Experience Ambient Trust

Use the workspace below naturally. Type, click, scroll - GrayPass silently captures your behavioral patterns and computes a continuous trust score.

Write freely - your typing rhythm, speed, and cadence are unique identity signals
Auth Policy
Click to interact
Session Guard
Click to interact
Risk Monitor
Click to interact
Trust Engine
Click to interact
Audit Stream
Click to interact
Enrollment
Click to interact

How GrayPass works

GrayPass passively observes how you interact with any application. Every person types with a unique rhythm: characteristic dwell times, flight times between keys, correction cadences. These timing patterns form a behavioral fingerprint.

Pointer movements are equally distinctive. The micro-jitter from your hand tremor (8-12 Hz), your ballistic-to-corrective movement ratio, overshoot patterns, and click coupling timing are all personal signatures that are extremely difficult to replicate.

Scroll behavior varies between trackpad and mouse users. Inertia decay curves, burst timing, and direction-change patterns create another identity dimension.

Interaction rhythm captures how you think through a UI: pause durations, tab-switching cadence, the tempo of switching between typing and clicking. This higher-order signal reflects cognitive patterns, not just motor control.

All these signals combine into a continuous trust score. When the behavioral signature matches the enrolled user, trust stays high. When an attacker hijacks the session, uses remote access tools, or someone else sits down at the keyboard, the signature diverges and trust drops within seconds.

The key insight: GrayPass never sees what you type, what you browse, or what is on screen. It only observes timing statistics and movement dynamics. Privacy is enforced by architecture, not by policy.

---
Trust Score
Waiting
Signal Quality
Keystroke
--
Pointer
--
Scroll
--
Rhythm
--
Gaze
--
Cognitive
--
Live Behavioral Features
dwell-
key CV-
ptr speed-
jitter-
scroll rate-
consistency-
gaze fix-
gaze sac-
blinks-
Behavioral Consistency
Edge Inference
Inactive
Event Feed
--:--:-- Awaiting session start

Integrate in 3 Minutes

Add ambient identity trust to your app with a few lines of code. Click each step to walk through the integration.

1

Install the SDK

Add the GrayPass SDK to your project. Works with any framework - React, Vue, Angular, Svelte, or vanilla JS.

npm install @graypass/sdk
2

Initialize GrayPass

Add one initialization call. GrayPass stays dormant until you start a session - zero overhead until activation.

import { GrayPass } from '@graypass/sdk'; const gp = GrayPass.init({ apiKey: 'pk_live_your_key_here', mode: 'shadow', onTrustChange: (update) => { console.log(`Trust: ${update.score} [${update.state}]`); }, onStepUpRequired: (decision) => { showReauthDialog(); }, });
3

Start a Session

After your user logs in through your normal auth flow, tell GrayPass to start monitoring. That's it - ambient trust begins.

// After successful login await gp.startSession({ userId: user.id, metadata: { role: user.role } }); // On logout gp.endSession();
4

Define Trust Policies

Wire trust signals into your authorization logic. GrayPass provides the signal - you control the actions.

// Server-side policy check app.post("/api/transfer", async (req, res) => { const trust = await graypass.getTrust(req.sessionId); if (trust.score < 0.4) { return res.status(403).json({ action: "session_killed", reason: trust.reasonCodes }); } if (trust.score < 0.7 && req.body.amount > 5000) { return res.status(401).json({ action: "step_up_required", challenge: "mfa" }); } await processTransfer(req.body); });
Total integration: 12 lines of code

The Threat Lab

See how GrayPass detects real-world attacks. Click any threat to simulate it and watch the trust score respond in real-time.

Session Hijacking

Attacker steals a session cookie and replays it from a different machine. The behavior signature changes instantly.

pointerkeystrokerhythm

Remote Access / RMM

Attacker controls the session via TeamViewer, AnyDesk, or malware-based RMM. Pointer jitter and timing artifacts expose them.

micro-jitteraccel-profilelatency

Bot / Automation

Playwright scripts, macros, or AHK simulate input. Deterministic timing and zero physiological noise give them away.

timing-entropyjitter-absentregularity

Shoulder Surf / Swap

A different person sits down at an unlocked laptop. Within seconds, the behavioral fingerprint diverges from the enrolled user.

keystrokepointerscrollgaze

Replay Attack

Attacker records and replays captured behavioral data. GrayPass detects repeated frame fingerprints and temporal anomalies.

frame-hashtemporalentropy

Credential Stuffing

Attacker logs in with stolen credentials. Even with valid credentials, their post-login behavior doesn't match the identity template.

all-signalsenrollmentcold-start

API Reference

Authenticate every request with your secret key in the Authorization: Bearer header. Test keys use the sk_test_ prefix. Live keys use sk_live_.

Base URLs

Test Environment
https://api.graypass.org
Production Environment
https://api.graypass.org

Endpoints

POST /v2/sessions/start

Start a new continuous trust session. Call this after your user logs in.

POST /v2/sessions/start Authorization: Bearer sk_test_xxx { "user_id": "user@example.com", "device_id": "d_abc123" }
POST /v2/ingest

Stream behavioral feature frames for real-time trust scoring.

POST /v2/ingest { "session_id": "sess_xyz", "frames": [{ "ts": 1709136000000, ... }] }
GET /v2/trust/:session_id

Retrieve the current trust score and state for a session.

{ "score": 0.92, "state": "STABLE", "reason_codes": [] }
POST /v2/sessions/end

End an active session and finalize the trust record.

POST /enrol

Create or update a behavioral identity template (legacy).

POST /auth

Verify a session against an enrolled user (legacy).

Rate Limits

Test: 1,000 req/hour. Live: 10,000 req/hour by default. HTTP 429 on overage.

Data Handling

No raw input stored. Only derived feature vectors and timing statistics.

Webhooks

Configure callbacks for trust state changes, step-up requests, and session anomalies. Payloads are HMAC signed.

Environments

Test and live keys are fully isolated. All responses include a mode field.

Need higher limits or enterprise controls?

api@graypass.org

Developer Portal

Generate API keys, view quickstart code, and explore the platform capabilities.

Get Your API Key

Create a free API key to integrate GrayPass into your application.

Quickstart

import { GrayPass } from "@graypass/sdk"; const gp = GrayPass.init({ apiKey: "pk_live_your_key_here", mode: "shadow" }); await gp.startSession({ userId: user.id }); const trust = gp.getTrust();

Platform Capabilities

Continuous Trust

Always-on behavioral identity scoring. No interruptions.

SDK Integration

JavaScript SDK for frictionless client capture.

REST API

Enroll, verify, and stream trust scores over HTTPS.

Gaze Tracking

Optional webcam-based gaze signals. No frames stored.

Edge Inference

On-device anomaly detection for zero-latency decisions.

Policy Hooks

Webhooks, SSE, and API-driven policy integration.