API Inspiration: How OSINT Industries Is Shaping Next-Gen Security Tools

Powered by OSINT Industries API, Norphluchs means companies can finally trust the background checks they run.

Organizations across government, defense, finance, and cybersecurity are waking up to OSINT, and those in the private sector are no different. The value of publicly available information — which social media and the vast range of other sources ensure is more bountiful than ever — for enhancing security, risk assessment, and strategic decision-making has become obvious. Companies (like ours) fulfilling the demand for great OSINT tools that can filter, analyze, and contextualize vast volumes of data efficiently are arguably the natural result of our data-saturated world. According to some, this sector is booming from several billion USD today, to triple-digit billions within the next few years. The global OSINT market hit more than USD 12.1 billion in 2025 and is projected to soar to around USD 127.6 billion by 2034, with a compound annual growth rate (CAGR) of 26.56%. 

This climate is why we made our ground-breaking OSINT Industries API available to those who want and need it. Given access to tap into the power of our API, two OSINT entrepreneurs had an idea. The problem they aim to rectify? A threat to modern businesses everywhere: background checks that don't check out.

‘There's a common, taken-for-granted assumption that background checks are an accurate reflection of a person's criminal record, but our findings show that's not necessarily the case…’ – Assistant Professor Robert Stewart, University of Maryland, and Associate Professor Sarah Lageson, Department of Criminology and Criminal Justice at Rutgers University [Source: Wiley]

The cliche goes that it’s harder than ever to hide your past mistakes, and businesses are more thorough and effective than they’ve ever been when digging up our dirty secrets. Actually, recent research suggests the polar opposite. An epidemic of bad background checks, with even greater discrepancies when comparing public and private sector hiring, has led to disasters: like minor childhood misdeeds affecting hiring practices, while major criminal records slip the net. 

Undertaken in 2025, this multi-institutional study co-authored by University of Maryland Assistant Professor Robert Stewart and Rutgers University Associate Professor Sarah Lageson revealed that most commercial background checks are at best unreliable – and at worst, dangerous. The study took data for the supposedly easiest-to-check disqualifier: criminal behaviour. Comparing official state criminal records for 101 New Jersey residents with reports from both regulated and unregulated background check companies, widespread inaccuracies abound. More than half of participants turned up at least one false-positive (wrongly linking them to a sometimes heinous crime) on these checks. Meanwhile roughly 90% displayed false-negatives, omitting actual charges that would affect candidates’ hireability.

‍'Employers and landlords blindly trust these companies that use commercial databases… remaining under a delusion that they provide safe and thorough screening.' – Daniel Cohen, Partner, Consumer Attorneys PLLC [Source: TechTarget]

Using the background checking services cited in the study, one participant was falsely linked to attempted murder. Other investigations have found a similar reality. People on the sex offender registry hired before checks had exposed their past, with offers rescinded days later after checking had caught up. Public-sector employees handling finances with missed fraud convictions. Data errors leading to potential employees wrongly listed as dead – and ‘name matching procedures’ so ‘shoddy’ the US federal government got involved. Outside of the employment space, researchers find ride-share services with rapists on-staff, innocent users banned from accommodation platforms, and dating app background checks that just don’t work. 

Those in the field describe a worldwide problem, with companies’ by-and-large reliance on poor providers akin to ‘having a foot doctor perform open-heart surgery.’ It’s clear that an opportunity exists for quality background checking – and when clunky traditional databases are often the problem, OSINT Industries’ API could provide the accurate, real-time, zero-false-positives capabilities required to do the job better. Combining opportunity and solution, founders Stephanie and Christoph developed Norphluchs: a pre-employment security tool using OSINF to power up background checks.

Meet Stephanie and Christoph, Co-Founders of Norphluchs.

'OSINT Industries was the starting point from which we built the whole idea…' – Stephanie Böhm, Norphluchs Co-Founder. [Source: OSINT Industries]

Norphluchs is a project that showcases how OSINT Industries API access is inspiring growth in the OSINT market, powering ideas that can shape the future of our field.

Co-founder Christoph’s background in Austria included work at embassies, where thorough vetting of individuals and organizations was a critical responsibility. During this time, he observed that much of the background checking process relied heavily on manual efforts —conducting online searches and piecing together information by hand. Given the high-stakes nature of the work, Christoph recognized an opportunity to make these essential processes more structured and efficient. There had to be a better way.

Together, Christoph and his wife and co-founder Stephanie were seeing a critical gap in how Austrian and worldwide companies assess the people they hire or partner with. They began to orient themselves to strike. An ideal background-checking platform would eliminate human error, bypass databases that could harbor incorrect or outdated data, and draw upon the rich and vast open-source information (OSINF) available to present the most up-to-date and ethical picture of a candidate, with no false positives guaranteed. Stephanie and Christoph searched for an API that could fit this tall order – and found OSINT Industries’ API could do the good work for them. Once they had access, Norphluchs was born. Our API had inspired a professional mission: simple, safe, self-directed pre-employment and business partner screening, fueled by automated OSINF.

Powering Ideas: The API That Sees More

Stephanie and Christoph immediately began modelling scenarios to demonstrate the efficacy of their tool. They focused, first, on scenarios where pre-employment screening would be the most valuable, building speculative profiles that showcase the finer points of what Norphluchs can do with our API behind it. 

