Geographic Security

Be at the location, or know the location.

Home → Geographic Security

Location knowledge required

An attacker needs your secret coordinates and either physical presence at the spot or an unlocked device to accurately target it on the map.

How it works

Each vault is tied to a location you choose. A biometric vault can be unlocked two ways:

  • Be there, physically inside the unlock radius, with Face ID / Touch ID
  • Know where, if you allow it, point at the spot on the map with your unlocked device

A hidden vault goes further: the spot and a passphrase are both part of the key, so the data won’t decrypt without them.

Precision and control

Set a biometric vault’s unlock radius from 5 to 100 meters, including the device’s reported GPS accuracy. The check works fully offline.

Two ways location is used. For a biometric vault, location is a software access control, strong against ordinary attackers, but a jailbroken device or GPS spoofing could bypass it (the Secure Enclave biometric is the cryptographic boundary). For a hidden vault, the location is baked into the key itself, so a wrong spot simply won’t decrypt.

With a biometric vault, someone must either be at your secret location or point at the right spot on the map with your unlocked device. With a hidden vault they’d also need the passphrase, and there’s no sign the vault exists at all.
Per-vault radius
5 m – 100 m, GPS accuracy included
Works offline
Location is checked on device
Spot not stored
For hidden vaults the spot is an input to the key, never saved
Honest about limits
Biometric-vault location is software-enforced, not spoof-proof

Where people use it

Executives
Board papers only at the office or by someone who knows the exact boardroom coordinates.
Healthcare & family
Records or emergency documents at home or the clinic, or by someone who knows those spots.
Travel
Destination-specific information only when you are there or can target the right hotel/city on the map.