (cards, fobs, devices). Plurilock products rely on behavioral biometrics.
Identity Assurance
Certainty that an active user is who they claim to be, not someone with stolen credentials. Plurilock products provide identity assurance.
Out of Band
Out-of-Band authentication factors are identity signals that do not rely for their veracity on the same system requesting user authentication.
Device-free MFA
Device-free MFA refers to any multi-factor authentication strategy that requires no additional hardware for login.
Advanced Authentication
Advanced Authentication is an authentication strategy that uses real-world identity signals adaptively to provide significantly stronger identity verification for information and system security.
Continuous Authentication
Validating a user’s identity all the time, as they continue to work, rather than just at the moment a password is entered or a fingerprint is scanned. Plurilock products provide continuous authentication.
Multi-Factor Authentication
Requiring multiple methods of authentication to use a system, rather than just one method such as a password. Plurilock products provide true out-of-band multi-factor authentication.
Regulatory Compliance
The process of meeting security requirements imposed on organizations by laws or governing agencies. Plurilock products enable regulatory compliance.
Machine Learning
Machine Learning refers to a general category of algorithms, statistical models, and computing technologies designed to enable computing systems to perform tasks competently or make reasonable decisions without the provision of new instructions in each case.
Factoid:
U.S. Government Work
Plurilock has worked with or received funding from multiple United States federal agencies, including:
U.S. Army / NETCOM
U.S. Department of Defense / DIUx
U.S. Defense Information Systems Agency
U.S. Department of Homeland Security
Quote:
Form and Function
“Plurilock provides a nearly frictionless experience for users—no extra steps to take, no tokens to fumble around for, no PINs to enter, and nothing to remember… [T]he company could variously be placed in multiple categories: authentication, biometrics, EDR, and UBA.”
— 451 Research
Factoid:
Plurilock Protects faster
With typical security infrastructure, it takes workplaces an average of 200 days to recognize a breach and 90 days after that to resolve it.
Organizations that use Plurilock will resolve a breach in seconds and can achieve awareness of the attempt almost immediately.