A product by Audioscope. Distributed on Apple App Store (coming soon).
Important: AuthPilot™ handles 2FA codes from email, SMS (via iOS companion), and authenticator apps (TOTP, including Google Authenticator) through a secure bridge. The Mac app and iOS companion coordinate so the right code reaches the right device at the right moment — privately and under your control.
Publisher
Made by Audioscope
Audioscope is the company designing, publishing, and supporting AuthPilot™ and the AudioSync™ protocol. Contact: admin@audioscope.com.au. Website: audioscope.com.au. Trademark notice: AuthPilot™ and AudioSync™ are trademarks of Audioscope. Patent pending.
Why This
Stop proving you’re you — every five minutes
We’re all stuck in verification hell: OTPs, links, and forms for every login and purchase. With AI‑assisted fraud rising, “add more factors” (3FA, 4FA…) isn’t a future — it’s death by a thousand prompts. AuthPilot™ ends the busywork you already perform, locally and safely. AudioSync™ adds a proximity‑bound, offline factor using ultrasonic audio so you can prove “this exact phone is here, now” without Bluetooth or Wi‑Fi. Patent pending.
No more hunting codes and links. AuthPilot™ watches Mail, copies OTPs, opens trusted verification links, and fills forms when you allow it.
Future
AudioSync™ unlocks offline device pairing, identity proofs, and encrypted file tokens — ideal for high‑security and air‑gapped environments.
System Overview
All 2FA Sources, One Flow
A) Email OTP → Mac: Service emails code → AuthPilot™ reads Mail → copies OTP → optional ⌘V → verified.
B) SMS OTP → Mac: Service sends SMS → iOS Companion (consent‑gated) reads code → AudioSync™ to Mac → verified.
C) TOTP → Mac: iOS Companion holds TOTP secret (opt‑in import of otpauth://) → emits current TOTP via AudioSync™ → verified.
D) Login on iPhone: Companion fills locally (form + TOTP). If email OTP is involved, Mac AuthPilot™ may assist for device pairing.
AuthPilot™ Pipeline
Mail Ingestion
Apple Events (user‑granted Automation) to read recent Mail messages: sender, subject, received‑at, sanitized text body.
Dedupe by (message‑id, code, TTL); ignore stale messages; minimal scope.
Hardened runtime + code‑signed + notarized for distribution.
OTP & Link Engine
OTP detection via curated regex + heuristics; copies newest OTP to clipboard automatically.
CSPRNG generator with policy‑controlled length/charset.
Secrets in macOS Keychain (ThisDeviceOnly / when‑unlocked) — zero‑knowledge posture.
No cloud escrow by default; optional export with user consent.
Form Fill (Extension)
Safari/Chrome extension for email/password fields and in‑page OTP paste; local attestation to the macOS app.
No credentials leave your device; per‑site approvals; visibility for every action.
Gus — The Background Learner (Local‑Only)
Purpose: A lightweight background service (“Gus”) that watches for successful logins, form usage, and which channel delivered the accepted 2FA (email/SMS/TOTP). It builds local hints for future automations.
Scope: Learns per‑site form structure (labels, fields, 2FA step timing), preferred identity (which email/username), and code source (mailbox, SMS, TOTP).
Privacy: All learning remains on your device. No cloud training. Data can be wiped or exported by you.
Explicitly link services ↔ inboxes or TOTP sources; select primary/secondary channels; set fallback order.
Per‑profile policies let families or power‑users keep work/personal accounts separate.
Connectors: Apple Mail (Automation), Gmail API (OAuth read‑only), Microsoft Graph (OAuth), IMAP/POP (app passwords).
Tokens stored in Keychain; least‑privilege scopes; revocation UX included.
Platforms: macOS first; iOS companion next; Windows/Linux/Android on the roadmap.
AudioSync™ Security (Public‑Safe)
Public‑safe description. Proprietary modulation, pairing UX, and anti‑spoofing techniques are withheld. AudioSync™ patent pending. Publisher: Audioscope.
Web3 Identity Wallet & Document Vault
Architecture
Vault (local): Keys in Secure Enclave/Keychain; documents encrypted locally (AES‑GCM) with KEK derived via PBKDF2/HKDF.
Anchors (on‑chain): Only integrity hashes (no PII on‑chain). Optional off‑chain storage (IPFS/Arweave) with client‑side encryption.
DIDs/VCs: Hold verifiable credentials; present selective proofs (ZK‑friendly) for age, residency, licence, etc.
Payments & Cards: Tokenized card refs; PCI‑DSS‑aware flow by default. Local‑only storage is user‑choice and guarded by hardware keys.
User Sovereignty & Free Will
Users should own their identity and choose who sees what. By default, nothing leaves the device. When interaction is needed, you share proofs — not documents. This flips the power balance: privacy by default, transparency by consent.
One‑time identity setup; after that, present cryptographic proofs — not raw documents.
Forms auto‑populate from your vault with explicit approvals; services receive only what they need.
Recovery via social/multi‑sig guardians or hardware keys; fine‑grained revocation.
1) Problem & Context. Credential stuffing, phishing, and identity theft are rising. High‑friction MFA wastes time and still leaks through human error. AuthPilot™ automates locally; AudioSync™ adds an offline, proximity‑bound factor that’s hard to phish or relay.
2) AuthPilot™ Pipeline. Mail ingest → OTP regex/heuristics → de‑dup/TTL → clipboard (+ optional auto‑paste) → verification link detection (allow‑list & one‑time open) → event log. Passwords via CSPRNG; stored in Keychain with ThisDeviceOnly constraints.
3) Learning & Connectors. Local models map services↔inboxes; user overrides allowed. Connectors: Apple Mail, Gmail API (OAuth, read‑only), Microsoft Graph (OAuth), IMAP/POP (app passwords). Tokens in Keychain; least‑privilege scopes.