DEVICEBOUND

How DeviceBound Works

Live, device-bound verification in ten steps. If it's not green, don't proceed.

  1. 1
    A verification is requested
    Someone needs to verify a person: before a meeting, at a door, before sharing something sensitive.
  2. 2
    They enter the person's mobile number
    The mobile number identifies who is being verified. Nothing is sent until the request is created.
  3. 3
    DeviceBound sends a secure verification link
    A one-time link is delivered by SMS or email, or shared in person as a QR code. It expires in 30 minutes.
  4. 4
    The recipient opens the link on their phone
    No app to install, no account to create. The link works in the browser they already have.
  5. 5
    The device authenticates them locally
    Face ID, Touch ID, or the device PIN runs on the phone itself. Biometric data never leaves the device and is never sent to DeviceBound.
  6. 6
    A cryptographic key pair is generated
    The device creates a public/private key pair for this verification. The private key never leaves the user's device.
  7. 7
    The verification is cryptographically bound to that device
    Completing the biometric ceremony signs a one-time challenge minted for this exact request. It cannot be replayed or transferred.
  8. 8
    DeviceBound stores only public verification information
    Status, timestamps, the DeviceBound ID, and the audit record. No secrets, no biometrics.
  9. 9
    The requester's screen turns green
    In real time, with no refresh. Red means not verified. Green means the holder of that mobile number completed a live biometric verification on their trusted device.
  10. 10
    Future checks confirm the same trusted device
    Repeat verifications can confirm both the record and the originating verified device.
Questions about the technology? See the Security page and Trust Center, or write to support@devicebound.us.

Powered by DEVICEBOUND™