API Documentation

Welcome to Plurall AI developer documentation.
Integrate our GaussMass models into your applications with our powerful API.

Introduction

Welcome to Plurall AI developer documentation. Here you will find all the information you need to integrate our GaussMass models into your applications. Our API provides secure, enterprise-grade deepfake detection capabilities with industry-leading security standards.

GaussMass 1.0 & 2.0

GaussMass 1.0 (Image) and GaussMass 2.0 (Video) are advanced AI-powered deepfake detection tools designed for real-time analysis across multiple media types.

API Access

API key generation and access are exclusive features of our Platinum Tier.

API Key & Security

What is an API Key?

An API key is a unique identifier that authenticates your requests to the Plurall AI API. It acts as a secure credential that allows your application to access our deepfake detection services. Each API key is permanently associated with your account and provides controlled access to our detection endpoints.

JWT Token Security

Plurall AI implements a robust two-token authentication system using JSON Web Tokens (JWT):

  • Temporary JWT Tokens: Issued during login, these tokens provide short-term access for API key generation
  • Permanent API Keys: Generated using JWT tokens, these keys provide long-term access to detection endpoints
  • Token Expiration: JWT tokens automatically expire for enhanced security
  • Cryptographic Signing: All tokens are cryptographically signed using industry-standard algorithms (HS256) to prevent tampering

End-to-End Cryptographic Protection

Your API keys and all communications are protected with multiple layers of cryptographic security:

  • Cryptographic Hashing: API keys are stored using secure one-way cryptographic hash functions (bcrypt/argon2), making them impossible to reverse-engineer
  • TLS/SSL Encryption: All API communications are encrypted in transit using TLS 1.3, ensuring data cannot be intercepted
  • Request Signing: Each API request is cryptographically verified to ensure authenticity and integrity
  • Key Rotation: Support for secure API key rotation without service interruption

Data Privacy & Compliance

Plurall AI is committed to protecting your data and maintaining the highest privacy standards:

  • Zero Data Tracking: We do not track, store, or log any personal information, usage patterns, or metadata from your API requests
  • No Data Retention: Media files sent for detection are processed in real-time and immediately discarded after analysis
  • GDPR Compliant: Full compliance with General Data Protection Regulation (GDPR) requirements
  • SOC 2 Certified: Our infrastructure meets SOC 2 Type II security standards
  • HIPAA Ready: Infrastructure designed to support HIPAA compliance for healthcare applications
  • ISO 27001: Information security management aligned with ISO 27001 standards

Strict Policy Protection

Our security policies ensure comprehensive protection:

  • Access Control: Role-based access control (RBAC) with principle of least privilege
  • Rate Limiting: Advanced rate limiting prevents abuse and ensures fair usage
  • IP Whitelisting: Optional IP address restrictions for enhanced security
  • Audit Logging: Security events are logged for compliance and monitoring (without storing sensitive data)
  • Incident Response: 24/7 security monitoring and rapid incident response protocols
  • Regular Security Audits: Third-party security audits and penetration testing conducted regularly

🔒 Security Guarantee

Your API keys and data are protected by enterprise-grade security measures. We never store, track, or share your information. All communications are encrypted, and our infrastructure is regularly audited for compliance with international security standards.

Ready to Get Started?

Start integrating Plurall AI's deepfake detection capabilities into your applications today.

Get API AccessContact Sales