Secure Documents | Encrypted QR Code | Document Security

Qryptal Secure QR code technology is uniquely designed to make any physical or electronic document tamper-proof and instantly verifiable by any third party in a unique server-less architecture.

The secure QR code solution easily plugs into existing document production systems. It generates a highly secure digital signature with embedded data that is placed on the document as a QR Code. Anyone can instantly verify the credibility of the information by scanning that code with an App on their smartphone.

This novel architecture provides many benefits:

  • Server-less: Qryptal QR code solutions are built on a server-less architecture that enables the solution to scale and makes it virtually maintenance-free. Since there are no servers, once the document is issued - no further infrastructure is required needed to keep it verifiable
  • Security: Secure QR code solution, is based on PKI, with a key size equivalent of 3072 bit, it is much more secure than typical internet banking
  • Off-line Verification: Since the Qryptal QR code is self-contained there is no need for any network connectivity to validate the information. Thus the verification can work anytime and anywhere including in secure air-gapped environments
  • Physical-digital: Works for electronic as well as printed documents. This blend of physical and digital world is where a secure Qryptal QR is generated digitally and can be then placed on both the physical as well as the electronic version of the document as required. Both the the printed copy and the electronic format of the original document carries the same level of security and can be verified easily.
  • Privacy: Qryptal helps safeguard and protect the privacy & confidentiality of the customer and institution in an uncomplicated logical manner
Learn more

Secure Documents | Encrypted QR Code | Document Security

Security is one of the key concern areas for our customers, and we take it very seriously too. That is why we ensure military-grade-security embedded in the core technology while making the validation easy. This is the secret towards ensuring end to end system security. We are acutely aware that the alternative secure options available in the industry are complicated and hence make it difficult for customers leading to friction in the end-user adoption, which is why we have positioned Qryptal as a solution with frictionless adoption of secure technology.

Digital Signature: Each organisation has its own private-public key pair and all codes are signed by the private key of that customer. The signature itself is based on industry standard algorithms equivalent to a RSA 3072 bit key as per the National Institute of Standards and Technology (NIST). Since this signature can only be generated with the organisation's private key, no one else can generate this code.

No Database Required: This is an extremely critical component in ensuring ongoing document security. Most systems in the industry today link verification back to online databases and thus the entire security can get compromised. This is especially important for ensuring the security of low verification frequency documents with a long life span like university certificates, birth-death certificates, diamond grading certificates etc. Further, not being dependent on a database reduces operational costs significantly.

EDC Attachment Security: EDC attachments (images, PDFs) are stored AES encrypted in the ADR Object Store. The decryption key is embedded inside the QR Code ensuring access to the information via the secure QR Code.

Offline Verification: We have entirely done away with the need for connectivity to a database. Any verification can be done with the App with just the organisation's public key. This ensures significantly improved performance and also dramatically reduces the surface area for attack.

No URL - No Phishing: Many verification systems have started incorporating a QR Code on their documents to facilitate validation. This QR Code typically contains a URL, which when scanned displays the information from their server. This, in our view, is a terrible disaster for security because any one can quickly generate a QR Code maliciously with a URL to 'their' server. QR Phishing is much harder to detect than email phishing and should be avoided in any verification system.

Privacy: Since the Qryptal code is an integral part of the document - user privacy is protected most sensibly. It is all user-controlled by deciding with whom to share the document. There are no complicated systems to create & maintain, thus preventing any privacy issues.

Schedule Qryptal Discussion

Leading organisations and brands rely on Qryptal

We have customers and users in most parts of the world.