Last updated: December 4th, 2025
Incode Technologies, Inc.
PROOF OF CONCEPT AGREEMENT
By signing below, you agree that these terms will govern the evaluation of Incode Technologies, Inc. and its Affiliates’ (“Provider”) Services as further described herein (the “Agreement”) by the entity you identified in the signature section below (“Company”) effective as of the date of acceptance (the “Effective Date”). For the purposes of this Agreement, “Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with a Party, where “control” means the direct or indirect ownership of more than fifty percent (50%) of the voting securities or other ownership interests of an entity. Company and Provider, each a “Party”, and collectively, the “Parties”.
1. Access to Offering
Subject to all the terms of this Agreement, Provider grants Company the non-sublicensable, non-transferrable, nonexclusive, limited right to internally access and use the Offerings described in Schedule A (as applicable) attached hereto (collectively, the "Offering or Services") - but only for Company's internal evaluation for purposes of determining whether or not Company wants to use the Offering from Provider on a commercial basis (the "Purpose"). If any software code is made available by Provider ("Software"), Company will have a license to internally use the Software (in object code form only) solely for the Purpose. If any application programming interfaces ("APIs") or software development kits ("SDKs") are provided, they will only be used to help make Company's own solution interoperable with the Offering. All use of the Offering by Company shall be strictly in accordance with and subject to Provider's usage instructions provided or made available in writing or electronically.
2. Restrictions
Company will not (and will not allow any third party to): (i) export or reexport (within the meaning of U.S. or other export control laws or regulations) any technology related to the Offering and/or any technical, performance or Confidential Information or product thereof; (ii) reverse engineer, decompile or otherwise attempt to discover the source code for the Offering (provided that, such restriction will not apply to the extent prohibited by applicable law), (iii) modify or create derivatives of any part of the Offering, (iv) provide, lease, lend, or otherwise allow any third party to use the Offering (and Company will not use the Offering for the benefit of any third party), (v) copy or reproduce any part of the Offering, or (vi) use any part of the Offering to create any competing products or services. In addition, any output from the Offering will not be disclosed by Company to any Provider competitor. All the limitations and restrictions on Offering in this Agreement also apply to any Software, APIs, SDKs, documentation, and other materials made available by Provider.
3. Feedback
If Company supplies Provider with any suggestions for improvements to, or other feedback with respect to, the Offering (collectively, "Feedback"), Company grants Provider (and its successors and assigns) a perpetual, irrevocable, royalty-free, paid-up, sub-licensable, transferable, worldwide, right and license to use, display, reproduce, distribute and otherwise exploit Feedback for any purposes. Provider agrees that all Feedback is provided "AS IS".
4. Data Processing
The Company acknowledges and agrees that Provider will process personal data of end users —including biometric data —for the sole purpose of providing/demonstrating the Offering under this Agreement. Provider and Company shall comply with all applicable data protection laws and regulations, including, e.g., EU/UK GDPR, CCPA and will implement appropriate technical and organizational measures to protect such personal data. With respect to certain Provider services, Provider is a "data controller" pursuant to the EU/UK GDPR. Company acknowledges that Provider may engage sub-processors and transfer personal data internationally as needed, provided that appropriate safeguards are in place. Company warrants that it has provided all necessary notices and obtained all applicable consents and authorizations from end users for all purposes of this Agreement.
5. Confidentiality
All technical, financial or other information provided by a party (as "Discloser") to the other party (as "Recipient") and designated as confidential or proprietary (or similar designation) exchanged as part of their business, or that the Recipient should reasonably understand to be confidential or proprietary, ("Confidential Information") shall be held in confidence and not disclosed or, except as expressly provided herein, used by Recipient. This obligation will not apply to information that is generally and freely publicly available through no fault of Recipient, or that Recipient otherwise rightfully obtains from third parties without restriction. All Software, APIs, SDKs, as well as any Offering performance metrics and the results of any benchmarking activities Company conducts in connection with the Offering, shall be Provider's Confidential Information. The Parties acknowledge and agree that due to the unique nature of the Confidential Information, there may be no adequate remedy at law for any breach of their obligations under this clause, which breach may result in irreparable harm to the Discloser, and therefore, that upon any such breach or any threat thereof, the Discloser shall be entitled to appropriate equitable relief, without the requirement of posting a bond, in addition to whatever remedies it might have at law. The Recipient may make disclosures required by law or court order provided it uses diligent reasonable efforts to limit disclosure and to obtain confidential treatment or a protective order and allows, if possible, the Discloser to participate in the proceeding. On termination of this Agreement, each party will promptly return to the other party (or, at such other party's email request, delete or destroy) all of such other party's Confidential Information. Each Party’s obligations with respect to Confidential Information it receives under this Agreement will survive termination of this Agreement for a period of five (5) years from receipt and will be binding upon such Party’s heirs, successors, and assigns.
