Organisations need to secure workforces that are using a huge range of devices, including both personal and company-provided mobile devices.

These employees are the target of attacks like mobile phishing, where fraudsters try to trick them into sharing personal information. Phishing is increasingly taking place on mobile – via SMS for example – and outside of emails. On top of this, many employees are practicing sub-par cyber hygiene and tend to be even more lax on mobile.

But Traced believes that as well as protecting themselves against threats, organisations also need to protect people’s privacy.


Traced has built an AI engine based on deep learning that’s entirely dedicated to mobile threats on mobile devices. The AI can differentiate between malicious apps and benign apps.

The startup also uses deep learning and natural language processing to differentiate between a phishing URL and a benign one. It can pick up on linguistic and character-based patterns that social engineers use to dupe people in phishing attacks.

These detection methods come together to in a comprehensive mobile threat defense solution to help companies use mobile devices safely.

To combat attacks on multiple fronts, Traced supports an organisation’s Zero Trust approach to security to validate that a mobile device complies with security policies.

If a malicious app has been installed or the employee hasn’t enabled phishing protection, Traced will be able to tell. It can then block the device’s access to the company’s cloud apps to protect the network.

Traced describes itself as a trust broker for organisations.


Traced’s deep learning engines are trained on open source intelligence as well as from its privacy-first consumer app, which has been downloaded on 250,000 devices.

To make its machine learning even more effective, Traced wants to harness phishing telemetry and other data held by the NCSC.

And even though its current threat focus areas are malware, phishing, device vulnerabilities and compromised WiFi networks, the startup is keen to explore ways of tackling the malvertising challenge with guidance from the NCSC and Plexal.

Traced wants to provide the best protection against mobile phishing and believes NCSC For Startups will help it synergise its threat intelligence sources to improve national security.

Traced is keen to work with technical experts at the NCSC to feed into government frameworks like Cyber Essentials to enable more organisations to effectively protect themselves against cyber threats on mobile. It wants to engage with fellow NCSC For Startups members and alumni, as well as connect with large tech companies such as Microsoft and AWS.

“Malvertising is an emerging threat that does and will affect mobile security, so it will be interesting to explore whether this is a threat we can tackle by applying the technology we’re already developing.”

– Benedict Jones, co-founder and director, Traced