We build the one defense that doesn’t depend on trusting anything else.
BicDroid is a data security company headquartered in Waterloo, Ontario — Canada’s technology heartland. For over a decade we have pursued a single engineering thesis: that data should protect itself, in cryptography, so that it holds even when the network, the operating system, the application, and the privileged account around it have all failed.
Most security is a race against the attacker — detect the intrusion, respond before the damage, patch before the exploit. AI is winning that race for the attacker, and the gap is widening.
BicDroid took a different path. Rather than trying to be faster, our technology makes the prize itself worthless to anyone outside a cryptographically verified execution context. An attacker who reaches the disk finds ciphertext. An attacker with root cannot forge the execution identity that unlocks plaintext. An attacker cannot fake a cryptographic authentication without the keys. This is a defense whose effectiveness does not erode as attackers grow stronger — and in the AI era, that property is everything.
That same discipline now extends to the agents organizations are deploying for their own work. As AI agents become principals in computing systems — holding identity, wielding delegated authority, collaborating with one another — BicDroid gives each a cryptographic identity it owns and an accountable lineage it cannot escape. Defending the infrastructure, and governing the agency: two axes of one coherent program.
Four principles that shape everything we build.
Assume the breach
We design as though the attacker is already inside with full privilege. A guarantee that dissolves at root is, in the AI era, no guarantee at all. Ours begin where conventional defenses end.
Protect the data, not just the perimeter
The data is what the attacker is ultimately after, so the protection belongs in the data itself — carried in cryptography, surviving every layer that fails around it.
Cryptography over time
Time-based defenses weaken as attackers accelerate. Cryptographic defenses do not. We choose the guarantee that strengthens, in relative terms, exactly as the threat intensifies.
Deploy without disruption
Security that demands a rebuild rarely ships. Our products slot beneath the application layer — no source-code changes, no topology changes — so protection arrives without the cost of reinvention.
Research-led, from the foundations up.
Dr. En-Hui Yang
Dr. Yang is a University Professor at the University of Waterloo — the institution’s highest faculty rank — where he has taught since 1997 and holds more than 200 patents and patent applications across information theory, data compression, information security, and artificial intelligence.
He directs Waterloo’s Multicom Research Group, whose current research unites information theory with artificial intelligence under the SPIN framework — Semantics, Prediction, Information, and Nonlinearity. This work spans the information-theoretic foundations of deep learning, AI-inspired extensions of information theory, extended large language models for multimodal data, and engineering AI for nonlinear systems. The same scientific lineage — and the cryptographic research alongside it — underpins the BicDroid portfolio.
Before BicDroid, he co-founded Slipstream Data Inc., a data-compression and optimization company later acquired by BlackBerry, where his technology went on to operate at very large scale.
BicDroid’s products are not assembled from off-the-shelf components. They descend from decades of peer-reviewed research in source coding, information theory, and applied cryptography — the same lineage recognized by the IEEE’s Eric E. Sumner Award. Today that research extends into artificial intelligence, where the Multicom Lab studies the information-theoretic foundations of modern AI. This is why data self-protection is provable rather than merely promised, and why the company’s defenses are protected by granted patents across three continents.
See the patent portfolio →From a research thesis to production cryptography at scale.
A thesis becomes a company
BicDroid is founded in Waterloo to pursue a single idea: that data can be made to protect itself through cryptography, independent of the systems around it.
PACSAC proves it at consumer scale
Cryptographic data self-protection reaches close to one hundred million smartphones, demonstrating the architecture in production and earning patents across North America, Europe, and Asia.
Recognized in Canada and protecting customers
BicDroid is featured among innovative Canadian cybersecurity companies in a Government of Canada e-book, while QDocSE keeps enterprise customers protected through an escalating wave of ransomware.
The IEEE Eric E. Sumner Award
Founder Dr. En-Hui Yang is honored by the IEEE for contributions to source coding — the research lineage behind the company’s technology.
QDocSE and BIACS protect critical infrastructure
Source-layer encryption with enforced runtime isolation, and sovereign cryptographic identity, are deployed across government, healthcare, finance, airports, and electric power — certified by national cryptographic authorities.
The AI-Native Security Landscape
BicDroid names and systematizes the two axes of AI-era security, introducing LineageCrypt for per-agent cryptographic identity and advancing LightNet and the Agent Security Operating Layer.
Headquartered in Waterloo, Canada.
Waterloo, Ontario
BicDroid Inc.
Suite 104, 609 Kumpf Drive
Waterloo, Ontario, N2V 1K8
Canada
info@bicdroid.com · +1-519-573-0096
Canada’s technology corridor
BicDroid sits at the heart of the Toronto–Waterloo corridor, alongside the University of Waterloo and one of the densest concentrations of cryptography, security, and AI talent in the world — the environment in which our research-led approach thrives.
Bring cryptographic self-protection to your organization.
Talk to our team about defending your infrastructure and governing your agents — without rebuilding what you already run.