6. Cost
Provider will supply the Offering for the defined trial term (Schedule A) at no cost.
7. Term and Termination
This Agreement begins on the Effective Date and will have a term of fourteen (14) days. Either party may terminate this Agreement on five (5) days' written notice to the other party. Upon any termination, (i) Company shall immediately cease all use of the Offering and (ii) the Recipient will return to the Discloser the Discloser's Confidential Information (and, if requested, so certify the foregoing to Discloser in writing). Sections 2, 3, 5, 6 (if any outstanding fees are due), 7, 9, 10, 11 and 12 will survive termination in perpetuity.
8. Indemnity
Provider will defend and indemnify Company from and against all third-party claims (and all resulting, to the extent payable to third parties: damages, costs and expenses, including reasonable attorneys' fees) arising from allegations that the Offering infringes third-party intellectual property rights; provided that Company furnishes Provider with prompt written notice of all claims and threats thereof and grants Provider sole control of all defense and settlement activities. Company will defend and indemnify Provider from and against all third party claims (and all resulting, to the extent payable to third parties: damages, costs and expenses, including reasonable attorneys' fees) arising from Company's breach of the last sentence of Section 4 above; provided that Provider furnishes Company with prompt written notice of all claims and threats thereof grants Company and sole control of all defense and settlement activities.
9. Warranties; Disclaimer
THE OFFERING (INCLUDING ALL SOFTWARE, APIs, AND SDKs) IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND AND PROVIDER HEREBY DISCLAIMS ALL OTHER WARRANTIES OF ANY KIND, INCLUDING WITHOUT LIMITATION, ANY WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT.
10. Limitations on Liability
OTHER THAN EACH PARTY'S INDEMNITY OBLIGATIONS PURSUANT TO SECTION 8, AND COMPANY'S BREACH OF SECTION 2, NEITHER PARTY WILL BE LIABLE IN CONNECTION HEREWITH FOR ANY (I) INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES, EVEN IF FORESEEABLE, OR (II) AMOUNTS, IN THE AGGREGATE, IN EXCESS OF THE FEES PAID AND PAYABLE BY COMPANY TO PROVIDER HEREUNDER (OR, IF NO FEES ARE PAID OR PAYABLE, THE CAP IS USD 10,000).
11. Force Majeure
Except for payment obligations, neither party shall be liable to the other for any delay or failure to perform any obligation under this Agreement (except for a failure to pay fees) if the delay or failure is due to events which are beyond the reasonable control of such party, such as a strike, blockade, war, act of terrorism, pandemic, riot, natural disaster, failure or diminishment of telecommunications, or refusal of a license by a government agency.
12. General
Neither this Agreement nor the access and use rights granted hereunder are assignable or transferable by Company; any attempt to do so shall be void. Any notice, report, approval or consent required or permitted hereunder shall be by email to the email address set forth above (as may be updated by either party on notice). If any provision of this Agreement shall be adjudged by any court of competent jurisdiction to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that this Agreement shall otherwise remain in full force and effect and enforceable. This Agreement shall be deemed to have been made in and shall be construed pursuant to the laws of the State of California, without regard to conflicts of laws provisions thereof. All disputes arising in connection herewith will be subject to the sole and exclusive jurisdiction of, and venue in, the state and Federal courts located in Santa Clara, California. Any waivers or amendments shall be effective only if made in writing. This Agreement is the complete and exclusive statement of the mutual understanding of the parties and supersedes and cancels all previous written and oral agreements and communications relating to the subject matter of this Agreement.
