Microsoft's VALL-E 2 clones any voice from 3 seconds of audio. someone deepfakes your CFO on a video call, authorizes a $50M wire, the bank sends it. Arup lost $25.6M this way in February 2024. the phone callback is dead.
detection is a losing arms race. so: physics.
credit-card-sized device. no wifi, no bluetooth, no data ports. displays transaction details on a screen hardwired to the chip. the CFO reads the destination, the amount, the sender. physically confirms. authorization is cryptographically signed on an NXP EdgeLock SE051 (EAL 6+, same chip in banking cards and government passports). signing kernel is ~200 lines of code.
you can clone a voice. you can clone a face. you cannot clone a physical device on someone's desk.
flew to Davos to demo it during the World Economic Forum. swiss counter-terrorism detained me for 13 hours because the prototype looked like an IED. line-by-line code review, cleared the device in under 20 minutes. the 13 hours was bureaucracy, not the code.
since davos: first meetings with J.P. Morgan, BBVA, and UBS.
happy to answer technical questions.
Links:
- Semafor wrote it up: https://www.semafor.com/article/01/22/2026/an-entrepreneurs-...
- original thread (103K views): https://x.com/s_heyneman/status/2014519007244656652
- deepfaked myself authorizing a $60,000 wire for the YC demo. one photo, one voice sample, off-the-shelf AI, 20 minutes: https://x.com/s_heyneman/status/2021100304436191630
deepfake clones your cfo, authorizes a wire, the bank's hsm cryptographically signs the theft. signature is valid. intent is fake.
verdico is client-side. secures the moment of authorization before the packet hits the rail.
banks solved double-spend. this solves double-speak.