Scenario One: A Fintech Startup

In a first scenario, ‘Jane’ applies for a Cybersecurity Analyst role at an up-and-coming fintech startup. The standard hiring process at a company like this would incorporate a background check – with Norphluchs screening via OSINT Industries API. As soon as this startup inputted their new candidate’s details, they’d be armed with the open-source information they need. 

In this case, they might find posts from 2015–2017 on Twitter (X) and Reddit under a known alias; linked via reuse of an email, a common OpSec mistake. Inappropriate jokes and comments expressing distrust in companies’ data privacy might be an ironic disqualifier for a cybersecurity role. A public Pastebin dump might contain login credentials from a past data breach, still visible with the password unchanged, suggesting poor OpSec is a pattern with this candidate. Jane’s GitHub might contain copied code under her name with no attribution, suggesting an unscrupulous attitude towards plagiarism – and ethics.

Nothing criminal or untoward arises, but enough legitimate information can be gleaned from Norphluchs to paint a holistic (although unflattering) picture of Jane as a candidate. The hypothetical fintech startup need not move forward with the hire. They could cite well-backed-up concerns about judgment and professionalism from Jane’s social media history, a trend towards potential security negligence from Jane’s unchanged password and flippant jokes, and ethical red flags from her GitHub plagiarism. 

Jane had solid qualifications and aced the interview, and might come up clean in a traditional background check. Still, Norphluchs OSINF screening goes deeper, combining the holistic results of a manual social media check with the sure-fire capabilities of our API. 

Scenario Two: An Elite Prep School

Suppose an elite, well-regarded private prep school known for its high standards and emphasis on student safety was in the process of hiring a new history teacher. They’re just about to hire ‘Adam’. A comprehensive Norphluchs background check, including OSINT Industries API screening would be standard, due to the school's focus on reputation and student safety. 

Suppose – via an alias, an old Instagram bio, and a reused phone number – public videos on Adam’s personal TikTok account appeared. Here, he was drinking and using recreational drugs, with captions like "Teacher life lol”, and posted a skit video about "grading based on vibes" and “playing favorites.” Linked on Reddit via the same username and email, Adam might appear posting on r/antiwork and r/teachersburnout, commenting "these kids are entitled little brats, I can’t wait to leave teaching" and "parents are the worst part. If I could mute them like Zoom, I would." 

These posts might escape a traditional background check, and although Adam might find them funny, his elite future employer wouldn’t. Allowing the school board to review Norphluchs OSINT report could explain deep concerns about professionalism, judgment, and public representation. Adam’s offer could be fairly rescinded before being made official, designated “Do Not Advance”. Reputational risk – and potential later backlash from tech-savvy parents – avoided.

These everyday scenarios expose how our API helps Norphluchs go far beyond traditional background checks, offering a smarter, more contextual view of any candidate.  By surfacing real-world digital footprints, not just stale database figures, it delivers holistic insights. It’s a clearer, more realistic picture of who you’re really hiring.

While Stephanie and Christoph developed Norphluchs in Austria, three Taylor Swift concerts in Vienna’s Ernst Happel Stadium were subject to a terror threat. Cases throughout Europe – like the Sarah Everard scandal that exposed serious gaps in background checks and institutional accountability in the UK — were a stark reminder of how critical timely, structured intelligence can be for public safety. Overlooked digital signals or fragmented data can have far-reaching consequences. This only highlighted the growing need for better information tools.

While Norphluchs wasn’t built to detect or prevent such events, they helped shape a broader vision for the tool’s future potential—where open-source intelligence (OSINT) could support more structured, proactive approaches to risk awareness, including eventual public-sector applications.

Knowing Who You Work With: OSINT Industries and Norphluchs’ Future

'A lot of OSINT tools come and go and you don't know who's behind them… But here’s a team fighting for good.' – Stephanie Böhm, Norphluchs Co-Founder. [Source: OSINT Industries]

OSINT thrives on creativity. Stephanie and Christoph describe OSINT Industries as “an inspiration”, and Norphluchs is a brilliant example of what our API is allowing and inspiring OSINT entrepreneurs to create. 

For the Böhms, “knowing who you work with” is vitally important. After all, Norphluchs exists to help others to do just that. The team’s decision to stick with our API was not only motivated by a belief that we’re “the best there is”, but also a sense of trustworthiness that comes from seeing OSINT Industries’ strong relationships with law enforcement and iron-clad GDPR compliance – something vital in Austria when working B2B or even B2G. Stephanie describes the vulnerability that can seem inherent in building partnerships: a company or individual might work with a freelancer, and never having seen them before, be facing the choice to give them access to your source code. We’re proud that Norphluchs was not only inspired by our API, but that their dream is a product of their trust in us.

Norphluchs has aspirations to expand into document verification and similar capabilities, but also to help grow Austria’s nascent OSINT community. The goal is to build something broader, to show OSINT is “not just for detectives”: taking OSINT beyond the military, beyond elite investigators, and into the hands of anyone, in any industry, who needs to know who they’re working with. 

To find out more about Norphluchs, visit:

Website: www.norphluchs.com

Linkedin: https://www.linkedin.com/company/norphluchs/

‍

Stephanie’s LinkedIn: https://www.linkedin.com/in/stephanie-boehm/

Christoph’s LinkedIn: https://www.linkedin.com/in/boehmchristoph/

‍