Cryptographic IP protection for AI/ML product | Cossack Labs

🇺🇦 We stand with Ukraine, and we stand for Ukraine. We offer free assessment and mitigation services to improve Ukrainian companies security resilience.

Case ML & TensorFlow B2C app DEC 2020 - JUNE 2021

Cryptographic IP protection for AI/ML product


  • AI/ML

  • Media

Technology stack

  • iOS native, Android apps

  • GCP

  • Python, Go backend

  • ML / TensorFlow


  • CCPA, GDPR, local privacy regulations

  • Encryption Export Regulations


Technology requirements

IP protection system

Security that doesn't ruin UI/UX

Flexible cryptographic layer

Our approach

Security as business value

Risk analysis

Moving hand in hand with dev team


Additional relevant materials

Products and services involved

Themis, <span class="font-normal">a cross-platform crypto library</span>

Themis, a cross-platform crypto library

Themis is a cross-platform high-level open-source cryptographic library. We used Themis as a building block for cryptographic protocol, focusing on the data flow and performance while having cryptography covered.

Read more
Security advisory

Security advisory

We've built risk, threat and trust models, analysed and prioritised attack vectors, planned security controls, and assisted with implementation and verification of controls.

Read more
Cryptography engineering

Cryptography engineering

We've designed cryptographic protocol and key management layout for ML models encryption, assisted with implementation and verification.

Read more
Security engineering

Security engineering

We've recommended numerous platform-specific security controls for mobile apps, assisted in improving backend API security and designing the anti-fraud system for protection against malicious users.

Read more


The designed data security solution allowed to prevent stealing and misusing ML models (unique business IP) and lower operational costs by preventing malicious users from abusing the API and paid functionality.

Results and outcomes

Developers should not struggle with security

It's possible to build secure and usable systems without frustrating developers on each step. Introducing a data security layer is more than just deploying a docker container; it's shifting the engineering culture inside the company. Talk to us if you are looking to take your data security to the next level.

Contact us

Get whitepaper

Thank you!
We’ve received your request and will respond soon.