TecTonyVerify/ Tier-0
01 / Try the demo02 / Integrate
BKK —:—:—Request access
TecTonyVerify

Tier-0 on-device presence, liveness, anti-replay and face-match that integrates with certified eKYC/PAD providers. Not certified eKYC, not certified PAD (ISO/IEC 30107-3), and not an identity provider.

© 2026 TecTony Co., Ltd. · All rights reserved.Designed & built in Thailand
§ On-device identity assurance

Identity,
proven on-device.

Everything runs in the browser, on the visitor's device. No raw video is ever transmitted — only periodic evidence snapshots are kept. That on-device design is the core PDPA data-minimization story.

Try it on your own face →Request demo access
Presence  ·  Liveness  ·  Anti-replay  ·  Face-match  ·  On-device  ·  PDPA-first  ·  No raw video  ·  HITL review  ·  Presence  ·  Liveness  ·  Anti-replay  ·  Face-match  ·  On-device  ·  PDPA-first  ·  No raw video  ·  HITL review  ·  

How the guided flow works

§01 / Flow
011

Presence

Camera on; confirm a single, centred, live face.

022

Reference capture

Anchor the session to a reference face template (an on-device embedding).

033

Active liveness

Randomised blink / smile / open-mouth challenge — defeats static photos.

044

Active-illumination anti-replay

Random screen colour cast correlated against the face — defeats phone/tablet replay. A confidence score, not a certified verdict.

055

Face match

Continuity check: the person now is the person who enrolled.

066

Verdict

Per-stage pass/fail and scores, with a live evidence & audit panel.

A face rendered as a point-cloud scan — processed entirely on the device

PROCESSING ·· ON-DEVICE  /  TRANSPORT ·· NONE (RAW)  /  PERSISTED ·· SNAPSHOTS

§02 / Privacy

On-device by design

Presence, liveness, anti-replay and face-match all run on the visitor's device. Only evidence snapshots persist (to encrypted object storage) for human review.

0
raw frames sent
100%
in-browser
APAC
evidence residency
§03 / For your product

Drop Verify into your flow.

Whitelabel the on-device engine as one step — you own the evidence and the verdict. It integrates with your certified eKYC/PAD vendor; it doesn't replace it.

See how it integrates →

Enterprise-grade infrastructure

§04 / Infrastructure

The Tier-0 engine runs in the visitor's browser — but the surface that serves it and stores evidence runs on Cloudflare's global edge, the same platform behind TecTony's own production systems.

A smartphone holding a glowing identity shield — processing stays on the device
01

Global edge runtime

Served from Cloudflare Workers — edge-distributed and auto-scaling, with no single origin to overload.

02

Encrypted in transit

HTTPS everywhere with HSTS and managed TLS certificates — connections are encrypted end to end.

03

DDoS protection

Cloudflare's always-on, automatic DDoS protection sits in front of every endpoint.

04

Encrypted at rest

Evidence snapshots persist to Cloudflare object storage (R2), encrypted at rest by the platform — face embeddings never leave the device.

05

Hardened response headers

Strict Content-Security-Policy, X-Frame-Options DENY, and a locked-down Permissions-Policy (camera only, same-origin).

06

Secrets stay server-side

Credentials and keys are managed as server-only secrets — never committed to source, never shipped to the browser.

§05 / Residency

Your data, kept in your region

On-device processing means almost nothing leaves the visitor in the first place. What does persist — the evidence snapshots — can be kept in-region or routed straight to your own store, so records stay close to home rather than shipped to overseas defaults.

A person checking their phone by a window over the Bangkok skyline

In-region by default

Evidence storage is provisioned in the APAC region — close to Thailand — not on US or EU defaults.

Configurable per deployment

Each engagement can pin evidence residency to your required region — Thailand / APAC — as part of setup.

Or your own store

Point snapshots and per-stage scores at your own endpoint — you hold the evidence, on your infrastructure.

Embeddings never leave the device

The reference face template stays on the visitor's device — it is never transmitted or stored remotely.

PDPA data-minimization

Because raw video is never transmitted and only periodic snapshots persist, less data exists to govern in the first place.

Designed & built in Thailand

Engineered by a Thai studio for the Thai market — bilingual TH/EN by default.

Operated with discipline

§06 / Operations

A real deployment needs more than a passing demo run. Verify is built around honest verdicts, an auditable trail, and a clean privacy posture from the first request.

Human review on inconclusive

Borderline anti-replay results are a confidence score, not a verdict — inconclusive cases route to human review, never auto-pass.

Auditable by design

Every review action writes to an append-only audit trail, with tenant-configurable retention.

Request observability

Worker-level request logging and traces are enabled across the deployment.

Backup & recovery

Automatic point-in-time recovery via Cloudflare D1 Time Travel, plus a nightly database export to object storage — no manual backup step. Off-site replication to your own infrastructure is available per engagement.

No third-party trackers

No analytics scripts, no advertising pixels, no third-party trackers — nothing watching your users in the background.

Continuity, then certified handoff

Face match confirms it's the same person who enrolled; for regulated proofing, Verify hands off to your accredited eKYC/PAD provider.

§07 / Get access

See it on your own face.

Run the full flow now, or request a whitelabel demo for your team.

Try it on your own face →Request demo access

TecTony Verify is a Tier-0 on-device presence, liveness, anti-replay and face-match engine that integrates with certified eKYC/PAD providers. It is not certified eKYC, not certified PAD (ISO/IEC 30107-3), and not an identity provider. Anti-replay output is a confidence score, not a certified verdict; borderline cases are routed to human review.