YinkoShield
Brief

deployments · where we run

Three estates. One Trusted Runtime Primitive. One signed format.

Mobile, POS, and self-service terminals are different environments with different threats. The substrate ships across all three, observes what each one does, and produces evidence in the same shape — verifiable by your stack, your dispute platform, your regulator, your partners.

one signed format across all three

Three estates converge to one evidence record.

Mobile banking · fintech POS terminals · agents SST kiosks · branches ONE EVIDENCE FORMAT JWS · ES256 · ~200 bytes CONSUMED BY · ANY PARTY WITH THE PUBLIC KEY issuers · schemes · acquirers · risk engines dispute platforms · partners · regulators
three deployment surfaces
  1. ·01 deployment

    Mobile

    mobile banking · fintech · neobank · superapp

    Mobile execution becomes evidence instead of inference.

    The OS, network, user, and runtime can all change between credential and request. We sign what happened in that interval — and surface overlay attacks, SIM swap, app repackaging, and identity continuity along the way.

    • overlay & accessibility abuse
    • SIM swap, mid-session
    • app repackaging
    • identity continuity
    • restart & lifecycle context

    Densest deployment for five of the six journeys.

    SEE WHAT WE DO HERE →
  2. ·02 deployment

    POS · mPOS · SoftPOS

    acquiring · terminal fleets · agent banking

    Opaque terminals become deterministic assets.

    Standard terminals are opaque to the systems that depend on them. We establish a verifiable trust boundary at the device — replacing server-side assumption with cryptographically attested evidence at the moment of execution.

    • terminal-level integrity
    • offline ledger continuity
    • fleet onboarding
    • hardware-key-bound evidence
    • agent-banking economics

    Carries the load for Network and Operations journeys.

    SEE WHAT WE DO HERE →
  3. ·03 deployment

    Self-service terminals

    bank kiosks · citizen identity · branch fleets

    Long-session execution provenance, end-to-end.

    Multi-step kiosk flows — payment, account opening, identity verification — are signed and hash-linked from the first touch to the last. Citizen-grade audit substrate for unattended terminals.

    • long-session execution
    • smart-ID adjacency
    • physical-access boundary
    • branch-fleet coherence
    • multi-step workflow attribution

    Audit-grade integrity for citizen-facing workflows.

    SEE WHAT WE DO HERE →
same primitive, different estate

The Trusted Runtime Primitive is the same module on every surface.

The TRP wraps syscalls, libc, and the platform's framework library — and runs continuous coherence checks — whether it is embedded in a mobile banking app, a POS terminal's firmware, or a kiosk's service shell. The signed evidence has the same shape regardless of where it ran.

Read the TRP deep article