Proving “Reasonable Measures”
Under the Defend Trade Secrets Act (DTSA) and corresponding state Uniform Trade Secrets Act (UTSA), trade secret protection requires proof that the owner took “reasonable measures” to maintain secrecy.
NDAs, passwords, and access logs authenticate identity at login. Some systems check location via IP addresses or GPS, but both can be spoofed, and none re-verify continuously after the session begins.
The result: organizations cannot prove what protections were active when access occurred. They can only argue that policies existed.
The gap
Trade secret theft costs U.S. businesses an estimated $180–540 billion annually, yet fewer than 1,400 federal cases are filed each year. The gap exists because litigation requires proof that reasonable protective measures were in place, not just evidence that theft occurred.
Sources: IP Commission Report (2017), Lex Machina, Stout 2024 Trade Secrets Litigation Report
What GeoCrypt Proves
Every access event produces compliance-grade evidence. Not just that data was encrypted who accessed it, where, when, and on what device.
Who Accessed It
Biometric authentication tied to a registered device. Every access event is cryptographically signed with the user’s device key.
Where It Happened
Location verified continuously through Bluetooth proximity. Decryption keys are only available within the authorized geofence.
Immutable Aduit Log
An immutable audit chain records every authentication event with timestamps, device keys, gateway keys, and digital signatures.
The Virtual SCIF
Like a physical SCIF controls access by controlling space, the Virtual SCIF controls access by controlling cryptographic proximity.
Decryption requires three conditions to be met simultaneously:
An authorized device, registered to the organization
An authenticated user, confirmed by biometric verification
A verified location, confirmed by a mobile device within the geofence
If any condition fails, access terminates automatically. Re-authentication occurs at defined intervals throughout the session.
Proof of Geofence™
U.S. Patent No. 12,470,927 B1
The protocol that makes trade secret protection provable. When an authenticated device is within the geofence, the gateway and device each independently produce a cryptographic certificate. Each contract links to the last, producing a tamper-evident record of every authenticated access event.
The result is not a log file. It is a cryptographic proof chain that documents who accessed what, where, when, and under what conditions.
Built by Those Who Understand the Problem
GeoCrypt was founded by Mick Kerr, a patent attorney of 30 years who recognized that trade secret litigation fails not because theft is hard to detect, but because compliance is hard to prove.
Request a Demo
See how GeoCrypt turns trade secret protection into provable compliance.
US-based operations. All data is stored and processed within United States jurisdiction.