Fraud vendors rent you a score — built on your own customers' data, computed in their cloud, inside a binary you can't read. Burein is an on-device, zero-egress SDK for Web, iOS, and Android that hands you the 1,000+ raw device, behavioural and integrity signals with a signed report — so you own the data, train your own models, and read every line that runs in your app.
{ "visitor_id": "v1_b3c1...e7", "confidence": 0.97, "signals": { ...1042 collected }, "threats": [ { "id": "FRIDA_HOOK_DETECTED", "severity": "critical", "confidence": 0.98 }, { "id": "AGENTIC_COMPUTER_USE", "severity": "critical", "confidence": 0.92 } ], "risk": { "score": 87, "band": "high", "decision_hint": "block" }, "signature": "Ed25519:..." }
Burein is a pure on-device library — no backend, no telemetry, no remote config channel. Your app embeds the SDK, your team gets the signal layer every fraud solution is built on, and the signed report feeds the risk pipeline you already run. Start with friction-minimised 2FA and silent continuous auth; layer the rest on your timeline.
A stable visitor_id derived from 1,000+ high-entropy signals — without shipping any of them to a third party. Deterministic across sessions, resilient to reinstalls.
Frida, Xposed, Magisk, repackaging, emulators, screen-share scams, accessibility abuse, headless browsers, anti-detect tools, and AI agents — detected on device, with evidence.
Mobile SDK →Burein never sees your users' data — by construction, not promise. The signed report is returned to your code via a public SDK method; you attach it to your own APIs, over your own transport. No DPA gymnastics. GDPR / DPDP / HIPAA / PCI postures inherit from your app, not from us.
Architecture →Every fraud vendor runs the same play: collect your customers' device data, train their model on it, and rent the model back to you — while the same model serves your competitors. In the AI age, the data is the asset. Burein hands you the raw signal on-device and gets out of the way, so the intelligence you build is yours to keep.
Incumbents abstract 1,000+ raw signals down to a score you can't rebuild a model from. Burein returns the full raw feature vector on-device, with zero egress to us — so you train on data we structurally never see, and it compounds into an edge no vendor can resell.
Device signals are a commodity, so incumbents can't charge for them alone — they wrap them in a score, a dashboard, and a subscription you didn't ask for. Burein sells the un-bundled signal layer, and nothing you don't need.
Source-code escrow and source-audit rights are a standard commitment, not a contract you have to fight for. Your security team reads exactly what executes on your customers' devices — no opaque binary, no blind trust.
Public CI test results, SBOM, SLSA provenance, reproducible builds, and a dedicated build delivered to each bank. You can prove the binary you ship matches the source you audited.
Anthropic Computer Use. OpenAI Operator. browser-use, Cline, Skyvern, Manus, BrowserBase. These agents drive real Chrome, on residential proxies, with real cookies — and they're invisible to legacy bot detection. Burein sees them.
Detects the screenshot → small move → screenshot pattern characteristic of LLM-driven UI control.
Synthetic typing with no typos, no backspaces, cadence that matches LLM token emission.
Mouse trajectories no human hand produces — straight lines, instant teleports, zero jitter.
Playwright, Puppeteer-extra-stealth, CDP, browser-use, Computer Use, Operator, BrowserBase tells.
| Capability | Fingerprint.com | Zimperium zDefend | Promon / Guardsquare | Burein |
|---|---|---|---|---|
| Web fingerprinting | ✓ | — | — | ✓ |
| Mobile runtime integrity (RASP) | — | ✓ | ✓ | ✓ |
| On-device only · zero egress | — | partial | partial | ✓ by design |
| Agentic / AI-actor detection | early | — | — | ✓ first-class |
| Unified signal schema across Web + iOS + Android | — | — | — | ✓ |
| 1,000+ raw signals exposed to you | — | — | — | ✓ |
| Raw data you can train your own models on | — | — | — | ✓ |
| Source escrow + readable source + reproducible builds | — | — | — | ✓ |
| Customer-owned data, no DPA gymnastics | — | partial | ✓ | ✓ |
Embed device intelligence in regulated apps without adding a sub-processor. Source escrow available for sovereign deployments.
Stop renting a score built on your own data. Embed Burein, keep the raw signal on your side, and build a fraud edge that's yours to keep.