Back in 2012, I was trying to deploy security certificates on old mobile handsets. Nobody wanted to use them. Security had become so cumbersome that it was defeating its own purpose. That frustration sparked a question that would reshape our entire approach: What if security could be invisible?
We launched a research app on the Google Play Store – back when they still allowed lock screen applications. Within five weeks, 25,000 people had downloaded it across 700 different device types, from $50 phones in Asia to premium smartphones in North America. We told users explicitly we’d be learning from their behavioral patterns. They still downloaded it.
The data revealed something profound. The way you hold your phone, the angle, the pressure you apply to the screen—these create a signature as unique as your fingerprint. We could tell if you were left-handed or right-handed, even whether you were on a train or bus based on movement patterns. Banks got interested quickly. They wanted to know if they should advertise left-handed or right-handed golf clubs to their customers.
Building Trust Through Transparency
Early on, we made a critical decision: explainability. While the industry was building black box AI systems that output percentages nobody could interpret, we opened up our algorithms. When our system says there’s a 90% match, we show exactly why – which behavioural factors scored high, which scored low. We create an audit trail for every decision.
In regulated industries, transparency builds trust. It’s not enough to say “the AI decided.” You need to be able to explain your reasoning, especially when it comes to security decisions that affect people’s access to their financial accounts or personal data.
Running AI continuously on mobile devices presents unique challenges. Some vendors’ solutions literally light up phones from the computational load. We crafted our algorithms from scratch to be thermally efficient: running continuously for days while using less than 1% battery. Everything processes at the edge, on the device itself. No sensitive behavioral data ever leaves the user’s control.
Our multi-dimensional approach fuses intelligence from different engines: device, contextual, network, biobehavioral, and social. If someone wants to compromise the system, they’d need to mimic patterns across all dimensions simultaneously. Good luck with that.
The Defence Pivot
Then defense organizations approached us with an entirely different problem. GPS and GNSS signals from satellites arrive at Earth incredibly weak – weak enough that a $50 jammer from Amazon can disrupt them. Authentication wasn’t even considered when these systems were designed decades ago.
The implications hit home when a US drone was captured after its location was spoofed. The drone thought it was in friendly territory but was actually over Iran. It landed right where the attackers wanted it. They opened it up and reverse-engineered American drone technology.
Electronic warfare used to be confined to battlefields. Not anymore. Truck drivers buy personal jammers to avoid employer tracking. They drive near a port, and suddenly ships lose navigation. Drive near an airport, and planes can’t land. The Baltimore bridge incident showed what happens when a ship loses its bearings in a critical waterway.
Financial institutions discovered an even scarier vulnerability. Spoof GPS timing signals, and suddenly all your trades are out of order. Settlement systems rely on precise timestamps. Mess with those, and you’re looking at billion-dollar losses every day the system stays compromised.
Zero to Impact in Electronic Warfare
We realized our behavioral modeling approach could address this chaos. Instead of learning how individuals interact with devices, we create behavioral baselines for entire ports and critical infrastructure. When jamming or spoofing occurs, we detect it within three seconds. Same core platform, different sensors.
This is what we call our zero-to-impact approach. We took a concept working in one domain and rapidly deployed it to solve problems in an entirely different space. Within weeks, we went from mobile authentication to protecting critical maritime infrastructure.
The transformation in electronic warfare mirrors what we saw in cybersecurity. After the Cold War, nobody updated their electronic warfare capabilities. Everything focused on improving hardware accuracy and precision. But Ukraine showed us the new reality: software-defined battlefields where threats evolve at the speed of code, not hardware development cycles.
Traditional defense contractors need months or years to update firmware when new threats emerge. Meanwhile, adversaries reprogram their software-defined radios instantly, changing attack vectors faster than any manual response can match. You’re perpetually behind the threat curve when you’re fighting software with hardware.
Building Canada’s Electronic Defence Capabilities
Deploying our sensors across Canada’s maritime coast revealed the scope of the challenge. With 75% of global trade moving through maritime routes, protecting these channels means protecting the arteries of commerce. We’re creating resilient positioning, navigation, and timing systems that maintain operational awareness even when primary signals fail.
This work directly supports Canada’s defense sovereignty. When we can detect and respond to electronic warfare threats in real-time, we’re not just protecting individual ports – we’re strengthening our entire defence industrial base with Canadian-developed technology.
The convergence of physical and digital security reshapes how we think about threats. Corporate espionage might involve bugs listening to conversations while simultaneously jamming communications. Drones carrying drugs across borders jam the surveillance drones trying to stop them. Every domain – land, sea, air, space, and cyber—faces similar challenges.
Privacy by Design
Privacy considerations guided every design decision. We could have centralized everything on servers, but that creates honeypots for attackers and privacy nightmares for users. By keeping behavioral models on devices and processing at the edge, we maintain security without compromising individual privacy. Raw sensor data never needs to leave the device once models are created.
This approach becomes even more critical in defense applications. When dealing with sensitive military operations, you can’t afford to have critical data flowing through third-party systems or foreign-controlled infrastructure.
The Path Forward
Our zero-to-impact philosophy drives every decision. In team meetings, I ask one question: What impact does your work have? On customers, on the company, on yourself? If you can’t articulate the impact, stop working on it. Move to something that matters.
This journey from mobile authentication to electronic warfare defence might seem like a radical pivot. But the core insight remains constant: behavioral patterns reveal truth. Whether authenticating a banking app user or detecting GPS spoofing at a port, abnormal behavior stands out against established baselines.
The sensors tell stories – about users, about infrastructure, about threats. Our job is to listen carefully enough to understand what they’re saying, then act fast enough to make a difference. In a world where security threats evolve at machine speed, human-speed responses no longer suffice.
Building from first principles means questioning assumptions others take for granted. Why should security be visible and cumbersome? Why accept black box AI when explainability is possible? Why wait for hardware updates when software can adapt in real-time?
These questions led us from frustrated mobile security deployments to protecting critical infrastructure from electronic warfare. The path wasn’t obvious- but the impact makes every challenge worthwhile.
Interested in learning more about how Zighra is building the future of behavioral intelligence for defense and critical infrastructure?