"They sounded exactly like my son. He said he was arrested and crying. I wired $18,400 before I realized he was asleep in his dorm."
— Eleanor R., 74 · Ohio · reported to FTC, March 2024
Impersonation scams cost Americans $2.7B in 2024 — FTC Consumer Sentinel
// LIVE SIMULATION ENVIRONMENT
Pick a scenario and watch a single text message collapse a scammer-built voice forgery attack into a verified hang-up — in under two seconds, across an independent data pathway.
Active phone line — compromised channel
▲ INCOMING · ENCRYPTED
Marcus Hale
Chief Executive Officer
⚠ Voice forged from stolen audio
00:00
Tap answer to hear the forged voice
CEO Marcus (scammer forgery)Sarah, it's Marcus. I'm between meetings, so I'll keep this short.
CEO Marcus (scammer forgery)We're closing the Halberd acquisition tonight. I need a forty-eight thousand dollar wire to the escrow account, right now.
CEO Marcus (scammer forgery)Don't loop in legal, don't email the board — this is under NDA until morning. Just send it.
CEO Marcus (scammer forgery)I'm sending you the wire details by text in thirty seconds. Confirm when it's out the door.
Voiceprint listening is a consumer feature. For business calls AirLock skips audio analysis and goes straight to a hardware-bound Truth-Token challenge on the real executive's device — auditable, logged to your SIEM, and immune to ambient-noise spoofing.
Recipient sends one character
Out-of-band — physically isolated
Status: Listening for challenges
Face ID / fingerprint on your real phone — SIM-swaps can't intercept it.
// Side-by-side outcome
// Context-aware identity engine
The Context-Aware Identity Engine maps who can plausibly ask Sarah for what. When a “CEO” calls about a wire, AirLock challenges Marcus specifically — not a random OTP. Generic 2FA can't tell the difference. We can.
// Who buys this
// AirLock Zero vs Audio Scanners
Buffer audio, extract features, run inference, then surface a confidence score that still needs a human to interpret it.
One SMS round-trip to the owner's Secure Element. The verdict returns before a wire form finishes loading.
Every new frontier voice model (GPT-4o, Gemini Live, etc.) erodes the detector's training distribution. Accuracy is a moving target.
We verify identity out-of-band — mathematically independent from the audio channel. No model to fool, no dataset to poison.
The scanner must analyze the very stream the attacker controls. Compromise the line, inject noise, or stream-hop — the detector is blind.
We never touch the call audio. The attacker can clone a voice perfectly and still can't forge a hardware-bound truth token.
// vs the field
| AirLock Zero | Pindrop | Reality Defender | Safe-words | |
|---|---|---|---|---|
| Defense channel | Out-of-band SMS + HW | Audio analysis | Audio analysis | Verbal memory |
| Verdict latency | <2s | 8–15s | 5–10s | Manual |
| Setup friction | Text ‘JOIN’ | Telco integration | Enterprise SDK | Must memorize |
| Beats GPT-4o Voice | degrades | degrades | social-eng. | |
| Works for Grandma |
// What if the owner's phone gets hacked?
One phone can be lost, stolen, or hijacked at the phone-company level. AirLock keeps a ranked list of backup channels and sends the approval to the safest one that's currently reachable — so no single weak link (especially not your phone number) can be used to fake an approval.
A scammer talks your phone carrier into handing your number to them. Every text code meant for you — including bank 2FA codes — now lands on their phone.
Sophisticated attackers can quietly read your texts and re-route your calls without you touching anything. You'd never know it happened.
If someone watches you type your PIN and grabs the phone, every text code and pop-up notification is theirs.
A small physical key (USB or NFC) that signs the approval with a chip inside it. A SIM-swap can't touch it, and a thief without the actual key can't use it.
A push notification to the AirLock app, approved with your face or fingerprint. The approval is tied to the specific phone, not the phone number — so a swapped SIM on a new phone receives nothing.
A private message from an AirLock bot in an app you already use. Delivery is tied to your account login — not your phone number — so number-porting attacks can't grab it.
Last-resort fallback, only used when nothing better is reachable. AirLock refuses to send high-stakes approvals (wire transfers, password resets, vendor bank changes) over plain SMS because a SIM-swap could grab it.
Every approval is signed by a key locked inside your phone's security chip, expires in 90 seconds, and only releases after a fresh face or fingerprint check. A stolen text or a SIM-swap turns up nothing usable — there's no shared code to steal.
A new phone can only be added after the owner approves it from an already-trusted device or hardware key kept offline. Even if a scammer SIM-swaps you, they still can't enroll their own phone — the phone company doesn't hold the keys, your existing devices do.
// What's new
One character (‘?’) deploys protection. No app to install in a panic, no password to remember. Grandma-grade UX.
Cryptographic one-time challenge bound to caller, request type, and amount. Useless if intercepted, expires in 60s.
Verdict is signed inside the owner's Titan / Secure Enclave — impossible to spoof from another device, even with the SIM.
// Pencil-test the ROI
Model: FTC Sentinel impersonation hit-rate (1.2%/yr) × wire size × 45% successful-transfer rate.
// 60-second setup
Text JOIN to the AirLock gateway number. No app download.
Reply with the people who might call you about money or medical info.
Any time you're suspicious, just text ‘?’. Verifications run automatically.
// How it works
Each trusted caller (CEO, vendor, grandkid, clinic) registers their phone's Secure Element. One 60-second flow per person.
Every protected user has a phone-bound key. No passwords. No 6-digit codes that can be read aloud to a scammer.
When a sketchy call comes in, recipient texts '?'. AirLock pings the real owner over an independent cellular path.
If the real owner says 'no' (or doesn't respond), the call is quarantined and finance/IT/family is alerted instantly.
// Pricing
Every plan delivers the same core promise: a verified hang-up in under two seconds. What changes is who you're protecting and how deep it integrates.
Safer calls for the people most targeted by voice scams.
Stops wire-fraud, vendor-bank-change, and helpdesk vishing in <2s.
The seatbelt that lets your business safely deploy frontier AI.
Scammers can now forge a recognizable voice from under 3 seconds of stolen audio — every public podcast, voicemail, or Instagram reel is enough source material.
FTC: $2.7B lost to impersonation scams in 2024. AI-voice reports up 1,400% YoY. Banks are quietly absorbing the losses.
FCC ruled AI-voice robocalls illegal under TCPA (2024). State AGs publishing guidance. Compliance demand is now.
// FAQ
Analyzing audio streams over cellular lines is slow and inaccurate against frontier AI models. By the time a scanner returns a confidence score, the wire transfer is already gone.
We bypass the audio channel completely. By lowering the defense barrier to a single text message trigger, regular people can deploy un-hackable out-of-band authentication in under two seconds.