Skip to Content
Australian support
1300 195 055 support@truevault.com.au Mon–Fri · 9am–5pm AEST
TrueVault Identity Manager
Protect me
NoTouch Physical Access · for the built world

Identity-first physical access management.

Physical access is still asking the wrong question. Cards, fobs and SMS codes only know whether a credential opens a door — never who's holding it. TrueVault sits in front of the system you already own and asks the question that matters: is the right human doing the right thing, right now?

01 · pillar
Biometric verification
Right human, right moment
02 · pillar
Hardware agnostic
Plays nice with what you own
03 · pillar
Instant revocation
Off, the second it needs to be
01 / The shift

The end of the stolen keycard.

Legacy systems trust whoever happens to be holding the card. That's how a fob in the wrong pocket becomes a midnight breach — and how someone who left six months ago is still on the door log. There's a better question to ask, and a calmer answer to give.

Legacy systems ask
"Does this credential open this door?"
  • Weak identity binding
  • No proof of a real human is present
  • Limited revocation — minutes to days
TrueVault asks
"Is the right human performing the right action, right now?"
  • Cryptographically anchored to a real person
  • Bound to people, not devices
  • Verified at the exact moment of action
02 / The gateway

Biometric gateways. Unbreakable trust.

TrueVault is a decision layer that sits in front of the access system you already operate. Same readers. Same doors. A much better question being answered every time someone tries to walk through.

Verified at the moment of action

When someone reaches for a door, we run a live biometric check on the spot — confirming the human, not just the credential, before anything opens.

Hardware agnostic

A signed action-approval token does the unlocking. Keep the readers, locks and panels you already own — TrueVault speaks to all of them.

Instant remote revocation

Someone leaves on a Friday afternoon? Their access is gone before they reach the car park. No lost cards, no door-by-door wrangling, no overnight risk.

Verification flow
1
User action
Unlock initiated
2
Biometric check
Remote verification
3
Signed token
Cryptographic approval
4
Access granted
Hardware agnostic
Partnership · Avigilon Alta

See it work at the door.

A real, live biometric — bound to a verifiable credential — opens the doors that matter. No badges to forget. No PINs to guess. No tailgaters slipping in behind someone else.

  • Face match in under a second
  • Works across Avigilon Altau2019s deployed fleet
  • Audit trail tied to a real human, not a token
truevault.com.au / avigilon-alta
FILM · 3:24
The Future of Access Control · TrueVault × Avigilon Alta
03 / The reach

Beyond the front door. Whole-of-building actions.

Once the biometric pattern exists, it works everywhere — quietly extending the same trust to lifts, lockers and lights. No new vendor stack. No fresh credentials to hand out. The same verified human, asked the same calm question, in every part of the building.

High-risk zones

The rooms a stolen fob has no business in.

  • Plant room access
  • After-hours protocols
  • Restricted area gating

Smart building operations

The everyday machinery of running the place.

  • Lift controls
  • Alarm arm / disarm
  • Visitor approvals

Tenant services

The little moments residents and guests notice.

  • Parcel lockers
  • Intercoms & doorbells
  • Verified entry
04 / The record

Cryptographic audit trails.

Every action generates an immutable, signed event you can hand to an auditor, a regulator or an insurer. Non-repudiation isn't a feature flag — it's the shape of the log itself.

Immutable ledger

  • Append-only events
  • Tamper-evident chain
  • Cryptographically sealed

Non-repudiation

  • Signed by verified human
  • Bound to biometric match
  • Provable at any time

Regulatory evidence

  • Audit-ready exports
  • Per-event signatures
  • Standards aligned
audit.log Sealed 
{
  "event":     "door.unlock",
  "actor":     "verified_human:0x4f…a91c",
  "biometric": { "match": 0.998, "liveness": "passed" },
  "door":      "level-12.plant-room",
  "ts":        "2026-04-29T14:02:11Z",
  "policy":    "after-hours.plant-team",
  "sig":       "ed25519:0x9b3d…7e21",
  "prev":      "sha256:0x71ac…0bd2"
}
05 / The platform

Built for developers. Built for global scale.

Engineered as a drop-in for modern systems. Identity management and access control delivered over the same APIs your team already speaks — OIDC, signed tokens, webhook events. Nothing exotic. Nothing you have to introduce to procurement twice.

API & OIDC native

Drop-in integration with the identity stack you already use. No bespoke client, no proprietary SDK lock-in.

Cloud-native

Multi-region deployment with auto-scaling from day one. Designed to handle the morning rush at every door.

Global scale

Built to serve enterprise portfolios across continents — without the weekly outage email to tenants.

Make every door know its human.

Move your infrastructure to identity-first access management — without ripping out a single reader.