How edge AI Is redefining continuous zero trust security

Gibran Kazi, Co-Founder and CEO, Erasys discusses why the future of zero trust depends on continuous authentication powered by privacy-preserving, hardware-optimised AI at the edge rather than centralised cloud models.

The collapse of point-in-time security

For the past decade, the cybersecurity industry has operated on a perilous assumption: That a user who logs in successfully at 9 AM is the same user typing on the keyboard at 11 AM.

We have spent billions fortifying the front door. We have implemented Multi-Factor Authentication (MFA), deployed rigid IAM policies and mandated complex passwords.

Yet, according to the Verizon Data Breach Investigations Report (DBIR), over 80% of hacking-related breaches still involve compromised credentials.

In 2026, the threat landscape has shifted. Attackers are no longer just trying to break in; they are hijacking valid sessions.

The commoditisation of Generative AI has armed threat actors with tools to automate session hijacking, bypass biometric checks via deepfakes and mimic user activity to evade heuristic detection.

The industry consensus is clear: We must move from ‘authorised access’ to ‘authorised presence’.

However, the implementation of this shift faces a massive hurdle: The privacy paradox.

The privacy paradox: Security vs. surveillance

To achieve ‘authorised presence,’ security teams theoretically need to monitor everything a user does.

Historically, this required streaming granular user telemetry to a cloud analytics engine.

This approach creates significant friction:

1. Regulatory risk: Transmitting biometric and behavioural data to the cloud complicates compliance with GDPR, DORA and CCPA
2. User resistance: Employees rightly view cloud-based monitoring as ‘spyware,’ leading to cultural pushback and shadow IT
3. Latency: Round-tripping data to the cloud for analysis introduces lag, making real-time threat intervention impossible

This creates a deadlock. The CISO needs visibility to stop the breach, but the DPO Data Protection Officer (DPO) demands privacy to meet compliance.

Critical analysis of current market solutions reveals that software-only approaches are insufficient. They are too heavy for the endpoint or too invasive for the user. To solve this, we must look below the operating system – to the silicon itself.

The reference architecture for 2026: Adaptive edge intelligence

The solution to the privacy paradox lies in a fundamental architectural shift: Moving the intelligence – and the learning process – from the cloud to the device.

This concept, often termed ‘sovereign AI at the edge,’ represents the next phase of zero trust.

Instead of exporting sensitive user data to train models centrally, we allow the security model to live and learn locally on the endpoint.

This approach is now viable due to the widespread adoption of Neural Processing Units (NPU) in modern business hardware, such as the Intel Core Ultra architecture.

By offloading the learning loop to the NPU, the system can continuously adapt to a user’s changing behaviour without impacting system performance.

A best-practice architecture for this ‘invisible security’ relies on three functional pillars:

1. High-fidelity biometric dynamics: Legacy solutions relied on static, pre-defined rules. The modern standard utilises adaptive deep learning running locally to analyse the ‘digital DNA’ of a user’s interaction. This involves monitoring the subtle, subconscious motor skills of the user. Because these models focus on the physics of input rather than the content, they can instantly distinguish between a legitimate user, an unauthorised actor or a robotic script, all while ensuring the actual text or data being worked on remains private
2. On-device continuous learning: Static models degrade over time as human behaviour naturally evolves. To solve this without compromising privacy, leading solutions employ On-Device Learning. The system retains a local history of the user’s unique behavioural patterns within the device’s secure storage. The AI model retrains itself periodically on this local data, becoming more accurate the longer it is used. This allows the security system to ‘grow’ with the user, reducing false positives without ever needing to send training data back to a central server
3. Sovereign data compliance: The most critical component is data sovereignty. In this architecture, the user’s device acts as its own data vault. By deeply integrating with the silicon layer, modern biometric software can encrypt raw behavioural inputs at rest and process them in isolation. Whether leveraging a dedicated NPU or a standard CPU, this software-first approach ensures that sensitive data is mathematically transformed into abstract vectors locally, never exposing the raw biometrics to the operating system or the cloud

The result: Frictionless zero trust

By combining advanced biometric software with NPU acceleration, we achieve the holy grail of enterprise security: Continuous, passive verification.

• For the user: The experience is frictionless. Their biometric history remains locked on their own silicon, never accessible to IT administrators
• For the enterprise: Security is absolute. The moment a user steps away or a session is hijacked, the trust score drops and the device locks
• For compliance: Data sovereignty is guaranteed. The enterprise system receives only the verdict never the vector. Because the software processes the PII locally it drastically reduces the scope of GDPR and data privacy audits

As AI tools lower the barrier to entry for cybercriminals, the ‘verify once, trust for hours’ model is no longer tenable.

By leveraging the power of Edge AI and local compute optimisation, we can build a security perimeter that is omnipresent yet invisible – securing the human element without compromising the human experience.

This article was originally published in the February edition of Security Journal UK. To read your FREE digital edition, click here.