darkid ← darkid.io
Live demo · real production endpoint

This is your device.

No login. No cookie. We're reading this device's own characteristics and matching them at the global edge — right now.

collect.darkid.io / v0 / collectreading
your visitorId · stable across reload & incognito
reading device_
Continuous authentication · behavioural biometrics

Move your mouse around and type a sentence below — darkid learns the rhythm of how you drive the session, then flags if someone else takes over.

Bind a passkey · secure element

The most durable signal there is: a passkey lives in this device's secure element (Secure Enclave / TPM / Android keystore) — it survives cookie and cache clears, and incognito. Face ID / Touch ID / Windows Hello.

Now prove it. Reload this page — the identifier holds. Open this URL in an incognito / private window — still the same. Incognito wipes cookies and storage, so a stored ID couldn't survive. darkid's does, because it's matched from the device itself. That's the whole idea.

Want to see the verdict flip? Open this page with a headless browser — Playwright, Puppeteer, or any automation tool — and watch the kind switch to Agent and the automation score climb.
darkid.io · see in the dark · home · console
signals are hashed for this demo only · IPs are never stored raw