SCHEDULE A
For INCODE OMNI
Offering: Incode Omni Services consists in an end-to-end identity platform SaaS solution with orchestration capabilities including different identity validation modules that can be triggered according to the specific Company needs to be used for fraud prevention and identity verification purposes. Incode Omni can be deployed on Company´s websites or mobile applications and allows the Company to verify the identity of their clients. The POC includes:
a) App access to Incode Omni (onboarding) prebuilt demo apps for Company´s testing of the Incode Omni Services for iOS and Android.
b) Access to the Incode Omni demo dashboard. This will enable the Company to test the Incode Omni Solution via a web onboarding, it will also allow the Company to review sessions and configure the Service pursuant to its specific business rules (i.e. territories, age, countries, severity thresholds, etc.).
In case the evaluation considers offline batch test, Company will upload the applicable data that will be part of the evaluation, (submitted according to Provider´s instructions) to a secure location provided by Provider. Provider will then process the provided data through its systems and return back results in an excel format (or csv) for all tests performed for the selected modules.
For INCODE WORKFORCE
Offering: Provider offers a service identified as Incode Workforce, which consists of providing identity validation services to employees or potential employees of Company who can, then, authorize the use of such verified identity to streamline identity verification and access management within its company’s work systems and processes (the “Workforce Services”) including (1) integration with IAM solution as an External IDP through OIDC, enabling adaptive MFA configurable for all logins or specific high-risk applications; (2) self-serve portal for password and MFA resets; (3) a Helpdesk Identity Verifications portal for on-demand requests; (4) Slack Slash Command Application to allow users to request identity verification directly within a chat experience; and (5) IAM API Integration for reading employees directory & performing resets. Company will have access to various assets including the Workforce Dashboard, IAM Solution Integration Guide, and detailed verification analytics under a shared cloud solution basis. Support Services will include 10 hours for integration and 2 hours per week for ongoing assistance. Further details, see at https://incode.com/online-workforce-technical-exhibit/
Provider is an independent data controller with respect to the Workforce Services.
For INCODE DEEPSIGHT
Offering: Deepsight Service consists of a multi-layered deepfake detection system and fraud prevention tool that prevents fraud across multiple key attack points. It uses advanced AI to detect sophisticated AI-powered fraud, such as hyper-realistic deepfakes, virtual cameras, tampered devices, and suspicious user behavior. By analyzing the behavioral, device and camera integrity, and perception layers in real time, it ensures only real users are verified.
Perception Layer: Using a multi-modal AI that examines thousands of data points across multiple frames, motion, and depth data to detect deepfakes and physical spoofs in the captured selfie. It also protects ID captures from AI-generated content by running its own proprietary machine-learning model.
Behavioral Layer: Deepsight monitors user behavior to identify fraudulent patterns and ensure authentic interactions. This includes analyzing motion dynamics, detecting suspicious bot-like behavior, and verifying natural user activity.
Integrity Layer – Device: Deepsight detects fraudulent attempts by analyzing device signals. This includes identifying suspicious devices, virtual emulators, and fingerprint anomalies.
Integrity Layer – Camera: Deepsight safeguards camera integrity by identifying fraudulent attempts through analysis of camera interactions. This includes detecting virtual cameras and tampering to ensure live, unaltered video feeds and authenticity.
In case the evaluation considers offline batch test, Company will upload the applicable data that will be part of the evaluation, (submitted according to Provider´s instructions) to a secure location provided by Provider. Provider will then process the provided data through its systems and return back results in an excel format (or csv) for all tests performed for the selected modules. For these, testing will be limited to the applicable layers (perception layer only) considering the nature of the test.
Provider is an independent data controller with respect to the Deepsight Services.
Incode Technologies, Inc.
Marianna Amper
Legal representative
Address: 101 Mission Street, Suite 900, San Francisco, CA 94105, USA
The individual accepting below is, on the date of acceptance, duly authorized to execute this Agreement on behalf of the Company.