Two phones.
One device.
Zero evidence.

Your normal life unlocks when forced. Your real data stays invisible — encrypted as random noise. Built on GrapheneOS.

A dual-environment phone that shows a normal profile while your private data stays encrypted and hidden.

DeniableOS on Pixel — two environments, one device

What they see. What's really there.

Two isolated environments on one device. The public environment unlocks with one PIN — the hidden vault answers to another.

Try each PIN to experience what an attacker would see.

1234Public OS9999Hidden vault0000Duress wipe

Locked

Same device. Different realities.

Each code opens a different reality — same device, two lives, no trace either way.

swipe up

AT&T

Wed, May 20

Swipe Up to Open Phone

Your security is only as strong as your ability to withstand coercion.

Encryption protects your data — until someone forces you to unlock your phone. In high-risk environments, standard mobile security isn't enough.

Civilians forced to surrender at a checkpoint — the coercion scenario Deniable OS is built for

Trusted by

Global Centre for Technology, Innovation and Sustainable Development Singapore

Who sleeps better with Deniable.

wrench attacks in 2025

Crypto Investor

Portfolio over $100K makes you a target. Ledger's co-founder had a finger severed in January 2025. Deniable shows kidnappers a decoy wallet — one they can actually empty.

CBP device searches in FY2025

Traveler

Border agents can copy your phone without a warrant. Journalists deported over chats. Unlock normally — clean phone, no secrets to find.

source protection failure = jail

Journalist & Activist

Sources trust you with their lives. Deniable encryption means you can cooperate with authorities without betraying anyone — mathematically.

attorney-client privilege at risk

Attorney & Executive

Privileged client data on a confiscated device. Decoy profile passes inspection. Real work sleeps in random noise until you're back in office.

Engineered for coercion, not compliance.

Scroll →

01 / 06

AES-256-XTS

Military-grade disk encryption. Second environment looks like random noise on storage.

02 / 06

Duress PIN

One PIN unlocks normal life. A different PIN reveals real data. Wrong tries are invisible.

03 / 06

Decoy AI profiles

Optional generator fills your public profile with believable messages, photos, and browsing history.

04 / 06

Panic triggers

Dead-man's switch, hidden gesture, or remote command — wipe real environment without touching public one.

05 / 06

Anonymous payment

Monero, BTC, USDT. Zero identity binding. Licensing is as deniable as the OS itself.

06 / 06

Open-core

Crypto primitives auditable on GitHub. Trust us — then verify.

Technical lineage

GrapheneOSHardware-hardened Android base
Rubberhose (1997)Deniable filesystem precedent
AES-256-XTSIndistinguishable from random noise

Three steps.
0 minutes.

No command line. No flashing tools. No technical skills needed.

From a supported Pixel to a deniable daily driver — without a desktop app, a USB drive, or a command line. Here is the whole path.

Step 01

Install from browser

Supported Pixel + USB-C + Chromium. Web installer flashes DeniableOS like GrapheneOS does. No desktop app needed.

Step 02

Set two PINs

One for visible life, one for hidden vault. Recovery phrases are shown only once — then never again.

Step 03

Live normally

Use the public environment every day. Switch to the hidden vault with your secret PIN. When forced to unlock — show the public one.

See install guide

Why pay when Graphene is free?

GrapheneOS protects you by deleting everything. We protect you by showing a life you can surrender.

Criterion	GrapheneOS	DeniableOS
Coercion response	Wipe (empty phone — suspicious)	Convincing public environment
Hidden storage	None	AES-256-XTS, indistinguishable from noise
Forensic inspection	Reveals wipe occurred	Passes — nothing to find
Target user	Technical privacy enthusiasts	Anyone who might be forced to unlock
Price	Free (donationware)	From $12.99/mo — paying for the decoy

People who cannot afford to be found.

With a Deniable phone, I feel safer knowing that even if I’m stopped and searched, they won’t find anything.
DR · Journalist · Denmark

When I use a Deniable phone in public, it looks and feels like any other device — no one can tell the difference.
VS · Journalist · Ukraine

Staying unnoticed is critical for us. Deniable helps us operate without drawing any attention.
KM · NGO Manager · Liberia

I know that even if authorities check my device, they won’t find anything sensitive when I have this operating system.
GH · Democracy Activist · Cambodia

Pay with card.
Pay with Monero.

License-only. No device lock-in. Three tiers chosen so you pay only for what threats you face.

Basic

License-only. Core dual-environment.

or $119/year

$12.99/mo

Pro

Lifetime

One payment. Forever. Monero accepted.

one-time

$349

14-Day RefundSecure CheckoutAnonymous Payment Available

See full comparisonMonero · BTC · Card

Manage secure fleets. Without exposing them.

The Deniable Web Dashboard gives teams a simple, powerful way to deploy, manage, and revoke devices — all without compromising security.

License Management

Issue and revoke licenses — only authorized devices run Deniable OS.

Remote Security

Remotely revoke access if a phone is lost or compromised — disable it instantly.

Scale Deployment

Deploy at scale — easily activate and track hundreds or thousands of devices.

Simple Updates

Push OS and security updates across your fleet without physical access.

Zero Trace

No MDM fingerprint visible on the device. Admin control stays invisible.

Team Control

Granular permissions, audit logs, and team-level policy enforcement.

Talk to enterprise

Deniable Web Dashboard — fleet license management for teams

What people ask before they buy.

Stop fearing what your phone could reveal.

Get Started →Talk to enterprise

15 minutes to install. Normal life still works. Nothing to disclose. 14-day refund if your device isn't compatible.

Two phones.One device.Zero evidence.