What Is a Virtual SCIF?
A SCIF (Sensitive Compartmented Information Facility) restricts access by controlling physical space. The Virtual SCIF restricts access by controlling cryptographic proximity.
Decryption requires three conditions to be met simultaneously:
An authorized device, registered to the organization
An authenticated user, confirmed by biometric verification
A verified location, confirmed by a mobile device
Why This Matters Legally
Under the Defend Trade Secrets Act (DTSA) and state statutes, trade secret protection requires proof that the owner took "reasonable measures" to maintain secrecy.
NDAs, passwords, and access logs authenticate identity at login. Some systems check location via IP addresses or GPS, but both can be spoofed, and none re-verify continuously after the session begins.
GeoCrypt uses GPS and IP verification, but adds a Bluetooth proximity requirement that would require unreasonable measures to spoof. Files remain encrypted unless the device maintains validated proximity to an authorized gateway, with re-authentication at defined intervals throughout the session.
If the device leaves the approved area, fails a proximity check, or does not re-authenticate within the required window, access terminates automatically.
The gap
Trade secret theft costs U.S. businesses an estimated $180–540 billion annually, yet fewer than 1,400 federal cases are filed each year. The gap exists because litigation requires proof that reasonable protective measures were in place, not just evidence that theft occurred.
Sources: IP Commission Report (2017), Lex Machina, Stout 2024 Trade Secrets Litigation Report
What Makes This Different
Conventional access controls authenticate at login and stop there. The Virtual SCIF enforces identity, location, and device requirements throughout the entire session.
Continuous Authentication
The device and gateway re-authenticate at defined intervals throughout the session. Access persists only while proximity is confirmed.
Immutable Audit Log
Every access event is logged with timestamps, device keys, gateway keys, and digital signatures.
Location-Bound Decryption
Decryption is only available within the authorized geofence. Outside, files remain encrypted.
Proof of Geofence®
U.S. Patent No. 12,470,927 B1
When an authenticated device is within the geofence, the Proof of Geofence protocol continuously generates a PoG contract. The gateway and the device each independently produce a certificate that includes the other's public key and a hash of the previous contract. The device must generate its certificate within a defined time window using its onboard sensors.
When both certificates match, signatures are recorded and the PoG ledger is updated. Each contract links to the last, producing an immutable record of authenticated access events.
Built by Those Who Understand the Problem
GeoCrypt is a venture by Mick Kerr, a patent attorney of 30 years and developed by his team, who recognized a critical gap in modern tech and legal workflows.
Request a Demo
See how the Virtual SCIF protects your most sensitive information.
US-based operations. All data is stored and processed within United States jurisdiction.