Crypto Investor
Holdings that make you wealthy also make you a target for physical coercion. DeniableOS lets you show a decoy wallet, one an attacker can actually empty, while your real holdings stay in the hidden vault.
Two phones.
One device.
Zero evidence.
Your normal life unlocks when forced. Your real data stays invisible, encrypted as random noise. Built on GrapheneOS.
A dual-environment phone that shows a normal profile while your private data stays encrypted and hidden.
What they see. What's really there.
Two isolated environments on one device. The public environment unlocks with one PIN, the hidden vault answers to another.
Try each PIN to experience what an attacker would see.
1234Public OS9999Hidden vault0000Duress wipe
Locked
Same device. Different realities.
Each code opens a different reality, same device, two lives, no trace either way.
The “Emergency” control is Android’s built-in call function. It does not protect your data, DeniableOS adds the duress PIN above for that.
Your security is only as strong as your ability to withstand coercion.
Encryption protects your data, until someone forces you to unlock your phone. In high-risk environments, standard mobile security isn't enough.
Backed by
Who sleeps better with Deniable.
Traveler
At many borders a device can be copied without a warrant. Unlock to the public environment and the phone is clean, with no secrets to find.
Journalist & Activist
Sources trust you with their lives. Deniable encryption means you can cooperate with authorities without betraying anyone, because there is no last key visible to surrender.
Attorney & Executive
Privileged client data on a confiscated device. The decoy profile passes inspection while the real work sits in encrypted storage until you are back in the office.
Engineered for coercion, not compliance.
Technical lineage
- GrapheneOSHardware-hardened Android base
- Rubberhose (1997)Deniable filesystem precedent
- Adiantum + AESIndistinguishable from random noise
Three steps.
0 minutes.
No command line. No flashing tools. No technical skills needed.
From a supported Pixel to a deniable daily driver, without a desktop app, a USB drive, or a command line. Here is the whole path.
Install from browser
Supported Pixel + USB-C + Chromium. Web installer flashes DeniableOS like GrapheneOS does. No desktop app needed.
Set three PINs
Public PIN for visible life. Hidden PIN for the hidden vault. Duress PIN, entered under coercion, wipes the vault silently.
Live normally
Use the public environment every day. Switch to the hidden vault with your Hidden PIN. When forced to unlock, show the public one.
Why pay when Graphene is free?
GrapheneOS protects you by deleting everything. We protect you by showing a life you can surrender.
Coercion response
GrapheneOSWipe (empty phone, suspicious)
DeniableOSConvincing public environment
Hidden storage
GrapheneOSNone
DeniableOSEncrypted, indistinguishable from noise
Forensic inspection
GrapheneOSReveals wipe occurred
DeniableOSPasses, nothing to find
Target user
GrapheneOSTechnical privacy enthusiasts
DeniableOSAnyone who might be forced to unlock
Price
GrapheneOSFree (donationware)
DeniableOSFrom $29.99/mo, paying for the decoy
| Criterion | GrapheneOS | DeniableOS |
|---|---|---|
| Coercion response | Wipe (empty phone, suspicious) | Convincing public environment |
| Hidden storage | None | Encrypted, indistinguishable from noise |
| Forensic inspection | Reveals wipe occurred | Passes, nothing to find |
| Target user | Technical privacy enthusiasts | Anyone who might be forced to unlock |
| Price | Free (donationware) | From $29.99/mo, paying for the decoy |
People who cannot afford to be found.
Stopped and searched, the phone shows an ordinary, working device. Sources and files stay in the hidden vault, out of reach.
In public the device looks and behaves like any other phone, so it never draws attention at a checkpoint.
Staying unremarkable is the work. The public environment is a complete, normal phone, with nothing to flag.
Even when authorities inspect the device, the sensitive material sits in an encrypted volume they cannot prove exists.
Pay once. Stay anonymous.
License only. No device lock in. Pay monthly, yearly, or once for lifetime.
14-Day RefundSecure CheckoutWorks on your Pixel
See full comparisonCard via Stripe
Manage secure fleets. Without exposing them.
The Deniable Web Dashboard gives teams a simple, powerful way to deploy, manage, and revoke devices, all without compromising security.
License Management
Issue and revoke licenses, only authorized devices run Deniable OS.
Remote Security
Remotely revoke access if a phone is lost or compromised, disable it instantly.
Scale Deployment
Deploy at scale, easily activate and track hundreds or thousands of devices.
Simple Updates
Push OS and security updates across your fleet without physical access.
Zero Trace
No MDM fingerprint visible on the device. Admin control stays invisible.
Team Control
Granular permissions, audit logs, and team-level policy enforcement.
What people ask before they buy.
Stop fearing what your phone could reveal.
15 minutes to install. Normal life still works. Nothing to disclose. 14-day refund if your device isn't compatible.