Crunchfish patents device-agnostic trusted client applications for offline use cases

Crunchfish AB (“Crunchfish”) has applied for a strategically important and broad patent, protecting the use of device-agnostic trusted client applications for offline use cases in any mobile client / server system. There are multiple market segments where device-agnostic trusted client applications for offline use cases are of importance. The patent if granted will be valid for 20 years until May 2044.

A diagram of a security system

Description automatically generated


Crunchfish patents device agnostic trusted client applications in mobile client / server systems. Any client / server system stands to gain, especially when assets are handled offline in the client. There are multiple market segments where device-agnostic trusted client applications for offline use cases are of importance. Payments is certainly one, but also for general wallets that handles various user credentials. Offline capabilities provide application resilience, faster response times and enables novel use cases and commercial benefits in diverse markets segments such as generative AI, mobile gaming, media consumption, and identification. Crunchfish is developing a platform for device-agnostic trusted client applications where Digital Cash for offline payments and the novel App-integrated Card Emulations (ACE) for tokenized card payments are the first two identified implementations. Additional mobile client / server applications will follow where the use case is either developed by Crunchfish or licensed to a 3rd party.     


In addition to enabling offline use cases, a trusted client application improves the overall security in the system. The server can rely on the client to perform certain security checks and validations locally before sending data to the server. This reduces the attack surface and vulnerabilities that malicious actors could exploit. It is also possible to offload security checks and processing from the server, leading to improved performance and scalability of the system. Authentication and encryption can seamlessly be integrated within the client application, enhancing the user experience without compromising security. Trust in clients facilitates also secure end-to-end encryption between the client and server, ensuring confidentiality and data integrity.


Application security is normally implemented in the server for client / server systems. With Crunchfish’s technology, it is possible to complement this server security with having trust in the clients’ applications as well. Trust in applications is based on the ability to handle data securely 1) during execution, 2) when stored, and 3) in transit. The execution is vulnerable because data must be decrypted to be processed. This requires a secure element on the mobile device. To avoid limiting the user base to certain mobile devices, the secure element must not be hardware dependent, but instead software-based in an app-integrated virtual secure element. Data is stored on the mobile phone in encrypted files. For data integrity, it is necessary to be able to detect if files have been tampered with. The security protocol of the application makes the encrypted communication secure whilst data is in transit.


Crunchfish complements server security with trust in clients. Device-agnostic, pre-packaged superior client security that enables offline use cases in any client / server system. This is a ground-breaking innovation applicable to any mobile application”, says Joachim Samuelsson, Crunchfish CEO. 



For more information, please contact:

Joachim Samuelsson, CEO of Crunchfish AB

+46 708 46 47 88


This information is such information as Crunchfish AB is obliged to make public pursuant to the EU Market Abuse Regulation. The information was submitted for publication, through the agency of the contact person set out above, at 08:00 CET on May 3rd, 2024.


Västra Hamnen Corporate Finance AB is the Certified Adviser. Email: Telephone +46 40 200 250.


About Crunchfish

Crunchfish is a deep tech company developing a device-agnostic generic trusted client application platform for offline payments, tokenized card payments as well as other mobile client / server systems. Crunchfish has been listed on Nasdaq First North Growth Market since 2016, with headquarters in Malmö, Sweden and with a subsidiary in India.

Download as PDF