Know when a
session has been
compromised.

ValorQ detects account takeovers, session hijacking, and credential abuse in real time by analyzing how users actually behave. On-device, zero latency, no PII transmitted.

valorq / session-monitor
ACTIVE SIGNALS ses_9a3f1c
step_timing:anomaly
Completed in 340ms vs. personal baseline
score: max
CRITICAL
field_paste:credential_field
Clipboard paste on sensitive field
score: max
CRITICAL
motion:anomaly_detected
Static profile, no natural variance
score: high
HIGH
RISK SCORE
82
● BLOCK
onRiskChange fired
multiple signals · user baseline
0ms
Network latency for on-device signals
4
Native SDKs across Android, iOS, Web, React Native
9+
Behavioral signal dimensions across timing, motion, and flow
0
PII transmitted. Behavior, not identity.
Detection Engine

Every dimension of
user behavior.

ValorQ captures signals across timing, interaction, motion, and flow. The moment behavior shifts from a user's established pattern, the engine knows.

Step Timing

Time spent on each screen is measured against each user's personal baseline. Anomalously fast progression triggers a signal immediately.

Per-step · Per-user baseline

Credential Behavior

How credentials are entered reveals intent. Automated input patterns on sensitive fields are flagged with no warm-up period required.

Zero latency · No warm-up

Session Velocity

Total flow completion time is measured against rolling baselines. Sessions completing flows at superhuman speed trigger high-confidence anomaly signals.

Flow-level · Rolling baseline

Motion Signals

Physical device behavior is analyzed for signatures consistent with human use. Non-human environments exhibit characteristic patterns no legitimate user produces.

Device sensors · Environment

Interaction Patterns

The way a user navigates UI elements is compared against their own history. Legitimate users show natural consistency. Attacker-controlled sessions do not.

Touch · Navigation · Rhythm

Navigation Flow

Screen transition sequences and dwell times are compared to expected flow paths. Compromised sessions navigate with a mechanical linearity no real user exhibits.

Screen sequence · Flow path

Behavioral Drift

A session deviating significantly from an established user profile is treated as high-risk. Account takeover is detected even when credentials are valid.

User lifetime · Profile deviation

Risk Aggregation

Active signals are combined into a single composite score from 0 to 100, updated continuously as the session progresses. One number drives one clear action.

Weighted · Confidence-adjusted
Architecture

Complementary
by design.

ValorQ sits alongside your existing security stack. It adds a behavioral signal layer that WAF, device fingerprinting, and transaction monitoring cannot produce on their own.

SDK

On-device scoring first

All signal layers score locally before any network call. Risk callbacks fire immediately, so friction is applied before the transaction reaches your backend.

DB

Server baseline hydration

With backend mode, baselines sync across device upgrades. A user's behavioral fingerprint persists even when they switch devices.

API

Risk queryable server-side

Your backend can query session risk via API before authorizing any transaction. Defense in depth, on your terms.

System Architecture
Client app
Android / iOS
Client app
Web / React Native
ValorQ SDK
On-device scorer · Event queue · Transport
↓ onRiskChange
POST /v1/ingest ↓
App UI
Step-up auth / Block
Backend
Rescoring · Persistence
Your systems
Fraud stack · Transaction auth · Alerts
Platform Coverage

Drop-in SDK for every
customer surface.

Four native packages. One unified scoring model. Baselines are platform-specific by design — behavioral patterns differ across surfaces, and ValorQ accounts for that automatically.

Android

Kotlin-native with Jetpack Compose first-class support. Encrypted local storage, coroutines throughout, and a StateFlow interface for reactive UI integration.

KOTLIN · COMPOSE · NATIVE

iOS

Swift Concurrency throughout. Actor-isolated scoring engine, Keychain storage, and SwiftUI ViewModifiers for seamless integration into existing screens.

SWIFT · SWIFTUI · NATIVE

Web

TypeScript package with React components. Local baseline persistence, automatic session tracking, and React hooks for direct risk state binding.

TYPESCRIPT · REACT · FETCH

React Native

Extends the core client with native storage and AppState lifecycle management. Platform resolves automatically so behavioral baselines remain correctly separated.

EXPO · REACT NATIVE · HOOKS
Deployment Models

Start simple.
Scale to full.

Three integration depths. SDK-only for evaluation. Full deployment for enterprise-grade session security.

Model 1
SDK Only

All scoring happens on-device. Zero network calls. Ideal for privacy-sensitive environments, initial evaluation, and teams who want frictionless integration before any backend work.

  • +On-device scoring engine
  • +Instant risk callbacks
  • +Encrypted local baseline storage
  • +No backend infrastructure required
Model 3 — Coming soon
Full Platform

The complete observability layer for enterprise security teams. Session lifecycle tracking, live operations dashboard, fleet analytics, and webhook alerting in one platform.

  • +Everything in Model 2
  • +Live operations dashboard
  • +Fleet analytics and risk trends
  • +Webhook alerts on tier changes
  • +Audit log and compliance export
Notify me when available →
Scoring Engine

Decisions backed by
proven mathematics.

ValorQ's risk engine is built on well-established statistical methods, not opaque ML models. Every verdict is explainable, auditable, and grounded in how real users actually behave.

How a session gets scored
Step 1
Observe behavior
Timing, motion, interaction, and flow signals are measured continuously throughout the session.
Step 2
Compare to baseline
Each signal is measured against that user's personal behavioral baseline using a proven statistical deviation model.
Step 3
Produce a verdict
Signals are weighted by severity and confidence. A composite score from 0 to 100 determines the session verdict.
Built on robust statistical methods proven effective at detecting behavioral outliers. Resistant to noise, accurate with minimal data, and designed to minimize false positives in low-data environments.
CLEAR
0 to 34
Behavior consistent with user history. No action required.
REVIEW
35 to 69
Anomalous patterns detected. Trigger step-up authentication.
BLOCK
70 to 100
High-confidence session compromise. Block immediately.
Get started

Built for high-trust apps.
Ready for your stack.

ValorQ integrates in days, not quarters. It layers on top of what you already have: device fingerprinting, WAF, transaction monitoring. It adds the behavioral signal layer that reveals when an account has been taken over.

Book a technical demo

See ValorQ running against a live production flow. We will walk through signals, risk scoring, and integration paths for your specific platform mix.

Schedule with ValorQ →

SDK evaluation access

Start with Model 1. No backend required. Get SDK packages for your platform and see behavioral signals fire in your test environment before any infrastructure commitment.

Request SDK access →

Security architecture review

For enterprise teams evaluating ValorQ alongside existing fraud infrastructure. We map your current stack and show exactly where behavioral biometrics adds signal.

Talk to our team →