I am a Security Researcher at OneSpan, a financial technology firm based in Cambridge, United Kingdom. I hold a Ph.D. in Information Security at the Information Security Group (ISG), Royal Holloway, University of London and hold a B.Sc. in Computer Science from Newcastle University.


My expertise surrounds privacy-enhancing machine learning and applied cryptography.

More generally, I’m interested in machine learning and its security, and using system and cryptographic techniques to meet various security goals, such as training/cross-validation/testing data confidentiality and model authenticity. I am also interested in learning with the presence of adversarial samples (robustness) and explainability issues.

My Ph.D. topic focussed on the use of embedded device TEEs for providing greater trust assurances in automated systems regarding the collection, transformation and transmission of sensor data. I was part of the research group at the Smart Card and IoT Security Centre at the ISG. Here, I also spent much time analysing the classification of mobile sensor data for detecting man-in-the-middle (relay) attacks on contactless transactions, e.g. EMV payments.

A list of my publications can be found here.

I can be found on Twitter @carltonshep and on LinkedIn at carltonshepherd.