One of us got a call. His wife's number on the screen. A voice saying they had his family, demanding money. Classic kidnapping scam.
He knew it was fake. But for thirty seconds, he didn't. Because caller ID said it was her.
We've spent decades in security. Built incident response teams. Led security organizations. Watched every authentication system fail the same way: they prove access, not humans.
After that call, the question was obvious: why don't we have WebAuthn for humans?
Cryptographic proof that a device is what it claims to be has been solved for years. FIDO. Passkeys. Hardware attestation. But cryptographic proof that a human is who they claim to be? Still phone calls and security questions.
LastID is the answer we wish existed when that phone rang.
40 years combined experience in technology and security.
Incident response. Security architecture. Enterprise infrastructure. The back-of-house systems that actually run companies.
We've seen what breaks. We built this so it doesn't.
Identity should be cryptographically verifiable, not socially engineered.
Privacy and verification are not mutually exclusive.
Users should control their identity, not platforms.
Enterprise integration shouldn't require ripping out existing infrastructure.
If you can't verify it offline, it's not really verified.
Want to talk about the problem?
Request Demo