SentinelKey AI.

Inspiration Modern digital account compromises are overwhelmingly driven by credential theft, phishing campaigns, and password reuse. Standard secondary authentication mechanisms such as SMS based OTPs or mobile push notifications mitigate remote attacks but completely fail when users are tricked into typing access codes onto fraudulent login portals, or when an on site adversary gains unrestricted access to an unattended machine after a user has already logged in. SentinelKey AI addresses these vulnerabilities by shifting the defensive perimeter from a single point in time check to a perpetual, multi layered validation state to ensure the authorized user is still the one operating the system. What it doesSentinelKey AI introduces a unified defense shield that merges a low cost, passwordless hardware token with a resource efficient, continuous behavioral AI recognition engine. The physical dongle completely replaces transmitted static credentials with an immutable, hardware bound secret key. While plugged into a machine, an inline software module running in the background profiles the operator s typing cadence, specifically flight times and dwell intervals between keys, as a living biometric identifier. If an unauthorized person takes over the terminal, the system detects the anomaly and triggers defensive actions up to an immediate hard server lock. How I built itThe project is built by fusing two distinct security layers: The first layer is the T Identity Core hardware which is a physical security dongle designed around an RP2040 microcontroller paired with Ferroelectric RAM. A unique device identifier and secret are permanently flashed onto the local hardware during initialization so that no raw password string is ever held or broadcasted over networks. The second layer is the INTRINSIC Engine which is an inline background module that evaluates data entropy using Prediction by Partial Matching compression models rather than complex neural networks. It uses Normalized Relative Compression to evaluate live typing against the stored profile using a specific mathematical framework. The third layer is the No Code Visual Control Hub which is a management dashboard inspired by Neuralese that provides an abstract, node based workspace where administrators can drag and drop threshold blocks to govern system reactions based on user rhythm match percentages. Challenges I ran intoThe primary challenge was neutralizing physical terminal hijacking without requiring computationally intense deep learning infrastructure, heavy background processing, or discrete GPUs which could lag the host machine. We overcame this by shifting away from standard neural network weights and utilizing a relative data compression approach using Prediction by Partial Matching models. This framework allowed the system to evaluate data entropy rapidly without relying on specialized computing nodes. Accomplishments that I m proud ofFirst, we successfully optimized the continuous validation sweep to run in just 18.4 milliseconds, making background monitoring entirely unnoticeable to the host machine. Second, we achieved active session verification and behavioral lockout with absolutely zero GPU overhead. Third, the entire architecture is highly scalable, yielding an estimated mass manufacturing overhead of only 12 to 16 Canadian Dollars per unit. What I learnedWe learned that robust, continuous behavioral AI recognition does not always require massive, resource heavy deep learning infrastructure to be effective. By applying data entropy and compression principles to physical biometric telemetry like keystroke dynamics, higher defensive resilience such as absolute phishing protection and continuous verification can be achieved on highly constrained edge devices. What s next for SentinelKey AIThe next step is expanding the project s specialized server segmentation architecture to support broader enterprise enrollment. We aim to refine the visual control hub s topology fusion rules to allow for more nuanced, automated system reactions and seamlessly deploy the token validation logic across diverse, public web facing environments.