About DocuID & This Offer
From Zero Trust to Zero Doubt — Documents That Verify Who Opens Them
iVALT is the leader in human-bound, AI-resistant identity verification — a Pleasanton, CA company backed by six patents and led by Baldev Krishan Ph.D., President and CEO. In January 2026, iVALT launched the beta of DocuID® — a breakthrough document security platform that solves the problem every organization faces the moment a sensitive file leaves its network: once shared, a document is no longer under your control.
DocuID changes the fundamental nature of a document. Instead of relying on network perimeters, DRM systems, or access control lists that become irrelevant the moment a file is forwarded, DocuID embeds encrypted, human-verified access controls directly into the document itself. Before any copy of the file — anywhere, on any device — can be opened, iVALT's platform verifies five independent identity factors in real time. If any factor fails — wrong person, wrong device, wrong location, wrong time, wrong context — the document does not open.
For TWAIN Innovation Cloud participants building document capture, workflow automation, and compliance platforms, DocuID provides the access control layer that travels with every document — from scanner to archive, from sender to recipient, from authorized user to the next one in the chain. No server-side dependency. No network perimeter assumption. No trust in "who forwarded this file."
The Problem DocuID Solves
Documents Lose Control the Moment They're Shared
In AI-driven workflows, credentials can be compromised, files can be forwarded endlessly,
and deepfake attacks can impersonate authorized users. Trust in "who is actually
opening this document" has collapsed.
Forwarded Without Control
Authorized recipients forward documents to unauthorized parties. Traditional encryption doesn't prevent this.
AI Deepfake Impersonation
AI-powered phishing and deepfake attacks make it impossible to trust that the person opening a document is who they claim to be.
Cloud Sync Proliferation
Files synced to personal Dropbox, Google Drive, or OneDrive accounts escape corporate control the moment they're downloaded.
Credential Compromise
Stolen passwords and session tokens grant access to documents even when the legitimate owner has no idea their credentials were used.
"DocuID puts the power back in the hands of document owners, allowing them to define exactly who can access their sensitive information and under what conditions. Our mobile-first design and next-generation multi-factor identity verification (up to 25 AI-selected factors) provide a very high level of security and convenience."
— Baldev Krishan Ph.D., President & CEO, iVALT
Five-Factor Authentication (5FA) — The DocuID Framework
DocuID's security model goes far beyond two-factor authentication. Every document open request is validated against five independent identity factors simultaneously — and the AI engine can invoke up to 25 contextual factors for high-sensitivity documents.
1
Factor One · WHO
Mobile Biometric Identity
The user's biometric identity is verified through their registered mobile device — face, fingerprint, or other biometric modality — confirming that the specific individual attempting access is a verified, enrolled human, not a credential-stealing bot or AI agent acting without authorisation.
2
Factor Two · WHAT
Device-Bound PKI Registration
The specific mobile device used for authentication must be pre-registered and bound to the user's identity via public key infrastructure. Even if credentials are stolen, a document cannot be opened from an unregistered device — eliminating the risk of credential replay attacks.
3
Factor Three · WHERE
GPS Geofencing
Access can be restricted to specific geographic locations — office premises, approved countries, or defined radius boundaries. Documents accessed from an unexpected location trigger automatic denial, even when all other factors are valid. Ideal for compliance with data residency and export control requirements.
4
Factor Four · WHEN
Time-Based Access Windows
Document owners define the time windows during which a document can be opened — business hours only, a specific date range, or a one-time access window. Access outside the approved window is automatically denied. Access can be granted, modified, or revoked on demand in real time from the owner's mobile device.
5
Factor Five · WHY
Dynamic User Context
The source and context of the authentication request is validated — confirming why the access request was initiated, from what application, and whether the request pattern is consistent with the user's expected behaviour. This layer stops social engineering attacks and AI-deepfake impersonation attempts that pass other factors.
How DocuID Works — 1-Click Access Control
01
Owner Secures File
The document owner applies DocuID protection — embedding encrypted access controls and specifying authorized recipients, time windows, and location rules.
02
Recipient Requests Access
When an authorized recipient tries to open the file, DocuID triggers a 1-click biometric authentication request to their registered mobile device.
03
5FA Verified in Real Time
iVALT simultaneously validates all five factors — identity, device, location, time, and context — and grants or denies access in seconds.
04
Unauthorized = Cannot Open
If the file is forwarded to an unauthorized party — or any factor fails — the document cannot be opened. No exceptions. No workarounds.
Zero Trust → Zero Doubt
iVALT's philosophy goes beyond Zero Trust — which assumes nothing and verifies everything
at the network level — to Zero Doubt: knowing with certainty that the
person interacting with your document is precisely who they claim to be, verified
biometrically, in real time, every time. This is the security posture required for
the age of AI-driven impersonation, deepfake attacks, and autonomous agents acting
on behalf of humans without explicit consent.
6 Patents Held · Additional Filings Pending. DocuID is built on iVALT's
patent-backed authentication framework — the same IP that underpins identity verification
for IoT access control, anti-fraud caller identity, and industrial system authentication.
The 5FA model and mobile-first identity binding are protected by issued patents, providing
a durable, defensible technology foundation.
Platform Integrations & Supported Formats
📄 Microsoft Word
📊 Microsoft Excel
📊 Microsoft PowerPoint
📋 PDF
🖨 P3iD ScanBot
🔒 OpenVPN (Zero Trust NA)
🔗 Open APIs / IAM Platforms
📡 IoT Access Control
Sectors Served
💰 Financial Services
🏥 Healthcare / HIPAA
🏛 Government
⚖️ Legal
☁️ Cloud & SaaS
🚚 Logistics
🏭 Industrial / IoT
📄 Document Management ISVs
🤖 AI Agent Workflows
What's Included in the TIC Beta Trial
- ✓ DocuID® beta trial access — early access to iVALT's DocuID platform for Microsoft 365 documents (Word, Excel, PowerPoint) and PDF — applying 5FA human-verified access control to your actual document workflows, not a demo environment.
- ✓ iVALT mobile app onboarding — enrolment of your trial users in the iVALT mobile authentication platform, including biometric registration, device binding, and 5FA configuration walkthrough with iVALT's team.
- ✓ TWAIN scanning integration consultation — specific guidance on integrating DocuID with TWAIN-based document capture workflows, including P3iD ScanBot integration patterns — ensuring documents captured at the scanner are immediately secured with DocuID at the point of creation.
- ✓ Geofencing and time-window configuration — custom configuration of GPS-based geographic access restrictions and time-based access windows for your specific compliance or operational requirements — office-only access, approved country lists, or event-triggered windows.
- ✓ AI-deepfake resistance testing — a demonstration session showing DocuID's resistance to AI-generated identity attacks — deepfake biometric spoofing, credential replay, and social engineering scenarios — and how the 5FA model defeats each attack vector.
- ✓ Open API integration support — iVALT's Open API documentation and technical support for integrating DocuID's identity verification into your existing IAM platform, document management system, or TWAIN workflow application — typically deployable via software redirect and app-based configuration.
- ✓ Real-time access management training — walkthrough of DocuID's document owner controls — granting, revoking, and modifying document access permissions on demand from a mobile device — and the audit log of every access attempt.
- ✓ Direct access to Baldev Krishan Ph.D. and the iVALT team — as a TIC beta participant, you engage directly with iVALT's founder and engineering team — influencing the DocuID roadmap and receiving priority support throughout the beta trial period.
TIC Participant Beta Trial Request
Start Your DocuID Beta Trial
The iVALT team will respond within 1–2 business days to configure your 5FA trial environment.
* Required fields