Travellers held at a roadside checkpoint with their hands raised while their belongings are searched

Deniable

The world's first deniable-encryption phone OS, built for the moment someone forces you to unlock.

Introduction

Deniable is a cyberphysical security company. Our first product is the world's first deniable encryption operating system, built for civilian and military operators who carry data worth taking into places where someone can force them to unlock their devices. We close the one gap the security industry has spent decades stepping around: forced key disclosure.

The world spends about $213 billion a year keeping attackers out of its devices. The cheapest way past all of it costs about five dollars: a wrench. Nobody cracks the encryption when they can crack the person holding it, and once that person unlocks the phone, the passcodes, the biometrics, and the encryption fall at once. The field has a name for it. The wrench attack.

That is the coerced-key gap, and it sits at the sharp edge of cyberphysical security: where digital tools meet the real world, and the weakest part of any system is the person holding the key. Cybersecurity assumes the attacker is somewhere else. Cyberphysical security assumes the attacker is standing in front of you.

Three views of a Deniable phone: an ordinary home screen, the PIN entry, and the hidden environment with its own apps

"The ability to carry a dual-environment device, one that looks like a regular smartphone but conceals an encrypted mission workspace that is truly invisible under inspection, could have been game-changing on many of my past deployments. … A solution like Deniable, with its offline-first design, duress PIN features, and forensic invisibility, aligns precisely with what's needed on the edge."

USAF Airborne ISR Operator, 97th Intelligence Squadron (20+ years, 9 combat deployments)
Interactive mechanism

One phone. Three PINs.

Deniable turns forced unlock into a choice between three believable outcomes: ordinary access, hidden access, or a clean public profile after duress.

Choose a PIN and watch the same device resolve differently.

Public profileLocked

Try 1234 to reveal.

Hidden vaultLocked

Try 9999 to reveal.

Phone locked

The people who live with this gap are not edge cases. Journalists carry sources across borders, where a single device search can burn an entire network. NGO teams pass through checkpoints run by the forces they document. Private security details, energy crews, and intelligence personnel cross hostile ground with high-value data in their pockets. And anyone holding real cryptocurrency in a wallet on their phone is carrying a vault that a single forced unlock empties. For all of them, encryption was never the problem. Being made to open it was.

And the exposure is widening. Border agents now search phones as routine, authoritarian checkpoints are multiplying, crypto holders are robbed at gunpoint for their keys, and forensic kits powerful enough to image a device in minutes are cheap and everywhere. The use of coercion was once rare. It is becoming ordinary.

Karakoram built Deniable to close that gap. We took it from a problem the market wrote off as theory to a deployed operating system, in the field, against real adversaries.

Deniable is a hardened Android operating system with three passwords and one phone. The first opens an ordinary, working phone. The second opens the hidden environment, where the real data lives. The third destroys the hidden environment and opens the ordinary one. Under pressure, the user looks fully cooperative, and the phone looks unremarkable.

It works like a traveller's false wallet. Hand over a little, keep the real one out of sight, and the threat passes. The mechanism is what makes it hold: the hidden data is stored so that it cannot be distinguished from unused space, and its existence cannot be proven, even by a trained examiner with forensic tools. Show everything, without showing anything.

"It's been transformative for us so far."

Security lead, major international news organization
A checkpoint guard inspecting a traveller's unlocked phone
The same traveller walking on through the checkpoint, phone in hand

The idea isn't new. Hidden volumes and hardened phones have been around for years. But desktop tools like VeraCrypt never made it to the field, and privacy-focused systems like GrapheneOS harden a phone against a remote attacker, not against the person holding it. None of them was built for forced disclosure. Deniable is.

Customers can run Deniable in two ways: with pre-provisioned devices ready to hand out, or with a software-only license they install on phones they already have. Either way, a team puts it to work without becoming security engineers.

A traveller made to unlock his phone between two armed men at a checkpoint at dusk

Impact

Field-deployed

Deployed since late 2024 in contested environments, with journalists, NGO field teams, and intelligence personnel

Clean record

Zero compromises: as of June 2026, we have had no reports of arrests, detentions or data loss from any of our users, anywhere

In production

Adopted in production by the international high-risk team of a global news-media organization, protecting field crews, covert filming, and confidential sources

Early traction

In early revenue and growing 18% month over month, with paying customers across NGOs, journalism, energy, legal, and private security

The hard part is done: Deniable is built, deployed, and earning. On a coercion-resistant foundation, the same team can extend well beyond the phone, to resilient field communications, secure tunnels, and the laptops and servers that operators carry into the same hostile ground. That is the roadmap. The market it reaches into runs to tens of billions, and Deniable holds the entry point that no one else does.

That is the work Karakoram sets out to do: take a problem the market has written off as too hard, and build a company against it. Deniable is the third venture we've built this way. It won't be the last.

Continue exploring