Secure your small business:
Apps → Data →

How Plurilock’s Behavioral Biometrics Work

Plurilock DEFEND for Continuous Authentication

The world needs new cybersecurity tools.

Traditional authentication methods are a bust. Credentials get stolen. Users share accounts. Trojans infect endpoints. The result is always the same—the wrong user gets access. Passwords and 2FA are everywhere, yet the breach rate grows. Even fingerprint and face scans get fooled by clever copies. 

Plurilock has the answer.

What's needed is a way to verify the actual identity of the user doing the actual work at all times—whichever credentials were used, and even when they've walked off without signing off. That technology is just what we’ve developed—and patented—at Plurilock. 

Continuous Authentication with Behavioral Biometrics

Authenticates Continuously

Plurilock authenticates users continuously, not just at login or 2FA points. User changes and walk-aways are always caught.

Uses Real-Time Behavioral Biometrics

Plurilock checks identity every 3-5 seconds. Because it's uses rapidly learned biometric patterns, it can't be fooled.

Is Invisible and Friction-free

Plurilock is completely invisible to users until the moment at which it becomes necessary to block unauthorized use.

Is Flexible and Self-Learning

You decide what actions are taken, and under what conditions. The AI-based endpoint agent does the rest, learning as it goes.

How Plurilock Works

On the Ground


Deploy Plurilock’s lightweight agent to your endpoints with the central management tools you already use. The endpoint agent then operates silently, in the background, all the time. Users only see the agent running if you want them to—otherwise, it's entirely invisible and friction-free.

Artboard 7


Plurilock's endpoint agent begins to silently analyze unique micro-patterns in each authorized user's keyboard and mouse movements. Once enough high-quality data is gathered to build a user profile, continuous authentication begins. Enrollment happens silently, often in as little as 30 minutes of regular work.


Plurilock continuously monitors each endpoint to ensure that the body operating the keyboard and mouse match an authorized user profile. Every 3-5 seconds, a decision is quietly made about whether the current user is still an allowed user—or whether someone unauthorized is now generating input at the endpoint.

Artboard 7 copy 2


When confidence in the identity of the user at the endpoint drops, action is taken within seconds. Depending on configured policies, unauthorized use can be logged, signalled to staff or SIEM systems, launch a manual authentication step, or force an immediate block-out.

Sound like what you're looking for?

Let's talk. We'd love to demo it for you.

Subscribe to the newsletter for Plurilock and cybersecurity news, articles, and updates.

You're on the list! Keep an eye out for news from Plurilock.